[clamav-users] ClamAV updates

Rafael Ferreira raf at uvasoftware.com
Fri Sep 9 23:09:57 EDT 2016


Thanks Paul! Yeah as far as I can tell those newer databases just don't exist. If anyone from the signature team is reading this, it would be good if they could chime in.

> On Sep 9, 2016, at 6:24 PM, Paul Kosinski <clamav-users at iment.com> wrote:
> 
> I just looked at my logs, and I agree it's bad. I haven't seen an
> update since the one to 22199, which was 72 hours ago (see below).
> 
> Paul
> 
> ------------------------------  Tuesday 06 September 2016 at 21:06:02  ------------------------------
> 
> Current working dir is /opt/clamav.d/clamav.0.99.2/share/clamav
> Max retries == 4
> ClamAV update process started at Tue Sep  6 21:06:02 2016
> Using IPv6 aware code
> Querying current.cvd.clamav.net
> TTL: 1800
> Software version from DNS: 0.99.2
> main.cvd version from DNS: 57
> main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer)
> daily.cvd version from DNS: 22199
> Retrieving http://db.us.clamav.net/daily.cvd
> Ignoring mirror 104.131.196.175 (due to previous errors)
> Ignoring mirror 194.8.197.22 (due to previous errors)
> Ignoring mirror 128.199.133.36 (due to previous errors)
> nonblock_connect: connect timing out (30 secs)
> Can't connect to port 80 of host db.us.clamav.net (IP: 207.57.106.31)
> nonblock_connect: connect timing out (30 secs)
> Can't connect to port 80 of host db.us.clamav.net (IP: 209.198.147.20)
> Ignoring mirror 104.131.196.175 (due to previous errors)
> Trying host db.us.clamav.net (172.110.204.67)...
> nonblock_connect: connect timing out (30 secs)
> Can't connect to port 80 of host db.us.clamav.net (IP: 172.110.204.67)
> Ignoring mirror 194.8.197.22 (due to previous errors)
> Trying host db.us.clamav.net (200.236.31.1)...
> Trying to download http://db.us.clamav.net/daily.cvd (IP: 200.236.31.1)
> Downloading daily.cvd [100%]
> Loading signatures from daily.cvd
> Properly loaded 596179 signatures from new daily.cvd
> daily.cvd updated (version: 22199, sigs: 596178, f-level: 63, builder: neo)
> Querying daily.22199.82.1.0.C8EC1F01.ping.clamav.net
> bytecode.cvd version from DNS: 283
> bytecode.cvd is up to date (version: 283, sigs: 53, f-level: 63, builder: neo)
> Database updated (4815021 signatures) from db.us.clamav.net (IP: 200.236.31.1)
> OnUpdateExecute: EXIT_1
> 
> ------------------------------  Tuesday 06 September 2016 at 21:08:57  ------------------------------
> 
> TIME PASSES...
> 
> ------------------------------  Friday 09 September 2016 at 21:06:01  ------------------------------
> 
> Current working dir is /opt/clamav.d/clamav.0.99.2/share/clamav
> Max retries == 4
> ClamAV update process started at Fri Sep  9 21:06:01 2016
> Using IPv6 aware code
> Querying current.cvd.clamav.net
> TTL: 1800
> Software version from DNS: 0.99.2
> main.cvd version from DNS: 57
> main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer)
> daily.cvd version from DNS: 22199
> daily.cvd is up to date (version: 22199, sigs: 596178, f-level: 63, builder: neo)
> bytecode.cvd version from DNS: 283
> bytecode.cvd is up to date (version: 283, sigs: 53, f-level: 63, builder: neo)
> 
> ------------------------------  Friday 09 September 2016 at 21:06:01  ------------------------------
> 
> 
> 
> 
> 
> On Fri, 9 Sep 2016 17:58:52 -0700
> Rafael Ferreira <raf at uvasoftware.com> wrote:
> 
>> It’s not a mirror issue, there seems to be something up with the
>> signature dbs and it seems to have started after a fairly large jump
>> in the versions between v22199 and v44399
>> (http://lists.clamav.net/pipermail/clamav-virusdb/2016-September/thread.html
>> <http://lists.clamav.net/pipermail/clamav-virusdb/2016-September/thread.html>). 
>> 
>> 22199 is the latest version available from
>> http://db.us.clamav.net/daily.cvd <http://db.us.clamav.net/daily.cvd>
>> - so either it was moved or we stopped updating the daly db :( 
>> 
>> In all seriousness, I would say this is pretty bad since it means
>> signatures haven’t been updated in 3 days. 
>> 
>> - Rafael
> 
>> http://www.clamav.net/contact.html#ml
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml



More information about the clamav-users mailing list