[clamav-users] Pdf.Exploit.CVE_2019_7057-6900620-0 signature causes error on clamav start
Burnie
burnie at dod.no
Thu Mar 21 14:09:33 UTC 2019
On 21. mars 2019 14:47, Alptugay Değirmencioğlu wrote:
> Thanks for the pointer Burnie.
>
> Yes the ignore workaround works fine.
>
> As I investigated further I have found that issue does not seem to be
> related to perl version however it seems it is related to the pcre
> version of the system. The pcre on my system (CentOS 5) was very old at
> version 6.6. After upgrading the pcre library to 8.13 the problem was
> solved.
>
> But I think that this signature update will probably cause all ClamAV
> installations to fail on CentOS 5 and maybe other distros as well. This
> is the first time I have encountered such an error. So maybe if it is
> possible it would be better to optimise/change the signature to a more
> failsafe one.
potAto, poTato...
I *did* write perl/pcre, didn't I? :-)
Oh well. At least I got you on the right track.
(Seem to remember a similar regexp notation which broke SA on EL5 a few
years ago)
BTW: Thanks for the pointer to the signature. Got lost in finding out
which it was.
--
Bernt 'Burnie' Pettersen /// DoD#2345
<E-mail:burnie at dod.no> /// <URL:http://burnie.sh/>
- Creative brains need creative workhours! -
More information about the clamav-users
mailing list