[Pkg-clamav-devel] Question about CL_FLEVEL_DCONF
Scott Kitterman
debian at kitterman.com
Fri Apr 10 00:27:24 UTC 2009
On Fri, 10 Apr 2009 00:55:58 +0200 Michael Tautschnig <mt at debian.org> wrote:
>Hi all,
>
>I've prepared patched packages for lenny that could get uploaded to
>lenny-security. Before asking the security team for permission, however,
I'd
>like to understand whether they work as expected. My concern is about the
newly
>introduced CL_FLEVEL_DCONF that should allow us to push the supported
f-level.
>Still, we the patched packages, I'm getting this from freshclam:
>
>daily.cvd updated (version: 9219, sigs: 38660, f-level: 42, builder:
ccordes)
>WARNING: Your ClamAV installation is OUTDATED!
>WARNING: Current functionality level = 38, recommended = 42
>DON'T PANIC! Read http://www.clamav.net/support/faq
>
>That is, the reported f-level is 38 even though CL_FLEVEL_DCONF is set to
41. If
>the above is correct, when does CL_FLEVEL_DCONF come into play at all?
Could I
>test that somehow?
>
CL_FLEVEL_DCONF comes into play for clamav's ability to remotely disable
modules that have security vulnerabilities. f-level is related to
functionality, and so only changes with the new upstream release.
I'm away from a system to check exactly, but you can see what modules are
disabled in the clamscan --debug (I think) output.
Scott K
More information about the Pkg-clamav-devel
mailing list