[clamav-users] ClamAV updates

Al Varnell alvarnell at mac.com
Sat Sep 10 04:44:38 EDT 2016


Daily 22200 was just posted and from it's size (slightly larger than 44399+44400+44401) would appear to catch us up-to-date.

-Al-

On Fri, Sep 09, 2016 at 08:19 PM, Al Varnell wrote:
> 
> I have received daily 44399, 44400 and 44401 (the first relatively small and the last relatively large) via the clamav-virusdb mail list, so they do exist somewhere, just not in my daily.cld, the current daily.cvd or listed on DNS.
> 
> The signature team is rather small and might not be back on-line until Monday, so we’ll just have to hope somebody will let them know ASAP.
> 
> -Al-
> 
> On Fri, Sep 09, 2016 at 08:09 PM, Rafael Ferreira wrote:
>> 
>> Thanks Paul! Yeah as far as I can tell those newer databases just don't exist. If anyone from the signature team is reading this, it would be good if they could chime in.
>> 
>>> On Sep 9, 2016, at 6:24 PM, Paul Kosinski <clamav-users at iment.com> wrote:
>>> 
>>> I just looked at my logs, and I agree it's bad. I haven't seen an
>>> update since the one to 22199, which was 72 hours ago (see below).
>>> 
>>> Paul
>>> 
>>> ------------------------------  Tuesday 06 September 2016 at 21:06:02  ------------------------------
>>> 
>>> Current working dir is /opt/clamav.d/clamav.0.99.2/share/clamav
>>> Max retries == 4
>>> ClamAV update process started at Tue Sep  6 21:06:02 2016
>>> Using IPv6 aware code
>>> Querying current.cvd.clamav.net
>>> TTL: 1800
>>> Software version from DNS: 0.99.2
>>> main.cvd version from DNS: 57
>>> main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer)
>>> daily.cvd version from DNS: 22199
>>> Retrieving http://db.us.clamav.net/daily.cvd
>>> Ignoring mirror 104.131.196.175 (due to previous errors)
>>> Ignoring mirror 194.8.197.22 (due to previous errors)
>>> Ignoring mirror 128.199.133.36 (due to previous errors)
>>> nonblock_connect: connect timing out (30 secs)
>>> Can't connect to port 80 of host db.us.clamav.net (IP: 207.57.106.31)
>>> nonblock_connect: connect timing out (30 secs)
>>> Can't connect to port 80 of host db.us.clamav.net (IP: 209.198.147.20)
>>> Ignoring mirror 104.131.196.175 (due to previous errors)
>>> Trying host db.us.clamav.net (172.110.204.67)...
>>> nonblock_connect: connect timing out (30 secs)
>>> Can't connect to port 80 of host db.us.clamav.net (IP: 172.110.204.67)
>>> Ignoring mirror 194.8.197.22 (due to previous errors)
>>> Trying host db.us.clamav.net (200.236.31.1)...
>>> Trying to download http://db.us.clamav.net/daily.cvd (IP: 200.236.31.1)
>>> Downloading daily.cvd [100%]
>>> Loading signatures from daily.cvd
>>> Properly loaded 596179 signatures from new daily.cvd
>>> daily.cvd updated (version: 22199, sigs: 596178, f-level: 63, builder: neo)
>>> Querying daily.22199.82.1.0.C8EC1F01.ping.clamav.net
>>> bytecode.cvd version from DNS: 283
>>> bytecode.cvd is up to date (version: 283, sigs: 53, f-level: 63, builder: neo)
>>> Database updated (4815021 signatures) from db.us.clamav.net (IP: 200.236.31.1)
>>> OnUpdateExecute: EXIT_1
>>> 
>>> ------------------------------  Tuesday 06 September 2016 at 21:08:57  ------------------------------
>>> 
>>> TIME PASSES...
>>> 
>>> ------------------------------  Friday 09 September 2016 at 21:06:01  ------------------------------
>>> 
>>> Current working dir is /opt/clamav.d/clamav.0.99.2/share/clamav
>>> Max retries == 4
>>> ClamAV update process started at Fri Sep  9 21:06:01 2016
>>> Using IPv6 aware code
>>> Querying current.cvd.clamav.net
>>> TTL: 1800
>>> Software version from DNS: 0.99.2
>>> main.cvd version from DNS: 57
>>> main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer)
>>> daily.cvd version from DNS: 22199
>>> daily.cvd is up to date (version: 22199, sigs: 596178, f-level: 63, builder: neo)
>>> bytecode.cvd version from DNS: 283
>>> bytecode.cvd is up to date (version: 283, sigs: 53, f-level: 63, builder: neo)
>>> 
>>> ------------------------------  Friday 09 September 2016 at 21:06:01  ------------------------------
>>> 
>>> 
>>> 
>>> 
>>> 
>>> On Fri, 9 Sep 2016 17:58:52 -0700
>>> Rafael Ferreira <raf at uvasoftware.com> wrote:
>>> 
>>>> It’s not a mirror issue, there seems to be something up with the
>>>> signature dbs and it seems to have started after a fairly large jump
>>>> in the versions between v22199 and v44399
>>>> (http://lists.clamav.net/pipermail/clamav-virusdb/2016-September/thread.html
>>>> <http://lists.clamav.net/pipermail/clamav-virusdb/2016-September/thread.html>). 
>>>> 
>>>> 22199 is the latest version available from
>>>> http://db.us.clamav.net/daily.cvd <http://db.us.clamav.net/daily.cvd>
>>>> - so either it was moved or we stopped updating the daly db :( 
>>>> 
>>>> In all seriousness, I would say this is pretty bad since it means
>>>> signatures haven’t been updated in 3 days. 
>>>> 
>>>> - Rafael
>>> 
>>>> http://www.clamav.net/contact.html#ml
>>> _______________________________________________
>>> Help us build a comprehensive ClamAV guide:
>>> https://github.com/vrtadmin/clamav-faq
>>> 
>>> http://www.clamav.net/contact.html#ml
>> _______________________________________________
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>> 
>> http://www.clamav.net/contact.html#ml
> 
> -Al-

-Al-
-- 
Al Varnell
Mountain View, CA





-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3573 bytes
Desc: not available
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20160910/778b1d54/attachment.bin>


More information about the clamav-users mailing list