Monday, May 13, 2024
Homepage · security
 Popular · Latest · Hot · Upcoming
4
rated 0 times [  4] [ 0]  / answers: 1 / hits: 7388  / 1 Year ago, tue, december 13, 2022, 11:05:07

ClamAV is in the official security software repositories from Canonical, but on running freshclam, it reports:



ClamAV update process started at Tue Jan 21 10:31:59 2014

WARNING: Your ClamAV installation is OUTDATED!

WARNING: Local version: 0.97.8 Recommended version: 0.98.1


(I have backports repo enabled, too.)



I would assume that there's little point with a virus scanner that is not up to date. I can think of two answers, I'm hoping the second is correct:




  1. Canonical don't take security seriously in this regard, you'll have to go outside the software centre to download something from elsewhere. I can't accept this from the most secure popular OS available



    EDIT: I feel me stating my opinion on Canonical's policy in the question has skewed the tone of answers. All answers say (2) but in fact answer (1): you have to fetch in code from outside Ubuntu LTS, probably because those people can accept this as fine.


  2. You clearly haven't done X. Type this or click that, and you'll get proper security updates for Ubuntu LTS from official sources.




Please advise! Thanks.


More From » security
 Answers
1

There is an option three:



3. The packagers at Canonical make a well-considered trade-off between stability and security, and you should worry less.



As the next three lines of your freshclam output most likely show (please add them to the question), your virus definitions are up to date. That's because Canonical -- or rather Debian, who do the original packaging of the package -- take security seriously.



What your freshclam output does show is that the installed software version (0.97.8) is behind the current production release (0.98.1). That's because Debian and Canonical are also serious about stability, in particular for an LTS release. You are on 12.04 for a reason, right?



To judge how well the packagers have made the stability-security trade-off, examine the ClamAV change log. I count 18 changes, 11 of which are not security-related or for different target platforms, leaving us with the following 7 potential security improvements (against an unknown number of newly introduced bugs):



 * Improvements to OLE2 extraction and scanning

 * xz file type support

 * bb #1570: Support ADC compression in DMG

 * libclamav: Add support for scanning xar/pkg archive files.

 * bb #8385: PDF ASCII85Decode zero-length fix

 * libclamav: SCAN_ALL mode fixes

 * bb #7436: elf64 header early exit


Trade-offs like security-stability are difficult to make, in particular for someone who isn't well informed. That's why I generally put more trust in the packagers than in my own judgment. And in case I need more certainty, I make sure that I base it on evidence rather than gut feeling.


[#27366] Thursday, December 15, 2022, 1 Year  [reply] [flag answer]
Only authorized users can answer the question. Please sign in first, or register a free account.
ainbby
Add To Favorites
Follow
Total Points: 184
Total Questions: 115
Total Answers: 112
Location: Colombia
Member since Thu, Sep 29, 2022
2 Years ago
;