[clamav-users] Anyone notice any issues with clamav 0.99.2 and recent patterns?
Karl Pielorz
kpielorz_lst at tdx.co.uk
Fri Jan 26 04:22:13 UTC 2018
Hi,
>From about 02:59 today (26/01) our we saw a pattern update, and we also
noticed freshclam logged, "DON'T PANIC! Read
http://www.clamav.net/documents/upgrading-clamav"
'freshclam' output shows:
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder:
sigmgr)
daily.cld is up to date (version: 24256, sigs: 1835772, f-level: 63,
builder: neo)
bytecode.cld is up to date (version: 319, sigs: 75, f-level: 63, builder:
neo)
We're currently running clamav 0.99.2 (technically shown as 0.99.2_8) under
FreeBSD 10.3 amd64 - since then we've seen an issue where clamd "kind of
dies" - it's still running, there are no errors logged anywhere (we log to
syslog) - but whilst it's accepting connections to scan things - for lots
of them it doesn't seem to either be accepting data sent to it's socket
(causing the caller to hang/timeout eventually) - or return results.
This ends up with a lot of wedged mail processes (and we slowly run out of
fd's as the process table fills up).
I can't yet update to 0.99.3 (as we use FreeBSD's pkg system - and it's not
available yet).
Anyone else seen any similar issues? This literally just started with the
update at 02:59 - Any ideas how we can get some kind of logging out of it?
Worst case, is it possible / easy to roll back to a previous pattern file?
We only use clamd / freshclam - as our mail system accesses clamd direct
via it's unix socket. We've tried rebuilding the exe that talks to clamd
(just in case it got left behind in the last clamav binaries update) and
that hasn't made any difference :(
Thanks,
-Karl
More information about the clamav-users
mailing list