Re: [clamav-users] cli_get_filepath_from_filedesc error when using zINSTREAM in 0.101.0

2018-12-13 Thread Joel Pettis 
thank you for your reply Micah. No worries! Now that i know I can just
ignore it, it's no big deal.

thanks,
Joel



On Thu, Dec 13, 2018 at 9:52 AM Micah Snyder (micasnyd) 
wrote:

> Hi Joel,
>
> This appears to be a oversight in a new feature.  The message in question
> should be printed at the debug log level instead of error.
>
> Sorry!
>
>
> Micah Snyder
> ClamAV Development
> Talos
> Cisco Systems, Inc.
>
>
> On Dec 12, 2018, at 9:23 PM, Joel Pettis  wrote:
>
> Greetings,
>
> I've recently started using zINSTREAM with clamd in the new version
> 0.101.0 and every time I scan a file, a log is written to the std out like
> this:
>
> LibClamAV Error: cli_get_filepath_from_filedesc: File path for fd [12] is:
> /tmp/clamav-e9c124cf7c3129c87ebea09868d4838f.tmp
>
>
> From reviewing the code on GitHub, it appears this originates from
> libclamav/scanners.c when the file path is null.  But since I'm using
> zINSTREAM, it should not have file path, correct?
>
> I could understand if this was and info log, but for it to be an error
> doesn't seem correct to me.
>
> Has anyone else experienced this?
>
> thank you,
> Joel
>
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
>
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>


-- 
Joel
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAV installation is OUTDATED! as reported by freshclam utility on CentOS Linux release 7.6.1810 (Core)

2018-12-13 Thread Scott Kitterman 
If they are relying on it, it'd be a service to turn it off until 0.101.1 is 
released.

Scott K

On Thursday, December 13, 2018 06:49:08 PM Joel Esler wrote:
> ClamAV cannot control when the package distros update their packages.  Also,
> some of the package maintainers, I suspect, rely on updates like that to
> tell them when they need to go update packages.
> > On Dec 13, 2018, at 12:28 PM, Scott Kitterman 
> > wrote:
> > 
> > Would it be possible to turn off the outdated warning until that happens?
> > 
> > Scott K
> > 
> > On December 13, 2018 3:02:59 PM UTC, "Micah Snyder (micasnyd)" 
 wrote:
> >> Because of the libclamav header issue I disclosed last week, most
> >> package managers are holding off on packaging 0.101.0. Some projects
> >> that rely on ClamAV will be unable to build with the new libclamav
> >> version until ClamAV 0.101.1 is published (and until they update to use
> >> the API changes).
> >> 
> >> We will have 0.101.1 out in early January.  Sorry about the delay.
> >> Don't panic!
> >> -Micah
> >> 
> >> 
> >> Micah Snyder
> >> ClamAV Development
> >> Talos
> >> Cisco Systems, Inc.
> >> 
> >> 
> >> On Dec 13, 2018, at 7:34 AM, Benny Pedersen
> >> mailto:m...@junc.eu>> wrote:
> >> 
> >> Kaushal Shriyan skrev den 2018-12-13 07:30:
> >> I am running CentOS Linux release 7.6.1810 (Core) with ClamAV
> >> installed. When i am running freshclam i am seeing a Warning message
> >> and the details are described below:-
> >> 
> >> WARNING: Local version: 0.100.2 Recommended version: 0.101.0
> >> DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
> >> 
> >> it also says dont panic :=)
> >> 
> >> create a centos bug to get a bumped version into centos repo, or
> >> compiled localy latest version wanted
> >> 
> >> its not anything here we could do more
> >> ___
> >> clamav-users mailing list
> >> clamav-users@lists.clamav.net
> >> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> >> 
> >> 
> >> Help us build a comprehensive ClamAV guide:
> >> https://github.com/vrtadmin/clamav-faq
> >> 
> >> http://www.clamav.net/contact.html#ml
> > 
> > ___
> > clamav-users mailing list
> > clamav-users@lists.clamav.net
> > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> > 
> > 
> > Help us build a comprehensive ClamAV guide:
> > https://github.com/vrtadmin/clamav-faq
> > 
> > http://www.clamav.net/contact.html#ml

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] "URI" in PrivateMirror?

2018-12-13 Thread David Barr 
Good Morning!

I have set up a PrivateMirror on an internal repository server. However, this 
server is not single-use. I have several YUM/RPM repositories, a copy of the 
CPAN repository, etc. So, in a perfect world, I could set

PrivateMirror repository.int/clamav

so `freshclam` knows which directory on the webserver to look in. However, I 
don't see any documentation that this might be supported, and Google has failed 
me. Has anyone tried this? (Yes, I know that's not really a URI.)

For the moment, at least, I'm stuck with the "vendor provided" version of 
clamav, which is currently 0.99.2-8.el7 in the EPEL 7 repository. If I need to 
fight my Cyber organization for permission to create a YUM repository for 
clamav-0.101.0, I can do that. But, I'd rather not use that political capital 
if I can avoid it.

Thanks!
David

PS. Current versions of bash support input redirection to `source`. So, we also 
have a scripts directory on this repo server, to do things like

source <(curl -sS http://repository.int/scripts/doSomething.sh 
)

which means the only copy of doSomething.sh that we have to maintain is on the 
repo server...

--

David - Offbeat http://pgp.mit.edu/
dafydd - Online 0xda3f18449337d6b5

51525354555657--

Dr. Viktor Frankenstein entered into a body building competition
only to find he has seriously misunderstood the objective.





signature.asc
Description: Message signed with OpenPGP
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAV installation is OUTDATED! as reported by freshclam utility on CentOS Linux release 7.6.1810 (Core)

2018-12-13 Thread Al Varnell 
As memory serves, there used to be a code number that represented the necessity 
to upgrade. Many years ago they used to wait several days/weeks before turning 
that up on routine updates, which then caused the warnings to show up. 

-Al-

On Thu, Dec 13, 2018 at 09:35 AM, Micah Snyder (micasnyd) wrote:
> It, unfortunately, is not.  If we did, then users who have installed from 
> source will see the outdated warning.  The warning is a dumb string-compare, 
> and doesn't actually compare the integer values in the version string.
> 
>  
> Micah Snyder
> ClamAV Development
> Talos
> Cisco Systems, Inc.
> 
> 
>> On Dec 13, 2018, at 12:28 PM, Scott Kitterman > > wrote:
>> 
>> Would it be possible to turn off the outdated warning until that happens?
>> 
>> Scott K
>> 
>> On December 13, 2018 3:02:59 PM UTC, "Micah Snyder (micasnyd)" 
>> mailto:micas...@cisco.com>> wrote:
>>> Because of the libclamav header issue I disclosed last week, most
>>> package managers are holding off on packaging 0.101.0. Some projects
>>> that rely on ClamAV will be unable to build with the new libclamav
>>> version until ClamAV 0.101.1 is published (and until they update to use
>>> the API changes).
>>> 
>>> We will have 0.101.1 out in early January.  Sorry about the delay. 
>>> Don't panic!
>>> -Micah
>>> 
>>> 
>>> Micah Snyder
>>> ClamAV Development
>>> Talos
>>> Cisco Systems, Inc.
>>> 
>>> 
>>> On Dec 13, 2018, at 7:34 AM, Benny Pedersen
>>> mailto:m...@junc.eu>>> >> wrote:
>>> 
>>> Kaushal Shriyan skrev den 2018-12-13 07:30:
>>> I am running CentOS Linux release 7.6.1810 (Core) with ClamAV
>>> installed. When i am running freshclam i am seeing a Warning message
>>> and the details are described below:-
>>> 
>>> WARNING: Local version: 0.100.2 Recommended version: 0.101.0
>>> DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav 
>>> 
>>> 
>>> it also says dont panic :=)
>>> 
>>> create a centos bug to get a bumped version into centos repo, or
>>> compiled localy latest version wanted
>>> 
>>> its not anything here we could do more
>>> ___
>>> clamav-users mailing list
>>> clamav-users@lists.clamav.net 
>>> >> >
>>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users 
>>> 
>>> 
>>> 
>>> Help us build a comprehensive ClamAV guide:
>>> https://github.com/vrtadmin/clamav-faq 
>>> 
>>> 
>>> http://www.clamav.net/contact.html#ml 
>>> 
>> ___
>> clamav-users mailing list
>> clamav-users@lists.clamav.net 
>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users 
>> 
>> 
>> 
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq 
>> 
>> 
>> http://www.clamav.net/contact.html#ml 
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net 
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users 
> 
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq 
> 
> 
> http://www.clamav.net/contact.html#ml 

-Al-
-- 
Al Varnell
Mountain View, CA




___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAV installation is OUTDATED! as reported by freshclam utility on CentOS Linux release 7.6.1810 (Core)

2018-12-13 Thread Joel Esler (jesler) 
ClamAV cannot control when the package distros update their packages.  Also, 
some of the package maintainers, I suspect, rely on updates like that to tell 
them when they need to go update packages.

> On Dec 13, 2018, at 12:28 PM, Scott Kitterman  wrote:
> 
> Would it be possible to turn off the outdated warning until that happens?
> 
> Scott K
> 
> On December 13, 2018 3:02:59 PM UTC, "Micah Snyder (micasnyd)" 
>  wrote:
>> Because of the libclamav header issue I disclosed last week, most
>> package managers are holding off on packaging 0.101.0. Some projects
>> that rely on ClamAV will be unable to build with the new libclamav
>> version until ClamAV 0.101.1 is published (and until they update to use
>> the API changes).
>> 
>> We will have 0.101.1 out in early January.  Sorry about the delay. 
>> Don't panic!
>> -Micah
>> 
>> 
>> Micah Snyder
>> ClamAV Development
>> Talos
>> Cisco Systems, Inc.
>> 
>> 
>> On Dec 13, 2018, at 7:34 AM, Benny Pedersen
>> mailto:m...@junc.eu>> wrote:
>> 
>> Kaushal Shriyan skrev den 2018-12-13 07:30:
>> I am running CentOS Linux release 7.6.1810 (Core) with ClamAV
>> installed. When i am running freshclam i am seeing a Warning message
>> and the details are described below:-
>> 
>> WARNING: Local version: 0.100.2 Recommended version: 0.101.0
>> DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
>> 
>> it also says dont panic :=)
>> 
>> create a centos bug to get a bumped version into centos repo, or
>> compiled localy latest version wanted
>> 
>> its not anything here we could do more
>> ___
>> clamav-users mailing list
>> clamav-users@lists.clamav.net
>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>> 
>> 
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>> 
>> http://www.clamav.net/contact.html#ml
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml



smime.p7s
Description: S/MIME cryptographic signature
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAV installation is OUTDATED! as reported by freshclam utility on CentOS Linux release 7.6.1810 (Core)

2018-12-13 Thread Benny Pedersen 

Scott Kitterman skrev den 2018-12-13 18:28:
Would it be possible to turn off the outdated warning until that 
happens?


why ?
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAV installation is OUTDATED! as reported by freshclam utility on CentOS Linux release 7.6.1810 (Core)

2018-12-13 Thread Micah Snyder (micasnyd) 
It, unfortunately, is not.  If we did, then users who have installed from 
source will see the outdated warning.  The warning is a dumb string-compare, 
and doesn't actually compare the integer values in the version string.


Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.


On Dec 13, 2018, at 12:28 PM, Scott Kitterman 
mailto:deb...@kitterman.com>> wrote:

Would it be possible to turn off the outdated warning until that happens?

Scott K

On December 13, 2018 3:02:59 PM UTC, "Micah Snyder (micasnyd)" 
mailto:micas...@cisco.com>> wrote:
Because of the libclamav header issue I disclosed last week, most
package managers are holding off on packaging 0.101.0. Some projects
that rely on ClamAV will be unable to build with the new libclamav
version until ClamAV 0.101.1 is published (and until they update to use
the API changes).

We will have 0.101.1 out in early January.  Sorry about the delay.
Don't panic!
-Micah


Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.


On Dec 13, 2018, at 7:34 AM, Benny Pedersen
mailto:m...@junc.eu>> wrote:

Kaushal Shriyan skrev den 2018-12-13 07:30:
I am running CentOS Linux release 7.6.1810 (Core) with ClamAV
installed. When i am running freshclam i am seeing a Warning message
and the details are described below:-

WARNING: Local version: 0.100.2 Recommended version: 0.101.0
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav

it also says dont panic :=)

create a centos bug to get a bumped version into centos repo, or
compiled localy latest version wanted

its not anything here we could do more
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAV installation is OUTDATED! as reported by freshclam utility on CentOS Linux release 7.6.1810 (Core)

2018-12-13 Thread Scott Kitterman 
Would it be possible to turn off the outdated warning until that happens?

Scott K

On December 13, 2018 3:02:59 PM UTC, "Micah Snyder (micasnyd)" 
 wrote:
>Because of the libclamav header issue I disclosed last week, most
>package managers are holding off on packaging 0.101.0. Some projects
>that rely on ClamAV will be unable to build with the new libclamav
>version until ClamAV 0.101.1 is published (and until they update to use
>the API changes).
>
>We will have 0.101.1 out in early January.  Sorry about the delay. 
>Don't panic!
>-Micah
>
>
>Micah Snyder
>ClamAV Development
>Talos
>Cisco Systems, Inc.
>
>
>On Dec 13, 2018, at 7:34 AM, Benny Pedersen
>mailto:m...@junc.eu>> wrote:
>
>Kaushal Shriyan skrev den 2018-12-13 07:30:
>I am running CentOS Linux release 7.6.1810 (Core) with ClamAV
>installed. When i am running freshclam i am seeing a Warning message
>and the details are described below:-
>
>WARNING: Local version: 0.100.2 Recommended version: 0.101.0
>DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
>
>it also says dont panic :=)
>
>create a centos bug to get a bumped version into centos repo, or
>compiled localy latest version wanted
>
>its not anything here we could do more
>___
>clamav-users mailing list
>clamav-users@lists.clamav.net
>http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
>Help us build a comprehensive ClamAV guide:
>https://github.com/vrtadmin/clamav-faq
>
>http://www.clamav.net/contact.html#ml
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAV installation is OUTDATED! as reported by freshclam utility on CentOS Linux release 7.6.1810 (Core)

2018-12-13 Thread Scott Kitterman 
That's the exact issue Cisco warned about.  Hopefully we see a 0.101.1 soon.

Scott K

On December 13, 2018 3:56:55 PM UTC, Paul Kosinski  
wrote:
>Yeah, I tried to build the latest (i.e. rather old) HAVP against
>0.101.0 and it failed due to missing cltypes.h. I haven't had time to
>look into this -- rather expected -- problem.
>
>
>On Thu, 13 Dec 2018 02:54:08 -0500
>Scott Kitterman  wrote:
>
>> A larger issue in this case is that 0.100.0, as released is not
>> suitable for distribution use to to shared library header issues
>> (mentioned on this list a few days ago - I appreciate Cisco being
>> forthcoming and warning people).  I don't know what EPEL/CentOS will
>> do, but 0.100.0 won't be in Debian at all.
>> 
>> Scott K
>> 
>> On Thursday, December 13, 2018 08:22:10 AM Luca Moscato wrote:
>> > Issue is in CentOS repo (not sure if standard or EPEL additional
>> > repo) that, still, do not ship the latest stable.
>> > 
>> > On this topic, AMZ Linux is still have 0.99 in standard repo
>> > 
>> > 
>> > Luca
>> > 
>> > Il 13/12/2018 07:42, Al Varnell ha scritto:
>> > > Not sure what comment you are looking for. The warning is pretty
>> > > much self explanatory. You can either wait for CentOS to update
>> > > it for you when they get around to it or download, configure and
>> > > install 0.101.0 yourself
>> > > .
>> > > 
>> > > Sent from my iPad
>> > > 
>> > > -Al-
>> > > ClamXAV User
>___
>clamav-users mailing list
>clamav-users@lists.clamav.net
>http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
>Help us build a comprehensive ClamAV guide:
>https://github.com/vrtadmin/clamav-faq
>
>http://www.clamav.net/contact.html#ml
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAV installation is OUTDATED! as reported by freshclam utility on CentOS Linux release 7.6.1810 (Core)

2018-12-13 Thread Paul Kosinski 
Yeah, I tried to build the latest (i.e. rather old) HAVP against
0.101.0 and it failed due to missing cltypes.h. I haven't had time to
look into this -- rather expected -- problem.


On Thu, 13 Dec 2018 02:54:08 -0500
Scott Kitterman  wrote:

> A larger issue in this case is that 0.100.0, as released is not
> suitable for distribution use to to shared library header issues
> (mentioned on this list a few days ago - I appreciate Cisco being
> forthcoming and warning people).  I don't know what EPEL/CentOS will
> do, but 0.100.0 won't be in Debian at all.
> 
> Scott K
> 
> On Thursday, December 13, 2018 08:22:10 AM Luca Moscato wrote:
> > Issue is in CentOS repo (not sure if standard or EPEL additional
> > repo) that, still, do not ship the latest stable.
> > 
> > On this topic, AMZ Linux is still have 0.99 in standard repo
> > 
> > 
> > Luca
> > 
> > Il 13/12/2018 07:42, Al Varnell ha scritto:
> > > Not sure what comment you are looking for. The warning is pretty
> > > much self explanatory. You can either wait for CentOS to update
> > > it for you when they get around to it or download, configure and
> > > install 0.101.0 yourself
> > > .
> > > 
> > > Sent from my iPad
> > > 
> > > -Al-
> > > ClamXAV User
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] A workaround for the major ClamAV DB update delays we have been experiencing

2018-12-13 Thread Micah Snyder (micasnyd) 
If you're looking at the CLD it will be bigger, because the CLD is not 
compressed and the CVD is compressed.  When you use diffs, it will store the 
database in CLD format.


Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.


On Dec 12, 2018, at 11:23 PM, Dennis Peterson 
mailto:denni...@inetnw.com>> wrote:

I wonder if the file size changed when Joel regenerated the daily.cvd file  (or 
I had in unexplainable file size error). I still use all the technology but no 
longer for big dot coms. The patched files are larger because they have a lot 
of unneeded bits in them.

dp

On 12/12/18 7:43 AM, Paul Kosinski wrote:
The daily.cvd is still less than half as big as main.cvd:

  -rw-r--r-- 1 clamav clamav 117892267 Jun  7  2017 main.cvd
  -rw-r--r-- 1 clamav clamav  53147013 Dec 11 14:03 daily.cvd

but indeed using the cdiffs could save bandwidth.

I never tried using cdiffs since the FAQ said "Let freshclam download
the *.cvd files", and I wasn't sure if "scripted update" would actually
create a proper cvd for both local mirroring *and* HAVP. Also, I
figured that we were already saving lots of bandwidth by doing local
mirroring instead of N separate freshclam external downloads.

P.S. After retirement there is less pressure, but the technology I deal
with daily (for my own purposes, rather than for pay) doesn't seem to
get any simpler.


___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAV installation is OUTDATED! as reported by freshclam utility on CentOS Linux release 7.6.1810 (Core)

2018-12-13 Thread Micah Snyder (micasnyd) 
Because of the libclamav header issue I disclosed last week, most package 
managers are holding off on packaging 0.101.0. Some projects that rely on 
ClamAV will be unable to build with the new libclamav version until ClamAV 
0.101.1 is published (and until they update to use the API changes).

We will have 0.101.1 out in early January.  Sorry about the delay.  Don't panic!
-Micah


Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.


On Dec 13, 2018, at 7:34 AM, Benny Pedersen mailto:m...@junc.eu>> 
wrote:

Kaushal Shriyan skrev den 2018-12-13 07:30:
I am running CentOS Linux release 7.6.1810 (Core) with ClamAV
installed. When i am running freshclam i am seeing a Warning message
and the details are described below:-

WARNING: Local version: 0.100.2 Recommended version: 0.101.0
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav

it also says dont panic :=)

create a centos bug to get a bumped version into centos repo, or compiled 
localy latest version wanted

its not anything here we could do more
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] cli_get_filepath_from_filedesc error when using zINSTREAM in 0.101.0

2018-12-13 Thread Micah Snyder (micasnyd) 
Hi Joel,

This appears to be a oversight in a new feature.  The message in question 
should be printed at the debug log level instead of error.

Sorry!


Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.


On Dec 12, 2018, at 9:23 PM, Joel Pettis 
mailto:joelpet...@gmail.com>> wrote:

Greetings,

I've recently started using zINSTREAM with clamd in the new version 0.101.0 and 
every time I scan a file, a log is written to the std out like this:

LibClamAV Error: cli_get_filepath_from_filedesc: File path for fd [12] is: 
/tmp/clamav-e9c124cf7c3129c87ebea09868d4838f.tmp


>From reviewing the code on GitHub, it appears this originates from 
>libclamav/scanners.c when the file path is null.  But since I'm using 
>zINSTREAM, it should not have file path, correct?

I could understand if this was and info log, but for it to be an error doesn't 
seem correct to me.

Has anyone else experienced this?

thank you,
Joel

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAV installation is OUTDATED! as reported by freshclam utility on CentOS Linux release 7.6.1810 (Core)

2018-12-13 Thread Benny Pedersen 

Kaushal Shriyan skrev den 2018-12-13 07:30:

I am running CentOS Linux release 7.6.1810 (Core) with ClamAV
installed. When i am running freshclam i am seeing a Warning message
and the details are described below:-



WARNING: Local version: 0.100.2 Recommended version: 0.101.0
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav


it also says dont panic :=)

create a centos bug to get a bumped version into centos repo, or 
compiled localy latest version wanted


its not anything here we could do more
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] ssdeep and ClamAV

2018-12-13 Thread Dessalvi, Matteo 
Hi all.

I was wondering if there is the possibility of creating a signature DB using 
hashes extracted from SSDeep
(ref: https://ssdeep-project.github.io/ssdeep/index.html).

We are from time to time pestered by spam email with fake invoices as 
attachments, like the ones reported here:

https://www.virustotal.com/#/file/c7263a3bc477a376a40f703bbf250033499f8dc84bb08e9c976bd4914c823690/details
https://www.virustotal.com/#/file/908a15a9200d7676af884b8a90e5c913c44b1991712339ad86050cf53f7a2637/details

Indeed, one of this file is now recognized as 'Doc.Malware.Generic-6779191-0' 
but it took some time before this signature ended
in the ClamAV DBs and in the mean time some of these email slipped through the 
users. Before someone ask: yes, we are using 
Sanesecurity signatures too and recently I am starting to use the 
Sanesecurity.Badmacro DB too but so far it did not help.

What is interesting for me is that VT reported the same SSDeep hashes for both 
files, which I believe means that these macro 
viruses are mostly the same. Looking into ClamAV documentation I believe 
there's no easy way to integrate hashes from
SSDeep into the AV engine itself. Anyone has considered this possibility or is 
this unfeasible/useless?

Best regards,
Matteo
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAV installation is OUTDATED! as reported by freshclam utility on CentOS Linux release 7.6.1810 (Core)

2018-12-13 Thread Scott Kitterman 
Sorry, that's the version I meant, 0.101.0

Thanks for noticing,

Scott K

On Thursday, December 13, 2018 08:12:32 AM Robert Chalmers wrote:
> I saw this myself last week, so downloaded the new sources and built ->
> installed them myself. No problems and no warnings now.
> 
> 0.101.0 is the latest stable version
> 
> robert
> 
> > On 13 Dec 2018, at 07:54, Scott Kitterman  wrote:
> > 
> > A larger issue in this case is that 0.100.0, as released is not suitable
> > for distribution use to to shared library header issues (mentioned on
> > this list a few days ago - I appreciate Cisco being forthcoming and
> > warning people).  I don't know what EPEL/CentOS will do, but 0.100.0
> > won't be in Debian at all.
> > 
> > Scott K
> > 
> > On Thursday, December 13, 2018 08:22:10 AM Luca Moscato wrote:
> >> Issue is in CentOS repo (not sure if standard or EPEL additional repo)
> >> that, still, do not ship the latest stable.
> >> 
> >> On this topic, AMZ Linux is still have 0.99 in standard repo
> >> 
> >> 
> >> Luca
> >> 
> >> Il 13/12/2018 07:42, Al Varnell ha scritto:
> >>> Not sure what comment you are looking for. The warning is pretty much
> >>> self explanatory. You can either wait for CentOS to update it for you
> >>> when they get around to it or download, configure and install 0.101.0
> >>> yourself
> >>> .
> >>> 
> >>> Sent from my iPad
> >>> 
> >>> -Al-
> >>> ClamXAV User
> >>> 
> >>> On Dec 12, 2018, at 22:30, Kaushal Shriyan wrote:
>  Hi,
>  
>  I am running CentOS Linux release 7.6.1810 (Core) with ClamAV
>  installed. When i am running freshclam i am seeing a Warning message
>  and the details are described below:-
>  
>  # freshclam
>  ClamAV update process started at Thu Dec 13 11:49:18 2018
>  WARNING: Your ClamAV installation is OUTDATED!
>  WARNING: Local version: 0.100.2 Recommended version: 0.101.0
>  DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
>  main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60,
>  builder: sigmgr)
>  nonblock_recv: recv timing out (30 secs)
>  WARNING: getfile: Download interrupted: Operation now in progress
>  (IP: 104.16.189.138)
>  WARNING: Can't download daily.cvd from database.clamav.net
>  
>  Trying again in 5 secs...
>  ClamAV update process started at Thu Dec 13 11:49:56 2018
>  WARNING: Your ClamAV installation is OUTDATED!
>  WARNING: Local version: 0.100.2 Recommended version: 0.101.0
>  DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
>  main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60,
>  builder: sigmgr)
>  Trying host database.clamav.net 
>  (104.16.188.138)...
>  Downloading daily.cvd [100%]
>  daily.cvd updated (version: 25202, sigs: 2176766, f-level: 63,
>  builder: neo)
>  bytecode.cvd is up to date (version: 327, sigs: 91, f-level: 63,
>  builder: neo)
>  Database updated (6743106 signatures) from database.clamav.net
>   (IP: 104.16.188.138)
>  #
>  
>  _OS Version_
>  # cat /etc/redhat-release
>  CentOS Linux release 7.6.1810 (Core)
>  # yum update
>  No packages marked for update
>  #
>  
>  _EPEL Version_
>  # rpm -qa | grep epel
>  epel-release-7-11.noarch
>  #
>  
>  _ClamAV Version_
>  # rpm -qa | grep clamav
>  clamav-lib-0.100.2-2.el7.x86_64
>  clamav-filesystem-0.100.2-2.el7.noarch
>  clamav-update-0.100.2-2.el7.x86_64
>  clamav-0.100.2-2.el7.x86_64
>  #
>  
>  Please comment. Thanks in Advance. I look forward to hearing from you.
>  
>  Best Regards,
>  
>  Kaushal
> >>> 
> >>> ___
> >>> clamav-users mailing list
> >>> clamav-users@lists.clamav.net
> >>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> >>> 
> >>> 
> >>> Help us build a comprehensive ClamAV guide:
> >>> https://github.com/vrtadmin/clamav-faq
> >>> 
> >>> http://www.clamav.net/contact.html#ml
> > 
> > ___
> > clamav-users mailing list
> > clamav-users@lists.clamav.net
> > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> > 
> > 
> > Help us build a comprehensive ClamAV guide:
> > https://github.com/vrtadmin/clamav-faq
> > 
> > http://www.clamav.net/contact.html#ml
> 
> Robert Chalmers
> https://robert-chalmers.uk
> aut...@robert-chalmers.uk
> @R_A_Chalmers
> 
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml

___
clamav-users mailing list
cl

Re: [clamav-users] ClamAV installation is OUTDATED! as reported by freshclam utility on CentOS Linux release 7.6.1810 (Core)

2018-12-13 Thread Robert Chalmers 
I saw this myself last week, so downloaded the new sources and built -> 
installed them myself. No problems and no warnings now.

0.101.0 is the latest stable version

robert

> On 13 Dec 2018, at 07:54, Scott Kitterman  wrote:
> 
> A larger issue in this case is that 0.100.0, as released is not suitable for 
> distribution use to to shared library header issues (mentioned on this list a 
> few days ago - I appreciate Cisco being forthcoming and warning people).  I 
> don't know what EPEL/CentOS will do, but 0.100.0 won't be in Debian at all.
> 
> Scott K
> 
> On Thursday, December 13, 2018 08:22:10 AM Luca Moscato wrote:
>> Issue is in CentOS repo (not sure if standard or EPEL additional repo)
>> that, still, do not ship the latest stable.
>> 
>> On this topic, AMZ Linux is still have 0.99 in standard repo
>> 
>> 
>> Luca
>> 
>> Il 13/12/2018 07:42, Al Varnell ha scritto:
>>> Not sure what comment you are looking for. The warning is pretty much
>>> self explanatory. You can either wait for CentOS to update it for you
>>> when they get around to it or download, configure and install 0.101.0
>>> yourself
>>> .
>>> 
>>> Sent from my iPad
>>> 
>>> -Al-
>>> ClamXAV User
>>> 
>>> On Dec 12, 2018, at 22:30, Kaushal Shriyan wrote:
 Hi,
 
 I am running CentOS Linux release 7.6.1810 (Core) with ClamAV
 installed. When i am running freshclam i am seeing a Warning message
 and the details are described below:-
 
 # freshclam
 ClamAV update process started at Thu Dec 13 11:49:18 2018
 WARNING: Your ClamAV installation is OUTDATED!
 WARNING: Local version: 0.100.2 Recommended version: 0.101.0
 DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
 main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60,
 builder: sigmgr)
 nonblock_recv: recv timing out (30 secs)
 WARNING: getfile: Download interrupted: Operation now in progress
 (IP: 104.16.189.138)
 WARNING: Can't download daily.cvd from database.clamav.net
 
 Trying again in 5 secs...
 ClamAV update process started at Thu Dec 13 11:49:56 2018
 WARNING: Your ClamAV installation is OUTDATED!
 WARNING: Local version: 0.100.2 Recommended version: 0.101.0
 DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
 main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60,
 builder: sigmgr)
 Trying host database.clamav.net 
 (104.16.188.138)...
 Downloading daily.cvd [100%]
 daily.cvd updated (version: 25202, sigs: 2176766, f-level: 63,
 builder: neo)
 bytecode.cvd is up to date (version: 327, sigs: 91, f-level: 63,
 builder: neo)
 Database updated (6743106 signatures) from database.clamav.net
  (IP: 104.16.188.138)
 #
 
 _OS Version_
 # cat /etc/redhat-release
 CentOS Linux release 7.6.1810 (Core)
 # yum update
 No packages marked for update
 #
 
 _EPEL Version_
 # rpm -qa | grep epel
 epel-release-7-11.noarch
 #
 
 _ClamAV Version_
 # rpm -qa | grep clamav
 clamav-lib-0.100.2-2.el7.x86_64
 clamav-filesystem-0.100.2-2.el7.noarch
 clamav-update-0.100.2-2.el7.x86_64
 clamav-0.100.2-2.el7.x86_64
 #
 
 Please comment. Thanks in Advance. I look forward to hearing from you.
 
 Best Regards,
 
 Kaushal
>>> 
>>> ___
>>> clamav-users mailing list
>>> clamav-users@lists.clamav.net
>>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>>> 
>>> 
>>> Help us build a comprehensive ClamAV guide:
>>> https://github.com/vrtadmin/clamav-faq
>>> 
>>> http://www.clamav.net/contact.html#ml
> 
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml

Robert Chalmers
https://robert-chalmers.uk
aut...@robert-chalmers.uk
@R_A_Chalmers

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml