-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Thursday 2008-06-12 at 12:13 +0200, Werner Flamme wrote:
@Carlos: did you read the next line? "DON'T PANIC! Read http://www.clamav.net/support/faq" :-)
Certainly not!
Because that line is not printed to the /var/log/warn file; I'm getting the warning every now and then in my warning log, whereas the line you mention is not logged at 'warn' level. And no, of course I haven't panicked.
The line resides in my /var/log/freshclam.log and is printed at boot time on the screen. So I can't understand "certainly", especially because I do not only look at the warn log but in the respective application's log, too. Besides, do you know the meaning of :-) ?
cer@nimrodel:~> ls /var/log/freshclam.log ls: cannot access /var/log/freshclam.log: No such file or directory Of course, I can find the line if I search for it, buried inside the /var/log/mail between tons of other messages. The "warn" log is the only I continously watch for "new" problems, and the rest I look when I search for extra info. The clamd authors choosed to leave the "don't worry" out of the "warn" log :-p And sorry, I didn't notice that smiley. The thing is, if I see a program reporting something unexpected in the warn log file, I take that as important, maybe important enough to report here or in bugzilla.
There was always an update of clamav via YOU (when you use a ftp or http client to look into the update repo manually, you still see clamav-0.91.2, 0.92.0, 0.92.1, and 0.93.0), it just takes some time to testing... This is one of the reasons for me staying with SUSE, even after they introduced the 10.1 software management ;-)
No, there has been no update through YOU yet. Marcus said there will be one such, so I'll wait. No, I do not intend to go to the clamav site and roll my own. If that's what needs to be done I will uninstall clamd and continue using antivir instead.
Don't bite me! ;-) I said that there were clamav updates via YOU for all the recent versions. So I do not see any reason why there will be no YOU update for the current version. With "no update through YOU yet" you sure mean the current version of clamav, do you?
Well, of course, I mean for the one that is "official" currently for opensuse 10.3. There is some problem with the procedure here: the clamd people should tell the distro maintainers in advance that there is going to be a new version and that such versions are to be obsoleted, so that they can prepare the automatic upgrades for their distros without there being any perveived loss of security. I mean, it doesn't look good if the antivirus says "Hey, I'm obsolete", and the update is not ready. On the other hand, if updating the engine is not that crucial, then they should not write that message to the warning log. There are many programs and daemons in the distro that keep silent when there is a new version, and many of them are security-wise important. That's what I think the real problem is: that they shout "Danger, update me! with no real need. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIU6UptTMYHG2NR9URAnAAAJ9bkmpECKrvqRcBgL8H3iS28r7TbQCgmGiU zrV7ZsR1dhElNf8kgjAQJYE= =vtgH -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org