clamav 0.96.5 wants to update to ver. 0.97, but reports that the several repositories it tries are not yet updated. I see Sourceforge.net has 0.97 as a source tarball and clamav.net offers the source and a download (Immunet) for Windows only. The clamav.net site says openSUSE packages are at Index of /repositories/security
but Yast won’t accept that–invalid URL.
The baseurl= isn’t accepted in the repository manager (from the “Add” button), with or without that leading portion.
Since clamav is available in Yast, and a “package search” in Yast shows only the 0.96.5 version, and the ReadMe for 0.97 doesn’t sound urgent, is it OK to assume that it’s safe to ignore the update attempts? Perhaps they could be shut off and let Yast advise when an update is available?
On 03/02/2011 06:06 PM, konsultor wrote:
>
> Since clamav is available in Yast, and a “package search” in Yast shows
> only the 0.96.5 version, and the ReadMe for 0.97 doesn’t sound urgent,
> is it OK to assume that it’s safe to ignore the update attempts?
if you never update Clam, your Linux machine will remain safe to
use…the only usefulness of it offers is to help protect your Windows
using friends from a virus you might unknowingly send them…
and, those Windows users are responsible for their own security, so if
you update Clam everyday they still have that responsibility–so,
never update is not a problem for them either…
> Perhaps they could be shut off and let Yast advise when an update is
> available?
i think you are are saying that the maker of ClamAV is sending you
messages that you need to update, right? so, if you want those
notifications “shut off” ask those who are sending to stop it (that is
to say: as far as i know openSUSE is not telling you to
update…openSUSE offers updates via the update repo…not via
messages from ClamAV folks…
–
DenverD
CAVEAT: http://is.gd/bpoMD
[NNTP posted w/openSUSE 11.3, KDE4.5.5, Thunderbird3.0.11, nVidia
173.14.28 3D, Athlon 64 3000+]
“It is far easier to read, understand and follow the instructions than
to undo the problems caused by not.” DD 23 Jan 11
Thank you Malcom. sudo zypper ar Index of /repositories/security/openSUSE_11.3 openSUSE_11.3_Security added the repository, now visible in Yast, and there was an update–but not clamav. [The pasted link did not copy completely.]
Was unable to add /repositories/security/openSUSE_11.3 openSUSE_11.3_Security in Yast, with or without the space. The response is “Unable to add repository”. Is there a special form for a URL in the Add Repository function of Yast?
It’s not clamav.net that’s sending messages, it’s the application checking its version against the latest. I’ve unchecked the option for auto updates.
My main question is whether I’m missing a repository that holds the latest clamav.
Hi
Look at the Security repo as the testing ground and also has to go through all the security checks and QA before it will get into the standard update repository.
Try add a ’ around the repository name
sudo zypper ar http://download.opensuse.org/repositories/security/openSUSE_11.3/ 'openSUSE_11.3_Security'
You need to use YaST and then switch just that package to the one in the security repo via the versions tab.
On 2011-03-02 20:36, konsultor wrote:
> It’s not clamav.net that’s sending messages, it’s the application
> checking its version against the latest. I’ve unchecked the option for
> auto updates.
Notice that there are two types of updates to clamav: the engine and the
database. The database can be, and should be, updated automatically and
daily, or even hourly (that is, if you need to run an antivirus).
The engine can be updated by rpm from openSUSE, which are very slow at
producing it, or compiling it yourself from the sources. While you do this,
clamav complains bitterly and frequently that you should upgrade ASAP, as
messages in the log. Depending on why you are using it, you can ignore them
or not.
–
Cheers / Saludos,
Carlos E. R.
(from 11.2 x86_64 “Emerald” at Telcontar)
On 03/02/2011 08:19 AM, DenverD wrote:
> On 03/02/2011 06:06 PM, konsultor wrote:
>>
>> Since clamav is available in Yast, and a “package search” in Yast shows
>> only the 0.96.5 version, and the ReadMe for 0.97 doesn’t sound urgent,
>> is it OK to assume that it’s safe to ignore the update attempts?
>
> if you never update Clam, your Linux machine will remain safe to
> use…the only usefulness of it offers is to help protect your Windows
> using friends from a virus you might unknowingly send them…
>
> and, those Windows users are responsible for their own security, so if
> you update Clam everyday they still have that responsibility–so,
> never update is not a problem for them either…
More useful than just that. At work I ran our email gateways on
openSUSE for several years. All the email was scanned for viruses
w/ClamAV (as well as other antivirus agents) before ever hitting the
Windows network. Now days I use SLES but still run ClamAV on them.
Another advantage is they do phishing filtering in addition to viruses
so even if you’re not prone to a Linux virus, it’s good to clobber the
phishing come ons.
>
>> Perhaps they could be shut off and let Yast advise when an update is
>> available?
ClamAV checks for new signatures hourly IIRC. When it checks it will
also look to see if the program has a newer version.
> i think you are are saying that the maker of ClamAV is sending you
> messages that you need to update, right? so, if you want those
> notifications “shut off” ask those who are sending to stop it (that is
> to say: as far as i know openSUSE is not telling you to
> update…openSUSE offers updates via the update repo…not via
> messages from ClamAV folks…
They’re in the logs. At least in my case. Can’t speak for the OP. No
popups or email involved…