[clamav-users] ***UNCHECKED*** Re: Re: Malformed database issue

Jay Hart jhart at kevla.org
Mon Jul 16 11:24:18 EDT 2018


I will check OS version this evening when I return home.  I was not able to determine which
version of zlib is installed, what is a command with options that will allow me to provide that
data point to you?

Thanks for help so far.

Jay

> Hi Jay,
>
> Is your system 32bit?   As noted in our 0.100.0 release notes, we found that Centos 6 (and 5)
> provide an old version of zlib (1.2.3.3) that will fail to properly extract the ClamAV databases.
> You can update to 1.2.4 to resolve the issue, but I recommend at least 1.2.9 or newer as 1.2.8 has
> at least 4 published CVE's.
>
> Regards,
> Micah
>
> Micah Snyder
> ClamAV Development
> Talos
> Cisco Systems, Inc.
>
>
> On Jul 15, 2018, at 10:15 PM, Jay Hart <jhart at kevla.org<mailto:jhart at kevla.org>> wrote:
>
> Oh, check your permissions on var/lib/clamav, see if clam has access to it
>
> On 7/15/18, 8:05 PM, "clamav-users on behalf of Jay Hart"
> <clamav-users-bounces at lists.clamav.net<mailto:clamav-users-bounces at lists.clamav.net> on behalf of
> jhart at kevla.org<mailto:jhart at kevla.org>> wrote:
>
>
>
> I was able to manually download daily.cvd and main.cvd, and I placed these files in the
> /var/lib/clamav directory, with the following permissions:
>
> [root at centos clamav]# ls -al
> total 162524
> drwxr-xr-x   2 clam clam      4096 Jul 15 22:01 .
> drwxr-xr-x. 49 root root      4096 Jul 15 03:08 ..
> -rw-r--r--   1 clam clam  48510215 Jul 15 20:44 daily.cvd
> -rw-r--r--   1 clam clam 117892267 Jul 15 20:44 main.cvd
> -rw-------   1 clam clam       468 Jul 15 22:01 mirrors.dat
>
> I was hoping on a reboot that clamav would start working, it didn't, here is the error I get now:
>
> Starting Clam AntiVirus Daemon: LibClamAV debug: Initialized 0.100.0 engine
> LibClamAV debug: Initializing phishcheck module
> LibClamAV debug: Phishcheck: Compiling regex: ^
> *(http|https|ftp:(//)?)?[0-9]{1,3}(\.[0-9]{1,3}){3}[/?:]? *$
>
> LibClamAV debug: Phishcheck module initialized
> LibClamAV debug: Bytecode initialized in interpreter mode
> LibClamAV debug: Loading databases from /var/lib/clamav
> LibClamAV debug: in cli_cvdload()
> LibClamAV debug: MD5(.tar.gz) = e2cf7aaa354f5e33316a3dd89c4b915b
> LibClamAV debug: cli_versig: Decoded signature: e2cf7aaa354f5e33316a3dd89c4b915b
> LibClamAV debug: cli_versig: Digital signature is correct.
> LibClamAV debug: in cli_tgzload()
> LibClamAV debug: in cli_tgzload_cleanup()
> LibClamAV Error: cli_cvdload: Corrupted CVD header
> LibClamAV Error: Can't load /var/lib/clamav/daily.cvd: Malformed database
> Sun Jul 15 21:27:43 2018 -> !Malformed database
> Sun Jul 15 21:27:43 2018 -> *Closing the main socket.     [FAILED]
>
> I enabled logging when clamav is running, hence the debug info above.  I still am getting the
> malformed database issue even when directly downloading the files using wget from the
> clamav.net<http://clamav.net>
> site.
>
> I also verified that the clamav package was good, here is that command and the result:
>
> [root at centos jhart]# rpm -V clamav-0.100.0-1.el6.i686
> S.5....T.  c /etc/freshclam.conf
>
> Can you see any issues above, or point me to something else to try. I was figuring that maybe rpm
> would tell me I got a bad package and I'd reapply it, but I don't think that is the case.
>
> Do you want my freshclam,conf parameters?
>
> thanks for the help. I've tried just about everything I know to do and have been able to
> research.
>
> Jay
>
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net<mailto:clamav-users at lists.clamav.net>
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>




More information about the clamav-users mailing list