[clamav-users] [Fwd: [sanesecurity] Hacking Team detection]

Dennis Peterson dennispe at inetnw.com
Sat Aug 8 03:06:05 EDT 2015


On 8/7/15 7:44 PM, Gene Heskett wrote:
> On Friday 07 August 2015 22:08:10 Scott Kitterman wrote:
>
>> On August 7, 2015 9:17:44 PM EDT, Gene Heskett <gheskett at wdtv.com>
> wrote:
>>> On Friday 07 August 2015 18:34:30 Scott Kitterman wrote:
>>>> On August 7, 2015 6:30:42 PM EDT, Gene Heskett <gheskett at wdtv.com>
>>> wrote:
>>>>> On Friday 07 August 2015 16:58:09 Al Varnell wrote:
>>>>>> Gene,
>>>>>>
>>>>>> It’s on the sanesecurity.net mirror sites, not the ones
>>>>>> clamav.net provides, so freshclam isn’t going to find those.
>>>>>>
>>>>>> As Steve said earlier, you would have to install, configure and
>>> use
>>>
>>>>>> the download script from
>>>>>>
>>>>>> <https://github.com/extremeshok/clamav-unofficial-sigs>
>>>>> Which claims to nee clamav, V99, and wheezy is still on 98.5.
>>>>>
>>>>> And yelling at debian is a waste of time.  So I'll go comment that
>>>>> line
>>>> Dude,
>>>>
>>>> Chill.
>>>>
>>>> 0.99 isn't released yet, so of course it's not in wheezy.  It is in
>>>> Experimental where it belongs.  No yelling needed.
>>>>
>>>> Scott K
>>> That depends on ones point of view.  Has anyone started a timer
>>> running
>>>
>>> to see how long it takes for the latest fix for the firefox/iceweasel
>>> exploit announced yesterday to actually get into the wheezy repo's?
>>> I don't recommend anything less than a wind it once a year clock.
>>>
>>> The security ralated stuff should be moved out asap by the distro's &
>>> I
>>>
>>> don't care whose logo is on your boot screen.  Not when someone is
>>> bored
>>> out of their skull for lack of anything more interesting to do.
>> No idea.  I don't maintain those packages.
>>
>> If you look though, you'll see that over the last several years,
>> Debian generally has a good response on clamav.  That's what I was
>> objecting to.  I do take claims I'm not doing it well personally.
>>
>> Scott K
> That wasn't said because I knew you were the support, in fact I didn't
> know until now.
>
> But I think you are generally correct that debian is a wee bit faster.  I
> am at 98.5, and I suspect the jump to 99.something will not contain any
> huge surprises.
>
> I can recall one distro I had loaded whose clamav was 4 major versions
> out of date at the time, and what prompted me to switch was that distros
> refusal, in quite firm messages, that they would not be adding a library
> that was needed so I could self build the then current release.  So I
> bailed. I quite likely was not missed.  Shrug.
>
> I am also well aware that in terms of my helping to row this boat, the
> effort compares to a toothpick.
>
> My apologies Scott, I wasn't trying to be personally insulting, but was
> trying to hurry the ship of state along by playing a duck, nibbling at
> the heels of TPTB.
>
> Cheers, Gene Heskett
People who are really serious about this don't need vendor support to build 
installable packages. If you can't compile and install ClamAV you have no 
grounds to bitch about those who do. Sorry, I'm really disgusted to find myself 
in retirement after more than 4 decades of doing  this stuff and still doing it 
and hear some fricking whiner who can't or won't build this simple product. Get 
a pair.

dp



More information about the clamav-users mailing list