Clamav

Revision 263 as of 2010-12-03 20:05:18

Clear message

Status

ubuntu-clamav PPA

Cleared matrix for clamav-0.96.5 testing. No SO version change, so it's still libclamav6, no major problems anticipated.

The libclamav6 transition is done for Dapper/Hardy.

Intrepid, Jaunty is EOL, no more testing/backporting.

Note: Starting with 0.94, clamav now has an apparmor profile, so these backports may have issues related to apparmor. Dapper desktop support is EOL, so those packages don't need testing.

Clamav-0.95.3 is in dapper-security/updates, hardy-security/updates and karmic-security/updates. Fixes for security issues from the 0.96 release have been patched in.

Clamav-0.96.3 is in lucid-updates/maverick.

Clamav-0.96.4 is in dapper/hardy/karmic/lucid/maverick-backports

Clamav 0.96.5 is in Natty


Steps for Clamav Backport

  • Step one is to publish a draft package for a clamav <version> backport to older releases out for people to use. The draft source package can be found in the PPA.

  • Step two is to prepare backports of the libclamav rdepends, upload them to the PPA, and then work on patching packages that don't build.
  • Step three is testing the backports from the PPA. Indicate test results below. All libclamav rdepends must be tested. Unless there are documented changes in the clamav-dameon (clamd) protocol, only a sampling of clamav-daemon rdepends need to be tested.
  • Step four is massive backport of all of the needed updates at the same time so nothing (promise) breaks.
  • Step five: Move to another release, rinse, repeat.

Testing procedures can be found here or by clicking on the package names in the matrix below. Feel free to complete missing testing procedures.

Steps for copying Clamav to -updates/ -security

Once clamav and any needed rdepends are in *-backports, a close watch on bug reports for all related packages must be maintained. The step to *-backports brings the new clamav version to a wider audience for testing. The purpose if using *-backports is to enable wide testing and early access to users that require it while leaving -proposed open for any urgent fixes that need to be pushed on through.

Once the package set has aged sufficiently (generally a week without new bug reports is generally sufficient) then it should be copied to either *-security or *-updates. Virtually all clamav releases include security fixes, so it is likely that *-security will be the initial target and then the packages will be automatically copied to *-updates. The Ubuntu security team will rebuild all the packages in the Ubuntu security PPA if the target is *-security. If the target is *-updates, the Ubuntu SRU can pocket copy the packages from *-backports.

Packages

The following matrices indicate the testing phase for every package which depends/uses clamav. Packages which can use multiple methods of scanning (ie. clamd, clamdscan, clamscan) will be listed in each matrix and have to be tested accordingly. Matrix values:

  • X - package n/a in that particular release, or cannot be tested

  • OK - package was tested and it works without problems

  • <blank> - package is being tested / was not tested yet

  • any other short comment...

Packages built with libclamav (libclamav rdepends), these need to be tested before any other package:

  • testing libclamav6/clamav0.96.5

Packages

Dapper

Hardy

Karmic

Lucid

Maverick

Natty

avscan (*)

X

X

X

X

X

clamcour

X

X

X

X

dansguardian

gurlchecker

havp

klamav

X

python-clamav

php4-clamavlib

X

X

X

X

php5-clamavlib

X

X

X

php5-clamav

X

X

X

sylpheed-claws-clamav (*)

X

X

X

X

X

sylpheed-claws-gtk2-clamav (*)

X

X

X

X

X

Note: The avscan and sylpheed-claws* packages are now transitional packages to clamtk - no more testing required.

Packages which integrate with clamav through clamscan/clamdscan:

  • testing 0.96.5

Packages

Dapper

Hardy

Karmic

Lucid

Maverick

Natty

clamassassin

clamtk

X

dansguardian

X

X

kmail (suggests

X

mediawiki

X

mimedefang

moodle (suggests)

X

X

nautilus-clamscan

X

X

p3scan

qpsmtpd

Note: Dapper goes EOL for Desktop, kmail works only with clamdscan on Dapper

Packages which integrate with clamav via the clamav-daemon socket protocol:

  • testing 0.96.5