LTS means Long Term Support and the current suggested release is 1.0.9 or better 1.4.3 that's fact. You want to have a hard cut? So if your install is out of maintenance, then all is dead? Have a look in your freshclam.log, here you can find the information, that your Version is eol and don't get any updates afterwards, right? ...
Von / From: Paul Kosinski via clamav-users <mailto:[email protected]> An / To: Newcomer01 <mailto:[email protected]> CC / CC: Paul Kosinski <mailto:[email protected]> Gesendet / Sent: Freitag, März 27, 2026 um 00:09 (at 12:09 AM) +0100 Betreff / Subject: Re: [clamav-users] Why are recent Firefox (for Windows) downloads ALL being found to contain ransomware? > I only have 1.0.9 installed, so I don't currently have a way to test it with > either 1.5.x or 1.4.x. > > So I submitted the "Firefox Setup 115.34.0esr.exe" file to VirusTotal, and > none of their scanners found a virus. > I then asked VirusTotal (now owned by Google) what version of ClamAV they > run, but they haven't replied as of a few minutes ago. > > I realize that ClamAV 1.0.9 is "EOL", but one can still obtain "official" > signature files for another year beyond that. > > Disturbingly, the Version Support Matrix says that, for 1.0 LTS, signatures > are NOT tested for false positives (FP) after 1.1 was released. In this case > that's about 2.5 years BEFORE 1.0.9 EOL. > > So WHAT EXACTLY DOES LTS MEAN?? For 1.0 LTS, it seems that no 1.0.x can be > FULLY trusted after 1.1 was released. This is not what I would characterize > as LTS. > > Furthermore, since the DB files can still be downloaded one year after > nominal EOL (much less End Of Trust), why doesn't freshclam at least issue a > warning among its large number of messages that EOL is past? > > Finally, I intend to (try to) install 1.4 LTS in the near future. But will > this help? According to the Version Support Matrix, FP testing will not be > done for 1.4 LTS after 1.5 is released. Oops: that was last October (2025)! > > --------------------- > > On Thu, 26 Mar 2026 18:17:38 +0000 (GMT) > Andrew C Aitchison via clamav-users <[email protected]> wrote: > >> On Thu, 26 Mar 2026, Paul Kosinski via clamav-users wrote: >> >>> For example: >>> >>> Firefox Setup 140.9.0esr.exe --> Win.Trojan.Spora-7724442-0 FOUND >>> Firefox Setup 115.34.0esr.exe --> Win.Trojan.Spora-7724442-0 FOUND >>> Firefox Setup 115.34.0esr.msi --> Win.Trojan.Spora-7724442-0 FOUND >>> >>> >>> These are from ClamAV 1.0.9 clamd on Linux receiving file to be scanned >>> over TCP. >> https://docs.clamav.net/faq/faq-eol.html#version-support-matrix >> suggests that 1.0.9 went end-of-life Nov-28 2025 >> Version 1.3 is also EOL. >> >> Can you verify the problem with version 1.4.3 or 1.5.1 ? >> > _______________________________________________ > > Manage your clamav-users mailing list subscription / unsubscribe: > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/Cisco-Talos/clamav-documentation > > https://docs.clamav.net/#mailing-lists-and-chat
_______________________________________________ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
