On Sun, Feb 22, 2009 at 10:06:41PM +0100, Florian Weimer wrote: > * Luk Claes: > > > Currently the security support for the volatile archive is supposed > > to be taken care of by the uploaders of the respective packages. > > > > I think it would make sense to have someone or a team tracking > > security issues for volatile. > > > > What do you think? Is anyone up to providing such issue tracking for > > volatile? > > For ClamAV and ClamAV-derived packages, I'd prefer to see uploads of > new upstream versions to stable-security or stable-proposed-updates > (that is, remove it from volatile).
I think one the reason why clamav is in volatile is that the engine might need updating to detect new viruses. Is that something you want to support in stable-security? I don't think an upload only to stable-proposed-updates is something we want for that, since it might take a long time until the next point release. Kurt -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org