[clamav-users] ClamAV updates

Al Varnell alvarnell at mac.com
Fri Sep 9 23:19:13 EDT 2016


I have received daily 44399, 44400 and 44401 (the first relatively small and the last relatively large) via the clamav-virusdb mail list, so they do exist somewhere, just not in my daily.cld, the current daily.cvd or listed on DNS.

The signature team is rather small and might not be back on-line until Monday, so we’ll just have to hope somebody will let them know ASAP.

-Al-

On Fri, Sep 09, 2016 at 08:09 PM, Rafael Ferreira wrote:
> 
> Thanks Paul! Yeah as far as I can tell those newer databases just don't exist. If anyone from the signature team is reading this, it would be good if they could chime in.
> 
>> On Sep 9, 2016, at 6:24 PM, Paul Kosinski <clamav-users at iment.com> wrote:
>> 
>> I just looked at my logs, and I agree it's bad. I haven't seen an
>> update since the one to 22199, which was 72 hours ago (see below).
>> 
>> Paul
>> 
>> ------------------------------  Tuesday 06 September 2016 at 21:06:02  ------------------------------
>> 
>> Current working dir is /opt/clamav.d/clamav.0.99.2/share/clamav
>> Max retries == 4
>> ClamAV update process started at Tue Sep  6 21:06:02 2016
>> Using IPv6 aware code
>> Querying current.cvd.clamav.net
>> TTL: 1800
>> Software version from DNS: 0.99.2
>> main.cvd version from DNS: 57
>> main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer)
>> daily.cvd version from DNS: 22199
>> Retrieving http://db.us.clamav.net/daily.cvd
>> Ignoring mirror 104.131.196.175 (due to previous errors)
>> Ignoring mirror 194.8.197.22 (due to previous errors)
>> Ignoring mirror 128.199.133.36 (due to previous errors)
>> nonblock_connect: connect timing out (30 secs)
>> Can't connect to port 80 of host db.us.clamav.net (IP: 207.57.106.31)
>> nonblock_connect: connect timing out (30 secs)
>> Can't connect to port 80 of host db.us.clamav.net (IP: 209.198.147.20)
>> Ignoring mirror 104.131.196.175 (due to previous errors)
>> Trying host db.us.clamav.net (172.110.204.67)...
>> nonblock_connect: connect timing out (30 secs)
>> Can't connect to port 80 of host db.us.clamav.net (IP: 172.110.204.67)
>> Ignoring mirror 194.8.197.22 (due to previous errors)
>> Trying host db.us.clamav.net (200.236.31.1)...
>> Trying to download http://db.us.clamav.net/daily.cvd (IP: 200.236.31.1)
>> Downloading daily.cvd [100%]
>> Loading signatures from daily.cvd
>> Properly loaded 596179 signatures from new daily.cvd
>> daily.cvd updated (version: 22199, sigs: 596178, f-level: 63, builder: neo)
>> Querying daily.22199.82.1.0.C8EC1F01.ping.clamav.net
>> bytecode.cvd version from DNS: 283
>> bytecode.cvd is up to date (version: 283, sigs: 53, f-level: 63, builder: neo)
>> Database updated (4815021 signatures) from db.us.clamav.net (IP: 200.236.31.1)
>> OnUpdateExecute: EXIT_1
>> 
>> ------------------------------  Tuesday 06 September 2016 at 21:08:57  ------------------------------
>> 
>> TIME PASSES...
>> 
>> ------------------------------  Friday 09 September 2016 at 21:06:01  ------------------------------
>> 
>> Current working dir is /opt/clamav.d/clamav.0.99.2/share/clamav
>> Max retries == 4
>> ClamAV update process started at Fri Sep  9 21:06:01 2016
>> Using IPv6 aware code
>> Querying current.cvd.clamav.net
>> TTL: 1800
>> Software version from DNS: 0.99.2
>> main.cvd version from DNS: 57
>> main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer)
>> daily.cvd version from DNS: 22199
>> daily.cvd is up to date (version: 22199, sigs: 596178, f-level: 63, builder: neo)
>> bytecode.cvd version from DNS: 283
>> bytecode.cvd is up to date (version: 283, sigs: 53, f-level: 63, builder: neo)
>> 
>> ------------------------------  Friday 09 September 2016 at 21:06:01  ------------------------------
>> 
>> 
>> 
>> 
>> 
>> On Fri, 9 Sep 2016 17:58:52 -0700
>> Rafael Ferreira <raf at uvasoftware.com> wrote:
>> 
>>> It’s not a mirror issue, there seems to be something up with the
>>> signature dbs and it seems to have started after a fairly large jump
>>> in the versions between v22199 and v44399
>>> (http://lists.clamav.net/pipermail/clamav-virusdb/2016-September/thread.html
>>> <http://lists.clamav.net/pipermail/clamav-virusdb/2016-September/thread.html>). 
>>> 
>>> 22199 is the latest version available from
>>> http://db.us.clamav.net/daily.cvd <http://db.us.clamav.net/daily.cvd>
>>> - so either it was moved or we stopped updating the daly db :( 
>>> 
>>> In all seriousness, I would say this is pretty bad since it means
>>> signatures haven’t been updated in 3 days. 
>>> 
>>> - Rafael
>> 
>>> http://www.clamav.net/contact.html#ml
>> _______________________________________________
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>> 
>> http://www.clamav.net/contact.html#ml
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml

-Al-
-- 
Al Varnell
Mountain View, CA




-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3573 bytes
Desc: not available
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20160909/f0cd247f/attachment.bin>


More information about the clamav-users mailing list