clamav-0.90
Denis Leroy
denis at poolshark.org
Tue Feb 20 06:59:35 UTC 2007
jdow wrote:
> Denis, that should not be required, period.
>
> ClamAV is out of date. It has a denial of service vulnerability for the
> version RedHat supplies. 0.90 is what is suggested by the ClamAV people
> for use. You should get CERT advisories, fellas. Amd you should act on
> them.
jdow, I agree with you it shouldn't be required. However filing bugs to
bugzilla is a *very* important part of the Fedora community process.
Were you to complain to fedora-extras-list or fedora-devel-list about a
particular package problem, you would get that same exact answer.
I maintain Inkscape, and I can tell you I get a bugzilla request for an
upgrade within *hours* of every new release :-) even though i don't need
them since i'm on the upstream mailing list anyways...
Essentially it saddens me greatly when i read a post that encourages
people to use a package from a third-party repo because the one in
extras is unusable. But there's nothing I can do about it, I'm not a
clamav expert or user so I can't file a bug myself with any sort of
credibility. The issue cannot be brought up to the devel list without
having existing user-filed bugzilla entries to back up claims.
-denis
More information about the fedora-list
mailing list