[Clamav-devel] ClamAV(R) blog: ClamAV 0.102.0 has been released!

Muhammad Moosa Aslam thugs.lif3 at gmail.com
Thu Oct 3 06:30:16 EDT 2019 

Dear Team,

after running  python -m pip install --user in the main directory at the
below mentioned step I am stucked, in the main directory of mussels
whenever I write mussels the cmd is unable to recognize the command.

Then, from the same directory (because the recipes are currently co-located
with the Mussels program files), run:
    mussels --help
or just:
    mussels

[image: image.png]

Regards

On Thu, Oct 3, 2019 at 12:08 AM Joel Esler (jesler) <jesler at cisco.com>
wrote:

>
>
> https://blog.clamav.net/2019/10/clamav-01020-has-been-released.html
>
> ClamAV 0.102.0 has been released!
> Today we are excited to release ClamAV 0.102.0!
>
> Users that have tested the 0.102.0 release candidate may note that the
> 0.102.0 release includes a handful of minor bug fixes and improvements over
> the release candidate.  For easy reference, these include:
>
>   *   Improved zlib, and iconv detection when running ./configure.
>   *   Fixed detection of the libcurl version and c-ares dependency
> required for the LocalIP freshclam config option.
>   *   Fixed bug in file copy routine that caused a failure when attempting
> to update freshclam using a DatabaseCustomURL with "file://"
>   *   Added ./configure --enable-libclamav-only option, for those wishing
> to bypass building of libfreshclam and the ClamAV CLI applications. This
> option also bypasses the libcurl dependency requirement.
>
> Release materials for ClamAV 0.102.0 can be found on the ClamAV's
> downloads site.<http://www.clamav.net/downloads>
> Release Notes
> ClamAV 0.102.0 includes an assortment improvements and a couple of
> significant changes.
>
> Major changes
>
>   *   The On-Access Scanning feature has been migrated out of clamd and
> into a brand new utility named clamonacc. This utility is similar to
> clamdscan and clamav-milter in that it acts as a client to clamd. This
> separation from clamd means that clamd no longer needs to run with root
> privileges while scanning potentially malicious files. Instead, clamd may
> drop privileges to run under an account that does not have super-user. In
> addition to improving the security posture of running clamd with On-Access
> enabled, this update fixed a few outstanding defects:
>      *   On-Access scanning for created and moved files (Extra-Scanning)
> is fixed.
>      *   VirusEvent for On-Access scans is fixed.
>      *   With clamonacc, it is now possible to copy, move, or remove a
> file if the scan triggered an alert, just like with clamdscan.
>      *   For details on how to use the new clamonacc On-Access scanner,
> please refer to the user manual on ClamAV.net<
> http://www.clamav.net/documents/>, and please read our blog post entitled
> "Understanding and transitioning to ClamAV's new On-Access scanner<
> https://blog.clamav.net/2019/09/understanding-and-transitioning-to.html>."
>   *   The freshclam database update utility has undergone a significant
> update. This includes:
>      *   Added support for HTTPS.
>      *   Support for database mirrors hosted on ports other than 80.
>      *   Removal of the mirror management feature (mirrors.dat).
>      *   An all new libfreshclam library API.
>
> Notable changes
>
>   *   Added support for extracting ESTsoft .egg archives. This feature is
> new code developed from scratch using ESTsoft's Egg-archive specification
> and without referencing the UnEgg library provided by ESTsoft. This was
> necessary because the UnEgg library's license includes restrictions
> limiting the commercial use of the UnEgg library.
>   *   The documentation has moved!
>      *   Users should navigate to ClamAV.net<
> http://www.clamav.net/documents/> to view the documentation online.
>      *   The documentation will continue to be provided in HTML format
> with each release for offline viewing in the docs/html directory.
>      *   The new home for the documentation markdown is in our ClamAV FAQ
> Github repository<https://github.com/Cisco-Talos/clamav-faq>.
>   *   To remediate future denial of service conditions caused by excessive
> scan times, we introduced a scan time limit. The default value is 2 minutes
> (120000 milliseconds).
>
> To customize the time limit:
>      *   use the clamscan --max-scantime option
>      *   use the clamd MaxScanTime config option
>   *   Libclamav users may customize the time limit using the
> cl_engine_set_num function. For example:
>
> cl_engine_set_num(engine, CL_ENGINE_MAX_SCANTIME, time_limit_milliseconds)
>
> Other improvements
>
>   *   Improved Windows executable Authenticode handling, enabling both
> whitelisting and blacklisting of files based on code-signing certificates.
> Additional improvements to Windows executable (PE file) parsing. Work
> courtesy of Andrew Williams.
>   *   Added support for creating bytecode signatures for Mach-O and ELF
> executable unpacking. Work courtesy of Jonas Zaddach.
>   *   Re-formatted the entire ClamAV code-base using clang-format in
> conjunction with our new ClamAV code style specification. See the
> clamav.net blog post<
> https://blog.clamav.net/2019/02/clamav-adopts-clang-format.html> for
> details.
>   *   Integrated ClamAV with Google's OSS-Fuzz<
> https://github.com/google/oss-fuzz> automated fuzzing service with the
> help of Alex Gaynor. This work has already proven beneficial, enabling us
> to identify and fix subtle bugs in both legacy code and newly developed
> code.
>   *   The clamsubmit tool is now available on Windows.
>   *   The clamscan metadata feature (--gen-json) is now available on
> Windows.
>   *   Significantly reduced number of warnings generated when compiling
> ClamAV with "-Wall" and "-Wextra" compiler flags and made many subtle
> improvements to the consistency of variable types throughout the code.
>   *   Updated the majority of third-party dependencies for ClamAV on
> Windows. The source code for each has been removed from the clamav-devel
> repository. This means that these dependencies have to be compiled
> independently of ClamAV. The added build process complexity is offset by
> significantly reducing the difficulty of releasing ClamAV with newer
> versions of those dependencies.
>   *   During the 0.102 development period, we've also improved our
> Continuous Integration (CI) processes. Most recently, we added a CI
> pipeline definition to the ClamAV Git repository. This chains together our
> build and quality assurance test suites and enables automatic testing of
> all proposed changes to ClamAV, with customizable parameters to suit the
> testing needs of any given code change.
>   *   Added a new clamav-version.h generated header to provide version
> number macros in text and numerical format for ClamAV, libclamav, and
> libfreshclam.
>   *   Improved cross-platform buildability of libxml2. Work courtesy of
> Eneas U de Queiroz with supporting ideas pulled from the work of Jim Klimov.
>
> Bug fixes
>
>   *   Fix to prevent a possible crash when loading LDB type signature
> databases and PCRE is not available. Patch courtesy of Tomasz Kojm.
>   *   Fixes to the PDF parser that will improve PDF malware detection
> efficacy. Patch courtesy of Clement Lecigne.
>   *   Fix for regular expression phishing signatures (PDB R-type
> signatures).
>   *   Various other bug fixes.
>
> New Requirements
>
>   *   Libcurl has become a hard-dependency. Libcurl enables HTTPS support
> for freshclam and clamsubmit as well as communication between clamonacc and
> clamd.
>   *   Libcurl version >= 7.45 is required when building ClamAV from source
> with the new On-Access Scanning application (clamonacc). Users on Linux
> operating systems that package older versions of libcurl (e.g. all versions
> of CentOS and Debian versions <= 8) have a number of options:
>      *   Wait for your package maintainer to provide a newer version of
> libcurl.
>      *   Install a newer version of libcurl from source.
>      *   Disable installation of clamonacc and On-Access Scanning
> capabilities with the ./configure flag --disable-clamonacc.
>   *   Non-Linux users will need to take no actions as they are unaffected
> by this new requirement.
>
> Acknowledgements
> The ClamAV team thanks the following individuals for their code
> submissions:
>
>   *   Alex Gaynor
>   *   Andrew Williams
>   *   Carlo Landmeter
>   *   Chips
>   *   Clement Lecigne
>   *   Eneas U de Queiroz
>   *   Jim Klimov
>   *   Joe Cooper
>   *   Jonas Zaddach
>   *   Markus Kolb
>   *   Orion Poplawski
>   *   Ørjan Malde
>   *   Paul Arthur
>   *   Rick Wang
>   *   Romain Chollet
>   *   Rosen Penev
>   *   Thomas Jarosch
>   *   Tomasz Kojm
>   *   Tuomo Soini
>
> Finally, we'd like to thank Joe McGrath for building our quality assurance
> test suite and for working diligently to ensure knowledge transfer up until
> his last day on the team. Working with you was a pleasure, Joe, and we wish
> you the best of luck in your next adventure!
> _______________________________________________
>
> clamav-devel mailing list
> clamav-devel at lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-devel
>
> Please submit your patches to our Bugzilla: http://bugzilla.clamav.net
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>

<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=icon>
Virus-free.
www.avast.com
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=link>
<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 108544 bytes
Desc: not available
URL: <https://lists.clamav.net/pipermail/clamav-devel/attachments/20191003/6bea6fa9/attachment.png>

More information about the clamav-devel mailing list