[clamav-users] ClamAV® blog: ClamAV 0.104.0 Release Candidate is here!
Frans de Boer
frans at fransdb.nl
Fri Aug 6 20:07:49 UTC 2021
On 7/22/21 6:18 PM, Joel Esler (jesler) via clamav-users wrote:
>
>>
>> https://blog.clamav.net/2021/07/clamav-01040-release-candidate-is-here.html
>> <https://blog.clamav.net/2021/07/clamav-01040-release-candidate-is-here.html>
>>
>>
>> ClamAV 0.104.0 Release Candidate is here!
>>
>> We are pleased to announce the ClamAV 0.104.0 release candidate
>> <https://www.clamav.net/downloads>.
>>
>> Please help us validate this release. We need your feedback, so let
>> us know what you find and join us on the ClamAV mailing list
>> <https://lists.clamav.net/mailman/listinfo/clamav-users>, or on our
>> Discord <https://discord.gg/sGaxA5Q>, which is bridged with our IRC.
>>
>> This release candidate phase is only expected to last about two to
>> four weeks before the 0.104.0 Stable version will be published. Take
>> this opportunity to verify that you 0.104.0 can build and run in your
>> environment.
>>
>> Please submit bug reports to the ClamAV project GitHub Issues
>> <https://github.com/Cisco-Talos/clamav/issues>.
>>
>> ClamAV 0.104.0 includes the following improvements and changes.
>>
>>
>> New Requirements
>>
>> *
>>
>> As of ClamAV 0.104, CMake is required to build ClamAV.
>>
>> * We have added comprehensive build instructions for using CMake to
>> the new |INSTALL.md| file. The online documentation will also be
>> updated to include CMake build instructions.
>> * The Autotools and the Visual Studio build systems have been removed.
>>
>>
>> Major changes
>>
>> *
>>
>> The built-in LLVM for the bytecode runtime has been removed.
>>
>> * The bytecode interpreter is the default runtime for bytecode
>> signatures just as it was in ClamAV 0.103.
>> * We wished to add support for newer versions of LLVM, but ran out
>> of time. If you're building ClamAV from source and you wish to
>> use LLVM instead of the bytecode interpreter, you will need to
>> supply the development libraries for LLVM version 3.6.2. See
>> |INSTALL.md| to learn more.
>> *
>>
>> There are now official ClamAV images on Docker Hub.
>>
>> o /Note/: Until ClamAV 0.104.0 is released, these images are
>> limited to "unstable" versions, which are updated daily with
>> the latest changes in the default branch on GitHub.
>>
>> You can find the images on Docker Hub under |clamav|
>> <https://hub.docker.com/r/clamav/clamav>.
>>
>> Docker Hub ClamAV tags:
>>
>> *
>>
>> |clamav/clamav:<version>|: A release preloaded with signature
>> databases.
>>
>> Using this container will save the ClamAV project some bandwidth.
>> Use this if you will keep the image around so that you don't
>> download the entire database set every time you start a new
>> container. Updating with FreshClam from the existing databases
>> set does not use much data.
>>
>> *
>>
>> |clamav/clamav:<version>_base|: A release with no signature
>> databases.
>>
>> Use this container *only* if you mount a volume in your container
>> under |/var/lib/clamav| to persist your signature database
>> databases. This method is the best option because it will reduce
>> data costs for ClamAV and for the Docker registry, but it does
>> require advanced familiarity with Linux and Docker.
>>
>> /Caution/: Using this image without mounting an existing
>> database directory will cause FreshClam to download the
>> entire database set each time you start a new container.
>>
>> You can use the |unstable| version (i.e. |clamav/clamav:unstable| or
>> |clamav/clamav:unstable_base|) to try the latest from our development
>> branch.
>>
>> Please, be kind when using "free" bandwidth for the virus databases
>> and Docker registry. Try not to download the entire database set or
>> the larger ClamAV database images on a regular basis.
>>
>> For more details, see the ClamAV Docker documentation
>> <https://docs.clamav.net/manual/Installing/Docker.html>.
>>
>> Special thanks to Olliver Schinagl for his excellent work creating
>> ClamAV's new Docker files, image database deployment tooling, and
>> user documentation.
>>
>> *
>>
>> |clamd| and |freshclam| are now available as Windows services. To
>> install and run them, use the |--install-service| option and |net
>> start [name]| command.
>>
>> Special thanks to Gianluigi Tiesi for his original work on this
>> feature.
>>
>>
>> Notable changes
>>
>> We added these features in 0.103.1 but wanted to re-post them here,
>> as patch versions do not generally introduce new options:
>>
>> *
>>
>> Added a new scan option to alert on broken media (graphics) file
>> formats. This feature mitigates the risk of malformed media files
>> intended to exploit vulnerabilities in other software. Currently,
>> media validation exists for JPEG, TIFF, PNG, and GIF files. To
>> enable this feature, set |AlertBrokenMedia yes| in clamd.conf, or
>> use the |--alert-broken-media| option when using |clamscan|.
>> These options are disabled by default in this patch, but may be
>> enabled in a subsequent release. Application developers may
>> enable this scan option by enabling
>> |CL_SCAN_HEURISTIC_BROKEN_MEDIA| for the |heuristic| scan option
>> bit field.
>>
>> *
>>
>> Added CL_TYPE_TIFF, CL_TYPE_JPEG types to match GIF and PNG
>> typing behavior. BMP and JPEG 2000 files will continue to detect
>> as CL_TYPE_GRAPHICS because ClamAV does not have BMP or JPEG 2000
>> format-checking capabilities.
>>
>> *
>>
>> Added progress callbacks to libclamav for:
>>
>> o database load: |cl_engine_set_clcb_sigload_progress()|
>> o engine compile: |cl_engine_set_clcb_engine_compile_progress()|
>> o engine free: |cl_engine_set_clcb_engine_free_progress()|
>>
>> These new callbacks enable an application to monitor and estimate
>> load, compile and unload progress. See |clamav.h| for API details.
>>
>> *
>>
>> Added progress bars to ClamScan for the signature load and engine
>> compile steps before a scan begins. The startup progress bars
>> won't be enabled if ClamScan isn't running in a terminal (i.e. if
>> stdout is not a TTY), or if any of these options are used:
>>
>> o |--debug|
>> o |--quiet|
>> o |--infected|
>> o |--no-summary|
>>
>>
>> Other improvements
>>
>> *
>>
>> Added the |%f| format string option to the ClamD VirusEvent
>> feature to insert the file path of the scan target when a virus
>> event occurs. This supplements the VirusEvent |%v| option that
>> prints the signature (virus) name. The ClamD VirusEvent feature
>> also provides two environment variables,
>> |$CLAM_VIRUSEVENT_FILENAME| and |$CLAM_VIRUSEVENT_VIRUSNAME| for
>> a similar effect. This fix comes courtesy of Vasile Papp.
>>
>> *
>>
>> Improvements to the AutoIt extraction module. Patch courtesy of cw2k.
>>
>> *
>>
>> Added support for extracting images from Excel *.xls (OLE2)
>> documents.
>>
>> *
>>
>> Trusted SHA256-based Authenticode hashes can now be loaded in
>> from *.cat files. See our Authenticode documentation
>> <https://docs.clamav.net/appendix/Authenticode.html> for more
>> info about using *.cat files with *.crb rules to trust signed
>> Windows executables.
>>
>>
>> Bug fixes
>>
>> *
>>
>> Fixed a memory leak affecting logical signatures that use the
>> "byte compare" feature. Patch courtesy of Andrea De Pasquale.
>>
>> *
>>
>> Fixed bytecode match evaluation for PDF bytecode hooks in PDF
>> file scans.
>>
>> *
>>
>> Other minor bug fixes.
>>
>>
>> Acknowledgments
>>
>> The ClamAV team thanks the following individuals for their code
>> submissions:
>>
>> * Alexander Golovach
>> * Andrea De Pasquale
>> * Andrew Williams
>> * Armin Kuster
>> * Brian Bergstrand
>> * cw2k
>> * Duane Waddle
>> * Gianluigi Tiesi
>> * Jonas Zaddach
>> * Kenneth Hau
>> * Markus Strehle
>> * Olliver Schinagl
>> * Orion Poplawski
>> * Sergey Valentey
>> * Sven Rueß
>> * Tom Briden
>> * Vasile Papp
>> * Yasuhiro Kimura
>>
Tried again with a fresh install of the git repository just now, still
clamd testing fails.
--- Frans
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20210806/b942f622/attachment.htm>
More information about the clamav-users
mailing list