[clamav-users] Announcing Fangfrisch release 1.4.0

2021-02-11 Thread Ralph Seichter via clamav-users 
Fangfrisch release 1.4.0 is now available via

  https://pypi.org/project/fangfrisch/

Changes in this release:

1. Allow the use of "url_xyz = disabled" in addition to empty values to
disable URLs.

2. Remove "url_doppelstern*" and "url_crdfam_clamav" from Sanesecurity's
provider section because the related signatures are no longer maintained
and/or no longer distributed by Sanesecurity.

-Ralph

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] What are all the tmp.xyzuvwpqrs subdirs that keep accumulating

2021-02-11 Thread Paul Netpresto via clamav-users 

Hi

Possibly resolved with 

"Fixed FreshClam's --on-update-execute=EXIT_1 temporary directory 
cleanup issue."


Taken from https://blog.clamav.net/2021/02/clamav-01031-patch-release.html


On 12/02/2021 02:13, Paul Kosinski via clamav-users wrote:

For ClamAV 0.103.0:
   root@ime1:~# grep -i temporary /opt/clamav.d/clamav.0.103.0/etc/clamd.conf
   # Optional path to the global temporary directory.
   TemporaryDirectory /var/clamav/tmp
   # Do not remove temporary files (for debug purposes).
   LeaveTemporaryFiles 0

For ClamAV 0.102.1 it was the same:
   root@ime1:~# grep -i temporary /opt/clamav.d/clamav.0.102.2/etc/clamd.conf
   # Optional path to the global temporary directory.
   TemporaryDirectory /var/clamav/tmp
   # Do not remove temporary files (for debug purposes).
   LeaveTemporaryFiles 0

But the subdirs are in my "/opt/clamav.d/clamav.0.103.0/share/clamav/" directory. (I 
install each new version under opt, "just in case".)

And there's no "temporary". "tmp" or "temp" (except in the word "attempt") in 
my freshclam.conf file.





On Thu, 11 Feb 2021 23:52:37 + (GMT)
"G.W. Haywood via clamav-users"  wrote:


Hi there,

On Thu, 11 Feb 2021, Paul Kosinski via clamav-users wrote:


in my clamav.0.103.0/share/clamav/ directory?

They don't seem to have been there with clamav.0.102.0 and earlier.

What's the output of

grep -i temporary clamd.conf

?


___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml


___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] What are all the tmp.xyzuvwpqrs subdirs that keep accumulating

2021-02-11 Thread Gary R. Schmidt 

On 12/02/2021 13:13, Paul Kosinski via clamav-users wrote:

For ClamAV 0.103.0:
   root@ime1:~# grep -i temporary /opt/clamav.d/clamav.0.103.0/etc/clamd.conf
   # Optional path to the global temporary directory.
   TemporaryDirectory /var/clamav/tmp
   # Do not remove temporary files (for debug purposes).
   LeaveTemporaryFiles 0

For ClamAV 0.102.1 it was the same:
   root@ime1:~# grep -i temporary /opt/clamav.d/clamav.0.102.2/etc/clamd.conf
   # Optional path to the global temporary directory.
   TemporaryDirectory /var/clamav/tmp
   # Do not remove temporary files (for debug purposes).
   LeaveTemporaryFiles 0

But the subdirs are in my "/opt/clamav.d/clamav.0.103.0/share/clamav/" directory. (I 
install each new version under opt, "just in case".)

And there's no "temporary". "tmp" or "temp" (except in the word "attempt") in 
my freshclam.conf file.



I just went looking and found "/opt/local/share/clamav/tmp.77a1455e78" 
dated October 30...
$ ll 
/opt/local/share/clamav/tmp.77a1455e78/clamav-37769720ed6dc18131606d4cf7347de0.tmp/

total 23762
  41 -rw-r--r--   1 clamav   clamav 17992 Oct 30 01:21 COPYING
   9 -rw-r--r--   1 clamav   clamav   424 Oct 30 01:21 daily.cfg
  25 -rw-r--r--   1 clamav   clamav  9404 Oct 30 01:22 daily.crb
  57 -rw-r--r--   1 clamav   clamav 26306 Oct 30 01:22 daily.fp
   9 -rw-r--r--   1 clamav   clamav  3530 Oct 30 01:22 daily.hdu
23585 -rw-r--r--   1 clamav   clamav   12058624 Oct 30 07:33 daily.hsb
   9 -rw-r--r--   1 clamav   clamav   195 Oct 30 01:22 daily.hsu
   9 -rw-r--r--   1 clamav   clamav  1245 Oct 30 01:22 daily.ign
   9 -rw-r--r--   1 clamav   clamav   931 Oct 30 01:22 daily.ign2
   9 -rw-r--r--   1 clamav   clamav  2282 Oct 30 01:21 daily.info

Looks like it might be a hangover from something that died unnaturally 
during an update??


Alas I do not recall if I was fiddling with ClamAV back then.

NOTE: Times are AEDT, so +11.

Cheers,
GaryB-)

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] What are all the tmp.xyzuvwpqrs subdirs that keep accumulating

2021-02-11 Thread Paul Kosinski via clamav-users 
For ClamAV 0.103.0:
  root@ime1:~# grep -i temporary /opt/clamav.d/clamav.0.103.0/etc/clamd.conf
  # Optional path to the global temporary directory.
  TemporaryDirectory /var/clamav/tmp
  # Do not remove temporary files (for debug purposes).
  LeaveTemporaryFiles 0

For ClamAV 0.102.1 it was the same:
  root@ime1:~# grep -i temporary /opt/clamav.d/clamav.0.102.2/etc/clamd.conf
  # Optional path to the global temporary directory.
  TemporaryDirectory /var/clamav/tmp
  # Do not remove temporary files (for debug purposes).
  LeaveTemporaryFiles 0

But the subdirs are in my "/opt/clamav.d/clamav.0.103.0/share/clamav/" 
directory. (I install each new version under opt, "just in case".)

And there's no "temporary". "tmp" or "temp" (except in the word "attempt") in 
my freshclam.conf file.





On Thu, 11 Feb 2021 23:52:37 + (GMT)
"G.W. Haywood via clamav-users"  wrote:

> Hi there,
> 
> On Thu, 11 Feb 2021, Paul Kosinski via clamav-users wrote:
> 
> > in my clamav.0.103.0/share/clamav/ directory?
> >
> > They don't seem to have been there with clamav.0.102.0 and earlier.  
> 
> What's the output of
> 
> grep -i temporary clamd.conf
> 
> ?
> 

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] What are all the tmp.xyzuvwpqrs subdirs that keep accumulating

2021-02-11 Thread G.W. Haywood via clamav-users 

Hi there,

On Thu, 11 Feb 2021, Paul Kosinski via clamav-users wrote:


in my clamav.0.103.0/share/clamav/ directory?

They don't seem to have been there with clamav.0.102.0 and earlier.


What's the output of

grep -i temporary clamd.conf

?

--

73,
Ged.

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] What are all the tmp.xyzuvwpqrs subdirs that keep accumulating

2021-02-11 Thread Paul Kosinski via clamav-users 
in my clamav.0.103.0/share/clamav/ directory?

They don't seem to have been there with clamav.0.102.0 and earlier.

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Freshclam failing to get update

2021-02-11 Thread Joel Esler (jesler) via clamav-users 
Everyone should upgrade to current.  So many CVEs have been patched in the past 
couple of major versions.  We’ve shut off older versions as it’s costing a 
fortune for us to keep feeding older versions of ClamAV, which download the 
daily.cvd in its entirety, once a second.  (So many people do this!  Stop!)

So, to show you how bad the problem is, last month, we transferred 9PB of 
traffic from our infrastructure just in updates.  We’ve gotta cut that down.  
Besides, this is security software, you should upgrade it.

There are reasons we can’t cut off .100 and .101 yet, but as soon as we can, 
we’ll be shutting those off as well.  So everyone, please upgrade.

> On Feb 11, 2021, at 8:58 AM, Simon Banton via clamav-users 
>  wrote:
> 
> Ah, OK, thanks.
> 
> S.
> 
> On Thu, 11 Feb 2021 at 13:49, G.W. Haywood via clamav-users 
> mailto:clamav-users@lists.clamav.net>> wrote:
> Hi there,
> 41;344;0c
> 
> On Thu, 11 Feb 2021, Simon Banton via clamav-users wrote:
> 
> > Is there anything about ClamAV v0.97.3 that would mean it's suddenly unable
> > to fetch the daily updates via freshclam? I know it's an old version, but
> > this is on a very old box running Centos 4 so upgrading isn't practical at
> > the moment (for, you know, *reasons*).
> 
> You need to upgrade.
> 
> All versions of ClamAV before 0.100 are now past End Of Life and obsolete.
> 
> You should also at least subscribe to the 'clamav-announce' mailing list,
> where this was announced (yesterday).
> 
> -- 
> 
> 73,
> Ged.
> 
> ___
> 
> clamav-users mailing list
> clamav-users@lists.clamav.net 
> https://lists.clamav.net/mailman/listinfo/clamav-users 
> 
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq 
> 
> 
> http://www.clamav.net/contact.html#ml 
> 
> ___
> 
> clamav-users mailing list
> clamav-users@lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml



smime.p7s
Description: S/MIME cryptographic signature

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Freshclam failing to get update

2021-02-11 Thread Simon Banton via clamav-users 
Ah, OK, thanks.

S.

On Thu, 11 Feb 2021 at 13:49, G.W. Haywood via clamav-users <
clamav-users@lists.clamav.net> wrote:

> Hi there,
> 41;344;0c
>
> On Thu, 11 Feb 2021, Simon Banton via clamav-users wrote:
>
> > Is there anything about ClamAV v0.97.3 that would mean it's suddenly
> unable
> > to fetch the daily updates via freshclam? I know it's an old version, but
> > this is on a very old box running Centos 4 so upgrading isn't practical
> at
> > the moment (for, you know, *reasons*).
>
> You need to upgrade.
>
> All versions of ClamAV before 0.100 are now past End Of Life and obsolete.
>
> You should also at least subscribe to the 'clamav-announce' mailing list,
> where this was announced (yesterday).
>
> --
>
> 73,
> Ged.
>
> ___
>
> clamav-users mailing list
> clamav-users@lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Freshclam failing to get update

2021-02-11 Thread G.W. Haywood via clamav-users 

Hi there,
41;344;0c

On Thu, 11 Feb 2021, Simon Banton via clamav-users wrote:


Is there anything about ClamAV v0.97.3 that would mean it's suddenly unable
to fetch the daily updates via freshclam? I know it's an old version, but
this is on a very old box running Centos 4 so upgrading isn't practical at
the moment (for, you know, *reasons*).


You need to upgrade.

All versions of ClamAV before 0.100 are now past End Of Life and obsolete.

You should also at least subscribe to the 'clamav-announce' mailing list,
where this was announced (yesterday).

--

73,
Ged.

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] Freshclam failing to get update

2021-02-11 Thread Simon Banton via clamav-users 
Hi,

Is there anything about ClamAV v0.97.3 that would mean it's suddenly unable
to fetch the daily updates via freshclam? I know it's an old version, but
this is on a very old box running Centos 4 so upgrading isn't practical at
the moment (for, you know, *reasons*).

Suddenly started seeing this whenever freshclam tries to run:

Feb 11 13:07:01 ptah freshclam[24470]: ClamAV update process started at Thu
Feb 11 13:07:01 2021
Feb 11 13:07:01 ptah freshclam[24470]: main.cvd is up to date (version: 59,
sigs: 4564902, f-level: 60, builder: sigmgr)
Feb 11 13:07:07 ptah freshclam[24470]: nonblock_connect: connect(): fd=4
errno=101: Network is unreachable
Feb 11 13:07:07 ptah freshclam[24470]: Can't connect to port 80 of host
db.gb.clamav.net (IP: 2606:4700::6810:da54)
Feb 11 13:07:07 ptah freshclam[24470]: Trying host db.gb.clamav.net
(2606:4700::6810:db54)...
Feb 11 13:07:07 ptah freshclam[24470]: nonblock_connect: connect(): fd=4
errno=101: Network is unreachable
Feb 11 13:07:07 ptah freshclam[24470]: Can't connect to port 80 of host
db.gb.clamav.net (IP: 2606:4700::6810:db54)
Feb 11 13:07:07 ptah freshclam[24470]: getpatch: Can't download
daily-26077.cdiff from db.gb.clamav.net
Feb 11 13:07:07 ptah freshclam[24470]: nonblock_connect: connect(): fd=4
errno=101: Network is unreachable
Feb 11 13:07:07 ptah freshclam[24470]: Can't connect to port 80 of host
db.gb.clamav.net (IP: 2606:4700::6810:da54)
Feb 11 13:07:07 ptah freshclam[24470]: Trying host db.gb.clamav.net
(2606:4700::6810:db54)...
Feb 11 13:07:07 ptah freshclam[24470]: nonblock_connect: connect(): fd=4
errno=101: Network is unreachable
Feb 11 13:07:07 ptah freshclam[24470]: Can't connect to port 80 of host
db.gb.clamav.net (IP: 2606:4700::6810:db54)
Feb 11 13:07:07 ptah freshclam[24470]: getpatch: Can't download
daily-26077.cdiff from db.gb.clamav.net
Feb 11 13:07:14 ptah freshclam[24470]: nonblock_connect: connect(): fd=4
errno=101: Network is unreachable
Feb 11 13:07:15 ptah freshclam[24470]: Can't connect to port 80 of host
db.gb.clamav.net (IP: 2606:4700::6810:db54)
Feb 11 13:07:15 ptah freshclam[24470]: Trying host db.gb.clamav.net
(2606:4700::6810:da54)...
Feb 11 13:07:15 ptah freshclam[24470]: nonblock_connect: connect(): fd=4
errno=101: Network is unreachable
Feb 11 13:07:15 ptah freshclam[24470]: Can't connect to port 80 of host
db.gb.clamav.net (IP: 2606:4700::6810:da54)
Feb 11 13:07:15 ptah freshclam[24470]: getpatch: Can't download
daily-26077.cdiff from db.gb.clamav.net
Feb 11 13:07:16 ptah freshclam[24470]: Incremental update failed, trying to
download daily.cvd
Feb 11 13:07:16 ptah freshclam[24470]: nonblock_connect: connect(): fd=4
errno=101: Network is unreachable
Feb 11 13:07:16 ptah freshclam[24470]: Can't connect to port 80 of host
db.gb.clamav.net (IP: 2606:4700::6810:da54)
Feb 11 13:07:16 ptah freshclam[24470]: Trying host db.gb.clamav.net
(2606:4700::6810:db54)...
Feb 11 13:07:16 ptah freshclam[24470]: nonblock_connect: connect(): fd=4
errno=101: Network is unreachable
Feb 11 13:07:16 ptah freshclam[24470]: Can't connect to port 80 of host
db.gb.clamav.net (IP: 2606:4700::6810:db54)
Feb 11 13:07:16 ptah freshclam[24470]: Can't download daily.cvd from
db.gb.clamav.net
Feb 11 13:07:16 ptah freshclam[24470]: Trying again in 5 secs...

This started to happen yesterday after years of trouble free operation.
Nothing on my box's configuration has changed between freshclam working and
it not working.

Any pointers as to a possible cause would be most welcome.

Cheers
Simon

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml