ubuntu at kitterman.com
Mon Aug 13 01:03:57 BST 2007
These are all good points and were mostly ones I argued during the meeting.
The fundamental concern I have is I know (now) that the packaged clamav
will interact with the local version without particularly complaining about
it. This is sufficiently risky in my book to trump the other arguements.
There are other issues too, like the clamav updates downloaded by klamav
won't have any of the Debian/Ubuntu patches installed.
Recently the clamav support picture has improved significantly. Is you
look at Feisty, it's had three security updates since release and all
security fixes from the later releases are incorporated. Additionally, the
current version of clamav is available via feisty-backports. Because of
the improved volunteer support through the packaging system, I think the
need for individuals to upgrade directly from upstream is much less than it
has generally been.
P. S. Anyone willing to volunteer to do the patch to clamav for the
installed version to ignore a locally installed version?
More information about the kubuntu-devel