The previous update to this one was daily - 21491 which is the last update
available using freshclam.
What is the mechanism for bringing this update into the definitions database?
-Al-
> Begin forwarded message:
>
> From: nore...@sourcefire.com
> Subject: [clamav-virusdb] Signatures
Thanks guys. Because of a dependency of our existing system on older version of
openssl we are trying an older version of clam. Make did work with 0.98.1
version. Hopefully once we get a confirmation on openssl update we can move on
to latest clam.
Regards,
Kk
-Original Message-
From:
Using #match as a condition in a yara rule to
count the occurences of $match doesn't appear to
work where $match is a regex.
#match only appears to work if $match is a string literal
eg "abc123"
Is #match intended to work with a regex ?
--
David Shrimpton
I think the patch he's talking about is here:
https://bugzilla.clamav.net/attachment.cgi?id=5481=diff
Although it is for an old version of ClamAV (0.98). Is that the version you
are using?
Steve
___
Help us build a comprehensive ClamAV guide:
I don’t think you are in the right place as I can’t find that signature (or any
remotely resembling it) in the ClamAV official database. I suspect you are
using some 3rd party UNOFFICIAL signatures that are detecting that one.
-Al-
On Wed, Apr 13, 2016 at 08:20 AM, Alex wrote:
>
> Hi,
>
> I
Yes, gmake is recommended (although bsd make generally works except for
'make check'). At mbox.c:2816, I have:
break;
Mine is in the function rfc2047(), not rfc1341(). What is your version of
ClamAV? Is it possible that your mbox.c is corrupted?
Steve
Which "make" are you using? Does Clam-AV require GNU Make as well? You
might be able to install that as "gmake". (GNU Make and BSD Make aren't
entirely compatible - I'm not sure where AIX Make lies on that spectrum.)
--- Richard Conto
DNA Sequencing Core
Biomedical Research Core Facilities
We have found a mailer @
http://www.gossamer-threads.com/lists/clamav/users/59376
Please share how we can get the patch (#59d05bf.patch)
Regards,
kk
On Wed, Apr 13, 2016 at 11:59 PM, Krishnakumar Nair
wrote:
> Thanks for the update Steve. But its error again with gcc in
Thanks for the update Steve. But its error again with gcc in make.
Please share your valuable inputs.
clam build 0.98/Aix6.1/gcc4.8.3
Error --
mbox.c: In function 'rfc1341':
mbox.c:2816: error: called object '1' is not a function
make: The error code from the last command is 1.
Regards,
kk
On
Please refer to the bug report at:
https://bugzilla.clamav.net/show_bug.cgi?id=11552
for the patch to resolve the issue.
On Wed, Apr 13, 2016 at 1:32 PM, Kevin Lin wrote:
> ClamAV, in order to optimize the AC algorithm execution, runs the filetype
> signatures alongside
ClamAV, in order to optimize the AC algorithm execution, runs the
filetype signatures alongside the malware detection signatures. ClamAV
is set to immediately return after AC execution if a filetype
signature detection occurs. This unfortunately causes the engine to
skip PCRE signature execution.
Hi,
Thanks for the example. I've opened bug
https://bugzilla.clamav.net/show_bug.cgi?id=11552 to track.
Thanks again,
Steve
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
Hi, kionez--
On Apr 13, 2016, at 8:11 AM, kionez wrote:
> I'm using it on my antispam server with Debian Jessie (with clamav
> 0.99+dfsg-0+deb8u2 and libpcre3 8.35-3.3+deb8u4 ) and also testing on my
> laptop with Arch linux (clamav 0.99.1-2 and pcre 8.38-3). I try to
>
Hi,
I don't understand why themastersbaker.com would be tagged?
# sigtool --find-sigs winnow.spam.ts.untyped.966134 | sigtool --decode-sigs
VIRUS NAME: winnow.spam.ts.untyped.966134
TARGET TYPE: MAIL
OFFSET: *
DECODED SIGNATURE:
http://themastersbaker.com/
This isn't currently on any other
#include // created 13/04/2016 16:37
> Hi,
>
> The first question is: Do you have pcre installed and was it found by
> ClamAV .\configure?
[cut]
Ops, I forgot to mention my system configuration.. sorry.
I'm using it on my antispam server with Debian Jessie (with clamav
0.99+dfsg-0+deb8u2
Hi,
The first question is: Do you have pcre installed and was it found by
ClamAV .\configure? You should see something like:
pcre: /usr
near the end of the ./configure output.
Steve
___
Help us build a comprehensive ClamAV
Hi,
gcc is needed to compile ClamAV on AIX. Web search "gcc aix" to get info on
installing gcc.
Steve
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
Hi.
As far as I know, the X509_VERIFY_PARAM symbol became available in the
OpenSSL libraries starting from version 0.9.8. If you are trying to compile
your ClamAV with an openssl package which is older than that you may
encounter this problem (on my Linux servers I am using OpenSSL version
Hi,
I'm going mad with a strange behaviour of clamav with custom yara rules.
I'm trying to match some nasty spam email, I decided to use yara for my
custom rules but i noticed a problem: if I use only string detect clamav
(either via clamscan or clamdscan) matches all the email (text +
headers)
Is there any previous stable version we could try rather than 0.99 ?.
-Original Message-
From: "kk nair"
Sent: 13-04-2016 05:33 PM
To: "ClamAV users ML"
Subject: ClamAV/AIX6.1/gcc4.8.3 - openssl error -X509_VERIFY_PARAM_new missing
Hi team,
Please suggest workarounds for this issue.
We are unable to proceed with installation.
checking check.h usability... no
checking check.h presence... no
checking for check.h... no
configure: unable to compile/link with check
checking for libxml2 installation... not found
configure: **
Hi Team,
This is a critical blocking issue in ClamAV installation on AIX6.1 CC is
xlC. Please share if any clues.
Regards,
kk
On Wed, Apr 13, 2016 at 12:29 PM, Krishnakumar Nair
wrote:
> Please share inputs on this issue while we run make after configure.
>
> CCLD
Please share inputs on this issue while we run make after configure.
CCLD libclamunrar_iface.la
CC libclamav_la-matcher-ac.lo
"clamav.h", line 170.3: 1506-191 (E) The character # is not a valid C
source character.
"/usr/include/sys/atomic_op.h", line 123.1: 1506-1419 (W) Pragma mc_func
must
23 matches
Mail list logo