[clamav-users] 99.3 for Ubuntu

Chris cpollock at embarqmail.com
Fri Jan 26 14:31:08 UTC 2018


On Thu, 2018-01-25 at 19:18 -0800, Al Varnell wrote:
> Are you sure you have the correct 0.99.3 download released late today
> from <http://www.clamav.net/downloads>?
> 
Hi Al, when trying to get the release source via "pull-lp-source
clamav" I instead get the beta1 source:

pull-lp-source clamav
pull-lp-source: Downloading clamav version 0.99.3~beta1+dfsg-2ubuntu1
pull-lp-source: Downloading clamav_0.99.3~beta1+dfsg.orig.tar.xz from
archive.ubuntu.com (5.611 MiB)
pull-lp-source: Downloading clamav_0.99.3~beta1+dfsg-
2ubuntu1.debian.tar.xz from archive.ubuntu.com (0.207 MiB)
gpgv: Signature made Thu 23 Nov 2017 02:02:52 AM CST using RSA key ID
8280B242
gpgv: Can't check signature: public key not found
dpkg-source: warning: failed to verify signature on
./clamav_0.99.3~beta1+dfsg-2ubuntu1.dsc
dpkg-source: info: extracting clamav in clamav-0.99.3~beta1+dfsg
dpkg-source: info: unpacking clamav_0.99.3~beta1+dfsg.orig.tar.xz
dpkg-source: info: unpacking clamav_0.99.3~beta1+dfsg-
2ubuntu1.debian.tar.xz
dpkg-source: info: applying Change-paths-in-sample-conf-file-to-match-
Debian.patch
dpkg-source: info: applying add-support-for-system-tomsfastmath.patch
dpkg-source: info: applying
clamd_dont_depend_on_clamav_demon_socket.patch
dpkg-source: info: applying Add-support-for-LLVM-3.7.patch
dpkg-source: info: applying Add-support-for-LLVM-3.8.patch
dpkg-source: info: applying Add-support-for-LLVM-3.9.patch
dpkg-source: info: applying Fix_detection_of_libcurl.patch
dpkg-source: info: applying clamsubmit-add-JSON-libs-to-
clamsubmit.patch
dpkg-source: info: applying fix_newer_zlib.patch

I tried again just now to get the release source and still got beta1.



> That README only contains the following:
> 
> > 
> > 0.99.3
> > ------
> > 
> > ClamAV 0.99.3 is a hotfix release to patch a set of
> > vulnerabilities.
> > 
> >     - fixes for the following CVE's: CVE-2017-6418, CVE-2017-6420, 
> >       CVE-2017-12374, CVE-2017-12375, CVE-2017-12376, CVE-2017-
> > 12377, 
> >       CVE-2017-12378, CVE-2017-12379, CVE-2017-12380. 
> >     - also included are 2 minor fixes to properly detect openssl
> > install
> >       locations on FreeBSD 11, and prevent false warnings about
> > zlib 1.2.1#
> >       version numbers. 
> > 
> > Thank you to the following ClamAV community members for your code
> > submissions and bug reports! 
> > 
> > Alberto Garcia
> > Daniel J. Luke
> > Francisco Oca
> > Sebastian A. Siewior
> > Suleman Ali
> > 
> > Special thanks to Offensive Research at Salesforce.com for
> > responsible disclosure.
> -Al-
> 
> On Thu, Jan 25, 2018 at 06:46 PM, Chris wrote:
> > 
> > 
> > I noticed this in the README:
> > 
> > Additionally, we have introduced important changes and new features
> > in
> > ClamAV 0.99.3, including:
> >     - Deprecating internal LLVM code support. The configure script
> > has
> > changed to search the system for an installed instance of the LLVM
> > development libraries, and to otherwise use the bytecode
> > interpreter
> > for ClamAV bytecode signatures. To use the LLVM Just-In-Time
> > compiler
> > for executing bytecode signatures, please ensure that the LLVM
> > development package at version 3.6 or lower is installed. Using the
> > deprecated LLVM code is possible with the command: './configure --
> > with-
> > system-llvm=no', but it no longer compiles on all platforms.
> > 
> > If I read the above correctly - 
> > 
> > To use the LLVM Just-In-Time compiler for executing bytecode
> > signatures, please ensure that the LLVM development package at
> > version
> > 3.6 or lower is installed. Using the deprecated LLVM code is
> > possible
> > with the command: './configure --with-system-llvm=no', but it no
> > longer
> > compiles on all platforms.
> > 
> > But then the pbuilder output says - Depends: llvm-3.9-dev
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml
-- 
Chris
KeyID 0xE372A7DA98E6705C
31.11972; -97.90167 (Elev. 1092 ft)
08:22:56 up 10 min, 1 user, load average: 0.51, 2.11, 1.70
Description:	Ubuntu 16.04.3 LTS, kernel 4.13.0-32-generic
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20180126/e70ccf66/attachment.sig>


More information about the clamav-users mailing list