Package: clamav Version: 0.83-3 Severity: important I made a small debian package which just contained the eicar test pattern in the file /bin/eicar.com and clamscan --deb did not detect it.
$ tar tvfz data.tar.gz drwxrwxr-x peter/peter 0 2005-03-18 13:42:03 bin/ -rw-r--r-- peter/peter 68 2005-03-18 13:42:03 bin/eicar.com Let's see if clamscan can find the eicar pattern in the tar file: $ clamscan -i data.tar.gz data.tar.gz: Eicar-Test-Signature FOUND ----------- SCAN SUMMARY ----------- Known viruses: 31672 Scanned directories: 0 Scanned files: 1 Infected files: 1 Data scanned: 0.00 MB I/O buffer size: 131072 bytes Time: 1.110 sec (0 m 1 s) But when scanning the debian package file clamscan does not detect the eicar pattern. $ clamscan --deb x.deb /tmp/clamav-015356a176abe7f4/debian-binary: OK ./ ./config ./templates ./postinst ./preinst ./prerm ./postrm ./conffiles ./md5sums ./control /tmp/clamav-d7c775d32c5bb458/control: OK /tmp/clamav-d7c775d32c5bb458/prerm: OK /tmp/clamav-d7c775d32c5bb458/conffiles: OK /tmp/clamav-d7c775d32c5bb458/md5sums: OK /tmp/clamav-d7c775d32c5bb458/postinst: OK /tmp/clamav-d7c775d32c5bb458/config: OK /tmp/clamav-d7c775d32c5bb458/postrm: OK /tmp/clamav-d7c775d32c5bb458/preinst: OK /tmp/clamav-d7c775d32c5bb458/templates: OK (raw) /tmp/clamav-015356a176abe7f4/control.tar.gz: OK bin/ bin/eicar.com (raw) /tmp/clamav-015356a176abe7f4/data.tar.gz: OK (raw) /home/peter/x/x.deb: OK ----------- SCAN SUMMARY ----------- Known viruses: 31672 Scanned directories: 3 Scanned files: 13 Infected files: 0 Data scanned: 0.03 MB I/O buffer size: 131072 bytes Time: 1.166 sec (0 m 1 s) $ Regards Peter Loje Hansen -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.4.29-pingu Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages clamav depends on: ii clamav-freshclam [clamav-da 0.83-3 downloads clamav virus databases f ii libbz2-1.0 1.0.2-5 high-quality block-sorting file co ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an ii libclamav1 0.83-3 virus scanner library ii libcurl3 7.13.1-1 Multi-protocol file transfer libra ii libgmp3 4.1.4-5 Multiprecision arithmetic library ii libidn11 0.5.2-3 GNU libidn library, implementation ii libssl0.9.7 0.9.7e-2 SSL shared libraries ii zlib1g 1:1.2.2-3 compression library - runtime -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
