Re: [clamav-users] False positive -- I hope
I *think* that this signature flags *all* zipped JS files, and (IIRC) both Firefox and Thunderbird have JS-containing JAR files. I hope that is all it is. Yep that's it. Foxhole_filename. Foxhole_all. Foxhole_generic and Foxhole_js all have different fp levels...depending on what your see your risks as. Cheers, Steve Twitter: @sanesecurity ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
[clamav-users] CVE-2017-6419 patched in 0.99.3?
Hi, does anyone know why the CVE-2017-6419 patch is not part of 0.99.3? Ciao! ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
[clamav-users] False positive -- I hope
Using clamav.0.99.3 to scan the latest Firefox ESR (52.6.0), and using various extra signatures from Sane Security, I get: firefox-52.6.0-esr-32.tar.bz2: Sanesecurity.Foxhole.Zip_Js_Js.UNOFFICIAL FOUND firefox-52.6.0-esr-64.tar.bz2: Sanesecurity.Foxhole.Zip_Js_Js.UNOFFICIAL FOUND I get the same with Thunderbird (52.6.0): thunderbird-52.6.0-esr-32.tar.bz2: Sanesecurity.Foxhole.Zip_Js_Js.UNOFFICIAL FOUND thunderbird-52.6.0-esr-64.tar.bz2: Sanesecurity.Foxhole.Zip_Js_Js.UNOFFICIAL FOUND I *think* that this signature flags *all* zipped JS files, and (IIRC) both Firefox and Thunderbird have JS-containing JAR files. I hope that is all it is. P.S. My download script cleans up the filenames to make them easier to understand and also removes spaces, which make the filenames awkward as command line arguments. ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] 99.3 for Ubuntu
Hi Chris, Am Sonntag, den 28.01.2018, 09:11 -0600 schrieb Chris: > On Sun, 2018-01-28 at 00:54 +0100, Marcus Schopen wrote: > > Am Samstag, den 27.01.2018, 17:22 -0600 schrieb Chris: > > > > > > Thanks so much for this Marcus, seems a lot easier than going > > > through > > > using pbuilder. > > > > Never used pbuilder. For sure there are easier ways to build > > packages. > > It's just how I build backports or patch packages sometimes. > > > > Good morning Marcus. I replied to the email you sent this morning > however it bounced. The smtp you used, is blacklisted on http://dnsbl.inps.de/. A BL with a high weight in my config. That's your message was blocked. ;) Jan 28 15:55:11 lillith sm-mta[26133]: w0SEt6l6026133: <-- MAIL FROM: ... Jan 28 15:55:14 lillith sm-mta[26133]: w0SEt6l6026133: --- 551 5.7.1 Bad reputation - mail.onyx.syn-alias.com [206.152.134.66] listed on too many DNS blacklists: BL_INPS (blhit 4) > Please look at the pastebin for the reason: > > https://pastebin.com/8Gm0Hp4Y Did not run in these problems on 14.04 LTS. Try to remove the old 0.99.2 packages (aptitude remove) and then install your 0.99.3 packages from clean. Do some backup of your clamav config before remove. Ciao Marcus ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] 99.3 for Ubuntu
On Sun, 2018-01-28 at 00:54 +0100, Marcus Schopen wrote: > Am Samstag, den 27.01.2018, 17:22 -0600 schrieb Chris: > > > > Thanks so much for this Marcus, seems a lot easier than going > > through > > using pbuilder. > Never used pbuilder. For sure there are easier ways to build > packages. > It's just how I build backports or patch packages sometimes. > Good morning Marcus. I replied to the email you sent this morning however it bounced. Please look at the pastebin for the reason: https://pastebin.com/8Gm0Hp4Y Chris BTW - it still didn't install correctly - https://pastebin.com/MFrycv7D libclamav7... did but not the rest Chris -- Chris KeyID 0xE372A7DA98E6705C 31.11972; -97.90167 (Elev. 1092 ft) 09:07:46 up 10:58, 1 user, load average: 0.74, 4.86, 5.48 Description:Ubuntu 16.04.3 LTS, kernel 4.13.0-32-generic signature.asc Description: This is a digitally signed message part ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
[clamav-users] Fwd: Can't compile under gcc 7.2.0 - 2
Using the tar on the current OpenSuSE Tumbleweed, I get:
In file included from
../../../clamav-0.99.3/libclamav/c++/llvm/include/llvm/Support/Allocator.h:17:0,
from
../../../clamav-0.99.3/libclamav/c++/llvm/include/llvm/ADT/StringMap.h:18,
from
../../../clamav-0.99.3/libclamav/c++/bytecode2llvm.cpp:41:
../../../clamav-0.99.3/libclamav/c++/llvm/include/llvm/Support/AlignOf.h:
At global scope:
../../../clamav-0.99.3/libclamav/c++/llvm/include/llvm/Support/AlignOf.h:57:24:
error: expected unqualified-id before ‘alignof’
static inline unsigned alignof() { return AlignOf::Alignment; }
^~~
In file included from
../../../clamav-0.99.3/libclamav/c++/llvm/include/llvm/ADT/StringMap.h:18:0,
from
../../../clamav-0.99.3/libclamav/c++/bytecode2llvm.cpp:41:
../../../clamav-0.99.3/libclamav/c++/llvm/include/llvm/Support/Allocator.h:
In member function ‘void llvm::SpecificBumpPtrAllocator::DestroyAll()’:
../../../clamav-0.99.3/libclamav/c++/llvm/include/llvm/Support/Allocator.h:204:46:
error: expected primary-expression before ‘<’ token
Ptr = Allocator.AlignPtr(Ptr, alignof());
^
../../../clamav-0.99.3/libclamav/c++/llvm/include/llvm/Support/Allocator.h:204:39:
warning: ISO C++ does not allow ‘alignof’ with a non-type [-Wpedantic]
Ptr = Allocator.AlignPtr(Ptr, alignof());
^~~
../../../clamav-0.99.3/libclamav/c++/llvm/include/llvm/Support/Allocator.h:204:48:
error: expected primary-expression before ‘>’ token
Ptr = Allocator.AlignPtr(Ptr, alignof());
^
../../../clamav-0.99.3/libclamav/c++/llvm/include/llvm/Support/Allocator.h:204:50:
error: expected primary-expression before ‘)’ token
Ptr = Allocator.AlignPtr(Ptr, alignof());
^
In file included from
../../../clamav-0.99.3/libclamav/c++/bytecode2llvm.cpp:41:0:
../../../clamav-0.99.3/libclamav/c++/llvm/include/llvm/ADT/StringMap.h:
In static member function ‘static llvm::StringMapEntry*
llvm::StringMapEntry::Create(const char*, const char*,
AllocatorTy&, InitType)’:
../../../clamav-0.99.3/libclamav/c++/llvm/include/llvm/ADT/StringMap.h:170:33:
error: expected primary-expression before ‘<’ token
unsigned Alignment = alignof();
^
../../../clamav-0.99.3/libclamav/c++/llvm/include/llvm/ADT/StringMap.h:170:26:
warning: ISO C++ does not allow ‘alignof’ with a non-type [-Wpedantic]
unsigned Alignment = alignof();
^~~
../../../clamav-0.99.3/libclamav/c++/llvm/include/llvm/ADT/StringMap.h:170:48:
error: expected primary-expression before ‘>’ token
unsigned Alignment = alignof();
^
../../../clamav-0.99.3/libclamav/c++/llvm/include/llvm/ADT/StringMap.h:170:50:
error: expected primary-expression before ‘)’ token
unsigned Alignment = alignof();
^
In file included from
../../../clamav-0.99.3/libclamav/c++/bytecode2llvm.cpp:69:0:
../../../clamav-0.99.3/libclamav/c++/llvm/include/llvm/Support/CommandLine.h:
In member function ‘void llvm::cl::alias::done()’:
../../../clamav-0.99.3/libclamav/c++/llvm/include/llvm/Support/CommandLine.h:1326:5:
warning: this ‘if’ clause does not guard... [-Wmisleading-indentation]
if (AliasFor == 0)
^~
../../../clamav-0.99.3/libclamav/c++/llvm/include/llvm/Support/CommandLine.h:1328:7:
note: ...this statement, but the latter is misleadingly indented as if
it were guarded by the ‘if’
addArgument();
^~~
../../../clamav-0.99.3/libclamav/c++/bytecode2llvm.cpp: In function
‘void setGuard(unsigned char*)’:
../../../clamav-0.99.3/libclamav/c++/bytecode2llvm.cpp:2432:49: warning:
ISO C++ forbids converting a string constant to ‘char*’ [-Wwrite-strings]
cl_hash_data("md5", salt, 48, guardbuf, NULL);
^
make[5]: *** [Makefile:2070: libclamavcxx_la-bytecode2llvm.lo] Error 1
make[5]: Leaving directory
'/mnt/raidarray/fdb-data/projects/linux/security/clamav/clamav-build/libclamav/c++'
make[4]: *** [Makefile:1469: all] Error 2
make[4]: Leaving directory
'/mnt/raidarray/fdb-data/projects/linux/security/clamav/clamav-build/libclamav/c++'
make[3]: *** [Makefile:3376: all-recursive] Error 1
make[3]: Leaving directory
'/mnt/raidarray/fdb-data/projects/linux/security/clamav/clamav-build/libclamav'
make[2]: *** [Makefile:1089: all] Error 2
make[2]: Leaving directory
'/mnt/raidarray/fdb-data/projects/linux/security/clamav/clamav-build/libclamav'
make[1]: *** [Makefile:675: all-recursive] Error 1
make[1]: Leaving directory
'/mnt/raidarray/fdb-data/projects/linux/security/clamav/clamav-build'
make: *** [Makefile:503: all] Error 2
Re: [clamav-users] 99.3 for Ubuntu
Chris, good morning! Am Samstag, den 27.01.2018, 20:26 -0600 schrieb Chris: > > Of course I run into problems :(, I always seem to. All the .deb > packages were made Perfect, well done! No need to quarrel with yourself. > The paste below is the output of sudo dpkg -i > > https://pastebin.com/xRXXMNrg > > Should I have run dpkg-buildpackage -us -uc as sudo? I did run the build as root, yes. But that shouldn't be the problem. I never tested it is as unprivileged user. Will try it next time ;) Start installing the packages one after another , so that you don't run into dependency conficts, e.g. milter package depends on base package, so install base package first. This is my installing history: dpkg -i libclamav7_0.99.3-0ubuntu1~binux1_amd64.deb dpkg -i clamav-base_0.99.3-0ubuntu1~binux1_all.deb dpkg -i clamav-freshclam_0.99.3-0ubuntu1~binux1_amd64.deb dpkg -i clamav_0.99.3-0ubuntu1~binux1_amd64.deb dpkg -i clamav-daemon_0.99.3-0ubuntu1~binux1_amd64.deb Good luck Marcus ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
