Re: [clamav-users] Segfaults with database version 26908

Tue, 16 May 2023 12:55:22 -0700 

Citeren David Raynor <dray...@sourcefire.com>:


Based on these reports we've started a take-back of the signature, so it
will be dropped in the next daily CVD publish. We'll also analyze to see
why this signature is triggering that behavior on some platforms.



Here freshclam (1.1.0) does complain about this signature, but so far  
no crashes/segfaults.


May 16 09:35:35 mail systemd[1]: Starting Clam AntiVirus database updater...

May 16 09:35:35 mail freshclam[26095]: ClamAV update process started  
at Tue May 16 09:35:35 2023
May 16 09:35:35 mail freshclam[26095]: daily database available for  
update (local version: 26907, remote version: 26908)
May 16 09:35:37 mail freshclam[26095]: WARNING:  ******* RESULT 200,  
SIZE: 7213 *******
May 16 09:35:38 mail freshclam[26095]: Testing database:  
'/var/lib/clamav/tmp.32a46b71ab/clamav-0ccde10ac58d6d6c5dd79c0318b41381.tmp-daily.cld'  
...
May 16 09:35:43 mail freshclam[26097]: [LibClamAV] Don't know how to  
create filter for: Win.Downloader.LNKAgent-10001628-0
May 16 09:35:43 mail freshclam[26097]: [LibClamAV] cli_ac_addsig:  
cannot use filter for trie

May 16 09:35:47 mail freshclam[26095]: Database test passed.

May 16 09:35:49 mail freshclam[26095]: daily.cld updated (version:  
26908, sigs: 2034816, f-level: 90, builder: raynman)
May 16 09:35:49 mail freshclam[26095]: main.cvd database is up-to-date  
(version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
May 16 09:35:49 mail freshclam[26095]: bytecode.cvd database is  
up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg)
May 16 09:35:49 mail clamd[934]: SelfCheck: Database modification  
detected. Forcing reload.

May 16 09:35:49 mail clamd[934]: Reading databases from /var/lib/clamav

May 16 09:35:49 mail freshclam[26095]: Clamd successfully notified  
about the update.

May 16 09:35:49 mail systemd[1]: freshclam.service: Deactivated successfully.
May 16 09:35:49 mail systemd[1]: Finished Clam AntiVirus database updater.
May 16 09:35:49 mail systemd[1]: freshclam.service: Consumed 10.503s CPU time.

May 16 09:36:17 mail clamd[934]: Database correctly reloaded (8666724  
signatures)

May 16 09:36:17 mail clamd[934]: Activating the newly loaded database...


Maybe relevant, freshclam runs through a systemd.timer (so it is never  
daemonized).



_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat






















					Reply via email to