Hello, Thank you for your email. As a result of events documented in places here: https://lists.clamav.net/pipermail/clamav-users/2021-March/010577.html and https://lists.clamav.net/pipermail/clamav-users/2021-March/010543.html
We’ve been forced to take emergency measures to protect the ClamAV environment. Please Immediately switch to using Freshclam or https://github.com/micahsnyder/cvdupdate to update your AV definitions. Sorry for the inconvenience, but we are currently in emergency mode and have to make several drastic changes over the last several days. -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com | https://www.snort.org Sent from my iPhone On Mar 11, 2021, at 07:11, Adam Copley via clamav-users <clamav-users@lists.clamav.net> wrote: Hi I have an airgapped setup which only has one route out to the internet for select destinations… The freshclam clients connect to an nginx vhost and ultimately forwards the requests to an artifactory instance which has a remote repository setup to use database.clamav.net<http://database.clamav.net> as its source in order to be able to pull the cvd updates. This was working before Christmas, and has probably gone un-noticed as artifactory has caching enabled However when removing the cvd files from the cache, and freshclam attempts to update the db it returns a 404 from the cache. Artifactory would normally at this point fetch files from the remote. However this isn’t happening anymore. I see in the docs that scripting for things like curl return 403, amongst other error codes. I believe artifactory rather than acting as a proxy Is actually making a request itself so possibly behaving similarly as though I were to do a curl. As such our setup is broken. Has anyone had any experience with a similar setup, primarily artifactory —> database.clamav.net<http://database.clamav.net> if anyone can share thoughts it would be greatly appreciated. Kind Regards Adam Copley E: adam.cop...@arola.co.uk<mailto:adam.cop...@arola.co.uk> | M: 07500937181 W: http://www.arola.co.uk | Jabber: xmpp:adam.cop...@arola.co.uk Online Meeting https://meet.arola.co.uk/AdamCopley _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
