Clamav

Differences between revisions 295 and 296
Revision 295 as of 2011-08-19 06:07:24
Size: 7390
Editor: cemc
Comment:
Revision 296 as of 2011-08-26 16:50:32
Size: 7240
Editor: cemc
Comment:
Deletions are marked like this. Additions are marked like this.
Line 85: Line 85:
Note1: problems using clamscan in ALL releases, only works with backported package in Hardy; clamdscan works Note1: problems using clamscan in ALL releases, only works with backported package in Hardy; clamdscan works (https://bugs.launchpad.net/bugs/829649)
Line 104: Line 104:
|| [[MOTU/Clamav/TestingProcedures#mimedefang|mimedefang(2)]] || || || || '''OK(*)''' || || || [[MOTU/Clamav/TestingProcedures#mimedefang|mimedefang]] || || || || '''OK''' || ||
Line 107: Line 107:

Note1: tested the backported packages, NOT the one from stable

Note2: apparmor profile prevents clamd from scanning mimedefang's temp files https://bugs.launchpad.net/bugs/829089

Status

ubuntu-clamav PPA

Cleared matrix for clamav-0.97.2 testing. No SO version change, so it's still libclamav6, no major problems anticipated.

The libclamav6 transition is done for Hardy.

Note: Starting with 0.94, clamav now has an apparmor profile, so these backports may have issues related to apparmor.

Clamav-0.96.5 is in maverick/lucid-updates and hardy-backports.

clamav-0.97 is in natty.


Steps for Clamav Backport

  • Step one is to publish a draft package for a clamav <version> backport to older releases out for people to use. The draft source package can be found in the PPA.

  • Step two is to prepare backports of the libclamav rdepends, upload them to the PPA, and then work on patching packages that don't build.
  • Step three is testing the backports from the PPA. Indicate test results below. All libclamav rdepends must be tested. Unless there are documented changes in the clamav-dameon (clamd) protocol, only a sampling of clamav-daemon rdepends need to be tested.
  • Step four is massive backport of all of the needed updates at the same time so nothing (promise) breaks.
  • Step five: Move to another release, rinse, repeat.

Testing procedures can be found here or by clicking on the package names in the matrix below. Feel free to complete missing testing procedures.

Steps for copying Clamav to -updates/ -security

Once clamav and any needed rdepends are in *-backports, a close watch on bug reports for all related packages must be maintained. The step to *-backports brings the new clamav version to a wider audience for testing. The purpose if using *-backports is to enable wide testing and early access to users that require it while leaving -proposed open for any urgent fixes that need to be pushed on through.

Once the package set has aged sufficiently (generally a week without new bug reports is generally sufficient) then it should be copied to either *-security or *-updates. Virtually all clamav releases include security fixes, so it is likely that *-security will be the initial target and then the packages will be automatically copied to *-updates. The Ubuntu security team will rebuild all the packages in the Ubuntu security PPA if the target is *-security. If the target is *-updates, the Ubuntu SRU can pocket copy the packages from *-backports.

Packages

The following matrices indicate the testing phase for every package which depends/uses clamav. Packages which can use multiple methods of scanning (ie. clamd, clamdscan, clamscan) will be listed in each matrix and have to be tested accordingly. Matrix values:

  • X - package n/a in that particular release, or cannot be tested

  • OK - package was tested and it works without problems

  • <blank> - package is being tested / was not tested yet

  • any other short comment...

Packages built with libclamav (libclamav rdepends), these need to be tested before any other package:

  • testing libclamav6/clamav0.97.2

Packages

Hardy

Lucid

Maverick

Natty

Oneiric

dansguardian

OK

gurlchecker

havp

OK

klamav

X

X

python-clamav

OK

php4-clamavlib

X

X

X

X

php5-clamavlib

X

X

X

X

php-clamav(1)

X

X

X

Note1: php-clamav is NOT in any release yet, only in the clamav-ppa

Packages which integrate with clamav through clamscan/clamdscan:

  • testing libclamav6/clamav0.97.2

Packages

Hardy

Lucid

Maverick

Natty

Oneiric

amavisd-new

OK

clamassassin

OK

clamtk

OK

dansguardian

OK

kmail (suggests)

OK

mediawiki

mimedefang

moodle (suggests)

nautilus-clamscan

OK

p3scan

OK

qpsmtpd(1)

OK(1)

Note1: problems using clamscan in ALL releases, only works with backported package in Hardy; clamdscan works (https://bugs.launchpad.net/bugs/829649)

Packages which integrate with clamav via the clamav-daemon socket protocol:

  • testing libclamav6/clamav0.97.2

Packages

Hardy

Lucid

Maverick

Natty

Oneiric

amavisd-new

OK

clamfs

OK

clamsmtp

OK

dspam

dtc/dtc-cyrus

dtc/dtc-postfix-courier

exim4

OK

havp

OK

libclamav-client-perl

OK

linkchecker (suggests)

mahara

mailscanner

mimedefang

OK

p3scan

OK

pyclamd

OK

MOTU/Clamav (last edited 2012-07-14 06:34:56 by kitterman)