ClamAV reporting Outdated version

Just to remind myself as much as anything, as I’ve been through this a few times. ClamAV was complaining loudly in the logfiles about not having the most up to date ClamAV. I searched around and was pointed to the Debian Unstable repository to /etc/apt/sources.list (Read the whole article before you add this one …there is a better one)

After that, on running apt-get update, you get a message like this:

W: GPG error: etch/volatile Release: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY DFD993306D849617

So, take the pubkey number off the end and do this with it.

sudo gpg --keyserver --recv-keys DFD993306D849617
sudo gpg --armor --export DFD993306D849617 > new.key
sudo apt-key add new.key

I then got a message saying “The following packages have been kept back: clamav clamav-daemon clamav-freshclam”

By using

 sudo aptitude dist-upgrade

(NB aptitude rather than apt-get) the new packages are downloaded. However they’re still not up to the level that ClamAV is telling me to upgrade to.

So, more searching. It turns out the most up to date Ubuntu Repositories are from this page … In my case the solution was to add these lines to my /etc/apt/sources.list

deb hardy main
deb-src hardy main

And then run through the pubkey process above, with the different pubkey id number. Later distros might get away with the add-apt-key command, but I was running hardy (8.04) on this particular server.

1 thought on “ClamAV reporting Outdated version

Leave a Comment