On 2011-02-28 18:29, Nathan Gibbs wrote: > * Török Edwin wrote: >> but apparently people running 0.95 care more about clamd "working" than >> actually detecting malware. >> > > 0.95 working equals more protection than 0.95 not working.
Fair enough. Would it be OK with you if 0.95 only got .hdb(MD5), .mdb (section MD5), .fp (whitelist), and some simple .ndb updates? For any complicated ndb signature, and ldb/bytecode the engine could require the sigmaker to use an engine version tag of at least 0.96.4. Then testing with latest engine version would show that the sig might not load on 0.95. Best regards, --Edwin _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
