On Wed, 2019-03-27 at 19:54 +0100, Sebastian Andrzej Siewior wrote: > On 2019-03-10 23:55:55 [+0100], To sub...@bugs.debian.org wrote: > > We would like to update clamav in stable to 0.101.1 which is the > > latest > > release provided by upstream. > > This won't be as easy as it was previously because it will trigger > > a > > transistion (libclamav7 -> libclamav9) in stable similar to what we > > did > > in unstable (#922004) recently. > > upstream released 0.100.3 which fixes three bugs with CVE numbers > [0]. > There is also 0.101.2. > > For Stretch we tend to upload 0.100.3 before we get an approval for > this > one (which would be then 0.101.2). Since the 0.100.3 is smaller, it > should be easier/quicker tor review. > Is this okay? > > [0] https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-ha > ve.html
Sure. To make things easier to keep track of (at least for me), could you open a new bug for the 0.100.3 update, and we'll keep using this one for the effective transition. Regards, Adam
