[clamav-users] ClamAV® blog: The ClamAV 0.101.0 release candidate is here!

Paul Kosinski clamav-users at iment.com
Tue Nov 20 01:54:32 UTC 2018

I have long been using HAVP with ClamAV to scan HTTP traffic (inbound).
HAVP uses libclamav directly (rather than e.g., clamd) so it doesn't
have an excessive performance impact. (Cf. http://www.havp.org/)

Unfortunately, HAVP hasn't seen any development for a bit over 2 years.
In the past, simply symlinking the old libclamav.so.x to the new one has
worked. Now, since the libclamav interface is changing, I worry that
HAVP might need major modification to work.

Are there any other users of HAVP in conjunction with ClamAV? (HAVP was
originally written to work with ClamAV as well as other AV packages,
such as Kaspersky, Sophos and F-Prot.)

On Mon, 19 Nov 2018 19:40:30 +0000
"Joel Esler (jesler)" <jesler at cisco.com> wrote:
> https://blog.clamav.net/2018/11/the-clamav-01010-release-candidate-is.html
> The ClamAV 0.101.0 release candidate is here!
> The ClamAV 0.101.0 release candidate is
> here<http://www.clamav.net/downloads>!
> We have also made significant improvements to our User
> Manual<https://github.com/Cisco-Talos/clamav-devel/blob/dev/0.101/docs/UserManual.md>
> (the user manual will be moved to clamav.net<http://clamav.net> soon)
> and to the inline Doxygen documentation in clamav.h for libclamav
> users. Please take a peek, and consider submitting your own
> recommendations via GitHub pull-request. In particular, we'd love to
> expand the Usage section with details on how to integrate ClamAV with
> other software. Your input would be greatly appreciated.
> A short summary of the improvements found in 0.101:
>   *   Changes to the libclamav API:
>      *   Those who build applications around our shared library will
> need to change how they declare and pass scanning options to
> libclamav. Please take a look at the change to our example code for
> details.
>      *   Scanning functions now have a filename argument. The
> argument is optional, but improves the efficiency when parsing
> certain types that require a file on disk to open and read, and will
> allow for additional improvements in the future.
>      *   Many of the scanning option #defines have changed. These can
> be found in our clamav.h header.
>      *   The libclamav version number has changed.
>   *   Some of the clamd config and clamscan command line option names
> have changed. The original versions will still work for a time, but
> eventually they will be deprecated. These options in question are
> detailed in the NEWS document.
>   *   A new sub-signature type called "Byte Compare". Byte Compare
> sub-signatures can be used to evaluate a numeric value at a given
> offset from the start of another (matched) sub-signature within the
> same logical signature. That numerical value may be interpreted from
> signed ascii decimal, unsigned ascii hex, or unsigned binary data
> relative to a match offset. For details, see the signature writing
> documentation.
>   *   Changes to our documentation. Documentation is now in Markdown
> and should be easier to navigate and easier to contribute to.
>   *   Support for extraction/scanning of RAR v5.x archives.
> For additional details on changes in 0.101, please read the notes in
> our NEWS document.
> Thank you in advance for test-driving the ClamAV 0.101 release
> candidate<http://www.clamav.net/downloads>! Bugs should be brought to
> our attention via the clamav-devel mailing
> list<http://www.clamav.net/contact#ml> or via
> bugzilla<https://bugzilla.clamav.net/>.

More information about the clamav-users mailing list