Michael Tautschnig wrote:
> In the clamav packaging team we had recurring discussion about how to deal 
> with
> clamav in the near (== lenny) and more distant (>= squeeze) future. The 
> current
> situation is as follows:
> 
> - We've got severly outdated clamav packages in etch(-security).
> - A few packages depend on clamav; those depends are not necessarily 
> versioned.
> - Any sensible use of clamav requires the packages from volatile to be able to
>   handle all features of upstream's current signature database.
> - We've had 16 security updates since the release of etch, which constantly
>   required backporting of upstream's fixes that were included in the volatile
>   releases.
> 
> We could of course continue this game of telling users that nothing but the
> clamav from volatile is what one should use on production systems, but maybe
> there are other options as well. Let me see what options we have:
> 
> - Stick with the current scheme. Possible, but neither user- nor
>   maintainer-friendly.
> - Move clamav to volatile only. This would, however, also require that all
>   depending packages go to volatile, even the depends are unversioned.

Does the clamav interface change between versions?

If not, would it be possible that a sufficiently stable version will
be included in stable and updates (including new versions) be handled
via volatile - including a large note in the clamav package to include
volatile.

Regards,

        Joey

-- 
Open source is important from a technical angle.             -- Linus Torvalds

Please always Cc to me when replying to me on the lists.


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to