Re: ClamAV security update

From: Florian Smeets <>
Date: Thu, 19 May 2022 18:52:38 UTC
On 19.05.22 09:30, Andrea Venturoli wrote:
> Hello.
> I see Clamav 0.105.0, 0.104.3 and 0.103.6 were released on May 5th, the 
> latter two closing "several CVE fixes".
> However, the port was not updated and not even portaudit entries were 
> added.
> Was this overlooked?
> Are the FreeBSD ports somehow not affected?

I created a patch and PR a week ago. I was waiting for the maintainer 
timeout. After discussing with bapt I went ahead and committed the 
update without approval of the maintainer.

IMHO, security fixes should be specifically mentioned in the blanket