Re: [clamav-users] Long Term Support (LTS) program proposal

[Michael Orlitzky via clamav-users]

On 2021-07-28 23:53:35, Micah Snyder (micasnyd) via clamav-users wrote:
> 
> I would like your feedback.
> 

Starting with v0.103 will be really helpful. I've already voiced my
concerns about CMake... As the Gentoo maintainer, the switch is a bit
annoying, since we've been fixing autotools issues for years with many
of our patches forgotten upstream. With CMake, our users are going to
have to re-experience and re-report those bugs, and then we're going
to have to re-fix and re-submit them all (and someone is going to have
to re-write my open OpenRC pull request for CMake -- no easy task).

But in the end, everything will be OK. I plan to step down as
maintainer and let someone else deal with it =) In the meantime,
having security support for a version that supports our init system
will be nice.

The rust requirement, on the other hand, is a personal deal-breaker. I
don't mean to pile on more negativity, but tl;dr we'll be replacing
(or just removing) clamav at work when there are no more secure,
rust-free versions available. And I'll be glad to not have to deal
with that for a few more years!

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] [SUSPICIOUS] PATCH: Re: ClamAV® blog: ClamAV 0.104.0 Release Candidate is here!

[Micah Snyder (micasnyd) via clamav-users]

How's this? https://github.com/Cisco-Talos/clamav/pull/231

> -Original Message-
> From: Mark Fortescue 
> Sent: Wednesday, July 28, 2021 2:07 PM
> To: Micah Snyder (micasnyd) ; ClamAV users ML
> 
> Subject: Re: [SUSPICIOUS] [clamav-users] PATCH: Re: ClamAV® blog: ClamAV
> 0.104.0 Release Candidate is here!
> 
> Please do.
> 
> On 28/07/2021 22:02, Micah Snyder (micasnyd) wrote:
> > Will do.  Thanks for the fix.  Ok if I add you to the acknowledgements
> section of the news?
> >
> >> -Original Message-
> >> From: Mark Fortescue 
> >> Sent: Wednesday, July 28, 2021 1:59 PM
> >> To: Micah Snyder (micasnyd) ; ClamAV users ML
> >> 
> >> Subject: Re: [SUSPICIOUS] [clamav-users] PATCH: Re: ClamAV® blog:
> >> ClamAV
> >> 0.104.0 Release Candidate is here!
> >>
> >> Hi Micah,
> >>
> >> Please can you submit it for me - I don't have an account.
> >>
> >> Regards
> >>Mark.
> >>
> >> On 28/07/2021 21:55, Micah Snyder (micasnyd) wrote:
> >>> Mark,
> >>>
> >>> This is amazing!  Thanks!
> >>> If you have an account on GitHub, can you submit this as a PR?  If
> >>> not, I can
> >> submit one for you.
> >>>
> >>> Regards,
> >>> Micah
> >>>
>  -Original Message-
>  From: clamav-users  On
>  Behalf Of Mark Fortescue via clamav-users
>  Sent: Wednesday, July 28, 2021 12:02 PM
>  To: clamav-users@lists.clamav.net
>  Cc: Mark Fortescue 
>  Subject: [SUSPICIOUS] [clamav-users] PATCH: Re: ClamAV® blog:
>  ClamAV
>  0.104.0 Release Candidate is here!
> 
>  Hi again,
> 
>  After a bit of digging around, I have updated CMakeLists.txt to fix
>  this issue and another minor issue.
> 
>  See attached patch.
> 
>  This may not be the correct solution but at least it generated the
>  correct entries on clamav-types.h.
> 
>  Regards
>   Mark.
> 
>  On 28/07/21 19:10, Mark Fortescue via clamav-users wrote:
> > Hi All,
> >
> > I have found a bug that will cause issues for 32bit builds and
> > maybe some 64bit builds.
> >
> > On all three of my OS (2 x x86_64 and one x86) tested, CMake is
> > not setting DEFINE_SF64_PREFIX used in clamav-types.h.in.
> > This breaks the build on one x86_64 OS and may cause issues on the
> > x86 OS with 64bit numbers.
> >
> > Any ideas on how to implement a quick fix ?
> >
> > Regards
> >Mark.
> >
> > On 28/07/21 01:14, Mark Fortescue wrote:
> >> Hi again,
> >>
> >> I needed to read all of the INSTALL.md file not just the top bit.
> >>
> >> Got the cmake build to work and the binaries test OK.
> >>
> >> Not as user friendly as configure scripts when you are doing
> >> something different. The big advantage of the configure script is
> >> that it can be tweaked when it gets something wrong or at least
> >> opened in an editor to see what it is actually doing. Not sure
> >> where to start if cmake does not do what it is meant to do.
> >>
> >> Regards
> >>Mark.
> >>
> >> On 28/07/2021 00:14, Mark Fortescue via clamav-users wrote:
> >>> Hi all,
> >>>
> >>> I have two curl installations. One is not suitable for clamav
> >>> (the system installed version).
> >>>
> >>> How do I force cmake to pick up the correct library as it is
> >>> always picking up the system library not the one in
> /usr/local/clamav/lib.
> >>>
> >>> In order to move to cmake it would be useful to have a
> >>> conversion from all the configure script options to there cmake
> equivalents.
> >>> Is there a way of getting cmake to display all the variables
> >>> that can be set (equivalent to ./configure --help) ?
> >>>
> >>> Regards
> >>>Mark.
> >>>
> >>> On 22/07/2021 17:18, Joel Esler (jesler) via clamav-users wrote:
> 
> >
> > https://secure-
> web.cisco.com/1cmlGx40jvT3oAaTf3i8ikZAjk4aEjaSD
> > XQ
> > SZ
> > Mg5ke_-Dy48p-POE-
>  Z9m8rXptWDwmvMwvy5cFnDwlE9CN6EgVFbrj59u2-yB3VUtwv
> > zep_UQT9pdBkfhtUOUMwzYbtTewuX83b1x5j-
>  9Zn67Ct7DFdxidmVuOxe4pp8SSZLd
> >
> 
> >>
> U6JNDXGqYuKEMpC4PW3eGHH7l9YGIXfwreFyTU5jj_pbjWiXg9RMPR3d3z2pj
> Zs
>  Dzp
> >
> 
> >>
> r5A86DCAnWx522Id2QB3Z8iJp65qqhjS6bkhfcxuKyeMqf_WhKqi8M2Bsy4MP9
> u
>  q8g
> >
> 
> >>
> F_qWm2kBGr5MD75u78WO/https%3A%2F%2Fblog.clamav.net%2F2021%2F0
> 7
>  %2Fc
> > lamav-01040-release-candidate-is-here.html
> >
> >
> >
> >
> > ClamAV 0.104.0 Release Candidate is here!
> >
> > We are pleased to announce the ClamAV 0.104.0 release
> > candidate
> >  
> >>
> web.cisco.com/12UIwCp1BAMpH6Fx3yfMTvQAEgdYScrSJe_5OywxiP8Qs9bO
> Oa
>  J39Zlob4FMEdQLnCv6gInXqnDtBiIp9VQG14-
>  mGqQA5GuygbEndzhjfP0yd0iGz_onhbbMt-
> 
> >>
> 

[clamav-users] Long Term Support (LTS) program proposal

[Micah Snyder (micasnyd) via clamav-users]

Hi All,

For the past couple of months I've been promoting the idea of having Long Term 
Support (LTS) feature releases for ClamAV within internal Talos communications.

For the purposes of this discussion:

  *   A "feature release" is a version starting with MAJOR.MINOR.0 to include 
all PATCH versions. I.e. ClamAV 0.103.0, 0.103.1, 0.103.2, and 0.103.3 are all 
within the same "feature release".
  *   A "patch version" is a specific MAJOR.MINOR.PATCH version. E.g. 0.103.4 
would be the next "patch version" in the 0.103 "feature release".

My interest in starting an LTS program came about because we have been getting 
(understandable) pressure from management to have shorter development times for 
feature versions with more targeted feature sets.  What this means is that you 
would see more frequent feature releases, possibly as many as ~5 per year.  
Some of the features in a given feature release would be things the community 
cares about, while others may be by request of a different team within Talos or 
Cisco.

But I couldn't in good conscience start pumping out new feature releases every 
2-4 months and expect everyone to keep up. And at that rate it would not be 
possible for us to make critical patch versions for every feature release 
within the two years, or even one year.  So in order to get features out faster 
it became clear to me that we will need to define specific feature release for 
which we promise to backport security fixes for some amount of time.

This raised a few obvious questions:

  *   Which feature release do we start with?
  *   Do we have to continue serving signature database content to every patch 
version in an LTS release?
  *   How often should we select a new feature release for LTS?
  *   How long is "long term support" anyways?

We've been talking about this off and on for the past couple of month.  This is 
what I came up with

Which feature version do we start with?

We had initially settled on 0.104 as the first LTS version, for basically two 
reasons:

-  Joel really wants to make sure people have the latest freshclam 
features, particularly those found in 0.103.2 and 0.103.3, to reduce bandwidth 
cost.

-  I don't want to keep fixing glitchy autotools package detection 
issues for years to come.

But after seeing the (very much unexpected) reaction to the switch CMake... 
it's clear to me now that we need to start the LTS program with 0.103.

Do we have to continue serving database content to every patch version in an 
LTS release?

No.

LTS means that we will promise to continue providing patch versions for a given 
feature release.
I.e. you will get critical fixes in 0.103.4, 0.103.5, 0.103.6, etc. as needed 
until End of Life (EOL) for the 0.103 feature release.

I need to stress that it doesn't mean people should or will be allowed to 
continue using vulnerable or otherwise problematic versions such as 0.103.0 and 
0.103.1 just because they belong to an LTS feature release. We will reserve the 
right to at some point begin to block older patch versions like 0.103.0 from 
downloading databases to force people to use newer patch versions.

How often should we select a new feature release for LTS?

Some products, like Ubuntu, do a new LTS ever 2 years with support for 5 years. 
 2 years feels like a long time but, as much as I want to get people using the 
latest features, our team is pretty small.  The more frequently we a release 
for long term support, the more work each security release will be.  We would 
be required to create and test a new patch version for the current stable 
feature release plus a collection of LTS releases. If we did an LTS every year, 
that would be too much.

I think 2 years is probably a good number.

How long is "long term support" anyways?

As noted above and elsewhere, Ubuntu and RHEL/CentOS support LTS versions for 5 
years.  That's a long time, and more than our team could agree to.
After a bunch of discussion, we think 3 years is a good number.

To summarize, I'm proposing a Long Term Support (LTS) program for ClamAV 
starting with the 0.103 feature release.  This means:


  1.  We will promise to provide critical patch versions (0.103.4, .5., .6, 
etc.) as needed until the LTS end-of-life.
This does not mean that the original 0.103.0 or other problematic patch 
versions within the series will continue to "work".
Users MUST be willing to upgrade to newer patch versions within a given LTS 
release.

  2.  Each LTS release would be supported for three (3) years from the first 
(.0) version.

0.103.0 was published in August 2020.  This means we would continue to provide 
critical patch versions for 0.103 until August 2023.

  3.  We will aim to select a new LTS feature release every two (2) years.

With 0.103 starting the LTS program, that means that whichever feature release 
is to be published near abouts August 2022 is the likely candidate for the next 
LTS release.



  1.  When a security fix is 

Re: [clamav-users] ClamAV® blog: ClamAV 0.104.0 Release Candidate is here!

[Paul Kosinski via clamav-users]

On Wed, 28 Jul 2021 09:59:14 +0200
Matus UHLAR - fantomas  wrote:

> a bit OT, but I upgrade debian servers for years in a short steps, combining
> 
> "apt-get upgrade" so only safe packages are upgraded
> and manual upgrades a few at once via aptitude
> (so packages with complicated dependencies at the end, e.g. perl)
> 
> with configuration differences (updatedb; locate -e .dpkg- .ucf-) handled
> between those steps.
> 
> it takes a bit more time, but reduces outages.
> 
> Ubuntu can be handled similarly (however, even base ubuntu is uselessly
> bloated and has bit more complicated dependencies).



The question is, would you be willing to use the method you outlined if one bad 
package upgrade could kill your Internet access?

(Until you restored from a backup, at least.)

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAVR blog: ClamAV 0.104.0 Release Candidate is here!

[Rick Cooper]

 

  _  

From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf
Of Joel Esler (jesler) via clamav-users
Sent: Wednesday, July 28, 2021 11:22 AM
To: ClamAV users ML
Cc: Joel Esler (jesler)
Subject: Re: [clamav-users] ClamAVR blog: ClamAV 0.104.0 Release Candidate
is here!





On Jul 28, 2021, at 7:17 AM, Rick Cooper  wrote:

total disregard for the user base, not so much as a poll or query on the
lists, enjoy your new cutting edge toys
 
Corporate BS rears it's ugly head again, First snort, then centos and now
clamav.


I think this is unfair.  This is the feedback we're getting.  Sounds like we
don't need a poll or a query.  We're hearing it now.
 
Actually the way it was presented was here is what's going to happen and not
what would the community think about going to cmake, here are the advantages
to the community if we go this way. It wasn't presented as an option and it
took a lot of people off guard. It's like someone on the list said if you
are using an old stable enterprise version maybe you just need to switch to
something more cutting edge like Fedora, which is not stable and shouldn't
be used in an enterprise situation. When I upgrade an OS it's a very big
deal because I have to template it, use it in production at one of the sites
to make sure everything is stable, keep it out of the other upgrade paths
(the older OS's) and image it, go to several (100+es each) cities on a
Sunday (to be at console and cannot take it down any other day) and then
update the site specific pieces, test everything and drive 100+ back. What
might be a small thing for some is a real life's mess for many others.
 
I didn't mean to be as offensive as it came out but I was pissed because for
my mail servers it's going to be a problem, I've built it on a file server
(Centos 7) alright but just to get to correct version of cmake built and all
the required dependencies was cumbersome at best. 
 

I also think it's unfair to think "big bad Cisco" had anything to do with
this at all.  ClamAV is beholden to Cisco in very few ways. In that it's
integrated i 
 nto a few products, other than that, the ClamAV development team has pretty
full autonomy.  No one is coming down to Micah and saying "YOU MUST YOU
CMAKE YOU PEON DEVELOPER MUHAHAHAHAHA".   
 
That was , in fact, unfair of me. Perhaps the team isn't part of the
culture. I have had issue with Cisco for quite some time, really going back
to when they bought Linksys because their hardware was over priced and more
and more enterprises was realizing the didn't to pay Cisco for a name...
rather than simply build a reasonable priced series of equipment (as they do
today) they bought a reasonably prices equipment vendor.

If you have feedback, this is the perfect use of this list to do so, but
we're also all adults, with jobs, with passions, and we can be professional.

As far as Snort, I think the same logic applies.  The rewrite of Snort
started long before Cisco even entered the picture, it started when we were
still Sourcefire back in 2011-2012.  I have the engineering slides! 
 
I'd have to think about it, I thought the paid sigs over community sigs
began with Cisco but maybe it was Sourcefire. I am sure you are right it's
my bad attitude about Cisco, I am waiting for them to purchase ubiquiti
next. and the entire IBM Centos mess just turns up my "big company" hackles.
 
 

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] [SUSPICIOUS] PATCH: Re: ClamAV® blog: ClamAV 0.104.0 Release Candidate is here!

[Mark Fortescue via clamav-users]

Please do.

On 28/07/2021 22:02, Micah Snyder (micasnyd) wrote:

Will do.  Thanks for the fix.  Ok if I add you to the acknowledgements section 
of the news?


-Original Message-
From: Mark Fortescue 
Sent: Wednesday, July 28, 2021 1:59 PM
To: Micah Snyder (micasnyd) ; ClamAV users ML

Subject: Re: [SUSPICIOUS] [clamav-users] PATCH: Re: ClamAV® blog: ClamAV
0.104.0 Release Candidate is here!

Hi Micah,

Please can you submit it for me - I don't have an account.

Regards
Mark.

On 28/07/2021 21:55, Micah Snyder (micasnyd) wrote:

Mark,

This is amazing!  Thanks!
If you have an account on GitHub, can you submit this as a PR?  If not, I can

submit one for you.


Regards,
Micah


-Original Message-
From: clamav-users  On Behalf
Of Mark Fortescue via clamav-users
Sent: Wednesday, July 28, 2021 12:02 PM
To: clamav-users@lists.clamav.net
Cc: Mark Fortescue 
Subject: [SUSPICIOUS] [clamav-users] PATCH: Re: ClamAV® blog: ClamAV
0.104.0 Release Candidate is here!

Hi again,

After a bit of digging around, I have updated CMakeLists.txt to fix
this issue and another minor issue.

See attached patch.

This may not be the correct solution but at least it generated the
correct entries on clamav-types.h.

Regards
Mark.

On 28/07/21 19:10, Mark Fortescue via clamav-users wrote:

Hi All,

I have found a bug that will cause issues for 32bit builds and maybe
some 64bit builds.

On all three of my OS (2 x x86_64 and one x86) tested, CMake is not
setting DEFINE_SF64_PREFIX used in clamav-types.h.in.
This breaks the build on one x86_64 OS and may cause issues on the
x86 OS with 64bit numbers.

Any ideas on how to implement a quick fix ?

Regards
   Mark.

On 28/07/21 01:14, Mark Fortescue wrote:

Hi again,

I needed to read all of the INSTALL.md file not just the top bit.

Got the cmake build to work and the binaries test OK.

Not as user friendly as configure scripts when you are doing
something different. The big advantage of the configure script is
that it can be tweaked when it gets something wrong or at least
opened in an editor to see what it is actually doing. Not sure
where to start if cmake does not do what it is meant to do.

Regards
   Mark.

On 28/07/2021 00:14, Mark Fortescue via clamav-users wrote:

Hi all,

I have two curl installations. One is not suitable for clamav (the
system installed version).

How do I force cmake to pick up the correct library as it is
always picking up the system library not the one in /usr/local/clamav/lib.

In order to move to cmake it would be useful to have a conversion
from all the configure script options to there cmake equivalents.
Is there a way of getting cmake to display all the variables that
can be set (equivalent to ./configure --help) ?

Regards
   Mark.

On 22/07/2021 17:18, Joel Esler (jesler) via clamav-users wrote:




https://secure-web.cisco.com/1cmlGx40jvT3oAaTf3i8ikZAjk4aEjaSDXQ
SZ
Mg5ke_-Dy48p-POE-

Z9m8rXptWDwmvMwvy5cFnDwlE9CN6EgVFbrj59u2-yB3VUtwv

zep_UQT9pdBkfhtUOUMwzYbtTewuX83b1x5j-

9Zn67Ct7DFdxidmVuOxe4pp8SSZLd





U6JNDXGqYuKEMpC4PW3eGHH7l9YGIXfwreFyTU5jj_pbjWiXg9RMPR3d3z2pjZs

Dzp





r5A86DCAnWx522Id2QB3Z8iJp65qqhjS6bkhfcxuKyeMqf_WhKqi8M2Bsy4MP9u

q8g





F_qWm2kBGr5MD75u78WO/https%3A%2F%2Fblog.clamav.net%2F2021%2F07

%2Fc

lamav-01040-release-candidate-is-here.html




ClamAV 0.104.0 Release Candidate is here!

We are pleased to announce the ClamAV 0.104.0 release candidate
.


Please help us validate this release. We need your feedback, so
let us know what you find and join us on the ClamAV mailing list
, or on our Discord
,

which is

bridged with our IRC.


This release candidate phase is only expected to last about two
to four weeks before the 0.104.0 Stable 

Re: [clamav-users] [SUSPICIOUS] PATCH: Re: ClamAV® blog: ClamAV 0.104.0 Release Candidate is here!

[Micah Snyder (micasnyd) via clamav-users]

Will do.  Thanks for the fix.  Ok if I add you to the acknowledgements section 
of the news?

> -Original Message-
> From: Mark Fortescue 
> Sent: Wednesday, July 28, 2021 1:59 PM
> To: Micah Snyder (micasnyd) ; ClamAV users ML
> 
> Subject: Re: [SUSPICIOUS] [clamav-users] PATCH: Re: ClamAV® blog: ClamAV
> 0.104.0 Release Candidate is here!
> 
> Hi Micah,
> 
> Please can you submit it for me - I don't have an account.
> 
> Regards
>   Mark.
> 
> On 28/07/2021 21:55, Micah Snyder (micasnyd) wrote:
> > Mark,
> >
> > This is amazing!  Thanks!
> > If you have an account on GitHub, can you submit this as a PR?  If not, I 
> > can
> submit one for you.
> >
> > Regards,
> > Micah
> >
> >> -Original Message-
> >> From: clamav-users  On Behalf
> >> Of Mark Fortescue via clamav-users
> >> Sent: Wednesday, July 28, 2021 12:02 PM
> >> To: clamav-users@lists.clamav.net
> >> Cc: Mark Fortescue 
> >> Subject: [SUSPICIOUS] [clamav-users] PATCH: Re: ClamAV® blog: ClamAV
> >> 0.104.0 Release Candidate is here!
> >>
> >> Hi again,
> >>
> >> After a bit of digging around, I have updated CMakeLists.txt to fix
> >> this issue and another minor issue.
> >>
> >> See attached patch.
> >>
> >> This may not be the correct solution but at least it generated the
> >> correct entries on clamav-types.h.
> >>
> >> Regards
> >>Mark.
> >>
> >> On 28/07/21 19:10, Mark Fortescue via clamav-users wrote:
> >>> Hi All,
> >>>
> >>> I have found a bug that will cause issues for 32bit builds and maybe
> >>> some 64bit builds.
> >>>
> >>> On all three of my OS (2 x x86_64 and one x86) tested, CMake is not
> >>> setting DEFINE_SF64_PREFIX used in clamav-types.h.in.
> >>> This breaks the build on one x86_64 OS and may cause issues on the
> >>> x86 OS with 64bit numbers.
> >>>
> >>> Any ideas on how to implement a quick fix ?
> >>>
> >>> Regards
> >>>   Mark.
> >>>
> >>> On 28/07/21 01:14, Mark Fortescue wrote:
>  Hi again,
> 
>  I needed to read all of the INSTALL.md file not just the top bit.
> 
>  Got the cmake build to work and the binaries test OK.
> 
>  Not as user friendly as configure scripts when you are doing
>  something different. The big advantage of the configure script is
>  that it can be tweaked when it gets something wrong or at least
>  opened in an editor to see what it is actually doing. Not sure
>  where to start if cmake does not do what it is meant to do.
> 
>  Regards
>    Mark.
> 
>  On 28/07/2021 00:14, Mark Fortescue via clamav-users wrote:
> > Hi all,
> >
> > I have two curl installations. One is not suitable for clamav (the
> > system installed version).
> >
> > How do I force cmake to pick up the correct library as it is
> > always picking up the system library not the one in 
> > /usr/local/clamav/lib.
> >
> > In order to move to cmake it would be useful to have a conversion
> > from all the configure script options to there cmake equivalents.
> > Is there a way of getting cmake to display all the variables that
> > can be set (equivalent to ./configure --help) ?
> >
> > Regards
> >   Mark.
> >
> > On 22/07/2021 17:18, Joel Esler (jesler) via clamav-users wrote:
> >>
> >>>
> >>> https://secure-web.cisco.com/1cmlGx40jvT3oAaTf3i8ikZAjk4aEjaSDXQ
> >>> SZ
> >>> Mg5ke_-Dy48p-POE-
> >> Z9m8rXptWDwmvMwvy5cFnDwlE9CN6EgVFbrj59u2-yB3VUtwv
> >>> zep_UQT9pdBkfhtUOUMwzYbtTewuX83b1x5j-
> >> 9Zn67Ct7DFdxidmVuOxe4pp8SSZLd
> >>>
> >>
> U6JNDXGqYuKEMpC4PW3eGHH7l9YGIXfwreFyTU5jj_pbjWiXg9RMPR3d3z2pjZs
> >> Dzp
> >>>
> >>
> r5A86DCAnWx522Id2QB3Z8iJp65qqhjS6bkhfcxuKyeMqf_WhKqi8M2Bsy4MP9u
> >> q8g
> >>>
> >>
> F_qWm2kBGr5MD75u78WO/https%3A%2F%2Fblog.clamav.net%2F2021%2F07
> >> %2Fc
> >>> lamav-01040-release-candidate-is-here.html
> >>>
> >>>
> >>>
> >>>
> >>>ClamAV 0.104.0 Release Candidate is here!
> >>>
> >>> We are pleased to announce the ClamAV 0.104.0 release candidate
> >>>  >>
> web.cisco.com/12UIwCp1BAMpH6Fx3yfMTvQAEgdYScrSJe_5OywxiP8Qs9bOOa
> >> J39Zlob4FMEdQLnCv6gInXqnDtBiIp9VQG14-
> >> mGqQA5GuygbEndzhjfP0yd0iGz_onhbbMt-
> >>
> aR2lsTOlVM8EicbLjgVX60DpxW4ZDt9Z6Tw0F7Rg0Dm_79drjYlGcspBOO7wt5LU
> >>
> QoMD5mTDkFgT1VNRFI9dqhcw5AfrHNud7x6009GE9Zz6sq2cG3dCUJZ4hPzmZc
> >> VriBLepl4VZTzrwXXDNyHv7Id4J-
> >>
> to6_a3GrqsKK1oz0wVVbcXe3SEV5aCBjVTyEoSmScH6xA/https%3A%2F%2Fwww
> >> .clamav.net%2Fdownloads>.
> >>>
> >>> Please help us validate this release. We need your feedback, so
> >>> let us know what you find and join us on the ClamAV mailing list
> >>>  >> web.cisco.com/1zQTp4uqEnanQWlVscXyXOj74GH4GE7zlmez
> >>>
> >>
> nwGWWCDJMBsiUdz9vytLXDnxLgoschPJMXZwNDl0v373w0oZdfnL7_iJw5EzjBB
> >>
> u29zVBCxQhvDhamOwVwrm6jmNPZt1m1EAq1RcRbbmwGJyM9GFBrD2pG2i0z
> >> Z48MmzgivQZ_Ni_csMzfQp2-
> >>
> 

Re: [clamav-users] [SUSPICIOUS] PATCH: Re: ClamAV® blog: ClamAV 0.104.0 Release Candidate is here!

[Mark Fortescue via clamav-users]

Hi Micah,

Please can you submit it for me - I don't have an account.

Regards
Mark.

On 28/07/2021 21:55, Micah Snyder (micasnyd) wrote:

Mark,

This is amazing!  Thanks!
If you have an account on GitHub, can you submit this as a PR?  If not, I can 
submit one for you.

Regards,
Micah


-Original Message-
From: clamav-users  On Behalf Of
Mark Fortescue via clamav-users
Sent: Wednesday, July 28, 2021 12:02 PM
To: clamav-users@lists.clamav.net
Cc: Mark Fortescue 
Subject: [SUSPICIOUS] [clamav-users] PATCH: Re: ClamAV® blog: ClamAV
0.104.0 Release Candidate is here!

Hi again,

After a bit of digging around, I have updated CMakeLists.txt to fix this issue 
and
another minor issue.

See attached patch.

This may not be the correct solution but at least it generated the correct
entries on clamav-types.h.

Regards
Mark.

On 28/07/21 19:10, Mark Fortescue via clamav-users wrote:

Hi All,

I have found a bug that will cause issues for 32bit builds and maybe
some 64bit builds.

On all three of my OS (2 x x86_64 and one x86) tested, CMake is not
setting DEFINE_SF64_PREFIX used in clamav-types.h.in.
This breaks the build on one x86_64 OS and may cause issues on the x86
OS with 64bit numbers.

Any ideas on how to implement a quick fix ?

Regards
  Mark.

On 28/07/21 01:14, Mark Fortescue wrote:

Hi again,

I needed to read all of the INSTALL.md file not just the top bit.

Got the cmake build to work and the binaries test OK.

Not as user friendly as configure scripts when you are doing
something different. The big advantage of the configure script is
that it can be tweaked when it gets something wrong or at least
opened in an editor to see what it is actually doing. Not sure where
to start if cmake does not do what it is meant to do.

Regards
  Mark.

On 28/07/2021 00:14, Mark Fortescue via clamav-users wrote:

Hi all,

I have two curl installations. One is not suitable for clamav (the
system installed version).

How do I force cmake to pick up the correct library as it is always
picking up the system library not the one in /usr/local/clamav/lib.

In order to move to cmake it would be useful to have a conversion
from all the configure script options to there cmake equivalents. Is
there a way of getting cmake to display all the variables that can
be set (equivalent to ./configure --help) ?

Regards
  Mark.

On 22/07/2021 17:18, Joel Esler (jesler) via clamav-users wrote:




https://secure-web.cisco.com/1cmlGx40jvT3oAaTf3i8ikZAjk4aEjaSDXQSZ
Mg5ke_-Dy48p-POE-

Z9m8rXptWDwmvMwvy5cFnDwlE9CN6EgVFbrj59u2-yB3VUtwv

zep_UQT9pdBkfhtUOUMwzYbtTewuX83b1x5j-

9Zn67Ct7DFdxidmVuOxe4pp8SSZLd



U6JNDXGqYuKEMpC4PW3eGHH7l9YGIXfwreFyTU5jj_pbjWiXg9RMPR3d3z2pjZs
Dzp



r5A86DCAnWx522Id2QB3Z8iJp65qqhjS6bkhfcxuKyeMqf_WhKqi8M2Bsy4MP9u
q8g



F_qWm2kBGr5MD75u78WO/https%3A%2F%2Fblog.clamav.net%2F2021%2F07
%2Fc

lamav-01040-release-candidate-is-here.html




   ClamAV 0.104.0 Release Candidate is here!

We are pleased to announce the ClamAV 0.104.0 release candidate
.


Please help us validate this release. We need your feedback, so
let us know what you find and join us on the ClamAV mailing list
, or on our Discord , which
is bridged with our IRC.


This release candidate phase is only expected to last about two to
four weeks before the 0.104.0 Stable version will be published.
Take this opportunity to verify that you 0.104.0 can build and run
in your environment.

Please submit bug reports to the ClamAV project GitHub Issues

Re: [clamav-users] [SUSPICIOUS] PATCH: Re: ClamAV® blog: ClamAV 0.104.0 Release Candidate is here!

[Micah Snyder (micasnyd) via clamav-users]

Mark,

This is amazing!  Thanks!  
If you have an account on GitHub, can you submit this as a PR?  If not, I can 
submit one for you. 

Regards,
Micah

> -Original Message-
> From: clamav-users  On Behalf Of
> Mark Fortescue via clamav-users
> Sent: Wednesday, July 28, 2021 12:02 PM
> To: clamav-users@lists.clamav.net
> Cc: Mark Fortescue 
> Subject: [SUSPICIOUS] [clamav-users] PATCH: Re: ClamAV® blog: ClamAV
> 0.104.0 Release Candidate is here!
> 
> Hi again,
> 
> After a bit of digging around, I have updated CMakeLists.txt to fix this 
> issue and
> another minor issue.
> 
> See attached patch.
> 
> This may not be the correct solution but at least it generated the correct
> entries on clamav-types.h.
> 
> Regards
>   Mark.
> 
> On 28/07/21 19:10, Mark Fortescue via clamav-users wrote:
> > Hi All,
> >
> > I have found a bug that will cause issues for 32bit builds and maybe
> > some 64bit builds.
> >
> > On all three of my OS (2 x x86_64 and one x86) tested, CMake is not
> > setting DEFINE_SF64_PREFIX used in clamav-types.h.in.
> > This breaks the build on one x86_64 OS and may cause issues on the x86
> > OS with 64bit numbers.
> >
> > Any ideas on how to implement a quick fix ?
> >
> > Regards
> >  Mark.
> >
> > On 28/07/21 01:14, Mark Fortescue wrote:
> >> Hi again,
> >>
> >> I needed to read all of the INSTALL.md file not just the top bit.
> >>
> >> Got the cmake build to work and the binaries test OK.
> >>
> >> Not as user friendly as configure scripts when you are doing
> >> something different. The big advantage of the configure script is
> >> that it can be tweaked when it gets something wrong or at least
> >> opened in an editor to see what it is actually doing. Not sure where
> >> to start if cmake does not do what it is meant to do.
> >>
> >> Regards
> >>  Mark.
> >>
> >> On 28/07/2021 00:14, Mark Fortescue via clamav-users wrote:
> >>> Hi all,
> >>>
> >>> I have two curl installations. One is not suitable for clamav (the
> >>> system installed version).
> >>>
> >>> How do I force cmake to pick up the correct library as it is always
> >>> picking up the system library not the one in /usr/local/clamav/lib.
> >>>
> >>> In order to move to cmake it would be useful to have a conversion
> >>> from all the configure script options to there cmake equivalents. Is
> >>> there a way of getting cmake to display all the variables that can
> >>> be set (equivalent to ./configure --help) ?
> >>>
> >>> Regards
> >>>  Mark.
> >>>
> >>> On 22/07/2021 17:18, Joel Esler (jesler) via clamav-users wrote:
> 
> >
> > https://secure-web.cisco.com/1cmlGx40jvT3oAaTf3i8ikZAjk4aEjaSDXQSZ
> > Mg5ke_-Dy48p-POE-
> Z9m8rXptWDwmvMwvy5cFnDwlE9CN6EgVFbrj59u2-yB3VUtwv
> > zep_UQT9pdBkfhtUOUMwzYbtTewuX83b1x5j-
> 9Zn67Ct7DFdxidmVuOxe4pp8SSZLd
> >
> U6JNDXGqYuKEMpC4PW3eGHH7l9YGIXfwreFyTU5jj_pbjWiXg9RMPR3d3z2pjZs
> Dzp
> >
> r5A86DCAnWx522Id2QB3Z8iJp65qqhjS6bkhfcxuKyeMqf_WhKqi8M2Bsy4MP9u
> q8g
> >
> F_qWm2kBGr5MD75u78WO/https%3A%2F%2Fblog.clamav.net%2F2021%2F07
> %2Fc
> > lamav-01040-release-candidate-is-here.html
> >
> >
> >
> >
> >   ClamAV 0.104.0 Release Candidate is here!
> >
> > We are pleased to announce the ClamAV 0.104.0 release candidate
> >  web.cisco.com/12UIwCp1BAMpH6Fx3yfMTvQAEgdYScrSJe_5OywxiP8Qs9bOOa
> J39Zlob4FMEdQLnCv6gInXqnDtBiIp9VQG14-
> mGqQA5GuygbEndzhjfP0yd0iGz_onhbbMt-
> aR2lsTOlVM8EicbLjgVX60DpxW4ZDt9Z6Tw0F7Rg0Dm_79drjYlGcspBOO7wt5LU
> QoMD5mTDkFgT1VNRFI9dqhcw5AfrHNud7x6009GE9Zz6sq2cG3dCUJZ4hPzmZc
> VriBLepl4VZTzrwXXDNyHv7Id4J-
> to6_a3GrqsKK1oz0wVVbcXe3SEV5aCBjVTyEoSmScH6xA/https%3A%2F%2Fwww
> .clamav.net%2Fdownloads>.
> >
> > Please help us validate this release. We need your feedback, so
> > let us know what you find and join us on the ClamAV mailing list
> >  web.cisco.com/1zQTp4uqEnanQWlVscXyXOj74GH4GE7zlmez
> >
> nwGWWCDJMBsiUdz9vytLXDnxLgoschPJMXZwNDl0v373w0oZdfnL7_iJw5EzjBB
> u29zVBCxQhvDhamOwVwrm6jmNPZt1m1EAq1RcRbbmwGJyM9GFBrD2pG2i0z
> Z48MmzgivQZ_Ni_csMzfQp2-
> Yfc4LZZPvh7mUNfQ1jRvTmboyjv8ryVjTTLhDG5JRn3FIUMQtTjpxHwieAD9M5p4
> vK3v9gz0f2mtNhFc6fpJEAReVJMqVOArhQykdQ66j7-
> 0n7oSwMMOGNu5yP6syYWUBF9_Wfdc96D/https%3A%2F%2Flists.clamav.net
> %2Fmailman%2Flistinfo%2Fclamav-users>, or on our Discord  web.cisco.com/1iq6L1amM4vjXjsy2PrXnFl6InWCEUQGxYRA5z7y-O80ey9bg1N-
> 9mojg-
> 4hdthAYMTWmJ1wsoyeQXwPatWxoogY0klJr4saQ8znd4uhw5GY5i1VsBiD7cda
> QMm-
> BcgeUTC3DAR22ovZpqi0tOrRLBJsl7qFggvVLeq1qVhu5qQuCehrfrE9h5eGhEF-
> ma2XrZjgGkIfFA3ymlOdqevpYpIRvJ3hoLeTA8DH4RDzXB-
> fsm_W01YpJWrR651nnFJjQS_RgDJdPkM1hI6v6sAINOJtgy36N6El1jdxBmwV7u0
> 8RZGtk72Tknh2y4Zh6pGGB/https%3A%2F%2Fdiscord.gg%2FsGaxA5Q>, which
> is bridged with our IRC.
> >
> > This release candidate phase is only expected to last about two to
> > four weeks before the 0.104.0 Stable version will be published.
> > Take this opportunity to verify that you 0.104.0 can build and 

Re: [clamav-users] can't cmake 1.0.4rc

[Gene Heskett via clamav-users]

On Wednesday 28 July 2021 14:24:46 G.W. Haywood via clamav-users wrote:

> Hi Gene,
>
> On Wed, 28 Jul 2021, Gene Heskett via clamav-users wrote:
> > /usr/bin/ld: cannot find -lpthreads
> >
> > But pthread is installed. "sudo ldconfg -v|grep pthread" comes back
> > empty
> >
> > Now what?
>
> I'm guessing you have the stable version of ClamAV already installed
> on the box, and so clamscan is installed?  Assuming so, please post
> the output of the commands
>
> ls -l `locate libpthread.so`
lrwxrwxrwx 1 root root  18 Feb  6  2019 /lib32/libpthread.so.0 -> 
libpthread-2.24.so
lrwxrwxrwx 1 root root  18 Feb  6  2019 /lib/x86_64-linux-gnu/libpthread.so.0 
-> libpthread-2.24.so
-rw-r--r-- 1 root root 252 Feb  6  2019 /usr/lib/x86_64-linux-gnu/libpthread.so

> ldconfig -p | grep pthread
[sudo] password for gene:
libpthread_workqueue.so.0 (libc6,x86-64) => 
/usr/lib/x86_64-linux-gnu/libpthread_workqueue.so.0
libpthread_workqueue.so (libc6,x86-64) => 
/usr/lib/x86_64-linux-gnu/libpthread_workqueue.so
libpthread.so.0 (libc6,x86-64, OS ABI: Linux 2.6.32) => 
/lib/x86_64-linux-gnu/libpthread.so.0
libpthread.so.0 (libc6, OS ABI: Linux 2.6.32) => /lib32/libpthread.so.0
libevent_pthreads-2.0.so.5 (libc6,x86-64) => 
/usr/lib/x86_64-linux-gnu/libevent_pthreads-2.0.so.5

> ldd `which clamscan` | grep pthread
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 
(0x7fc1d4f17000)

> Note in the commands those are backticks, not single quotes.  Here's
> the output on my ClamAV box:
>
> # ls -l `locate libpthread.so`
> lrwxrwxrwx 1 root root 40 May 14  2019
> /usr/lib/arm-linux-gnueabihf/libpthread.so ->
> /lib/arm-linux-gnueabihf/libpthread.so.0 lrwxrwxrwx 1 root root 18 May
> 14  2019 /lib/arm-linux-gnueabihf/libpthread.so.0 ->
> libpthread-2.28.so # ldconfig -p | grep pthread
>  libpthread.so.0 (libc6,hard-float, OS ABI: Linux 3.2.0) =>
> /lib/arm-linux-gnueabihf/libpthread.so.0 libpthread.so
> (libc6,hard-float, OS ABI: Linux 3.2.0) =>
> /usr/lib/arm-linux-gnueabihf/libpthread.so # ldd `which clamscan` |
> grep pthread
>  libpthread.so.0 => /lib/arm-linux-gnueabihf/libpthread.so.0
> (0xb69b6000)
>
> As you can see the shared object is where it's expected to be by the
> executable.  You should see something similar for your setup, but of
> course you haven't got a 0.104 clamscan yet so you can't do this part
> showing the release candidate version using the same shared object:
>
> # ldd /home/ged/clamav-0.104.0-rc/build/clamscan/clamscan | grep
> pthread libpthread.so.0 => /lib/arm-linux-gnueabihf/libpthread.so.0
> (0xb6c8d000)
>
> You may need to upgrade the library if the version of libpthread is
> not accepted by the build, otherwise I guess you'll have to tell the
> ClamAV build process where to find the shared object.

I may need some help on that. Can I assume its looking in /usr/local, 
and not in /usr?

> Sorry, I'm out of time for today now.


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Freshclam - can't apply latest patch 26246

[Micah Snyder (micasnyd) via clamav-users]

Hi Elia,

I would need to see the log messages from your subsequent updates to be sure 
what's going wrong. The logs you shared in your initial email show a bug but 
subsequent freshclam runs _should_ work.
If you want, the verbose log may reveal something.

Like Joel suggested, it may be the ReceiveTimeout issue discussed here: 
https://blog.clamav.net/2021/07/psa-freshclam-database-download-issue.html
Regardless, I think that deleting your daily.cld database 
(/var/lib/clamav/daily.cld) and trying again should get you back in business.

Sorry about the trouble.

Regards,
Micah

From: clamav-users  On Behalf Of 
Asenova, Elia via clamav-users
Sent: Wednesday, July 28, 2021 8:15 AM
To: clamav-users@lists.clamav.net
Cc: Asenova, Elia ; Solakov, Panayot 

Subject: [clamav-users] Freshclam - can't apply latest patch 26246

Hello guys,

This is related to a freshclam update problem that I have. Basically when 
running freshclam I get the following errors:
ClamAV update process started at Wed Jul 28 14:30:20 2021
daily database available for update (local version: 26209, remote version: 
26246)
Downloaded 22 patches for daily, which is fewer than the 37 expected patches.
We'll settle for this partial-update, at least for now.
ERROR: cdiff_apply: lseek(desc, -350, SEEK_END) failed
ERROR: downloadPatch: Can't apply patch
Testing database: 
'/var/lib/clamav/tmp.0c60a53c3f/clamav-c22814890a9b587d8060b5d43ce20d40.tmp-daily.cld'
 ...
[LibClamAV] **
[LibClamAV] ***  The virus database is older than 7 days!  ***
[LibClamAV] ***   Please update it as soon as possible.***
[LibClamAV] **
Database test passed.
daily.cld updated (version: 26231, sigs: 3996055, f-level: 63, builder: raynman)
main database available for update (local version: 59, remote version: 61)
ERROR: cdiff_apply: lseek(desc, -350, SEEK_END) failed
ERROR: downloadPatch: Can't apply patch
WARNING: Incremental update failed, trying to download main.cvd
Testing database: 
'/var/lib/clamav/tmp.0c60a53c3f/clamav-abc29e83f1558f3534bfbeb8d1a81899.tmp-main.cvd'
 ...
Database test passed.
main.cvd updated (version: 61, sigs: 6607162, f-level: 90, builder: sigmgr)
bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63, 
builder: awillia2)

It seems like daily.cld cannot be updated to the latest version, so it does a 
partial update. I tried running freshclam several times but same thing happens 
over and over again. Clamav version is 0.103.3 and daily db version is 26231 
(instead of 26246).
I saw an email on this topic in your mail archive 
(https://lists.clamav.net/pipermail/clamav-users/2021-July/011508.html),
 but I do not see any resolution of the problem. Could you give an update on 
what is going on and when is this problem going to be resolved? Thank you!

Best Regards,
Elia Asenova


___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] PATCH: Re: ClamAV® blog: ClamAV 0.104.0 Release Candidate is here!

[Mark Fortescue via clamav-users]

Hi again,

After a bit of digging around, I have updated CMakeLists.txt to fix this 
issue and another minor issue.


See attached patch.

This may not be the correct solution but at least it generated the 
correct entries on clamav-types.h.


Regards
Mark.

On 28/07/21 19:10, Mark Fortescue via clamav-users wrote:

Hi All,

I have found a bug that will cause issues for 32bit builds and maybe
some 64bit builds.

On all three of my OS (2 x x86_64 and one x86) tested, CMake is not
setting DEFINE_SF64_PREFIX used in clamav-types.h.in.
This breaks the build on one x86_64 OS and may cause issues on the x86
OS with 64bit numbers.

Any ideas on how to implement a quick fix ?

Regards
 Mark.

On 28/07/21 01:14, Mark Fortescue wrote:

Hi again,

I needed to read all of the INSTALL.md file not just the top bit.

Got the cmake build to work and the binaries test OK.

Not as user friendly as configure scripts when you are doing something
different. The big advantage of the configure script is that it can be
tweaked when it gets something wrong or at least opened in an editor to
see what it is actually doing. Not sure where to start if cmake does not
do what it is meant to do.

Regards
 Mark.

On 28/07/2021 00:14, Mark Fortescue via clamav-users wrote:

Hi all,

I have two curl installations. One is not suitable for clamav (the
system installed version).

How do I force cmake to pick up the correct library as it is always
picking up the system library not the one in /usr/local/clamav/lib.

In order to move to cmake it would be useful to have a conversion from
all the configure script options to there cmake equivalents. Is there
a way of getting cmake to display all the variables that can be set
(equivalent to ./configure --help) ?

Regards
 Mark.

On 22/07/2021 17:18, Joel Esler (jesler) via clamav-users wrote:




https://blog.clamav.net/2021/07/clamav-01040-release-candidate-is-here.html




  ClamAV 0.104.0 Release Candidate is here!

We are pleased to announce the ClamAV 0.104.0 release candidate
.

Please help us validate this release. We need your feedback, so let
us know what you find and join us on the ClamAV mailing list
, or on our
Discord , which is bridged with our IRC.

This release candidate phase is only expected to last about two to
four weeks before the 0.104.0 Stable version will be published. Take
this opportunity to verify that you 0.104.0 can build and run in
your environment.

Please submit bug reports to the ClamAV project GitHub Issues
.

ClamAV 0.104.0 includes the following improvements and changes.







  New Requirements

 *

As of ClamAV 0.104, CMake is required to build ClamAV.

  * We have added comprehensive build instructions for using CMake to
the new |INSTALL.md| file. The online documentation will also be
updated to include CMake build instructions.
  * The Autotools and the Visual Studio build systems have been
removed.







  Major changes

 *

The built-in LLVM for the bytecode runtime has been removed.

  * The bytecode interpreter is the default runtime for bytecode
signatures just as it was in ClamAV 0.103.
  * We wished to add support for newer versions of LLVM, but ran out
of time. If you're building ClamAV from source and you wish to use
LLVM instead of the bytecode interpreter, you will need to supply
the development libraries for LLVM version 3.6.2. See |INSTALL.md|
to learn more.
 *

There are now official ClamAV images on Docker Hub.

  o /Note/: Until ClamAV 0.104.0 is released, these images are
limited to "unstable" versions, which are updated daily with
the latest changes in the default branch on GitHub.

You can find the images on Docker Hub under |clamav|
.

Docker Hub ClamAV tags:

 *

|clamav/clamav:|: A release preloaded with signature
databases.

Using this container will save the ClamAV project some bandwidth.
Use this if you will keep the image around so that you don't
download the entire database set every time you start a new
container. Updating with FreshClam from the existing databases set
does not use much data.

 *

|clamav/clamav:_base|: A release with no signature
databases.

Use this container *only* if you mount a volume in your container
under |/var/lib/clamav| to persist your signature database
databases. This method is the best option because it will reduce
data costs for ClamAV and for the Docker registry, but it does
require advanced familiarity with Linux and Docker.

/Caution/: Using this image without mounting an existing
database 

Re: [clamav-users] can't cmake 1.0.4rc

[G.W. Haywood via clamav-users]

Hi Gene,

On Wed, 28 Jul 2021, Gene Heskett via clamav-users wrote:


/usr/bin/ld: cannot find -lpthreads

But pthread is installed. "sudo ldconfg -v|grep pthread" comes back empty

Now what?


I'm guessing you have the stable version of ClamAV already installed
on the box, and so clamscan is installed?  Assuming so, please post
the output of the commands

ls -l `locate libpthread.so`
ldconfig -p | grep pthread
ldd `which clamscan` | grep pthread

Note in the commands those are backticks, not single quotes.  Here's
the output on my ClamAV box:

# ls -l `locate libpthread.so`
lrwxrwxrwx 1 root root 40 May 14  2019 /usr/lib/arm-linux-gnueabihf/libpthread.so 
-> /lib/arm-linux-gnueabihf/libpthread.so.0
lrwxrwxrwx 1 root root 18 May 14  2019 /lib/arm-linux-gnueabihf/libpthread.so.0 
-> libpthread-2.28.so
# ldconfig -p | grep pthread
libpthread.so.0 (libc6,hard-float, OS ABI: Linux 3.2.0) => 
/lib/arm-linux-gnueabihf/libpthread.so.0
libpthread.so (libc6,hard-float, OS ABI: Linux 3.2.0) => 
/usr/lib/arm-linux-gnueabihf/libpthread.so
# ldd `which clamscan` | grep pthread
libpthread.so.0 => /lib/arm-linux-gnueabihf/libpthread.so.0 (0xb69b6000)

As you can see the shared object is where it's expected to be by the
executable.  You should see something similar for your setup, but of
course you haven't got a 0.104 clamscan yet so you can't do this part
showing the release candidate version using the same shared object:

# ldd /home/ged/clamav-0.104.0-rc/build/clamscan/clamscan | grep pthread
libpthread.so.0 => /lib/arm-linux-gnueabihf/libpthread.so.0 (0xb6c8d000)

You may need to upgrade the library if the version of libpthread is
not accepted by the build, otherwise I guess you'll have to tell the
ClamAV build process where to find the shared object.

Sorry, I'm out of time for today now.

--

73,
Ged.

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAV® blog: ClamAV 0.104.0 Release Candidate is here!

[Mark Fortescue via clamav-users]

Hi All,

I have found a bug that will cause issues for 32bit builds and maybe 
some 64bit builds.


On all three of my OS (2 x x86_64 and one x86) tested, CMake is not 
setting DEFINE_SF64_PREFIX used in clamav-types.h.in.
This breaks the build on one x86_64 OS and may cause issues on the x86 
OS with 64bit numbers.


Any ideas on how to implement a quick fix ?

Regards
Mark.

On 28/07/21 01:14, Mark Fortescue wrote:

Hi again,

I needed to read all of the INSTALL.md file not just the top bit.

Got the cmake build to work and the binaries test OK.

Not as user friendly as configure scripts when you are doing something
different. The big advantage of the configure script is that it can be
tweaked when it gets something wrong or at least opened in an editor to
see what it is actually doing. Not sure where to start if cmake does not
do what it is meant to do.

Regards
 Mark.

On 28/07/2021 00:14, Mark Fortescue via clamav-users wrote:

Hi all,

I have two curl installations. One is not suitable for clamav (the
system installed version).

How do I force cmake to pick up the correct library as it is always
picking up the system library not the one in /usr/local/clamav/lib.

In order to move to cmake it would be useful to have a conversion from
all the configure script options to there cmake equivalents. Is there
a way of getting cmake to display all the variables that can be set
(equivalent to ./configure --help) ?

Regards
 Mark.

On 22/07/2021 17:18, Joel Esler (jesler) via clamav-users wrote:




https://blog.clamav.net/2021/07/clamav-01040-release-candidate-is-here.html



  ClamAV 0.104.0 Release Candidate is here!

We are pleased to announce the ClamAV 0.104.0 release candidate
.

Please help us validate this release. We need your feedback, so let
us know what you find and join us on the ClamAV mailing list
, or on our
Discord , which is bridged with our IRC.

This release candidate phase is only expected to last about two to
four weeks before the 0.104.0 Stable version will be published. Take
this opportunity to verify that you 0.104.0 can build and run in
your environment.

Please submit bug reports to the ClamAV project GitHub Issues
.

ClamAV 0.104.0 includes the following improvements and changes.






  New Requirements

 *

As of ClamAV 0.104, CMake is required to build ClamAV.

  * We have added comprehensive build instructions for using CMake to
the new |INSTALL.md| file. The online documentation will also be
updated to include CMake build instructions.
  * The Autotools and the Visual Studio build systems have been
removed.






  Major changes

 *

The built-in LLVM for the bytecode runtime has been removed.

  * The bytecode interpreter is the default runtime for bytecode
signatures just as it was in ClamAV 0.103.
  * We wished to add support for newer versions of LLVM, but ran out
of time. If you're building ClamAV from source and you wish to use
LLVM instead of the bytecode interpreter, you will need to supply
the development libraries for LLVM version 3.6.2. See |INSTALL.md|
to learn more.
 *

There are now official ClamAV images on Docker Hub.

  o /Note/: Until ClamAV 0.104.0 is released, these images are
limited to "unstable" versions, which are updated daily with
the latest changes in the default branch on GitHub.

You can find the images on Docker Hub under |clamav|
.

Docker Hub ClamAV tags:

 *

|clamav/clamav:|: A release preloaded with signature
databases.

Using this container will save the ClamAV project some bandwidth.
Use this if you will keep the image around so that you don't
download the entire database set every time you start a new
container. Updating with FreshClam from the existing databases set
does not use much data.

 *

|clamav/clamav:_base|: A release with no signature
databases.

Use this container *only* if you mount a volume in your container
under |/var/lib/clamav| to persist your signature database
databases. This method is the best option because it will reduce
data costs for ClamAV and for the Docker registry, but it does
require advanced familiarity with Linux and Docker.

/Caution/: Using this image without mounting an existing
database directory will cause FreshClam to download the entire
database set each time you start a new container.

You can use the |unstable| version (i.e. |clamav/clamav:unstable| or
|clamav/clamav:unstable_base|) to try the latest from our
development branch.

Please, be kind when using "free" bandwidth for the virus 

Re: [clamav-users] Freshclam - can't apply latest patch 26246

[Joel Esler (jesler) via clamav-users]

> On Jul 28, 2021, at 12:30 PM, Andrew C Aitchison via clamav-users 
>  wrote:
> 
> This sounds about right.
> A lot of signatures in daily 26231 were removed from daily 26232 or 26233
> and added to main 60. There was a glitch and main 61 was created to flush
> caches on some of the mirrors.
> 
> Not sure whether you sould do something, or wait patiently …
Try deleting all the cvd’s and cld’s, raising your receivetimeout to something 
large, and do it again.



smime.p7s
Description: S/MIME cryptographic signature

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] can't cmake 1.0.4rc

[Gene Heskett via clamav-users]

On Wednesday 28 July 2021 12:24:32 G.W. Haywood via clamav-users wrote:

> Hi there,
>
> On Wed, 28 Jul 2021, Gene Heskett via clamav-users wrote:
> > On Wednesday 28 July 2021 07:06:08 G.W. Haywood via clamav-users wrote:
> >> $ cd ~
> >> $ rm -rf clamav-0.104.0-rc
> >> $ tar xzvf clamav-0.104.0-rc.tar.gz
> >> $ cd clamav-0.104.0-rc
> >> $ mkdir build
> >> $ cd build
> >> $ cmake ..
> >
> > blows up, fussing about cmake old version.
> > new 3.21.1 making from tarball.gz now. using "./bootstrap && make"
> > What all should I uninstall before I type "sudo make install"? Or
> > will it just overwrite what there?
>
> If all goes according to thoery you shouldn't need to uninstall
> anything.
>
> Usually you'll have a distro-supplied version in /usr/bin and
> something which you've rolled yourself in /usr/local/bin (*).  The
> PATH environment variable will have /usr/local/bin first in the search
> list so you'll get the one you want by default unless you say
> otherwise by giving the full path along with the name of the
> executable.  Well, that's that theory. :)
But in real life, I got a wee bit furher and my $PATH s/b good:
/home/gene/AppImages:/home/gene/bin:/usr/local/bin:/opt/trinity/bin:/usr/bin:/bin:/usr/local/games:/opt/trinity/games:/usr/games
So after building and installing cmake, I get to pthread. Which is installed.

so:
gene@coyote:~/src/clamav-0.104.0-rc/build$ /usr/local/bin/cmake .. -D 
CMAKE_BUILD_TYPE="Release"
CMake Error at 
/usr/local/share/cmake-3.21/Modules/FindPackageHandleStandardArgs.cmake:230 
(message):
  Could NOT find Libcheck (missing: LIBCHECK_INCLUDE_DIR LIBCHECK_LIBRARY)
Call Stack (most recent call first):
  /usr/local/share/cmake-3.21/Modules/FindPackageHandleStandardArgs.cmake:594 
(_FPHSA_FAILURE_MESSAGE)
  cmake/FindLibcheck.cmake:89 (find_package_handle_standard_args)
  CMakeLists.txt:192 (find_package)


-- Configuring incomplete, errors occurred!
See also "/home/gene/src/clamav-0.104.0-rc/build/CMakeFiles/CMakeOutput.log".
See also "/home/gene/src/clamav-0.104.0-rc/build/CMakeFiles/CMakeError.log".

looking at the CMakeError.log I see:

Building C object CMakeFiles/cmTC_38c19.dir/CheckFunctionExists.c.o
/usr/bin/cc   -DCHECK_FUNCTION_EXISTS=pthread_create -std=gnu90 -o 
CMakeFiles/cmTC_38c19.dir/CheckFunctionExists.c.o -c 
/usr/local/share/cmake-3.21/Modules/CheckFunctionExists.c
Linking C executable cmTC_38c19
/usr/local/bin/cmake -E cmake_link_script CMakeFiles/cmTC_38c19.dir/link.txt 
--verbose=1
/usr/bin/cc  -DCHECK_FUNCTION_EXISTS=pthread_create 
CMakeFiles/cmTC_38c19.dir/CheckFunctionExists.c.o -o cmTC_38c19  -lpthreads
/usr/bin/ld: cannot find -lpthreads
collect2: error: ld returned 1 exit status
CMakeFiles/cmTC_38c19.dir/build.make:98: recipe for target 'cmTC_38c19' failed
make[1]: *** [cmTC_38c19] Error 1
make[1]: Leaving directory 
'/home/gene/src/clamav-0.104.0-rc/build/CMakeFiles/CMakeTmp'
Makefile:127: recipe for target 'cmTC_38c19/fast' failed

But pthread is installed. "sudo ldconfg -v|grep pthread" comes back empty

Now what?

Thank you G.W. Haywood.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Freshclam - can't apply latest patch 26246

[Andrew C Aitchison via clamav-users]

On Wed, 28 Jul 2021, Asenova, Elia via clamav-users wrote:


Hello guys,

This is related to a freshclam update problem that I have. Basically when 
running freshclam I get the following errors:
ClamAV update process started at Wed Jul 28 14:30:20 2021
daily database available for update (local version: 26209, remote version: 
26246)
Downloaded 22 patches for daily, which is fewer than the 37 expected patches.
We'll settle for this partial-update, at least for now.
ERROR: cdiff_apply: lseek(desc, -350, SEEK_END) failed
ERROR: downloadPatch: Can't apply patch
Testing database: 
'/var/lib/clamav/tmp.0c60a53c3f/clamav-c22814890a9b587d8060b5d43ce20d40.tmp-daily.cld'
 ...
[LibClamAV] **
[LibClamAV] ***  The virus database is older than 7 days!  ***
[LibClamAV] ***   Please update it as soon as possible.***
[LibClamAV] **
Database test passed.
daily.cld updated (version: 26231, sigs: 3996055, f-level: 63, builder: raynman)
main database available for update (local version: 59, remote version: 61)
ERROR: cdiff_apply: lseek(desc, -350, SEEK_END) failed
ERROR: downloadPatch: Can't apply patch
WARNING: Incremental update failed, trying to download main.cvd
Testing database: 
'/var/lib/clamav/tmp.0c60a53c3f/clamav-abc29e83f1558f3534bfbeb8d1a81899.tmp-main.cvd'
 ...
Database test passed.
main.cvd updated (version: 61, sigs: 6607162, f-level: 90, builder: sigmgr)
bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63, 
builder: awillia2)

It seems like daily.cld cannot be updated to the latest version, so it does a 
partial update. I tried running freshclam several times but same thing happens 
over and over again. Clamav version is 0.103.3 and daily db version is 26231 
(instead of 26246).
I saw an email on this topic in your mail archive 
(https://lists.clamav.net/pipermail/clamav-users/2021-July/011508.html),
 but I do not see any resolution of the problem. Could you give an update on what is 
going on and when is this problem going to be resolved? Thank you!


This sounds about right.
A lot of signatures in daily 26231 were removed from daily 26232 or 26233
and added to main 60. There was a glitch and main 61 was created to flush
caches on some of the mirrors.

Not sure whether you sould do something, or wait patiently ...

--
Andrew C. Aitchison Kendal, UK
and...@aitchison.me.uk

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] can't cmake 1.0.4rc

[G.W. Haywood via clamav-users]

Hi there,

On Wed, 28 Jul 2021, Gene Heskett via clamav-users wrote:

On Wednesday 28 July 2021 07:06:08 G.W. Haywood via clamav-users wrote:


$ cd ~
$ rm -rf clamav-0.104.0-rc
$ tar xzvf clamav-0.104.0-rc.tar.gz
$ cd clamav-0.104.0-rc
$ mkdir build
$ cd build
$ cmake ..


blows up, fussing about cmake old version.
new 3.21.1 making from tarball.gz now. using "./bootstrap && make" What
all should I uninstall before I type "sudo make install"? Or will it
just overwrite what there?


If all goes according to thoery you shouldn't need to uninstall anything.

Usually you'll have a distro-supplied version in /usr/bin and something
which you've rolled yourself in /usr/local/bin (*).  The PATH environment
variable will have /usr/local/bin first in the search list so you'll get
the one you want by default unless you say otherwise by giving the full
path along with the name of the executable.  Well, that's that theory. :)

(*) for example.

--

73,
Ged.

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Freshclam - can't apply latest patch 26246

[G.W. Haywood via clamav-users]

Hi there,

On Wed, 28 Jul 2021, Lee, Raymond wrote:

On Wed, Jul 28, 2021 at 11:16 AM Asenova, Elia wrote:


... when running freshclam I get the following errors ...
Downloaded 22 patches for daily, which is fewer than the 37 expected patches.
We'll settle for this partial-update, at least for now.
ERROR: cdiff_apply: lseek(desc, -350, SEEK_END) failed


I ran into this same problem and just deleted /var/lib/clamav/daily.c[lv]d
and ran freshclam again.


If that doesn't help, check that the timeouts in your configuration
file for freshclam aren't very short.  A long time ago the default was
30 seconds I think, but that's too short now - the default now is to
have no timeout at all.  Until the recent updates to main and daily I
had ReceiveTimeout set to 1800 seconds.  Even that was too short here,
so I've now set it to 3600 seconds.


[LibClamAV] ***  The virus database is older than 7 days!  ***


Can we take it that the computer's clock is set correctly?

--

73,
Ged.

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] can not download updates

[Joel Esler (jesler) via clamav-users]

> On Jul 28, 2021, at 4:04 AM, Matus UHLAR - fantomas  wrote:
> 
> On 27.07.21 18:51, fxkl47BF via clamav-users wrote:
>> for many years it's worked fine with timeout set at 30 seconds
> 
> for many years it worked with people fetching via wget/curl, but it does not
> apply now.
> 

So true.

> 
> ...changing timeout won't help you when you are banned, servers don't know
> about your timeout settings (but will ban you if you repeatedly drop
> connection because of timeout)

No, but a lot of the repeated queries (causing the ban) is because the timeout 
is reached pre-maturely, and extending the download time allows for more time 
to download the file, which cuts down on the repeated queries.



smime.p7s
Description: S/MIME cryptographic signature

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Freshclam - can't apply latest patch 26246

[Lee, Raymond via clamav-users]

Hi Elia,

I ran into this same problem and just deleted /var/lib/clamav/daily.c[lv]d
and ran freshclam again.

Kind Regards,
Ray



On Wed, Jul 28, 2021 at 11:16 AM Asenova, Elia via clamav-users <
clamav-users@lists.clamav.net> wrote:

> Hello guys,
>
>
>
> This is related to a freshclam update problem that I have. Basically when
> running freshclam I get the following errors:
>
> ClamAV update process started at Wed Jul 28 14:30:20 2021
>
> daily database available for update (local version: 26209, remote version:
> 26246)
>
> Downloaded 22 patches for daily, which is fewer than the 37 expected
> patches.
>
> We'll settle for this partial-update, at least for now.
>
> ERROR: cdiff_apply: lseek(desc, -350, SEEK_END) failed
>
> ERROR: downloadPatch: Can't apply patch
>
> Testing database:
> '/var/lib/clamav/tmp.0c60a53c3f/clamav-c22814890a9b587d8060b5d43ce20d40.tmp-daily.cld'
> ...
>
> [LibClamAV] **
>
> [LibClamAV] ***  The virus database is older than 7 days!  ***
>
> [LibClamAV] ***   Please update it as soon as possible.***
>
> [LibClamAV] **
>
> Database test passed.
>
> daily.cld updated (version: 26231, sigs: 3996055, f-level: 63, builder:
> raynman)
>
> main database available for update (local version: 59, remote version: 61)
>
> ERROR: cdiff_apply: lseek(desc, -350, SEEK_END) failed
>
> ERROR: downloadPatch: Can't apply patch
>
> WARNING: Incremental update failed, trying to download main.cvd
>
> Testing database:
> '/var/lib/clamav/tmp.0c60a53c3f/clamav-abc29e83f1558f3534bfbeb8d1a81899.tmp-main.cvd'
> ...
>
> Database test passed.
>
> main.cvd updated (version: 61, sigs: 6607162, f-level: 90, builder: sigmgr)
>
> bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63,
> builder: awillia2)
>
>
>
> It seems like daily.cld cannot be updated to the latest version, so it
> does a partial update. I tried running freshclam several times but same
> thing happens over and over again. Clamav version is 0.103.3 and daily db
> version is 26231 (instead of 26246).
>
> I saw an email on this topic in your mail archive (
> https://lists.clamav.net/pipermail/clamav-users/2021-July/011508.html
> ),
> but I do not see any resolution of the problem. Could you give an update on
> what is going on and when is this problem going to be resolved? Thank you!
>
>
>
> Best Regards,
>
> *Elia Asenova*
>
>
>
> ___
>
> clamav-users mailing list
> clamav-users@lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>

-- 
Notice: This email and any files transmitted with it are confidential and 
intended solely for the use of the individual or entity to whom they are 
addressed. Any unauthorized review, use, disclosure or distribution is 
prohibited. If you are not the intended recipient, please contact the 
sender by reply e-mail and destroy the message and attachments without 
retaining a copy.

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] can't cmake 1.0.4rc

[Gene Heskett via clamav-users]

On Wednesday 28 July 2021 07:06:08 G.W. Haywood via clamav-users wrote:

> Hi Gene,
>
> On Wed, 28 Jul 2021, Gene Heskett via clamav-users wrote:
> > The next instruction line from INSTALL.md is:
> >
> > cmake .. -D CMAKE_BUILD_TYPE="Release"
> >
> > Which generates this response:
> >
> > CMake Error: The source directory
> > "/home/gene/src/clamav-0.104.0-rc/build/CMAKE_BUILD_TYPE=Release"
> > does not exist. ...
>
> FWIW I followed the instructions at
>
> https://docs.clamav.net/manual/Installing/Installing-from-source-Unix.
>html
>
> under the heading "The Default Build".  The instructions in the
> INSTALL.md seemed confusing, and, as I'm not familiar with cmake, it
> seemed the closest to the way I usually build it with autotools (which
> is described at
>
> https://docs.clamav.net/manual/Installing/Installing-from-source-Unix-
>old.html
>
> and is just
>
> ./configure
> make
>
unforch, 1.0.4rc does not come with any configure scripts.

> with which you're familiar) and it seemed like the simplest option.
> The build went smoothly apart from the usual slew of scary compiler
> warnings.  From the description of your experiences it looks like I
> made a good decision although I can't take any credit for it - it was
> just happenstance.  The build is on our dedicated clamd server which
> is a Raspberry Pi4B which has 4G RAM and its root partition mounted
> via NFS.
>
> To recap, the build process was
>
> $ cd ~
> $ rm -rf clamav-0.104.0-rc
> $ tar xzvf clamav-0.104.0-rc.tar.gz
> $ cd clamav-0.104.0-rc
> $ mkdir build
> $ cd build
> $ cmake ..

blows up, fussing about cmake old version.
new 3.21.1 making from tarball.gz now. using "./bootstrap && make" What 
all should I uninstall before I type "sudo make install"? Or will it 
just overwrite what there?

Thanks.
[...]

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAV® blog: ClamAV 0.104.0 Release Candidate is here!

[Joel Esler (jesler) via clamav-users]

> On Jul 28, 2021, at 7:17 AM, Rick Cooper  wrote:
> 
> total disregard for the user base, not so much as a poll or query on the 
> lists, enjoy your new cutting edge toys
>  
> Corporate BS rears it's ugly head again, First snort, then centos and now 
> clamav.

I think this is unfair.  This is the feedback we’re getting.  Sounds like we 
don’t need a poll or a query.  We’re hearing it now.

I also think it’s unfair to think “big bad Cisco” had anything to do with this 
at all.  ClamAV is beholden to Cisco in very few ways. In that it’s integrated 
into a few products, other than that, the ClamAV development team has pretty 
full autonomy.  No one is coming down to Micah and saying "YOU MUST YOU CMAKE 
YOU PEON DEVELOPER MUHAHAHAHAHA”.  

If you have feedback, this is the perfect use of this list to do so, but we’re 
also all adults, with jobs, with passions, and we can be professional.

As far as Snort, I think the same logic applies.  The rewrite of Snort started 
long before Cisco even entered the picture, it started when we were still 
Sourcefire back in 2011-2012.  I have the engineering slides!

smime.p7s
Description: S/MIME cryptographic signature

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] Freshclam - can't apply latest patch 26246

[Asenova, Elia via clamav-users]

Hello guys,

This is related to a freshclam update problem that I have. Basically when 
running freshclam I get the following errors:
ClamAV update process started at Wed Jul 28 14:30:20 2021
daily database available for update (local version: 26209, remote version: 
26246)
Downloaded 22 patches for daily, which is fewer than the 37 expected patches.
We'll settle for this partial-update, at least for now.
ERROR: cdiff_apply: lseek(desc, -350, SEEK_END) failed
ERROR: downloadPatch: Can't apply patch
Testing database: 
'/var/lib/clamav/tmp.0c60a53c3f/clamav-c22814890a9b587d8060b5d43ce20d40.tmp-daily.cld'
 ...
[LibClamAV] **
[LibClamAV] ***  The virus database is older than 7 days!  ***
[LibClamAV] ***   Please update it as soon as possible.***
[LibClamAV] **
Database test passed.
daily.cld updated (version: 26231, sigs: 3996055, f-level: 63, builder: raynman)
main database available for update (local version: 59, remote version: 61)
ERROR: cdiff_apply: lseek(desc, -350, SEEK_END) failed
ERROR: downloadPatch: Can't apply patch
WARNING: Incremental update failed, trying to download main.cvd
Testing database: 
'/var/lib/clamav/tmp.0c60a53c3f/clamav-abc29e83f1558f3534bfbeb8d1a81899.tmp-main.cvd'
 ...
Database test passed.
main.cvd updated (version: 61, sigs: 6607162, f-level: 90, builder: sigmgr)
bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63, 
builder: awillia2)

It seems like daily.cld cannot be updated to the latest version, so it does a 
partial update. I tried running freshclam several times but same thing happens 
over and over again. Clamav version is 0.103.3 and daily db version is 26231 
(instead of 26246).
I saw an email on this topic in your mail archive 
(https://lists.clamav.net/pipermail/clamav-users/2021-July/011508.html),
 but I do not see any resolution of the problem. Could you give an update on 
what is going on and when is this problem going to be resolved? Thank you!

Best Regards,
Elia Asenova


___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAV® blog: ClamAV 0.104.0 Release Candidate is here!

[Joel Esler (jesler) via clamav-users]

We are planning on making LTS versions for distros again.  

— 
Sent from my  iPad

> On Jul 28, 2021, at 07:45, Andrew C Aitchison via clamav-users 
>  wrote:
> 
> On Wed, 28 Jul 2021, Rick Cooper wrote:
> 
>> total disregard for the user base, not so much as a poll or query on the 
>> lists,
> 
> When ClamAV 0.103 was released in September 2020 CMake was an *experimental* 
> option.
> There will be a 0.103 release in September 2021, but is likely to be the last 
> one.
> 0.104 will only have CMake, no autoconfig.
> That doesn't leave much time for distributions to switch.
> 
> The latest "Long Term" Ubuntu was 2004, released about April 2020,
> the  next will be 2204, due around April 2022,
> so ClamAV will completely switch-over between sucessive Ubuntu LTS releases.
> 
> Between those LTS releases there are 3 standard/fast-track releases,
> Ubuntu2010, Oct 2020, replaced by Ubuntu2104 in April 2021 (with ClamAV 
> 0.103.2) and 2110 due in October.
> I don't see anyone from Ubuntu, Canonical or Debian here talking about
> keeping up with bleeding edge ClamAV.
> 
> Between requiring an uptodate CMake and an obsolete, 6 year old,
> LLVM, I worry that the ClamAV team is spread too thin.
> 
> -- 
> Andrew C. AitchisonKendal, UK
>and...@aitchison.me.uk
> 
> ___
> 
> clamav-users mailing list
> clamav-users@lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml


smime.p7s
Description: S/MIME cryptographic signature

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] [OT] ClamAV® blog: ClamAV 0.104.0 Release Candidate is here!

[Gary R. Schmidt]

On 28/07/2021 21:53, G.W. Haywood via clamav-users wrote:

Hi Paul,

On Wed, 28 Jul 2021, Paul Kosinski via clamav-users wrote:


In my case, I can't simply upgrade to the latest Debian (or any
other distro), as one of the systems is our home firewall and
gateway -- with iptables, multi-LAN routing (with local DNS), a bit
of bridging, encrypted tunnels to elsewhere, etc. This means we
would lose *all* Internet connectivity for who knows how long if I
tried an in-place upgrade.


I'd recommend not using any big distro for your perimiter firewall.
I use one of the purpose-built stripped-down firewall distributions.
The maintenance needed on it is minimal, and it doesn't prevent you
from having firewalls on other machines too.  To get to *any* of our
servers from outside, packets must traverse at least three firewalls.


So the only way to move forward seems to be to rebuild our system on
separate hardware. I have started this on hardware I already mainly
have (being retired, and thus without corporate budget or staff).


One of the slightly unexpected benefits of using things like the
Raspberry Pi is that you can have a few of them kicking around which
are surplus to requirements and just fire one up as and when needed.


I second what Ged is saying here, for firewalls and so on the Raspberry 
Pi and its ilk are a much better choice than a full-on system, they use 
/much/ less power, and keeping a spare or three isn't a board- (or 
wife-) level budget request.  :-)


I still like a full-on machine for handling email, but that's because I 
run Panda-IMAP, which is probably the closest thing to a "reference" 
IMAP implementation we will ever see, and I can do far more clever 
things with disks and SANs when needed.


Cheers,
GaryB-)

P.S.  Yes, I know I said good-bye, but I am interested in the fall-out 
of the recent decisions made about ClamAV.  (And I like to laugh at the, 
"I haven't been able to download...", posts.  :-) )


___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] can't cmake 1.0.4rc

[Gene Heskett via clamav-users]

On Wednesday 28 July 2021 03:52:27 Andrew C Aitchison wrote:

> On Wed, 28 Jul 2021, Gene Heskett via clamav-users wrote:
> > cmake --version RETURN says:
> > cmake version 3.7.2
>
> Ah. INSTALL.md says:
>   ### Build requirements
>   - CMake 3.16 for Windows, and 3.14+ for other operating systems.
>
> > CMake suite maintained and supported by Kitware (kitware.com/cmake).
>
> https://blog.kitware.com/cmake-3-21-1-available-for-download/
>
> Which operating system are you building on ?

This particular box is still on debian stretch. I'm kinda dragging my 
feet till affordable 1T SSD's appear. I'll see if the link above will 
install. But I just ran a df, and it appears a half T. might be usable 
so I'll go shopping. But I already have a pair of 500GB Samsung EVO 
860's and 1 empty sata III connector. A raid mirror? I'll ask one the 
debian list how to best utilize that redundancy.

Thank you.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] [OT] ClamAV® blog: ClamAV 0.104.0 Release Candidate is here!

[G.W. Haywood via clamav-users]

Hi Paul,

On Wed, 28 Jul 2021, Paul Kosinski via clamav-users wrote:


In my case, I can't simply upgrade to the latest Debian (or any
other distro), as one of the systems is our home firewall and
gateway -- with iptables, multi-LAN routing (with local DNS), a bit
of bridging, encrypted tunnels to elsewhere, etc. This means we
would lose *all* Internet connectivity for who knows how long if I
tried an in-place upgrade.


I'd recommend not using any big distro for your perimiter firewall.
I use one of the purpose-built stripped-down firewall distributions.
The maintenance needed on it is minimal, and it doesn't prevent you
from having firewalls on other machines too.  To get to *any* of our
servers from outside, packets must traverse at least three firewalls.


So the only way to move forward seems to be to rebuild our system on
separate hardware. I have started this on hardware I already mainly
have (being retired, and thus without corporate budget or staff).


One of the slightly unexpected benefits of using things like the
Raspberry Pi is that you can have a few of them kicking around which
are surplus to requirements and just fire one up as and when needed.
It's really easy to image a micro-SD card, tweak a few settings and
plug it in.  I'm tempted to say that it's easier than spinning up a
virtual machine, although bad experience of the Pi4B's stability is
the main reason that we haven't moved a half-dozen VMs to Pi4Bs; we
still run a VM server.  The other Pis don't seem to have the issues
with stability that the 4B has.  That's several years of experience
using dozens of them running 24/365 for all kinds of tasks including
database, file and backup servers, intranet, mail, security including
CCTV, and of course desktop use.


Finally, building this new system is made even more difficult by the
fact that iptables has recently been replaced by nftables, whose
native syntax has been "improved" to be quite different. There is,
at least, a legacy iptables interface to it ...


Like you I've been a bit preplexed by nft.  My milters write firewall
rules on the fly, and at one time I thought I'd need to recode a few
chunks to keep up with the Netfilter developments.  After spending a
while looking into it and chatting on the netfilter mailing list with
people much more familiar with nft than I, it seems that while there
are some efficiency improvements for writing complex rulesets, if you
don't feel the need for them you can just ignore it and carry on with
what they're calling 'iptables-legacy' as if nothing's happened.  For
the foreseeable future, that's what I'll be doing.  I can write rules
with iptables in my sleep, I frequently modify rulesets 'live' on the
servers, but I don't think I could write the simplest rule with nft
and get it right first time and I wouldn't dream of doing it live on
the box without testing it first.


P.S. The last time I upgraded our firewall, from x86 to x86_64, at
least iptables was quite compatible with ipchains, and Linux as a
whole was still in the early stages of its exponential growth in
complexity.


As I understand it the underlying kernel structures and capabilities
are not changed with nftables.  Both the 'iptables' and 'nft' binaries
operate on the same structures and filtering takes place in the same
places.  So there's less incompatibility between nft and iptables than
there was between iptables and ipchains.  See for example:

https://www-uxsup.csx.cam.ac.uk/pub/doc/redhat/redhat7.3/rhl-rg-en-7.3/s1-iptables-differences.html

HTH

--

73,
Ged.

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAV® blog: ClamAV 0.104.0 Release Candidate is here!

[Andrew C Aitchison via clamav-users]

On Wed, 28 Jul 2021, Rick Cooper wrote:


total disregard for the user base, not so much as a poll or query on the lists,


When ClamAV 0.103 was released in September 2020 CMake was an *experimental* 
option.
There will be a 0.103 release in September 2021, but is likely to be the last 
one.
0.104 will only have CMake, no autoconfig.
That doesn't leave much time for distributions to switch.

The latest "Long Term" Ubuntu was 2004, released about April 2020,
the  next will be 2204, due around April 2022,
so ClamAV will completely switch-over between sucessive Ubuntu LTS 
releases.


Between those LTS releases there are 3 standard/fast-track releases,
Ubuntu2010, Oct 2020, replaced by Ubuntu2104 in April 2021 (with ClamAV 
0.103.2) and 2110 due in October.

I don't see anyone from Ubuntu, Canonical or Debian here talking about
keeping up with bleeding edge ClamAV.

Between requiring an uptodate CMake and an obsolete, 6 year old,
LLVM, I worry that the ClamAV team is spread too thin.

--
Andrew C. Aitchison Kendal, UK
and...@aitchison.me.uk

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] can not download updates

[fxkl47BF via clamav-users]

‐‐‐ Original Message ‐‐‐

On Wednesday, July 28th, 2021 at 3:04 AM, Matus UHLAR - fantomas 
 wrote:

> > On Tuesday, July 27th, 2021 at 11:51 AM, Matus UHLAR - fantomas 
> > uh...@fantomas.sk wrote:
> >
> > > you weren't unblocked by changing receivetimeout.
> > >
> > > wait until you are unblocked (up to 24 hours) and then you should be able 
> > > to
> > >
> > > download the file.
> > >
> > > what's your bandwidth? the receive can take longer than 5 minutes./
>
> On 27.07.21 18:51, fxkl47BF via clamav-users wrote:
>
> > for many years it's worked fine with timeout set at 30 seconds
>
> for many years it worked with people fetching via wget/curl, but it does not
> apply now.
> ...changing timeout won't help you when you are banned, servers don't know
> about your timeout settings (but will ban you if you repeatedly drop
> connection because of timeout)
> Your last info available was:
> Tue Jul 27 11:34:07 2021 -> WARNING: You are on cool-down until after: 
> 2021-07-27 15:34:07
> hopefully it's OK now.

it seems my ban was lifted when freshclam ran Tue Jul 27 19:34:16 2021
but i was getting timeout with receivetimeout set at 5 minutes
this morning i increased it to 20 minutes and it succeeded
30 seconds to 20 minutes

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAV® blog: ClamAV 0.104.0 Release Candidate is here!

[Rick Cooper]

Ok that was the answer. It was done because the development team wanted new
toys and the fact that you have to include instructions as to how to go
about building cmake (and using a version that requires a fairly new
distro). And cmake is constantly releasing new updates which, in my mind,
puts it right up there with Fedora in terms of "ready for production".
Autotools was at least a staple that pretty much and pretty much any end
user could run the configure command and end up with a functional program
without having to install a whole new build.
system.
 
total disregard for the user base, not so much as a poll or query on the
lists, enjoy your new cutting edge toys
 
Corporate BS rears it's ugly head again, First snort, then centos and now
clamav.
 
 

  _  

From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf
Of Micah Snyder (micasnyd) via clamav-users
Sent: Tuesday, July 27, 2021 6:26 PM
To: ClamAV users ML
Cc: Micah Snyder (micasnyd)
Subject: Re: [clamav-users] ClamAV® blog: ClamAV 0.104.0 Release Candidate
is here!



All:

 

I and others on the development team struggled with Autotools and felt
plagued by a myriad of little bugs. Whenever we had a problem with autotools
(and there were plenty) it was always, “Heeey you’re the Autotools expert.
You got this, right?…” No one wanted to deal with it. 

 

CMake is far less confusing and less error-prone (at least to me). The
documentation is great. It has built in features to detect loads of
system-installed libraries. More recent versions even have system similar to
pkg-config for importing build targets exactly as they were created when
compiled, so that you never miss a library dependency. No more mussing about
with LDFLAGS and LIBS variables and various directory variables. Honestly,
it’s a breath of fresh air. And CMake supports Windows which allowed us to
drop the old Visual Studio project files. There’s more, but I think that
should be enough. No it won’t necessarily improve detection, unless you were
one of those people who didn’t realize you needed libbz2 or some such
“optional” dependency in order to get the most out of ClamAV. 

 

Anyways, there are many reasons why CMake is better than Autotools but I
don’t want to ramble on about it any more than I already have. I recommend
reading up on some modern CMake features. You may find that you like it. 

 

But if you really don’t want to deal with it, you can wait until your
system’s packaging system has the next ClamAV version. That’s what most
people will do anyways.

 

Mark:

 

I’m sorry about breaking your scripts. For what it’s worth, all of the
dependency builds should stay the same but you’ll have to change the
commands for building ClamAV itself.

 

One of those reasons why CMake is awesome is that it’s really easy to build
installers. Just last week Hanspeter and I figured out how to link ClamAV
with a static libcurl build and have it bring along all of libcurl’s
dependencies. This was a roadblock for a couple things to include building a
PKG installer for macOS. After seeing your comments about Homebrew, and with
that roadblock finally removed, you successfully nerd-sniped me into
figuring out the rest of the macOS installer build.

 

I just finished a pull-request to add support to build a PKG installer for
Mac. I would love your input on it:
https://github.com/Cisco-Talos/clamav/pull/228

Note that I picked an install path /opt/clamav rather arbitrarily.  If we’re
going to add a macOS PKG installer to our Downloads page, I’d appreciate
input on where you think it should actually install to.

 

My example in the PR (and commit message) rely on having used Mussels, our
dependency build automation tool, to build all of the static libs
(https://github.com/Cisco-Talos/Mussels). 

We use Mussels to build the dependencies for Windows and for Linux (for
OSS-Fuzz). Crafting recipes for static libs for macOS wasn’t so bad. I added
those last night. You can review the recipes the “clamav cookbook” uses to
build each dependency here:
https://github.com/Cisco-Talos/clamav-mussels-cookbook/

 

If you want to give it a try instead of using your own build tools, the
Mussels project page has some basic instructions but for a leg up here are
some commands to get you started:

 

python3 -m pip install mussels

msl --help

msl up

msl cookbook trust clamav

msl build --help

msl build clamav_deps -t host-static --dry-run

msl build clamav_deps -t host-static 

 

I have not yet modified the clamav recipe to build the PKG installer, since
the above PR hasn’t merged yet, but “msl build clamav -t host-static” should
also work. 

 

Anyways, please let me know what you think.  

 

Respectfully,

Micah

 

 

From: clamav-users  On Behalf Of Mark
Allan via clamav-users
Sent: Monday, July 26, 2021 5:27 PM
To: ClamAV users ML 
Cc: Mark Allan 
Subject: Re: [clamav-users] ClamAV® blog: ClamAV 0.104.0 Release Candidate
is here!

 

I find myself asking the same question. 

Re: [clamav-users] can't cmake 1.0.4rc

[G.W. Haywood via clamav-users]

Hi Gene,

On Wed, 28 Jul 2021, Gene Heskett via clamav-users wrote:


The next instruction line from INSTALL.md is:

cmake .. -D CMAKE_BUILD_TYPE="Release"

Which generates this response:

CMake Error: The source directory 
"/home/gene/src/clamav-0.104.0-rc/build/CMAKE_BUILD_TYPE=Release" does not 
exist.
...


FWIW I followed the instructions at

https://docs.clamav.net/manual/Installing/Installing-from-source-Unix.html

under the heading "The Default Build".  The instructions in the
INSTALL.md seemed confusing, and, as I'm not familiar with cmake, it
seemed the closest to the way I usually build it with autotools (which
is described at

https://docs.clamav.net/manual/Installing/Installing-from-source-Unix-old.html

and is just

./configure
make

with which you're familiar) and it seemed like the simplest option.
The build went smoothly apart from the usual slew of scary compiler
warnings.  From the description of your experiences it looks like I
made a good decision although I can't take any credit for it - it was
just happenstance.  The build is on our dedicated clamd server which
is a Raspberry Pi4B which has 4G RAM and its root partition mounted
via NFS.

To recap, the build process was

$ cd ~
$ rm -rf clamav-0.104.0-rc
$ tar xzvf clamav-0.104.0-rc.tar.gz
$ cd clamav-0.104.0-rc
$ mkdir build
$ cd build
$ cmake ..
$ cmake --build .

This was just to test that the build process would work and report my
findings to the list.  I haven't run the install, I have no intention
of running 0.104-rc in production, and I haven't even run the tests.
The configuration and build each took around a quarter of an hour on
this machine, I'd expect it to be faster with a local root partition.

The troubles I had were all associated with installing a reasonably
up-to-date version of cmake, but hopefully they're behind me now and
with luck the main distributions will catch up in a few years anyway.

HTH

--

73,
Ged.

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] can not download updates

[Matus UHLAR - fantomas]

On 27.07.21 16:37, fxkl47BF via clamav-users wrote:

> it made no difference
>
> Tue Jul 27 11:34:03 2021 -> Received signal: wake up
> Tue Jul 27 11:34:03 2021 -> ClamAV update process started at Tue Jul 27 
11:34:03 2021
> Tue Jul 27 11:34:03 2021 -> WARNING: Your ClamAV installation is OUTDATED!
> Tue Jul 27 11:34:03 2021 -> WARNING: Local version: 0.103.2 Recommended 
version: 0.103.3
> Tue Jul 27 11:34:03 2021 -> DON'T PANIC! Read 
https://www.clamav.net/documents/upgrading-clamav
> Tue Jul 27 11:34:03 2021 -> WARNING: Cool-down expired, ok to try again.
> Tue Jul 27 11:34:03 2021 -> daily database available for update (local 
version: 26231, remote version: 26245)
> Tue Jul 27 11:34:05 2021 -> ERROR: cdiff_apply: lseek(desc, -350, SEEK_END) 
failed
> Tue Jul 27 11:34:05 2021 -> ERROR: downloadPatch: Can't apply patch
> Tue Jul 27 11:34:05 2021 -> WARNING: Incremental update failed, trying to 
download daily.cvd
> Tue Jul 27 11:34:06 2021 -> WARNING: Can't download daily.cvd from 
https://database.clamav.net/daily.cvd
> Tue Jul 27 11:34:06 2021 -> WARNING: FreshClam received error code 429 from 
the ClamAV Content Delivery Network (CDN).



On Tuesday, July 27th, 2021 at 11:51 AM, Matus UHLAR - fantomas 
 wrote:

you weren't unblocked by changing receivetimeout.
wait until you are unblocked (up to 24 hours) and then you should be able to
download the file.
what's your bandwidth? the receive can take longer than 5 minutes./


On 27.07.21 18:51, fxkl47BF via clamav-users wrote:

for many years it's worked fine with timeout set at 30 seconds


for many years it worked with people fetching via wget/curl, but it does not
apply now.


...changing timeout won't help you when you are banned, servers don't know
about your timeout settings (but will ban you if you repeatedly drop
connection because of timeout)

Your last info available was:

Tue Jul 27 11:34:07 2021 -> WARNING: You are on cool-down until after: 
2021-07-27 15:34:07

hopefully it's OK now.

--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux - It's now safe to turn on your computer.
Linux - Teraz mozete pocitac bez obav zapnut.

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAV® blog: ClamAV 0.104.0 Release Candidate is here!

[Matus UHLAR - fantomas]

On Tue, 27 Jul 2021 16:41:03 +0100
Mark Fortescue via clamav-users  wrote:

One quick answer to why people do not upgrade the OS is that the
hardware does not support the upgrade (mostly due to memory and x86_64).

I work with embedded systems where the code is very specific to the
hardware so new hardware is not an option.

For others it may just be the hassle of starting setting up a new OS and
fixing all the distribution bugs/annoyances that get installed with each
new OS all over again.


On 28.07.21 00:26, Paul Kosinski via clamav-users wrote:

In my case, I can't simply upgrade to the latest Debian (or any other
distro), as one of the systems is our home firewall and gateway -- with
iptables, multi-LAN routing (with local DNS), a bit of bridging, encrypted
tunnels to elsewhere, etc.  This means we would lose *all* Internet
connectivity for who knows how long if I tried an in-place upgrade.


a bit OT, but I upgrade debian servers for years in a short steps, combining

"apt-get upgrade" so only safe packages are upgraded
and manual upgrades a few at once via aptitude
(so packages with complicated dependencies at the end, e.g. perl)

with configuration differences (updatedb; locate -e .dpkg- .ucf-) handled
between those steps.

it takes a bit more time, but reduces outages.

Ubuntu can be handled similarly (however, even base ubuntu is uselessly
bloated and has bit more complicated dependencies).

--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The 3 biggets disasters: Hiroshima 45, Tschernobyl 86, Windows 95

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] can't cmake 1.0.4rc

[Andrew C Aitchison via clamav-users]

On Wed, 28 Jul 2021, Gene Heskett via clamav-users wrote:


cmake --version RETURN says:
cmake version 3.7.2


Ah. INSTALL.md says:
### Build requirements
- CMake 3.16 for Windows, and 3.14+ for other operating systems.


CMake suite maintained and supported by Kitware (kitware.com/cmake).


https://blog.kitware.com/cmake-3-21-1-available-for-download/

Which operating system are you building on ?

--
Andrew C. Aitchison Kendal, UK
and...@aitchison.me.uk

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] clamonsacc not working on centos7

[Joël Labby via clamav-users]

I've found the solution:

The OnAccessIncludePath has to be commented in my case.

everything seems to work like a charm :-)

Le 28/07/21 à 07:32, Joël Labby via clamav-users a écrit :


No Selinux is desactivated.

But I made a step into this problem...

I've commented the line

#LocalSocket /run/clamd.scan/clamd.sock

And Clanonacc can now run.

I just have another concern.

I've set it like this :

OnAccessIncludePath /home/afifd

but when I start the process I can see in the log :

ClamFanotif: recursively watching the mount point '/home/user'

and

ClamWorker: performing scanning on file 
'/var/clamav/tmp/clamav-eee4bd3426e13922b0708f8cae552dfa.tmp'


So the path defined doesn't seem to work.

I've also tried to define

OnAccessExcludePath /var/clamav/tmp

If you have any idea.. You are welcome :-)

Thanks

joel

Le 27/07/21 à 20:06, G.W. Haywood via clamav-users a écrit :

Hi there,

On Tue, 27 Jul 2021, Joël Labby via clamav-users wrote:


...
I can use clamscan to scan a file

but clamonacc return this error :

ERROR: ClamClient: Could not connect to clamd, Couldn't connect to 
server
ERROR: Clamonacc: daemon is local, but a connection could not be 
established


any idea ?


Are you running SELinux?


--


___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

--


___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml