Bug#1031896: [Pkg-clamav-devel] Bug#1031896: Bug#1031896: libclamav11: LibClamAV Error: Can't verify database integrity, breaks amavis
True. I'm not a C programmer, so I may be unduly concerned about the maintenance load. I'll defer to your judgement. I do wonder if we should make a stab at switching the rust bits to using Debian packages instead of the embedded copies. If we could manage it, then any security issues in the rust libraries can be fixed in clamav with a binNMU, no upload needed. Scott K On February 25, 2023 4:11:01 PM UTC, Sebastian Andrzej Siewior wrote: >On 25 February 2023 14:57:28 UTC, Scott Kitterman wrote: >>Generally favorably, but I'd rather wait for upstream to agree on it, >>otherwise it may be a patch we have to maintain forever. > >Now we maintain the tfm bits. > >>What's their reaction to the change? > >No reply so far. The first few patches from early January got the response "it >was a chaotic week, we get to it soon" and the tfm patch got no response since >I posted it last week. >Maybe you need to walk around their office and throw a stone with pull request >number written on it :-) > >> >>It's also late in the release cycle to do it (not definitely a problem, but >>calls for caution). >> >>Scott K >
Bug#1031896: [Pkg-clamav-devel] Bug#1031896: Bug#1031896: libclamav11: LibClamAV Error: Can't verify database integrity, breaks amavis
On 25 February 2023 14:57:28 UTC, Scott Kitterman wrote: >Generally favorably, but I'd rather wait for upstream to agree on it, >otherwise it may be a patch we have to maintain forever. Now we maintain the tfm bits. >What's their reaction to the change? No reply so far. The first few patches from early January got the response "it was a chaotic week, we get to it soon" and the tfm patch got no response since I posted it last week. Maybe you need to walk around their office and throw a stone with pull request number written on it :-) > >It's also late in the release cycle to do it (not definitely a problem, but >calls for caution). > >Scott K -- Sebastian
Bug#1031896: [Pkg-clamav-devel] Bug#1031896: Bug#1031896: libclamav11: LibClamAV Error: Can't verify database integrity, breaks amavis
Generally favorably, but I'd rather wait for upstream to agree on it, otherwise it may be a patch we have to maintain forever. What's their reaction to the change? It's also late in the release cycle to do it (not definitely a problem, but calls for caution). Scott K On February 25, 2023 2:18:08 PM UTC, Sebastian Andrzej Siewior wrote: >On 2023-02-24 21:00:43 [+], Scott Kitterman wrote: >> I don't know of anything. I'd go ahead and upload the fix. > >how do you feel about replacing libtfm with openssl? > >> Scott K > >Sebastian
Bug#1031896: [Pkg-clamav-devel] Bug#1031896: Bug#1031896: libclamav11: LibClamAV Error: Can't verify database integrity, breaks amavis
On 2023-02-24 21:00:43 [+], Scott Kitterman wrote: > I don't know of anything. I'd go ahead and upload the fix. how do you feel about replacing libtfm with openssl? > Scott K Sebastian