Ubuntu
clamav package

ClamAV: Policy on update to latest version

Asked by Jim Pye

All

I was wondering what Ubuntu/Canonical's policy is when it comes to updating to the latest version of the ClamAV engine in the Official Apt Repositories?

I have been seeing the following messages appearing in my logs for coming up on a month now. 23 Jun thru to today 22 July.

^Your ClamAV installation is OUTDATED!
^Local version: 0.103.2 Recommended version: 0.103.3

Because of the use of uppercase in the log messages, this sort of gets management jumpy and lots of explaining to be done re using Apt Repositories vs Manual installation head aches.

# apt-get update
Get:1 http://security.ubuntu.com/ubuntu focal-security InRelease [114 kB]
Hit:2 http://nz.archive.ubuntu.com/ubuntu focal InRelease
Get:3 http://nz.archive.ubuntu.com/ubuntu focal-updates InRelease [114 kB]
Get:4 http://security.ubuntu.com/ubuntu focal-security/main amd64 Packages [789 kB]
Get:5 http://security.ubuntu.com/ubuntu focal-security/main amd64 c-n-f Metadata [8,304 B]
Get:6 http://security.ubuntu.com/ubuntu focal-security/universe amd64 Packages [633 kB]
Get:7 http://nz.archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages [1,126 kB]
Get:8 http://nz.archive.ubuntu.com/ubuntu focal-updates/main Translation-en [245 kB]
Get:9 http://nz.archive.ubuntu.com/ubuntu focal-updates/main amd64 c-n-f Metadata [13.8 kB]
Get:10 http://nz.archive.ubuntu.com/ubuntu focal-updates/universe amd64 Packages [843 kB]
Get:11 http://nz.archive.ubuntu.com/ubuntu focal-updates/universe amd64 c-n-f Metadata [18.4 kB]
Fetched 3,904 kB in 31s (126 kB/s)
Reading package lists... Done

# apt-cache policy clamav-daemon
clamav-daemon:
  Installed: 0.103.2+dfsg-0ubuntu0.20.04.2
  Candidate: 0.103.2+dfsg-0ubuntu0.20.04.2
  Version table:
 *** 0.103.2+dfsg-0ubuntu0.20.04.2 500
        500 http://nz.archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu focal-security/main amd64 Packages
        100 /var/lib/dpkg/status
     0.102.2+dfsg-2ubuntu1 500
        500 http://nz.archive.ubuntu.com/ubuntu focal/main amd64 Packages

Thoughts?

Cheers
Jim

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu clamav Edit question
Assignee:
No assignee Edit question
Solved by:
Bernard Stafford
Solved:
Last query:
Last reply:
Revision history for this message
Best Bernard Stafford (bernard010) said (last edit ): 		#1

You are using the current version of clamav, it should be in your regular updates being a security package.
If not you will have to install it through backports after development.
First Debian would have to change the security package to the new package then,
Ubuntu will. Currently Debian is using clamav 0.103.2 package.
https://packages.ubuntu.com/focal/clamav
clamav 103.3 is presently under development for Ubuntu Impish. 2021-10-14 Release Date

Revision history for this message
Jim Pye (jim-pye) said : 		#2

Cool, something to go back to management with, Thank you.

Revision history for this message
Artyom (artyom-55) said : 		#3

Hello,

Do you plan to propagate version 0.103.3 of ClamAV into Ubuntu 20.04?

As current version 0.103.2 is outdated and is not recommended to use by ClamAV documentation.
>Users must stay up-to-date with the latest patch versions for continued support. As of August 28, that means version 0.103.3.
 from here http://docs.clamav.net/faq/faq-eol.html

Thanks.