Clamav

Status

ubuntu-clamav PPA

Cleared matrix for clamav-0.97.5 testing. No SO version change, so it's still libclamav6, no major problems anticipated.

The libclamav6 transition is done for Hardy.

Note: Starting with 0.94, clamav now has an apparmor profile, so these backports may have issues related to apparmor. Starting with 0.97.5, upstream doesn't ship signatures in the tarball, so clamd mail fail to start if the signatures aren't available yet. This is not a test failure.

clamav-0.96.5 is in lucid-updates.

clamav-0.97 is in natty. 0.97.2 is in oneiric. clamav-0.97.3 is in precise and lucid-backports. 0.97.5 is in quantal and natty/oneiric/precise-security and updates (no more testing needed) and in lucid/hardy backports, more testing would be good to see if we might get it promoted to updates. No clamav packages in the PPA at the moment as the current versions are all in the archive..


Steps for Clamav Backport

  • Step one is to publish a draft package for a clamav <version> backport to older releases out for people to use. The draft source package can be found in the PPA.

  • Step two is to prepare backports of the libclamav rdepends, upload them to the PPA, and then work on patching packages that don't build.
  • Step three is testing the backports from the PPA. Indicate test results below. All libclamav rdepends must be tested. Unless there are documented changes in the clamav-dameon (clamd) protocol, only a sampling of clamav-daemon rdepends need to be tested.
  • Step four is massive backport of all of the needed updates at the same time so nothing (promise) breaks.
  • Step five: Move to another release, rinse, repeat.

Testing procedures can be found here or by clicking on the package names in the matrix below. Feel free to complete missing testing procedures.

Steps for copying Clamav to -updates/ -security

Once clamav and any needed rdepends are in *-backports, a close watch on bug reports for all related packages must be maintained. The step to *-backports brings the new clamav version to a wider audience for testing. The purpose if using *-backports is to enable wide testing and early access to users that require it while leaving -proposed open for any urgent fixes that need to be pushed on through.

Once the package set has aged sufficiently (generally a week without new bug reports is generally sufficient) then it should be copied to either *-security or *-updates. Virtually all clamav releases include security fixes, so it is likely that *-security will be the initial target and then the packages will be automatically copied to *-updates. The Ubuntu security team will rebuild all the packages in the Ubuntu security PPA if the target is *-security. If the target is *-updates, the Ubuntu SRU can pocket copy the packages from *-backports.

Packages

The following matrices indicate the testing phase for every package which depends/uses clamav. Packages which can use multiple methods of scanning (ie. clamd, clamdscan, clamscan) will be listed in each matrix and have to be tested accordingly. Matrix values:

  • X - package n/a in that particular release, or cannot be tested

  • OK - package was tested and it works without problems

  • <blank> - package is being tested / was not tested yet

  • any other short comment...

Packages built with libclamav (libclamav rdepends), these need to be tested before any other package:

  • testing libclamav6/clamav0.97.5

Packages

Hardy

Lucid

Natty

Oneiric

Precise

Quantal

dansguardian

gurlchecker

havp

klamav

X

X

X

python-clamav

php4-clamavlib

X

X

X

X

X

php5-clamavlib

X

X

X

X

X

php-clamav(1)

X

X

X

Note1: php-clamav is NOT in any release yet, only in the clamav-ppa

Packages which integrate with clamav through clamscan/clamdscan:

  • testing libclamav6/clamav0.97.5

Packages

Hardy

Lucid

Natty

Oneiric

Precise

Quantal

amavisd-new

clamassassin

clamtk

dansguardian

kmail (suggests)

Info (!)

mediawiki

mimedefang

moodle (suggests)

nautilus-clamscan

p3scan

qpsmtpd(1)

Note1: problems using clamscan in ALL releases, only works with backported package in Hardy; clamdscan works (https://bugs.launchpad.net/bugs/829649)

Packages which integrate with clamav via the clamav-daemon socket protocol:

  • testing libclamav6/clamav0.97.5

Packages

Hardy

Lucid

Natty

Oneiric

Precise

Quantal

amavisd-new

clamfs

clamsmtp

X

dspam

dtc/dtc-cyrus

X

X

X

dtc/dtc-postfix-courier

X

X

X

exim4

havp

libclamav-client-perl

linkchecker (suggests)

mahara

mailscanner

mimedefang

p3scan

pyclamd

MOTU/Clamav (last edited 2012-07-14 06:34:56 by kitterman)