0

ClamAV is in the official security software repositories from Canonical, but on running freshclam, it reports:

ClamAV update process started at Tue Jan 21 10:31:59 2014
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.97.8 Recommended version: 0.98.1

(I have backports repo enabled, too.)

I would assume that there's little point with a virus scanner that is not up to date. I can think of two answers, I'm hoping the second is correct:

  1. Canonical don't take security seriously in this regard, you'll have to go outside the software centre to download something from elsewhere. I can't accept this from the most secure popular OS available

    EDIT: I feel me stating my opinion on Canonical's policy in the question has skewed the tone of answers. All answers say (2) but in fact answer (1): you have to fetch in code from outside Ubuntu LTS, probably because those people can accept this as fine.

  2. You clearly haven't done X. Type this or click that, and you'll get proper security updates for Ubuntu LTS from official sources.

Please advise! Thanks.

artfulrobot
  • 8,733

2 Answers2

4

There is an option three:

3. The packagers at Canonical make a well-considered trade-off between stability and security, and you should worry less.

As the next three lines of your freshclam output most likely show (please add them to the question), your virus definitions are up to date. That's because Canonical -- or rather Debian, who do the original packaging of the package -- take security seriously.

What your freshclam output does show is that the installed software version (0.97.8) is behind the current production release (0.98.1). That's because Debian and Canonical are also serious about stability, in particular for an LTS release. You are on 12.04 for a reason, right?

To judge how well the packagers have made the stability-security trade-off, examine the ClamAV change log. I count 18 changes, 11 of which are not security-related or for different target platforms, leaving us with the following 7 potential security improvements (against an unknown number of newly introduced bugs):

 * Improvements to OLE2 extraction and scanning
 * xz file type support
 * bb #1570: Support ADC compression in DMG
 * libclamav: Add support for scanning xar/pkg archive files.
 * bb #8385: PDF ASCII85Decode zero-length fix
 * libclamav: SCAN_ALL mode fixes
 * bb #7436: elf64 header early exit

Trade-offs like security-stability are difficult to make, in particular for someone who isn't well informed. That's why I generally put more trust in the packagers than in my own judgment. And in case I need more certainty, I make sure that I base it on evidence rather than gut feeling.

zwets
  • 12,770
  • 2
  • 37
  • 46
3

You clearly haven't done X.

If you need a more up to date version you need to install this yourself from the website http://code.google.com/p/clamtk/ From their readme it seems they provide DEB installers after you have downloaded it:

DEBs:

You should be able to just double-click the .deb file to install it.
This assumes you have permissions to install programs, of course. Your
package manager should grab any necessary dependencies.

By the commandline, you can do this:

# dpkg -i clamtk-*.deb

To remove clamtk:
# dpkg --purge clamtk

Note that the Debian/Ubuntu builds are gpg-signed.

Source

Rinzwind
  • 309,379