[clamav-users] Signatures in md5sum not in sha256sum
Paul Kosinski
clamav-users at iment.com
Fri Sep 8 14:12:09 UTC 2017
MD5 has been discredited (found insecure) a long time ago. Putting out
*new* signatures with SHA256 shouldn't be all that hard. And just like
some new sigs needing a recent version of ClamAV because of their
content, SHA-signed sigs could demand a new ClamAV version.
As far as a being a security issue, forged sigs could cause denial of
service via false positives. (And I imagine there could even be
actively malicious bytecode.)
P.S. Mozilla is even providing SHA512 sigs for Firefox (ESR, at least).
On Fri, 08 Sep 2017 04:27:42 -0700
Al Varnell <alvarnell at mac.com> wrote:
> I'm struggling to understand how that would improve the DB? It's not
> a security issue and it would seemingly involve a ton of work to run
> all those samples again just to get a larger number which would
> require additional time to download and space to store the DB as well
> as in RAM.
>
> -Al-
>
> On Fri, Sep 08, 2017 at 04:12 AM, Vijayakumar U wrote:
> > Dear Team,
> >
> > Do we have any plans to maintain/update the signature DB with
> > sha256sum?
> >
> > Is there any specific reason to maintain the signatures in md5sum
> > format?
> >
> > Please clarify.
More information about the clamav-users
mailing list