Your message dated Sat, 19 Aug 2023 18:58:39 +0000 with message-id <[email protected]> and subject line Bug#1044136: fixed in clamav 1.0.2+dfsg-1 has caused the Debian Bug report #1044136, regarding clamav-daemon: The server delivers "4.7.1 Tempfail- internal scan engine error" when sending with file attachments to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 1044136: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1044136 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: clamav-daemon Version: 1.0.1+dfsg-2 Severity: important Dear Maintainer, * What led up to the situation? Upgrading the dist from Debian 11 to Debian 12 results in the Clamav daemon being executable but not running: root@mx ~ # netstat -tulips | fgrep clamd => no output! * What exactly did you do (or not do) that was effective (or ineffective)? In this edition systemctl status clamav-daemon.service ● clamav-daemon.service - Clam AntiVirus userspace daemon Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; preset: enabled) Drop in: /etc/systemd/system/clamav-daemon.service.d └─extend.conf Active: active (running) since Fri 2023-08-11 10:13:54 CEST; 1h 35min ago TriggeredBy: ● clamav-daemon.socket Docs: man:clamd(8) man:clamd.conf(5) https://docs.clamav.net/ ... you can clearly see that the service is triggered by the associated socket! This was not the case with Debian Linux Bullseye! The only currently working solution is this: systemctl disable --now clamav-daemon.socket systemctl enable --now clamav-daemon.service For only one system upgrade, that's pretty sloppy. Why do I need the socket here if it runs better without it? -- Package-specific info: --- configuration --- Checking configuration files in /etc/clamav Config file: clamd.conf ----------------------- AlertExceedsMax disabled PreludeEnable disabled PreludeAnalyzerName = "ClamAV" LogFile = "/var/log/clamav/clamav.log" LogFileUnlock disabled LogFileMaxSize = "4294967295" LogTime = "yes" LogClean disabled LogSyslog disabled LogFacility = "LOG_LOCAL6" LogVerbose disabled LogRotate = "yes" ExtendedDetectionInfo = "yes" PidFile disabled TemporaryDirectory disabled DatabaseDirectory = "/var/lib/clamav" OfficialDatabaseOnly disabled LocalSocket = "/var/run/clamav/clamd.ctl" LocalSocketGroup = "clamav" LocalSocketMode = "666" FixStaleSocket = "yes" TCPSocket = "3310" TCPAddr = "127.0.0.1" MaxConnectionQueueLength = "15" StreamMaxLength = "26214400" StreamMinPort = "1024" StreamMaxPort = "2048" MaxThreads = "12" ReadTimeout = "180" CommandReadTimeout = "30" SendBufTimeout = "200" MaxQueue = "100" IdleTimeout = "30" ExcludePath disabled MaxDirectoryRecursion = "15" FollowDirectorySymlinks disabled FollowFileSymlinks disabled CrossFilesystems = "yes" SelfCheck = "3600" ConcurrentDatabaseReload = "yes" DisableCache disabled VirusEvent disabled ExitOnOOM disabled AllowAllMatchScan = "yes" Foreground disabled Debug disabled LeaveTemporaryFiles disabled GenerateMetadataJson disabled User = "clamav" Bytecode = "yes" BytecodeSecurity = "TrustSigned" BytecodeTimeout = "60000" BytecodeUnsigned disabled BytecodeMode = "Auto" DetectPUA disabled ExcludePUA disabled IncludePUA disabled ScanPE = "yes" ScanELF = "yes" ScanMail = "yes" ScanPartialMessages disabled PhishingSignatures = "yes" PhishingScanURLs = "yes" HeuristicAlerts = "yes" HeuristicScanPrecedence disabled StructuredDataDetection disabled StructuredMinCreditCardCount = "3" StructuredMinSSNCount = "3" StructuredSSNFormatNormal = "yes" StructuredSSNFormatStripped disabled ScanHTML = "yes" ScanOLE2 = "yes" AlertBrokenExecutables disabled AlertBrokenMedia disabled AlertEncrypted = "yes" StructuredCCOnly disabled AlertEncryptedArchive = "yes" AlertEncryptedDoc = "yes" AlertOLE2Macros disabled AlertPhishingSSLMismatch disabled AlertPhishingCloak disabled AlertPartitionIntersection disabled ScanPDF = "yes" ScanSWF = "yes" ScanXMLDOCS = "yes" ScanHWP3 = "yes" ScanArchive = "yes" ForceToDisk disabled MaxScanTime = "120000" MaxScanSize = "104857600" MaxFileSize = "26214400" MaxRecursion = "16" MaxFiles = "10000" MaxEmbeddedPE = "10485760" MaxHTMLNormalize = "10485760" MaxHTMLNoTags = "2097152" MaxScriptNormalize = "5242880" MaxZipTypeRcg = "1048576" MaxPartitions = "50" MaxIconsPE = "100" MaxRecHWP3 = "16" PCREMatchLimit = "10000" PCRERecMatchLimit = "5000" PCREMaxFileSize = "26214400" OnAccessMountPath disabled OnAccessIncludePath disabled OnAccessExcludePath disabled OnAccessExcludeRootUID disabled OnAccessExcludeUID disabled OnAccessExcludeUname disabled OnAccessMaxFileSize = "5242880" OnAccessDisableDDD disabled OnAccessPrevention disabled OnAccessExtraScanning disabled OnAccessCurlTimeout = "5000" OnAccessMaxThreads = "5" OnAccessRetryAttempts disabled OnAccessDenyOnError disabled DevACOnly disabled DevACDepth disabled DevPerformance disabled DevLiblog disabled DisableCertCheck disabled AlgorithmicDetection = "yes" BlockMax disabled PhishingAlwaysBlockSSLMismatch disabled PhishingAlwaysBlockCloak disabled PartitionIntersection disabled OLE2BlockMacros disabled ArchiveBlockEncrypted disabled Config file: freshclam.conf --------------------------- LogFileMaxSize = "4294967295" LogTime = "yes" LogSyslog disabled LogFacility = "LOG_LOCAL6" LogVerbose disabled LogRotate = "yes" PidFile disabled DatabaseDirectory = "/var/lib/clamav" Foreground disabled Debug disabled UpdateLogFile = "/var/log/clamav/freshclam.log" DatabaseOwner = "clamav" Checks = "24" DNSDatabaseInfo = "current.cvd.clamav.net" DatabaseMirror = "db.local.clamav.net", "database.clamav.net" PrivateMirror disabled MaxAttempts = "5" ScriptedUpdates = "yes" TestDatabases = "yes" CompressLocalDatabase disabled ExtraDatabase disabled ExcludeDatabase disabled DatabaseCustomURL disabled HTTPProxyServer disabled HTTPProxyPort disabled HTTPProxyUsername disabled HTTPProxyPassword disabled HTTPUserAgent disabled NotifyClamd = "/etc/clamav/clamd.conf" OnUpdateExecute disabled OnErrorExecute disabled OnOutdatedExecute disabled LocalIPAddress disabled ConnectTimeout = "30" ReceiveTimeout disabled Bytecode = "yes" clamav-milter.conf not found Software settings ----------------- Version: 1.0.1 Optional features supported: MEMPOOL AUTOIT_EA06 BZIP2 LIBXML2 PCRE2 ICONV JSON Database information -------------------- Database directory: /var/lib/clamav daily.cld: version 26999, sigs: 2039847, built on Sun Aug 13 09:36:35 2023 main.cld: version 62, sigs: 6647427, built on Thu Sep 16 14:32:42 2021 bytecode.cld: version 334, sigs: 91, built on Wed Feb 22 22:33:21 2023 Total number of signatures: 8687365 Platform information -------------------- uname: Linux 6.1.0-10-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.38-1 (2023-07-14) x86_64 OS: Linux, ARCH: x86_64, CPU: x86_64 Full OS version: Debian GNU/Linux 12 (bookworm) zlib version: 1.2.13 (1.2.13), compile flags: a9 platform id: 0x0a21a1a108000000000c0200 Build information ----------------- GNU C: 12.2.0 (12.2.0) sizeof(void*) = 8 Engine flevel: 161, dconf: 161 --- data dir --- total 645272 -rw-r--r-- 1 clamav clamav 1430528 Feb 22 23:02 bytecode.cld -rw-r--r-- 1 clamav clamav 195230720 Aug 13 11:00 daily.cld -rw-r--r-- 1 clamav clamav 69 May 16 2022 freshclam.dat -rw-r--r-- 1 clamav clamav 464053248 Sep 16 2021 main.cld -rw-r--r-- 1 root root 69 Aug 26 2021 mirrors.dat drwxr-xr-x 2 clamav clamav 4096 Aug 14 2021 tmp.5ef74 drwxr-xr-x 2 clamav clamav 4096 Aug 15 2021 tmp.7368d drwxr-xr-x 2 clamav clamav 4096 Aug 14 2021 tmp.7eecd drwxr-xr-x 2 clamav clamav 4096 Aug 15 2021 tmp.8083e drwxr-xr-x 2 clamav clamav 4096 Aug 17 2021 tmp.a8f83 -- System Information: Debian Release: 12.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-10-amd64 (SMP w/2 CPU threads; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages clamav-daemon depends on: ii adduser 3.134 ii clamav-base 1.0.1+dfsg-2 ii clamav-freshclam [clamav-data] 1.0.1+dfsg-2 ii debconf [debconf-2.0] 1.5.82 ii dpkg 1.21.22 ii init-system-helpers 1.65.2 ii libc6 2.36-9+deb12u1 ii libclamav11 1.0.1+dfsg-2 ii libcurl4 7.88.1-10 ii libncurses6 6.4-4 ii libsystemd0 252.12-1~deb12u1 ii libtinfo6 6.4-4 ii procps 2:4.0.2-3 ii ucf 3.0043+nmu1 ii zlib1g 1:1.2.13.dfsg-1 Versions of packages clamav-daemon recommends: ii clamdscan 1.0.1+dfsg-2 Versions of packages clamav-daemon suggests: ii apparmor 3.0.8-3 pn clamav-docs <none> pn daemon <none> pn libclamunrar <none> -- debconf information: clamav-daemon/TCPSocket: 3310 clamav-daemon/debconf: true clamav-daemon/MaxThreads: 12 clamav-daemon/AllowAllMatchScan: true clamav-daemon/AddGroups: clamav-daemon/MaxConnectionQueueLength: 15 clamav-daemon/LogSyslog: false clamav-daemon/OnAccessMaxFileSize: 5M clamav-daemon/MaxZipTypeRcg: 1M clamav-daemon/SelfCheck: 3600 clamav-daemon/Bytecode: true clamav-daemon/LocalSocketGroup: clamav clamav-daemon/TCPAddr: 127.0.0.1 clamav-daemon/MaxDirectoryRecursion: 15 clamav-daemon/User: clamav clamav-daemon/MaxScriptNormalize: 5M clamav-daemon/MaxHTMLNoTags: 2M clamav-daemon/ForceToDisk: false clamav-daemon/LocalSocketMode: 666 clamav-daemon/FixStaleSocket: true clamav-daemon/ScanSWF: true clamav-daemon/BytecodeSecurity: TrustSigned clamav-daemon/StreamMaxLength: 25 clamav-daemon/LogFile: /var/log/clamav/clamav.log clamav-daemon/LogTime: true clamav-daemon/DisableCertCheck: false clamav-daemon/BytecodeTimeout: 60000 clamav-daemon/MaxEmbeddedPE: 10M clamav-daemon/FollowDirectorySymlinks: false clamav-daemon/LogRotate: true clamav-daemon/ScanArchive: true clamav-daemon/LocalSocket: /var/run/clamav/clamd.ctl clamav-daemon/ReadTimeout: 180 clamav-daemon/MaxHTMLNormalize: 10M clamav-daemon/FollowFileSymlinks: false clamav-daemon/ScanMail: true clamav-daemon/TcpOrLocal: TCP
--- End Message ---
--- Begin Message ---Source: clamav Source-Version: 1.0.2+dfsg-1 Done: Sebastian Andrzej Siewior <[email protected]> We believe that the bug you reported is fixed in the latest version of clamav, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sebastian Andrzej Siewior <[email protected]> (supplier of updated clamav package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 19 Aug 2023 19:07:32 +0200 Source: clamav Architecture: source Version: 1.0.2+dfsg-1 Distribution: unstable Urgency: medium Maintainer: ClamAV Team <[email protected]> Changed-By: Sebastian Andrzej Siewior <[email protected]> Closes: 949100 1030171 1044136 1050057 Changes: clamav (1.0.2+dfsg-1) unstable; urgency=medium . * Import 1.0.2 (Closes: #1050057) - CVE-2023-20197 (Possible DoS in HFS+ file parser). - CVE-2023-20212 (Possible DoS in AutoIt file parser). * Use cmake for xml2 detection (Closes: #949100). * Replace tomsfastmath with OpenSSL's BN. * Don't enable clamonacc by default (Closes: #1030171). * Let the clamav-daemon.socket depend on the service file again (Closes: #1044136). Checksums-Sha1: 5e541601881d32c9c13913642b3a0d859e5eafd1 2817 clamav_1.0.2+dfsg-1.dsc c845d2c777adda943e7421c601924e1bee1864a8 14134372 clamav_1.0.2+dfsg.orig.tar.xz 035375a7d331d1f495660a66b13231c0073fcf2d 230348 clamav_1.0.2+dfsg-1.debian.tar.xz Checksums-Sha256: dd85b3d5a1215df84cfff2bb086ead0fa1ff9dfdb1025e9908264b97e4362a34 2817 clamav_1.0.2+dfsg-1.dsc 5b641fef85e25e0457edbeaa0e45bf94da6f9ad0fb1dfe7166dbd50ce0f34a00 14134372 clamav_1.0.2+dfsg.orig.tar.xz 55a97ecb2aa4255847e300da90bbf4093cadf2244f328e6297cc8b7ea6679bdc 230348 clamav_1.0.2+dfsg-1.debian.tar.xz Files: e0a77dee4cb185153a3b9ff2ab691522 2817 utils optional clamav_1.0.2+dfsg-1.dsc 73ff8d63727171ca7f586e2460b86caf 14134372 utils optional clamav_1.0.2+dfsg.orig.tar.xz e7ae924260306d03ff08f5c95aa0ffec 230348 utils optional clamav_1.0.2+dfsg-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQGzBAEBCgAdFiEEV4kucFIzBRM39v3RBWQfF1cS+lsFAmTg/x4ACgkQBWQfF1cS +lt9Dwv/RIahUcqWdqvPHE54LQFJIGllcdMpQTXF/ltGpfmvE0amm8D8imgUVBx2 dHQ4vktDr6eIHfg9ZKg+vxKQtqkcuw5vdfmg67/1FLW1oYcKr+itl+7REPy8EoYF k1jExXlOBTer84hyJ127pju+G54y7aroDwAc3trkEMC6xj1+TdjI00HZFqLzRFci GldbLfTFSyYS2yY7loGO14aaj36cM6IGIFtFdAeAyYPN4YSfB9+Oyay3DaruU9CZ WlOoiPGhow+aw8fM7121hhp9Fk4SdYByqw33uZrbQigGI+a1ffQHjaCD2sVJLFGO aFjCJBS082OvIqBdqDBU6j/eZHLcYVv3Wx4dud5fIydCYR2KqIBsba/46XFstGiD Bt1sbTRxy225TX/T8ohm+IkW12oDOm8S2M1WBWITj4JWBpiF23HfFUPwgbqeSAts 3ETgmugAswkJwSD6FWUc/h5cosIf9AMCmqk0QhitlnIoDnV62w7ld4praAjdN6zd RGBcboPJ =1UY3 -----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________ Pkg-clamav-devel mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-clamav-devel
