On Mon, Jun 27, 2011 at 03:46:32PM +0000, Camaleón wrote: > On Mon, 27 Jun 2011 12:07:28 -0300, D G Teed wrote: > > > On Mon, Jun 27, 2011 at 11:52 AM, Camaleón <noela...@gmail.com> wrote: > > > >> On Mon, 27 Jun 2011 13:58:43 +0200, Eric Viseur wrote: > > (...) > > >> > I have a server complaining about clam not being up to date every > >> > night, so it's getting a little annoying, and I'd like to avoid apt > >> > -pinning if possible. > >> > >> ... for the stable/olstable branch is my understanding that only > >> security bugfixes are corrected, so if the clamav update does not > >> closes any serious flaw you will keep seeing the clamav warning at the > >> logs. But don't worry, your clients are still protected, your AV firms > >> updated and your files analyzed for any treat. > >> > >> > > This is incorrect. > > What exactly do you find incorrect? > > > Here are the announcement of squeeze-updates, with a list of reasons > > why squeeze-updates will push ahead a release... > > http://lists.debian.org/debian-volatile-announce/2011/msg00000.html > > > > It even mentions clamav as one which needs to be current to be useful. > > Of course, "squeeze-updates" is the new "volatile", nothing has changed. > > > Our expectations for squeeze-updates to release clamav ahead of stable > > merely to be current are correct. > > Then it has to be a new policy. IIRC, not all of the clamav package > updates reached the stable branch via volatile (now squeeze-updates), > only those that closed security bugfixes. And I say this because I asked > this same question here, months ago, and I was told so ;-) > > > Note you don't need to use squeeze-updates, so we are opting into > > something which can be a little more bleeding edge. > > Please, note that we are not talking about clamav database updates but > the package itself. If the policy has changed, good and glad to know, but > to be sincere, I'm not aware of that and would be nice if someone can > point to it. > > > If you only want security and bug fixes that is handled by security repo > > and standard stable repo. > > I think you are talking about a different issue. >
I seen this twice prior. Not running a server, I didn't concern myself with it extensively, but I did observe in consternation. The Volatile package is outdated but the the sid or testing package isn't. The wait is somewhere between 2-6 months. Bug reports happen. Eventually it shows up in Volatile. Nothing has changed except the name. -- Regards, Freeman "Microsoft is not the answer. Microsoft is the question. NO (or Linux) is the answer." --Somebody -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110627173940.GA4061@Deneb.office
