Thanks for filing the bug in debian, and I agree that's the right place to continue discussions. You also mentioned in the original bug some aspects (such as auth on incoming connections) should be addressed upstream, so you may want to also file bug reports there.
From that, if there come to be solutions in the form of backportable patches, definitely mention them on this bug report and we can consider SRUing them to focal's clamav if appropriate. (My guess is that any new auth functionality will be implemented as a new feature, and as such may not be suitable for SRU, but am setting Importance to Medium in hopes there'll be at least some backportable elements.)
Looking forward to seeing how the upstream discussions proceed, thanks again!
Thanks for filing the bug in debian, and I agree that's the right place to continue discussions. You also mentioned in the original bug some aspects (such as auth on incoming connections) should be addressed upstream, so you may want to also file bug reports there.
From that, if there come to be solutions in the form of backportable patches, definitely mention them on this bug report and we can consider SRUing them to focal's clamav if appropriate. (My guess is that any new auth functionality will be implemented as a new feature, and as such may not be suitable for SRU, but am setting Importance to Medium in hopes there'll be at least some backportable elements.)
Looking forward to seeing how the upstream discussions proceed, thanks again!