Comment 5 for bug 625849

Since we have the same version to start from in -backports, I would recommend when this is released (I understand there's a second, PDF related vulnerability fix in the next clamav release too) doing one patch to the current backports packages and promoting them to -security.

It will not require any other packages to be updated.

    clamav | 0.96.1+dfsg-3ubuntu5~dapper1 | dapper-backports/universe | source, amd64, i386, powerpc
    clamav | 0.96.1+dfsg-3ubuntu5~hardy1 | hardy-backports/universe | source, amd64, i386
    clamav | 0.96.1+dfsg-3ubuntu5~jaunty1 | jaunty-backports | source, amd64, i386
    clamav | 0.96.1+dfsg-3ubuntu5~karmic1 | karmic-backports | source, amd64, i386
    clamav | 0.96.1+dfsg-3ubuntu5~lucid1 | lucid-backports | source, amd64, i386
    clamav | 0.96.1+dfsg-3ubuntu5 | maverick | source, amd64, i386

The only hole is Hardy lpia. It's in Universe so it's not essential, but I'd like to try to build without llvm support. I didn't quite manage it yet.