[clamav-users] [SUSPICIOUS] PATCH: Re: ClamAV® blog: ClamAV 0.104.0 Release Candidate is here!
Mark Fortescue
mark.lists at thurning-instruments.co.uk
Wed Jul 28 21:07:07 UTC 2021
Please do.
On 28/07/2021 22:02, Micah Snyder (micasnyd) wrote:
> Will do. Thanks for the fix. Ok if I add you to the acknowledgements section of the news?
>
>> -----Original Message-----
>> From: Mark Fortescue <mark.lists at thurning-instruments.co.uk>
>> Sent: Wednesday, July 28, 2021 1:59 PM
>> To: Micah Snyder (micasnyd) <micasnyd at cisco.com>; ClamAV users ML
>> <clamav-users at lists.clamav.net>
>> Subject: Re: [SUSPICIOUS] [clamav-users] PATCH: Re: ClamAV® blog: ClamAV
>> 0.104.0 Release Candidate is here!
>>
>> Hi Micah,
>>
>> Please can you submit it for me - I don't have an account.
>>
>> Regards
>> Mark.
>>
>> On 28/07/2021 21:55, Micah Snyder (micasnyd) wrote:
>>> Mark,
>>>
>>> This is amazing! Thanks!
>>> If you have an account on GitHub, can you submit this as a PR? If not, I can
>> submit one for you.
>>>
>>> Regards,
>>> Micah
>>>
>>>> -----Original Message-----
>>>> From: clamav-users <clamav-users-bounces at lists.clamav.net> On Behalf
>>>> Of Mark Fortescue via clamav-users
>>>> Sent: Wednesday, July 28, 2021 12:02 PM
>>>> To: clamav-users at lists.clamav.net
>>>> Cc: Mark Fortescue <mark.lists at thurning-instruments.co.uk>
>>>> Subject: [SUSPICIOUS] [clamav-users] PATCH: Re: ClamAV® blog: ClamAV
>>>> 0.104.0 Release Candidate is here!
>>>>
>>>> Hi again,
>>>>
>>>> After a bit of digging around, I have updated CMakeLists.txt to fix
>>>> this issue and another minor issue.
>>>>
>>>> See attached patch.
>>>>
>>>> This may not be the correct solution but at least it generated the
>>>> correct entries on clamav-types.h.
>>>>
>>>> Regards
>>>> Mark.
>>>>
>>>> On 28/07/21 19:10, Mark Fortescue via clamav-users wrote:
>>>>> Hi All,
>>>>>
>>>>> I have found a bug that will cause issues for 32bit builds and maybe
>>>>> some 64bit builds.
>>>>>
>>>>> On all three of my OS (2 x x86_64 and one x86) tested, CMake is not
>>>>> setting DEFINE_SF64_PREFIX used in clamav-types.h.in.
>>>>> This breaks the build on one x86_64 OS and may cause issues on the
>>>>> x86 OS with 64bit numbers.
>>>>>
>>>>> Any ideas on how to implement a quick fix ?
>>>>>
>>>>> Regards
>>>>> Mark.
>>>>>
>>>>> On 28/07/21 01:14, Mark Fortescue wrote:
>>>>>> Hi again,
>>>>>>
>>>>>> I needed to read all of the INSTALL.md file not just the top bit.
>>>>>>
>>>>>> Got the cmake build to work and the binaries test OK.
>>>>>>
>>>>>> Not as user friendly as configure scripts when you are doing
>>>>>> something different. The big advantage of the configure script is
>>>>>> that it can be tweaked when it gets something wrong or at least
>>>>>> opened in an editor to see what it is actually doing. Not sure
>>>>>> where to start if cmake does not do what it is meant to do.
>>>>>>
>>>>>> Regards
>>>>>> Mark.
>>>>>>
>>>>>> On 28/07/2021 00:14, Mark Fortescue via clamav-users wrote:
>>>>>>> Hi all,
>>>>>>>
>>>>>>> I have two curl installations. One is not suitable for clamav (the
>>>>>>> system installed version).
>>>>>>>
>>>>>>> How do I force cmake to pick up the correct library as it is
>>>>>>> always picking up the system library not the one in /usr/local/clamav/lib.
>>>>>>>
>>>>>>> In order to move to cmake it would be useful to have a conversion
>>>>>>> from all the configure script options to there cmake equivalents.
>>>>>>> Is there a way of getting cmake to display all the variables that
>>>>>>> can be set (equivalent to ./configure --help) ?
>>>>>>>
>>>>>>> Regards
>>>>>>> Mark.
>>>>>>>
>>>>>>> On 22/07/2021 17:18, Joel Esler (jesler) via clamav-users wrote:
>>>>>>>>
>>>>>>>>>
>>>>>>>>> https://secure-web.cisco.com/1cmlGx40jvT3oAaTf3i8ikZAjk4aEjaSDXQ
>>>>>>>>> SZ
>>>>>>>>> Mg5ke_-Dy48p-POE-
>>>> Z9m8rXptWDwmvMwvy5cFnDwlE9CN6EgVFbrj59u2-yB3VUtwv
>>>>>>>>> zep_UQT9pdBkfhtUOUMwzYbtTewuX83b1x5j-
>>>> 9Zn67Ct7DFdxidmVuOxe4pp8SSZLd
>>>>>>>>>
>>>>
>> U6JNDXGqYuKEMpC4PW3eGHH7l9YGIXfwreFyTU5jj_pbjWiXg9RMPR3d3z2pjZs
>>>> Dzp
>>>>>>>>>
>>>>
>> r5A86DCAnWx522Id2QB3Z8iJp65qqhjS6bkhfcxuKyeMqf_WhKqi8M2Bsy4MP9u
>>>> q8g
>>>>>>>>>
>>>>
>> F_qWm2kBGr5MD75u78WO/https%3A%2F%2Fblog.clamav.net%2F2021%2F07
>>>> %2Fc
>>>>>>>>> lamav-01040-release-candidate-is-here.html
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> ClamAV 0.104.0 Release Candidate is here!
>>>>>>>>>
>>>>>>>>> We are pleased to announce the ClamAV 0.104.0 release candidate
>>>>>>>>> <https://secure-
>>>>
>> web.cisco.com/12UIwCp1BAMpH6Fx3yfMTvQAEgdYScrSJe_5OywxiP8Qs9bOOa
>>>> J39Zlob4FMEdQLnCv6gInXqnDtBiIp9VQG14-
>>>> mGqQA5GuygbEndzhjfP0yd0iGz_onhbbMt-
>>>>
>> aR2lsTOlVM8EicbLjgVX60DpxW4ZDt9Z6Tw0F7Rg0Dm_79drjYlGcspBOO7wt5LU
>>>>
>> QoMD5mTDkFgT1VNRFI9dqhcw5AfrHNud7x6009GE9Zz6sq2cG3dCUJZ4hPzmZc
>>>> VriBLepl4VZTzrwXXDNyHv7Id4J-
>>>>
>> to6_a3GrqsKK1oz0wVVbcXe3SEV5aCBjVTyEoSmScH6xA/https%3A%2F%2Fwww
>>>> .clamav.net%2Fdownloads>.
>>>>>>>>>
>>>>>>>>> Please help us validate this release. We need your feedback, so
>>>>>>>>> let us know what you find and join us on the ClamAV mailing list
>>>>>>>>> <https://secure-
>>>> web.cisco.com/1zQTp4uqEnanQWlVscXyXOj74GH4GE7zlmez
>>>>>>>>>
>>>>
>> nwGWWCDJMBsiUdz9vytLXDnxLgoschPJMXZwNDl0v373w0oZdfnL7_iJw5EzjBB
>>>>
>> u29zVBCxQhvDhamOwVwrm6jmNPZt1m1EAq1RcRbbmwGJyM9GFBrD2pG2i0z
>>>> Z48MmzgivQZ_Ni_csMzfQp2-
>>>>
>> Yfc4LZZPvh7mUNfQ1jRvTmboyjv8ryVjTTLhDG5JRn3FIUMQtTjpxHwieAD9M5p4
>>>> vK3v9gz0f2mtNhFc6fpJEAReVJMqVOArhQykdQ66j7-
>>>>
>> 0n7oSwMMOGNu5yP6syYWUBF9_Wfdc96D/https%3A%2F%2Flists.clamav.net
>>>> %2Fmailman%2Flistinfo%2Fclamav-users>, or on our Discord
>>>> <https://secure-
>>>> web.cisco.com/1iq6L1amM4vjXjsy2PrXnFl6InWCEUQGxYRA5z7y-
>> O80ey9bg1N-
>>>> 9mojg-
>>>>
>> 4hdthAYMTWmJ1wsoyeQXwPatWxoogY0klJr4saQ8znd4uhw5GY5i1VsBiD7cda
>>>> QMm-
>>>> BcgeUTC3DAR22ovZpqi0tOrRLBJsl7qFggvVLeq1qVhu5qQuCehrfrE9h5eGhEF-
>>>> ma2XrZjgGkIfFA3ymlOdqevpYpIRvJ3hoLeTA8DH4RDzXB-
>>>>
>> fsm_W01YpJWrR651nnFJjQS_RgDJdPkM1hI6v6sAINOJtgy36N6El1jdxBmwV7u0
>>>> 8RZGtk72Tknh2y4Zh6pGGB/https%3A%2F%2Fdiscord.gg%2FsGaxA5Q>,
>> which is
>>>> bridged with our IRC.
>>>>>>>>>
>>>>>>>>> This release candidate phase is only expected to last about two
>>>>>>>>> to four weeks before the 0.104.0 Stable version will be published.
>>>>>>>>> Take this opportunity to verify that you 0.104.0 can build and
>>>>>>>>> run in your environment.
>>>>>>>>>
>>>>>>>>> Please submit bug reports to the ClamAV project GitHub Issues
>>>>>>>>> <https://secure-web.cisco.com/1vhhocVku-
>> B4Cg3bVfVfUsvYUfeTz18UP-
>>>> Tc5dPv-VRUw0lX2nT4h2qsE8I4dY4Ky4mPwis856KuidZc-
>>>>
>> geqj_DUbyIUL4_NkzWSu0viTbahbbPJIBnwwT6LmAtGJwLBfTb7bDzjqeWmN5CY
>>>> L9v3P4i6U7gzPnt3r_yv0MToTRF48yJ71Bty4RmPk7xbDTa_mTcd_-urIimXq-
>>>>
>> UB79dYCa9RfitMD16ZdAdT4SWE13rKBSTszIrUJYejioGJhaXnC0fmcuJI54ynOBW
>>>>
>> 65oSXv7vzXHhgQUWN3DGdNsfKtmEkLI4TtnWxYXPECw06UyPyS/https%3A%2F
>>>> %2Fgithub.com%2FCisco-Talos%2Fclamav%2Fissues>.
>>>>>>>>>
>>>>>>>>> ClamAV 0.104.0 includes the following improvements and changes.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> <https://secure-
>>>> web.cisco.com/1Jiaf6MG7pcsafzqMw05ncDyIekDFf52sB8m
>>>>>>>>> jMiU7TQDyE0-
>>>> DmoJsgpHS58cCSntSCLGztTBJYwUwERL9M3DHgMlkSQ7F9xYVznOJu
>>>>>>>>>
>>>>
>> RnWpBFbAc5BK2EFRTiJbKQz38BQMOYVmTmTcwPyAphAMFAwTXd_8AFVgMJF
>>>> 8Na8K0w
>>>>>>>>> lqmDrqofRW4ScZU2ls-
>>>> nv9p21kp2PUyjB0CyBwx4RBCUBAOhG2Pw9AIGF2jWhAP192
>>>>>>>>> DMrPEDCkKP0siBjqF7yb_lFsf_rtbcQUl4zeR_mXT_oA6qpCe7Fx5ZPS-
>>>> KAT93ri4y
>>>>>>>>> 8dhM6Q84nnmL3aHADUe7r/https%3A%2F%2Fgithub.com%2FCisco-
>>>> Talos%2Fcla
>>>>>>>>> mav%2Fblob%2Fdev%2F0.104%2FNEWS.md%23new-requirements>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> New Requirements
>>>>>>>>>
>>>>>>>>> *
>>>>>>>>>
>>>>>>>>> As of ClamAV 0.104, CMake is required to build ClamAV.
>>>>>>>>>
>>>>>>>>> * We have added comprehensive build instructions for using CMake
>> to
>>>>>>>>> the new |INSTALL.md| file. The online documentation will also be
>>>>>>>>> updated to include CMake build instructions.
>>>>>>>>> * The Autotools and the Visual Studio build systems have been
>>>>>>>>> removed.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> <https://secure-
>>>> web.cisco.com/1VmpfZjw9ON0d3i6jPa4dTYtzJQQmJFFZxsZ
>>>>>>>>> -
>>>>
>> mML_clXXj38KJwDhwYIYlgATuE8b8dEBBSJDxMSZQfTjuycAlus_HvXS5yY2n7tbE
>>>>>>>>> gizRE9Qhkc-
>>>> gKnhKaDBn5KjmO9x3K2mBWoWPH4K9pU5rICvUwIdhOVn8Hk0P96EBXp
>>>>>>>>> FjYkxpjTqP2zAM4y2-
>>>> h7tMQrDPZ16B5uAVYW56bQzHuMeZgJRXJLkjEumDORUdaZe9
>>>>>>>>> xH4xl0ZqgvBhSTty4sYz_fYnw022OICki-
>>>> zn1qcZrv6m2rYhUzGMOWWue8z1r0NSv8
>>>>>>>>> McaTkau5IeqgpDkPyjSNX/https%3A%2F%2Fgithub.com%2FCisco-
>>>> Talos%2Fcla
>>>>>>>>> mav%2Fblob%2Fdev%2F0.104%2FNEWS.md%23major-changes>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Major changes
>>>>>>>>>
>>>>>>>>> *
>>>>>>>>>
>>>>>>>>> The built-in LLVM for the bytecode runtime has been removed.
>>>>>>>>>
>>>>>>>>> * The bytecode interpreter is the default runtime for bytecode
>>>>>>>>> signatures just as it was in ClamAV 0.103.
>>>>>>>>> * We wished to add support for newer versions of LLVM, but ran out
>>>>>>>>> of time. If you're building ClamAV from source and you wish to use
>>>>>>>>> LLVM instead of the bytecode interpreter, you will need to supply
>>>>>>>>> the development libraries for LLVM version 3.6.2. See
>> |INSTALL.md|
>>>>>>>>> to learn more.
>>>>>>>>> *
>>>>>>>>>
>>>>>>>>> There are now official ClamAV images on Docker Hub.
>>>>>>>>>
>>>>>>>>> o /Note/: Until ClamAV 0.104.0 is released, these images are
>>>>>>>>> limited to "unstable" versions, which are updated daily with
>>>>>>>>> the latest changes in the default branch on GitHub.
>>>>>>>>>
>>>>>>>>> You can find the images on Docker Hub under |clamav|
>>>>>>>>> <https://secure-
>>>>
>> web.cisco.com/1gj1rt4jDq6io7vh7KnXN1IAmL3WmRv6Y28Hv9uxXm3glH9jDrs6
>>>> GFjONpdZTnmxZDIMGzY92Jwq-Wdc6XuxgLcbsBnZ5VB2Zoe5utSSbcUULgr-
>>>> __vFjGmljivaiwgMW8c1Ts-
>>>>
>> miM0sW_A5I8qTNHMd1e4MlYqLwkcy_D2gNz_l5gk0wrVsQlTqRJz1TtWh0VCzX
>>>>
>> RdMFzoI0qsbphMClvS_uAZ_moq6vlqAgXzBmu9YU99IP1TeHBgwCJXRptHXFna5
>>>> ef6frFF-0v48N1qOe1EQ3hA0fcLA9YictGWUNRcI4Juv7pg5g-
>>>>
>> y00_OkuZlPd/https%3A%2F%2Fhub.docker.com%2Fr%2Fclamav%2Fclamav>.
>>>>>>>>>
>>>>>>>>> Docker Hub ClamAV tags:
>>>>>>>>>
>>>>>>>>> *
>>>>>>>>>
>>>>>>>>> |clamav/clamav:<version>|: A release preloaded with signature
>>>>>>>>> databases.
>>>>>>>>>
>>>>>>>>> Using this container will save the ClamAV project some bandwidth.
>>>>>>>>> Use this if you will keep the image around so that you don't
>>>>>>>>> download the entire database set every time you start a new
>>>>>>>>> container. Updating with FreshClam from the existing databases set
>>>>>>>>> does not use much data.
>>>>>>>>>
>>>>>>>>> *
>>>>>>>>>
>>>>>>>>> |clamav/clamav:<version>_base|: A release with no signature
>>>>>>>>> databases.
>>>>>>>>>
>>>>>>>>> Use this container *only* if you mount a volume in your container
>>>>>>>>> under |/var/lib/clamav| to persist your signature database
>>>>>>>>> databases. This method is the best option because it will reduce
>>>>>>>>> data costs for ClamAV and for the Docker registry, but it does
>>>>>>>>> require advanced familiarity with Linux and Docker.
>>>>>>>>>
>>>>>>>>> /Caution/: Using this image without mounting an existing
>>>>>>>>> database directory will cause FreshClam to download the entire
>>>>>>>>> database set each time you start a new container.
>>>>>>>>>
>>>>>>>>> You can use the |unstable| version (i.e.
>>>>>>>>> |clamav/clamav:unstable| or
>>>>>>>>> |clamav/clamav:unstable_base|) to try the latest from our
>>>>>>>>> development branch.
>>>>>>>>>
>>>>>>>>> Please, be kind when using "free" bandwidth for the virus
>>>>>>>>> databases and Docker registry. Try not to download the entire
>>>>>>>>> database set or the larger ClamAV database images on a regular basis.
>>>>>>>>>
>>>>>>>>> For more details, see the ClamAV Docker documentation
>>>>>>>>> <https://secure-
>>>>
>> web.cisco.com/1FhfKtZn6ex_A6SLutKFMBjhQJFbPmotnQuXRz4YCFLvNmr9qY8_
>>>> FVQOB8HoTwi6ogkK0_GOX2GIui70GPolzqrN4S9-
>>>> 0OMyBA0f2c4lgtSXZ9jBiCgjFUyzngojKypzHUgyJKX8rEW-
>>>>
>> jWa_bdUT68VxECAdUAiTrIJAmIVAR9aXTMeq2rs15T4HAfFYfntk7_3Bg5OjHVZe
>>>> 1qJPxjpywtMPztDb3Z3N4lVFZP_S9cYF_s89_PtFXW4_Dlwtb-
>>>> hmCCm2wuxdWAQ4CfRaANrKkP1q3eic9sn7b-p-
>>>>
>> XUIZv9irjIp6Bd_7rR8mEWBCTuiTP/https%3A%2F%2Fdocs.clamav.net%2Fmanu
>>>> al%2FInstalling%2FDocker.html>.
>>>>>>>>>
>>>>>>>>> Special thanks to Olliver Schinagl for his excellent work
>>>>>>>>> creating ClamAV's new Docker files, image database deployment
>>>>>>>>> tooling, and user documentation.
>>>>>>>>>
>>>>>>>>> *
>>>>>>>>>
>>>>>>>>> |clamd| and |freshclam| are now available as Windows services.
>> To
>>>>>>>>> install and run them, use the |--install-service| option and |net
>>>>>>>>> start [name]| command.
>>>>>>>>>
>>>>>>>>> Special thanks to Gianluigi Tiesi for his original work on this
>>>>>>>>> feature.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> <https://secure-
>>>> web.cisco.com/1cebPbPwKVPxs1yEAdHhcEWgin9g7pmkybWn
>>>>>>>>> 7lbDoyos8PYY3dLZBBb_caYYlr6itltdTLxQYMlNv0UHg-
>>>> h35I45fgLkfKeQrAREHZ
>>>>>>>>>
>>>>
>> MgK0n1L4fl2PoZJbQdJnBFhP35NZ4HP04pu218NYl6wirJgzCle_vZjLUpEzXGp2nR
>>>>>>>>> frAAKjE8N_Z-tX0JY2IPK3jshtjBrmFR1nUp1Ow4JOF6ja-
>>>> Ndjf2Zx4ECb9mkrXcKx
>>>>>>>>> WV5aLT221Y1T-
>>>> yjTPFT2UzUflZINQSu86F5T1DjBro6N9JPUoskbvivED5RT55MGsc
>>>>>>>>> MRwjpwrur8Jx3xB8Dg4Cf/https%3A%2F%2Fgithub.com%2FCisco-
>>>> Talos%2Fcla
>>>>>>>>> mav%2Fblob%2Fdev%2F0.104%2FNEWS.md%23notable-changes>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Notable changes
>>>>>>>>>
>>>>>>>>> We added these features in 0.103.1 but wanted to re-post them
>>>>>>>>> here, as patch versions do not generally introduce new options:
>>>>>>>>>
>>>>>>>>> *
>>>>>>>>>
>>>>>>>>> Added a new scan option to alert on broken media (graphics) file
>>>>>>>>> formats. This feature mitigates the risk of malformed media files
>>>>>>>>> intended to exploit vulnerabilities in other software. Currently,
>>>>>>>>> media validation exists for JPEG, TIFF, PNG, and GIF files. To
>>>>>>>>> enable this feature, set |AlertBrokenMedia yes| in clamd.conf, or
>>>>>>>>> use the |--alert-broken-media| option when using |clamscan|.
>> These
>>>>>>>>> options are disabled by default in this patch, but may be enabled
>>>>>>>>> in a subsequent release. Application developers may enable this
>>>>>>>>> scan option by enabling |CL_SCAN_HEURISTIC_BROKEN_MEDIA|
>>>>>>>>> for
>>>> the
>>>>>>>>> |heuristic| scan option bit field.
>>>>>>>>>
>>>>>>>>> *
>>>>>>>>>
>>>>>>>>> Added CL_TYPE_TIFF, CL_TYPE_JPEG types to match GIF and PNG
>>>> typing
>>>>>>>>> behavior. BMP and JPEG 2000 files will continue to detect as
>>>>>>>>> CL_TYPE_GRAPHICS because ClamAV does not have BMP or JPEG
>> 2000
>>>>>>>>> format-checking capabilities.
>>>>>>>>>
>>>>>>>>> *
>>>>>>>>>
>>>>>>>>> Added progress callbacks to libclamav for:
>>>>>>>>>
>>>>>>>>> o database load: |cl_engine_set_clcb_sigload_progress()|
>>>>>>>>> o engine compile:
>> |cl_engine_set_clcb_engine_compile_progress()|
>>>>>>>>> o engine free:
>>>>>>>>> |cl_engine_set_clcb_engine_free_progress()|
>>>>>>>>>
>>>>>>>>> These new callbacks enable an application to monitor and estimate
>>>>>>>>> load, compile and unload progress. See |clamav.h| for API details.
>>>>>>>>>
>>>>>>>>> *
>>>>>>>>>
>>>>>>>>> Added progress bars to ClamScan for the signature load and engine
>>>>>>>>> compile steps before a scan begins. The startup progress bars
>>>>>>>>> won't be enabled if ClamScan isn't running in a terminal (i.e. if
>>>>>>>>> stdout is not a TTY), or if any of these options are used:
>>>>>>>>>
>>>>>>>>> o |--debug|
>>>>>>>>> o |--quiet|
>>>>>>>>> o |--infected|
>>>>>>>>> o |--no-summary|
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> <https://secure-web.cisco.com/1TsBxq2LgX13eLnM3mze7FF40-
>>>> f5d2n5snF9
>>>>>>>>>
>>>>
>> DSs3T9eyAJPrli7Y7nTMLlcqKxttXsGTjnIQZ96apiWK6ZLHtAwpAGro4wkiBUh3tp
>>>>>>>>> prmZfXFQw-Zc0NqtBiPb022tdnsZj21EhVsJDTW6slR913iwL-
>>>> jFEKjdOCLGe2AgxQ
>>>>>>>>> M28guptS7MO4GZ0pbhQpgddqVi-
>>>> 5AFjBwtwPvXc69YqILz4xTgjmKackwMdcoOOdZI
>>>>>>>>> 3eLxAzSG2ZfWYktnbMqOf-
>>>> 89Ah8wUVLPjp6Nj_2TFRru7R5Zzlvfu8Pd5DL73xoCSy
>>>>>>>>> V5220eLyXSub28L-WWcJV/https%3A%2F%2Fgithub.com%2FCisco-
>>>> Talos%2Fcla
>>>>>>>>> mav%2Fblob%2Fdev%2F0.104%2FNEWS.md%23other-improvements>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Other improvements
>>>>>>>>>
>>>>>>>>> *
>>>>>>>>>
>>>>>>>>> Added the |%f| format string option to the ClamD VirusEvent
>>>>>>>>> feature to insert the file path of the scan target when a virus
>>>>>>>>> event occurs. This supplements the VirusEvent |%v| option that
>>>>>>>>> prints the signature (virus) name. The ClamD VirusEvent feature
>>>>>>>>> also provides two environment variables,
>>>>>>>>> |$CLAM_VIRUSEVENT_FILENAME| and
>>>> |$CLAM_VIRUSEVENT_VIRUSNAME| for a
>>>>>>>>> similar effect. This fix comes courtesy of Vasile Papp.
>>>>>>>>>
>>>>>>>>> *
>>>>>>>>>
>>>>>>>>> Improvements to the AutoIt extraction module. Patch
>>>>>>>>> courtesy of cw2k.
>>>>>>>>>
>>>>>>>>> *
>>>>>>>>>
>>>>>>>>> Added support for extracting images from Excel *.xls (OLE2)
>>>>>>>>> documents.
>>>>>>>>>
>>>>>>>>> *
>>>>>>>>>
>>>>>>>>> Trusted SHA256-based Authenticode hashes can now be loaded
>>>>>>>>> in
>>>> from
>>>>>>>>> *.cat files. See our Authenticode documentation
>>>>>>>>> <https://secure-
>>>>
>> web.cisco.com/1qrQR7MpuKyN0tsIpGVu_FX2O_WLChvRaKygFqsGr4qRhCc2c5C
>>>>
>> PBc4_gwOX1rcRlNeKs_k372rDInuVq43KZi7PwxUwM16EBZdYvBs59ihyY90eNie
>>>> nlvxim-
>>>>
>> KLio4fzW6fAkHKMU_EWQ4Y9lSXQNHR1yhiacN4LrOz5OxK5tPfM5Z_ZjwIojhY7K
>>>> 3KsPiVrFN57j0d2iIaFznzlWvGg-
>>>> _jT5OKTlYwezLuIW8oC1AbLFbGgMqrdylrI0NtBWzDJwL5HCAC86zP-
>>>> hUQZ3S_cxI9f5m9rHGlTlB-
>>>>
>> CJCETUcqGRKbgpUeM3RWQ_lHtGGbY/https%3A%2F%2Fdocs.clamav.net%2Fa
>>>> ppendix%2FAuthenticode.html> for more info
>>>>>>>>> about using *.cat files with *.crb rules to trust signed Windows
>>>>>>>>> executables.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> <https://secure-web.cisco.com/1iDNkko41lojZxgNmbyvSKjoAPMkhfa-
>>>> aPYH
>>>>>>>>> BIChYcCVzc4bZy6h-GLQ_3kf-
>>>> yA1R1Ymx4rwj9kvBE3dY1StXGSJr6quIWbULf3Uz_
>>>>>>>>> w0if7FazgR3t6LfBLd-
>>>> onfRLM1b0cd46eagAU282BZqGwoUKScdao3EC_cIYFWuvSM
>>>>>>>>> H28Zso6fqWzwjyYZg2ACGm2k4UtutbnC0LppGOMk-
>>>> H_VCnBOpedHxQMbjYg54nR8FM
>>>>>>>>> lLHsy5WNGU3BTGCASL4kRpE4yJOpU4Dkomj9X2A-ilh-
>>>> xb5X75W8sqnq_nmSoOp12X
>>>>>>>>> 7dSMw-N7AhhhAfsCH7EHl/https%3A%2F%2Fgithub.com%2FCisco-
>>>> Talos%2Fcla
>>>>>>>>> mav%2Fblob%2Fdev%2F0.104%2FNEWS.md%23bug-fixes>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Bug fixes
>>>>>>>>>
>>>>>>>>> *
>>>>>>>>>
>>>>>>>>> Fixed a memory leak affecting logical signatures that use the
>>>>>>>>> "byte compare" feature. Patch courtesy of Andrea De Pasquale.
>>>>>>>>>
>>>>>>>>> *
>>>>>>>>>
>>>>>>>>> Fixed bytecode match evaluation for PDF bytecode hooks in PDF file
>>>>>>>>> scans.
>>>>>>>>>
>>>>>>>>> *
>>>>>>>>>
>>>>>>>>> Other minor bug fixes.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> <https://secure-
>>>> web.cisco.com/129B4CCKl6LMWlmLm3d59Bvp91ZUIwpCOQHx
>>>>>>>>>
>>>> fbccp4_lv_ktfT9icwFWMudqiRYun8hlhsLacNZEYUxQRsgC1GhvxdGVBzozgr-
>> H-Y
>>>>>>>>> VIKzFYZPHFMajyuSIuercwwJnsDe-oH03dqU-
>>>> RGWGd84TipOVW5ww3ZE6_YetyqPjY
>>>>>>>>> wfUPgV3CyRw8zfDq6NSN3N-
>>>> 4xwsgsBp0kbaKhJy48_GTv_p14h_K0w9Mk0QHPrqFFU
>>>>>>>>> yoc99CsFFD-G541HOR8-
>>>> nFtOyx3YEA5LTF411UHhESUPPIlY3oYj_iRgjX_lOrGkBI
>>>>>>>>> TJxDlllSR9GEL1W0pBYwQ/https%3A%2F%2Fgithub.com%2FCisco-
>>>> Talos%2Fcla
>>>>>>>>> mav%2Fblob%2Fdev%2F0.104%2FNEWS.md%23acknowledgements>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Acknowledgments
>>>>>>>>>
>>>>>>>>> The ClamAV team thanks the following individuals for their code
>>>>>>>>> submissions:
>>>>>>>>>
>>>>>>>>> * Alexander Golovach
>>>>>>>>> * Andrea De Pasquale
>>>>>>>>> * Andrew Williams
>>>>>>>>> * Armin Kuster
>>>>>>>>> * Brian Bergstrand
>>>>>>>>> * cw2k
>>>>>>>>> * Duane Waddle
>>>>>>>>> * Gianluigi Tiesi
>>>>>>>>> * Jonas Zaddach
>>>>>>>>> * Kenneth Hau
>>>>>>>>> * Markus Strehle
>>>>>>>>> * Olliver Schinagl
>>>>>>>>> * Orion Poplawski
>>>>>>>>> * Sergey Valentey
>>>>>>>>> * Sven Rueß
>>>>>>>>> * Tom Briden
>>>>>>>>> * Vasile Papp
>>>>>>>>> * Yasuhiro Kimura
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>>
>>>>>>>> clamav-users mailing list
>>>>>>>> clamav-users at lists.clamav.net
>>>>>>>> https://secure-
>>>> web.cisco.com/1zQTp4uqEnanQWlVscXyXOj74GH4GE7zlmeznw
>>>>>>>>
>>>>
>> GWWCDJMBsiUdz9vytLXDnxLgoschPJMXZwNDl0v373w0oZdfnL7_iJw5EzjBBu2
>>>> 9zVB
>>>>>>>>
>>>>
>> CxQhvDhamOwVwrm6jmNPZt1m1EAq1RcRbbmwGJyM9GFBrD2pG2i0zZ48Mm
>>>> zgivQZ_Ni
>>>>>>>> _csMzfQp2-
>>>> Yfc4LZZPvh7mUNfQ1jRvTmboyjv8ryVjTTLhDG5JRn3FIUMQtTjpxHwie
>>>>>>>> AD9M5p4vK3v9gz0f2mtNhFc6fpJEAReVJMqVOArhQykdQ66j7-
>>>> 0n7oSwMMOGNu5yP6s
>>>>>>>>
>>>>
>> yYWUBF9_Wfdc96D/https%3A%2F%2Flists.clamav.net%2Fmailman%2Flistinfo
>>>>>>>> %2Fclamav-users
>>>>>>>>
>>>>>>>>
>>>>>>>> Help us build a comprehensive ClamAV guide:
>>>>>>>> https://secure-web.cisco.com/1TR9QiTrX-
>>>> om5pBkQbFU4uOeFZBOFlOyILXsr3
>>>>>>>> CnPFe-
>>>> FurFwou6xIp6CK2SqME1Mn4yuw1HzgpoC3tdMM4j6YKknbSIC4W0Qrhip04-
>> G
>>>>>>>> H6tPU4_IHa-
>>>> M9527yw9TiHmbqEJ1cedx3GcG0teNpiAYnJWQArzqJFMH4W_x7MxFFuj
>>>>>>>>
>>>>
>> BrBTAN0mGE9EaG6agSePA_1SU3Mdi6BZHPcMkt4_EQK0VH6WORLyjoG8k1MA
>>>> tLJbrj3
>>>>>>>> JpsvW-OyzFTf24kO_uPn0by8-
>>>> mKE5OdogEfiCkuPHWpjx_obhQTphhCRuQeh6OI8bPZ
>>>>>>>>
>> Orlz0R1ByoHf1Pb/https%3A%2F%2Fgithub.com%2Fvrtadmin%2Fclamav-
>>>> faq
>>>>>>>>
>>>>>>>> http://secure-web.cisco.com/1vadm1H1-
>>>> 1f8_ceVE14REvRJPeusMgN7a1O1KxO
>>>>>>>> 6eYtIWMkcF7r-A6beBq46ParE8w4pxCZAbfU2LGypiVOVJbPOsNQ2-
>> iFyXX-
>>>> 683dEej
>>>>>>>>
>>>>
>> 4KMZAkuqgXhajyaz0FVNBRPpqppc01tg0dq2SVOvuGyPXoL27MpWJ8ojqhgy9jTy
>>>> 06w
>>>>>>>> tLStzUYbAc3g8tSPka_KR9wkdZ0HuVVj1oFIJ96Q3z0R-E7-TNWfr-
>>>> jk52ok1hwFnLA
>>>>>>>> chDQ0cMlqWkktqHdF_J2d97m-VYIsrOUigc-
>> YE1kgEeVWoPM5Von_SNnq-
>>>> 0cI_b2aXm
>>>>>>>>
>>>> H7m9P2nifruaCY/http%3A%2F%2Fwww.clamav.net%2Fcontact.html%23ml
>>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>>
>>>>>>> clamav-users mailing list
>>>>>>> clamav-users at lists.clamav.net
>>>>>>> https://secure-
>>>> web.cisco.com/1zQTp4uqEnanQWlVscXyXOj74GH4GE7zlmeznwG
>>>>>>>
>>>>
>> WWCDJMBsiUdz9vytLXDnxLgoschPJMXZwNDl0v373w0oZdfnL7_iJw5EzjBBu29z
>>>> VBCx
>>>>>>>
>>>>
>> QhvDhamOwVwrm6jmNPZt1m1EAq1RcRbbmwGJyM9GFBrD2pG2i0zZ48Mmzgi
>>>> vQZ_Ni_cs
>>>>>>> MzfQp2-
>>>> Yfc4LZZPvh7mUNfQ1jRvTmboyjv8ryVjTTLhDG5JRn3FIUMQtTjpxHwieAD9M
>>>>>>> 5p4vK3v9gz0f2mtNhFc6fpJEAReVJMqVOArhQykdQ66j7-
>>>> 0n7oSwMMOGNu5yP6syYWUB
>>>>>>>
>>>>
>> F9_Wfdc96D/https%3A%2F%2Flists.clamav.net%2Fmailman%2Flistinfo%2Fcla
>>>>>>> mav-users
>>>>>>>
>>>>>>>
>>>>>>> Help us build a comprehensive ClamAV guide:
>>>>>>> https://secure-web.cisco.com/1TR9QiTrX-
>>>> om5pBkQbFU4uOeFZBOFlOyILXsr3C
>>>>>>> nPFe-
>>>> FurFwou6xIp6CK2SqME1Mn4yuw1HzgpoC3tdMM4j6YKknbSIC4W0Qrhip04-
>>>> GH6
>>>>>>> tPU4_IHa-
>>>> M9527yw9TiHmbqEJ1cedx3GcG0teNpiAYnJWQArzqJFMH4W_x7MxFFujBrB
>>>>>>>
>>>>
>> TAN0mGE9EaG6agSePA_1SU3Mdi6BZHPcMkt4_EQK0VH6WORLyjoG8k1MAtLJ
>>>> brj3Jpsv
>>>>>>> W-OyzFTf24kO_uPn0by8-
>>>> mKE5OdogEfiCkuPHWpjx_obhQTphhCRuQeh6OI8bPZOrlz0
>>>>>>> R1ByoHf1Pb/https%3A%2F%2Fgithub.com%2Fvrtadmin%2Fclamav-faq
>>>>>>>
>>>>>>> http://secure-web.cisco.com/1vadm1H1-
>>>> 1f8_ceVE14REvRJPeusMgN7a1O1KxO6
>>>>>>> eYtIWMkcF7r-A6beBq46ParE8w4pxCZAbfU2LGypiVOVJbPOsNQ2-iFyXX-
>>>> 683dEej4K
>>>>>>>
>>>>
>> MZAkuqgXhajyaz0FVNBRPpqppc01tg0dq2SVOvuGyPXoL27MpWJ8ojqhgy9jTy06
>>>> wtLS
>>>>>>> tzUYbAc3g8tSPka_KR9wkdZ0HuVVj1oFIJ96Q3z0R-E7-TNWfr-
>>>> jk52ok1hwFnLAchDQ
>>>>>>> 0cMlqWkktqHdF_J2d97m-VYIsrOUigc-YE1kgEeVWoPM5Von_SNnq-
>>>> 0cI_b2aXmH7m9P
>>>>>>> 2nifruaCY/http%3A%2F%2Fwww.clamav.net%2Fcontact.html%23ml
>>>>>
>>>>> _______________________________________________
>>>>>
>>>>> clamav-users mailing list
>>>>> clamav-users at lists.clamav.net
>>>>> https://secure-
>>>> web.cisco.com/1zQTp4uqEnanQWlVscXyXOj74GH4GE7zlmeznwGWW
>>>>>
>>>>
>> CDJMBsiUdz9vytLXDnxLgoschPJMXZwNDl0v373w0oZdfnL7_iJw5EzjBBu29zVBC
>>>> xQhvD
>>>>>
>>>>
>> hamOwVwrm6jmNPZt1m1EAq1RcRbbmwGJyM9GFBrD2pG2i0zZ48MmzgivQZ_
>>>> Ni_csMzfQp2
>>>>> -
>>>>
>> Yfc4LZZPvh7mUNfQ1jRvTmboyjv8ryVjTTLhDG5JRn3FIUMQtTjpxHwieAD9M5p4
>>>> vK3v9
>>>>> gz0f2mtNhFc6fpJEAReVJMqVOArhQykdQ66j7-
>>>> 0n7oSwMMOGNu5yP6syYWUBF9_Wfdc96D
>>>>> /https%3A%2F%2Flists.clamav.net%2Fmailman%2Flistinfo%2Fclamav-users
>>>>>
>>>>>
>>>>> Help us build a comprehensive ClamAV guide:
>>>>> https://secure-web.cisco.com/1TR9QiTrX-
>>>> om5pBkQbFU4uOeFZBOFlOyILXsr3CnP
>>>>> Fe-
>>>> FurFwou6xIp6CK2SqME1Mn4yuw1HzgpoC3tdMM4j6YKknbSIC4W0Qrhip04-
>>>> GH6tPU4
>>>>> _IHa-
>>>>
>> M9527yw9TiHmbqEJ1cedx3GcG0teNpiAYnJWQArzqJFMH4W_x7MxFFujBrBTA
>>>> N0mG
>>>>>
>>>>
>> E9EaG6agSePA_1SU3Mdi6BZHPcMkt4_EQK0VH6WORLyjoG8k1MAtLJbrj3Jpsv
>>>> W-OyzFTf
>>>>> 24kO_uPn0by8-
>>>> mKE5OdogEfiCkuPHWpjx_obhQTphhCRuQeh6OI8bPZOrlz0R1ByoHf1Pb
>>>>> /https%3A%2F%2Fgithub.com%2Fvrtadmin%2Fclamav-faq
>>>>>
>>>>> http://secure-web.cisco.com/1vadm1H1-
>>>> 1f8_ceVE14REvRJPeusMgN7a1O1KxO6eY
>>>>> tIWMkcF7r-A6beBq46ParE8w4pxCZAbfU2LGypiVOVJbPOsNQ2-iFyXX-
>>>> 683dEej4KMZAk
>>>>>
>>>>
>> uqgXhajyaz0FVNBRPpqppc01tg0dq2SVOvuGyPXoL27MpWJ8ojqhgy9jTy06wtLSt
>>>> zUYbA
>>>>> c3g8tSPka_KR9wkdZ0HuVVj1oFIJ96Q3z0R-E7-TNWfr-
>>>> jk52ok1hwFnLAchDQ0cMlqWkk
>>>>> tqHdF_J2d97m-VYIsrOUigc-YE1kgEeVWoPM5Von_SNnq-
>>>> 0cI_b2aXmH7m9P2nifruaCY/
>>>>> http%3A%2F%2Fwww.clamav.net%2Fcontact.html%23ml
>
More information about the clamav-users
mailing list