[clamav-users] ClamAV® blog: ClamAV 0.104.0 Release Candidate is here!

Mark Fortescue mark.lists at thurning-instruments.co.uk
Tue Jul 27 23:14:45 UTC 2021 

Hi all,

I have two curl installations. One is not suitable for clamav (the 
system installed version).

How do I force cmake to pick up the correct library as it is always 
picking up the system library not the one in /usr/local/clamav/lib.

In order to move to cmake it would be useful to have a conversion from 
all the configure script options to there cmake equivalents. Is there a 
way of getting cmake to display all the variables that can be set 
(equivalent to ./configure --help) ?

Regards
	Mark.

On 22/07/2021 17:18, Joel Esler (jesler) via clamav-users wrote:
> 
>>
>> https://blog.clamav.net/2021/07/clamav-01040-release-candidate-is-here.html
>>
>>
>>   ClamAV 0.104.0 Release Candidate is here!
>>
>> We are pleased to announce the ClamAV 0.104.0 release candidate 
>> <https://www.clamav.net/downloads>.
>>
>> Please help us validate this release. We need your feedback, so let us 
>> know what you find and join us on the ClamAV mailing list 
>> <https://lists.clamav.net/mailman/listinfo/clamav-users>, or on our 
>> Discord <https://discord.gg/sGaxA5Q>, which is bridged with our IRC.
>>
>> This release candidate phase is only expected to last about two to 
>> four weeks before the 0.104.0 Stable version will be published. Take 
>> this opportunity to verify that you 0.104.0 can build and run in your 
>> environment.
>>
>> Please submit bug reports to the ClamAV project GitHub Issues 
>> <https://github.com/Cisco-Talos/clamav/issues>.
>>
>> ClamAV 0.104.0 includes the following improvements and changes.
>>
>>
>>       <https://github.com/Cisco-Talos/clamav/blob/dev/0.104/NEWS.md#new-requirements>
>>
>>
>>       New Requirements
>>
>>  *
>>
>>     As of ClamAV 0.104, CMake is required to build ClamAV.
>>
>>   * We have added comprehensive build instructions for using CMake to
>>     the new |INSTALL.md| file. The online documentation will also be
>>     updated to include CMake build instructions.
>>   * The Autotools and the Visual Studio build systems have been removed.
>>
>>
>>       <https://github.com/Cisco-Talos/clamav/blob/dev/0.104/NEWS.md#major-changes>
>>
>>
>>       Major changes
>>
>>  *
>>
>>     The built-in LLVM for the bytecode runtime has been removed.
>>
>>   * The bytecode interpreter is the default runtime for bytecode
>>     signatures just as it was in ClamAV 0.103.
>>   * We wished to add support for newer versions of LLVM, but ran out
>>     of time. If you're building ClamAV from source and you wish to use
>>     LLVM instead of the bytecode interpreter, you will need to supply
>>     the development libraries for LLVM version 3.6.2. See |INSTALL.md|
>>     to learn more.
>>  *
>>
>>     There are now official ClamAV images on Docker Hub.
>>
>>       o /Note/: Until ClamAV 0.104.0 is released, these images are
>>         limited to "unstable" versions, which are updated daily with
>>         the latest changes in the default branch on GitHub.
>>
>> You can find the images on Docker Hub under |clamav| 
>> <https://hub.docker.com/r/clamav/clamav>.
>>
>> Docker Hub ClamAV tags:
>>
>>  *
>>
>>     |clamav/clamav:<version>|: A release preloaded with signature
>>     databases.
>>
>>     Using this container will save the ClamAV project some bandwidth.
>>     Use this if you will keep the image around so that you don't
>>     download the entire database set every time you start a new
>>     container. Updating with FreshClam from the existing databases set
>>     does not use much data.
>>
>>  *
>>
>>     |clamav/clamav:<version>_base|: A release with no signature databases.
>>
>>     Use this container *only* if you mount a volume in your container
>>     under |/var/lib/clamav| to persist your signature database
>>     databases. This method is the best option because it will reduce
>>     data costs for ClamAV and for the Docker registry, but it does
>>     require advanced familiarity with Linux and Docker.
>>
>>         /Caution/: Using this image without mounting an existing
>>         database directory will cause FreshClam to download the entire
>>         database set each time you start a new container.
>>
>> You can use the |unstable| version (i.e. |clamav/clamav:unstable| or 
>> |clamav/clamav:unstable_base|) to try the latest from our development 
>> branch.
>>
>> Please, be kind when using "free" bandwidth for the virus databases 
>> and Docker registry. Try not to download the entire database set or 
>> the larger ClamAV database images on a regular basis.
>>
>> For more details, see the ClamAV Docker documentation 
>> <https://docs.clamav.net/manual/Installing/Docker.html>.
>>
>> Special thanks to Olliver Schinagl for his excellent work creating 
>> ClamAV's new Docker files, image database deployment tooling, and user 
>> documentation.
>>
>>  *
>>
>>     |clamd| and |freshclam| are now available as Windows services. To
>>     install and run them, use the |--install-service| option and |net
>>     start [name]| command.
>>
>>     Special thanks to Gianluigi Tiesi for his original work on this
>>     feature.
>>
>>
>>       <https://github.com/Cisco-Talos/clamav/blob/dev/0.104/NEWS.md#notable-changes>
>>
>>
>>       Notable changes
>>
>> We added these features in 0.103.1 but wanted to re-post them here, as 
>> patch versions do not generally introduce new options:
>>
>>  *
>>
>>     Added a new scan option to alert on broken media (graphics) file
>>     formats. This feature mitigates the risk of malformed media files
>>     intended to exploit vulnerabilities in other software. Currently,
>>     media validation exists for JPEG, TIFF, PNG, and GIF files. To
>>     enable this feature, set |AlertBrokenMedia yes| in clamd.conf, or
>>     use the |--alert-broken-media| option when using |clamscan|. These
>>     options are disabled by default in this patch, but may be enabled
>>     in a subsequent release. Application developers may enable this
>>     scan option by enabling |CL_SCAN_HEURISTIC_BROKEN_MEDIA| for the
>>     |heuristic| scan option bit field.
>>
>>  *
>>
>>     Added CL_TYPE_TIFF, CL_TYPE_JPEG types to match GIF and PNG typing
>>     behavior. BMP and JPEG 2000 files will continue to detect as
>>     CL_TYPE_GRAPHICS because ClamAV does not have BMP or JPEG 2000
>>     format-checking capabilities.
>>
>>  *
>>
>>     Added progress callbacks to libclamav for:
>>
>>       o database load: |cl_engine_set_clcb_sigload_progress()|
>>       o engine compile: |cl_engine_set_clcb_engine_compile_progress()|
>>       o engine free: |cl_engine_set_clcb_engine_free_progress()|
>>
>>     These new callbacks enable an application to monitor and estimate
>>     load, compile and unload progress. See |clamav.h| for API details.
>>
>>  *
>>
>>     Added progress bars to ClamScan for the signature load and engine
>>     compile steps before a scan begins. The startup progress bars
>>     won't be enabled if ClamScan isn't running in a terminal (i.e. if
>>     stdout is not a TTY), or if any of these options are used:
>>
>>       o |--debug|
>>       o |--quiet|
>>       o |--infected|
>>       o |--no-summary|
>>
>>
>>       <https://github.com/Cisco-Talos/clamav/blob/dev/0.104/NEWS.md#other-improvements>
>>
>>
>>       Other improvements
>>
>>  *
>>
>>     Added the |%f| format string option to the ClamD VirusEvent
>>     feature to insert the file path of the scan target when a virus
>>     event occurs. This supplements the VirusEvent |%v| option that
>>     prints the signature (virus) name. The ClamD VirusEvent feature
>>     also provides two environment variables,
>>     |$CLAM_VIRUSEVENT_FILENAME| and |$CLAM_VIRUSEVENT_VIRUSNAME| for a
>>     similar effect. This fix comes courtesy of Vasile Papp.
>>
>>  *
>>
>>     Improvements to the AutoIt extraction module. Patch courtesy of cw2k.
>>
>>  *
>>
>>     Added support for extracting images from Excel *.xls (OLE2) documents.
>>
>>  *
>>
>>     Trusted SHA256-based Authenticode hashes can now be loaded in from
>>     *.cat files. See our Authenticode documentation
>>     <https://docs.clamav.net/appendix/Authenticode.html> for more info
>>     about using *.cat files with *.crb rules to trust signed Windows
>>     executables.
>>
>>
>>       <https://github.com/Cisco-Talos/clamav/blob/dev/0.104/NEWS.md#bug-fixes>
>>
>>
>>       Bug fixes
>>
>>  *
>>
>>     Fixed a memory leak affecting logical signatures that use the
>>     "byte compare" feature. Patch courtesy of Andrea De Pasquale.
>>
>>  *
>>
>>     Fixed bytecode match evaluation for PDF bytecode hooks in PDF file
>>     scans.
>>
>>  *
>>
>>     Other minor bug fixes.
>>
>>
>>       <https://github.com/Cisco-Talos/clamav/blob/dev/0.104/NEWS.md#acknowledgements>
>>
>>
>>       Acknowledgments
>>
>> The ClamAV team thanks the following individuals for their code 
>> submissions:
>>
>>   * Alexander Golovach
>>   * Andrea De Pasquale
>>   * Andrew Williams
>>   * Armin Kuster
>>   * Brian Bergstrand
>>   * cw2k
>>   * Duane Waddle
>>   * Gianluigi Tiesi
>>   * Jonas Zaddach
>>   * Kenneth Hau
>>   * Markus Strehle
>>   * Olliver Schinagl
>>   * Orion Poplawski
>>   * Sergey Valentey
>>   * Sven Rueß
>>   * Tom Briden
>>   * Vasile Papp
>>   * Yasuhiro Kimura
> 
> 
> _______________________________________________
> 
> clamav-users mailing list
> clamav-users at lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml
>

More information about the clamav-users mailing list