CVE-2021-44879
Wenqing Liu reported a NULL pointer dereference in the f2fs
implementation. An attacker able to mount a specially crafted image
^^^
can take advantage of this flaw for denial of service.
>From "Debian
Large archive files may be the most obvious case, especially if things like
disk images and installation images are included, but make sure that large
multimedia files are also handled.
In today's Internet environment, there are probably far, far more large video
files floating around than
On Wed, 25 Oct 2023 17:18:46 +0100 (BST)
Andrew C Aitchison via clamav-users wrote:
> On Sun, 22 Oct 2023, Rahim Fakir via clamav-users wrote:
>
> > I would like to know if it is possible to have clamav on the desktop and
> > remotely scan the phone.
> > for example: clamscan -r -i remove=yes
You are right. But more than that, merely *reading* a file will exercise such
code. I wonder if anybody has devised a file which exploits such a kernel bug?
(Shudder.)
After I wrote my objection, I realized that to be even more safe, one should
scan removable disks at the block level before
ock device -- a clear kernel involvement.
Of course, scanning any file might conceivably trigger a ClamAV bug, and thus a
compromise, but that is no reason to add another layer of vulnerability to
things. (But it is a good reason not to run ClamAV as root.)
Paul Kosinski
On Thu, 8 Jun 2023 20:5
On Tue, 16 May 2023 20:32:56 +
"Micah Snyder (micasnyd)" wrote:
> Hi Paul,
>
> Unlike Java or C#, Rust does not have any additional runtime library
> requirement.
>
> Regards,
> Micah
>
>
> Micah Snyder
> ClamAV Development
> Talos
> Cisco Systems, Inc.
I'm somewhat surprised Rust
Micah,
Great decision!
I was worried about needing Rust on some of our systems. Not only for
compiling, but doesn't Rust also need its own run time libraries?
I'm still trying to figure out how to move from iptables to nftables, so not
having also to use Rust "immediately" is a relief.
I have just started getting these claiming to be relevant to ClamAV, but I have
*also* been receiving this sort of thing claiming to be from the Firefox ESR
list for months now.
I am posting (one of) the HTMLs "about" ClamAV to
https://www.clamav.net/reports/malware. Should I also post (one
My main point (which wasn't emphasized enough) was that one of the Cloudflare
"anycast" mirrors (my local one, "BOS"), which host the ClamAV files, was often
missing the *latest* version of the daily signature file. So I wondered if the
same kind of Cloudflare problem might be affecting you.
I
A few years ago, when I was attempting local mirroring, I was having a
recurring problem with my local Cloudflare "anycast" server ("BOS"). I wonder
if you might be having a similar problem.
I was running a crontab triggered procedure a few times an hour which would do
a DNS TXT query to see
I am using ClamAV 0.103.6 on Buster, but I have always built it from source
(since way before Cisco and even SourceFire), hence I'm a bit obsolete.
I did this -- and still do it -- because ClamAV has always been a bit
experimental. Thus I install each version under "/opt/clamav.d/version" so I
Compared to the following, encrypted PDFs are a very minor issue (in my
opinion).
Most websites these days use HTTPS ("for security"), and make extensive use of
Javascript (find a site that doesn't). This means that browsers are always
executing code that can't be scanned (at least by ClamAV).
I don't think I implied that the 2 GiB limit was "artificial" in the sense of
trivial, or made up. I think I very clearly stated that
"It's a holdover from when 32-bit numbers were all that CPUs supported" and now
"the 2 GiB limit is quite an anachronism".
Note that this question has been
On Sun, 22 Jan 2023 05:40:18 +0900
Tsutomu Oyamada wrote:
> How do I set up clamd?
> Setting MaxFileSize to "0" is unlimited, but internally files larger than 2GB
> in size cannot be scanned.
> In this case, do you treat the file as clean without scanning it at all?
I've complained about the
I occasionally see a similar message from sites other than clamav.net saying
something equivalent to Cloudflare's "review the security of your connection".
The phrasing is pure gaslighting. It isn't for *connection* security -- HTTPS
provides *that*. What it really means is that the site is
On Thu, 28 Jul 2022 17:38:20 -0400
Joel Esler wrote:
> ClamAV is a Cisco project. There’s no arguing that.
>
> All of the original team are observed here: https://www.clamav.net/about
>
> So, not sure what you’re getting at.
The phrase "*the* authors of the software" rather implies that
On Mon, 1 Aug 2022 16:24:50 +0100 (BST)
Andrew C Aitchison via clamav-users wrote:
> On Mon, 1 Aug 2022, Shawn Iverson via clamav-users wrote:
>
> > Hello,
> >
> > I've noticed that a daily hasn't been posted since the 28th of July. Are
> > daily sigs being posted?
>
> # clamscan --version
> At the moment three versions are officially supported by Cisco's Talos, the
> authors of the software.
Cisco's Talos are the *current* authors of the software.
ClamAV was started in 2001 by Tomasz Kojm and a group of Open Source
enthusiasts. In 2007, they sold the software to Sourcefire (of
Building 0.103.6, I ran 'configure' with the option "--disable-clamonaccess"
(instead of "--disable-clamonacc") and got no error or warning that the option
was not recognized.
I did this because I realized that I had still been using the old
"--disable-clamuko", which also had no effect, and
On Thu, 17 Feb 2022 14:08:45 +0100
An Schall via clamav-users wrote:
> When using clamdscan, I would like to have verbose output logged to a
> file. Specifically, the timestamp, file path and file name as well as
> the scan results should be logged to a specified file.
>
> In comparison,
On Wed, 12 Jan 2022 20:12:42 +
"Micah Snyder \(micasnyd\) via clamav-users"
wrote:
> Find this announcement online at:
> https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html
>
>
> ClamAV versions 0.103.5 and 0.104.2 are now available for download on the
>
On Mon, 6 Dec 2021 16:41:51 -0500
Bowie Bailey via clamav-users wrote:
> I followed the instructions to install the prerequisites and then went
> through the
> steps for the default build. Everything went fine until I got to the last
> step.
>
> $ sudo cmake --build . --target install
>
On Mon, 15 Nov 2021 13:23:49 +
"Joel Esler \(jesler\) via clamav-users" wrote:
> On Nov 14, 2021, at 19:11, Yasuhiro Kimura
> mailto:y...@utahime.org>> wrote:
>
> These results means server checks User-Agent header of HTTP request
> and returns 403 forbitten if the value doesn't look like
On Fri, 22 Oct 2021 18:47:01 +
"Joel Esler (jesler)" wrote:
> > On Oct 22, 2021, at 14:16, Paul Kosinski via clamav-users
> > wrote:
> >
> > On Fri, 22 Oct 2021 13:27:46 +
> > "Joel Esler \(jesler\) via clamav-users"
> > wrote
On Fri, 22 Oct 2021 13:27:46 +
"Joel Esler \(jesler\) via clamav-users" wrote:
> > On Oct 21, 2021, at 18:55, Kenneth Porter wrote:
> >
> > On 10/21/2021 10:14 AM, Paul Kosinski via clamav-users wrote:
> >> I've never seen a DNS age warning, b
On Thu, 21 Oct 2021 15:55:54 -0700
Kenneth Porter wrote:
> On 10/21/2021 10:14 AM, Paul Kosinski via clamav-users wrote:
> > I've never seen a DNS age warning, but that might be because, for several
> > years now, I only run freshclam when the DNS TXT record (which I check
&
On Thu, 21 Oct 2021 10:20:58 +0100 (BST)
"G.W. Haywood via clamav-users" wrote:
> Hi there,
>
> On Thu, 21 Oct 2021, Ben Argyle via clamav-users wrote:
>
> > Has anyone been having trouble downloading updates for the last 20
> > hours or so? ...
>
> Yesterday I saw a couple of warnings
e use
of Anycast). So I tested it the best I could (without traveling a lot, or
setting up VMs in different countries).
On Tue, 21 Sep 2021 13:21:20 +0200
Matus UHLAR - fantomas wrote:
> >On Mon, 20 Sep 2021 17:17:34 +
> >"Joel Esler (jesler)" wrote:
>
On Mon, 20 Sep 2021 17:17:34 +
"Joel Esler (jesler)" wrote:
> > On Sep 20, 2021, at 13:08, Paul Kosinski via clamav-users
> > wrote:
> >
> > These two IPs are Anycast addresses, and have been unchanged for well over
> > 2 years. (Any
On Mon, 20 Sep 2021 08:18:01 +0100 (BST)
"G.W. Haywood via clamav-users" wrote:
> Hi there,
>
> On Sun, 19 Sep 2021, Gregory Poveda via clamav-users wrote:
>
> > I have several QNAPs
>
> It might be worth searching for 'QNAP' in the list archives. At least
> some of those devices will
I haven't seen any virus database update since the afternoon of Thu 16 Sep
2021, when it was updated to 26297.
Are updates really this stagnant, or does the DNS TXT record at
"current.cvd.clamav.net" no longer reflect the state of things?
(For a bit more bandwidth savings, I only run freshclam
When I do a DNS lookup I also get:
104.16.218.84
104.16.219.84
This is the same result that I got well over a year ago, when I had to add
these IP addresses as holes in my firewall so that my normally isolated
internal server could update its ClamAV instance.
These are Anycast addresses,
On Sun, 5 Sep 2021 18:27:09 +
"Joel Esler (jesler)" wrote:
> Now?
-
All 3 systems updated successfully as soon as our DNS TXT test said the 26285
update was available (see below).
This is again as it is almost every time since the download limiting mechanism
go, when we were downloading full-blown CVDs (not just CDIFFs), I was
able to use another mirror which was up to date on the same day "BOS" was
behind. Now even the small CDIFFs are behind?
Thanks,
Paul Kosinski
-- Saturday 04 September 2021 at 22:05:01
On Sat, 4 Sep 2021 15:01:00 +0100
Paul Netpresto via clamav-users wrote:
> Hi all
>
> Similar issue from Manchester UK. 4 mx's all failing to collect today's
> update apparently first available 9:50 am today
Not rate limited (as we only check about once per hour, from each of 3
systems),
LTS is great! Earlier this year it seemed like I was spending 1 day per week
trying to keep up with ClamAV updates, lockouts etc. Now I have time to do more
forward looking software work.
On Fri, 3 Sep 2021 15:52:10 +
"Joel Esler \(jesler\) via clamav-users" wrote:
> >
> >
On Tue, 24 Aug 2021 23:08:52 +
"Micah Snyder (micasnyd)" wrote:
> This conversation is a fun read! But don't worry really no point removing
> the docs from the source package or the pre-compiled packages. Including it
> is painless at this point. If you're curious why, here's the
On Tue, 24 Aug 2021 10:48:48 +0100 (BST)
"G.W. Haywood via clamav-users" wrote:
> Hi there,
>
> On Mon, 23 Aug 2021, Paul Kosinski via clamav-users wrote:
>
> > On Sun, 22 Aug 2021 14:42:06 +
> > "Joel Esler via clamav-users" wrote:
> >
On Sun, 22 Aug 2021 20:10:00 +0100 (BST)
"G.W. Haywood via clamav-users" wrote:
> Hi there,
>
> On Sun, 22 Aug 2021, Richard Graham via clamav-users wrote:
> > On Sun, Aug 22, 2021 at 10:41 AM Zvi Kave wrote:
> >> On 8/19/2021 9:33 PM, G.W. Haywood via clamav-users wrote:
> >>> On Thu, 19
On Sun, 22 Aug 2021 14:42:06 +
"Joel Esler \(jesler\) via clamav-users" wrote:
> I’m a fan of the thought of removing the user manual completely from the
> downloaded packages and including a link to docs.ClamAV.net. Since that’s
> more dynamic.
I think that's a bad idea for three
On Tue, 3 Aug 2021 07:53:24 +0200
Damian via clamav-users wrote:
> > The current "stable" Debian is 10/Buster. It has ClamAV 0.103.2, patched by
> > Debian to "deb10u1" (whatever that implies)
>
> https://security-tracker.debian.org/tracker/source-package/clamav
Interesting, but *much*
On Sat, 31 Jul 2021 20:32:23 +0200
Matus UHLAR - fantomas wrote:
> can't count on Debian?
They are very conservative, which is usually nice. But for security software,
not so nice.
The current "stable" Debian is 10/Buster. It has ClamAV 0.103.2, patched by
Debian to "deb10u1" (whatever that
On Sat, 31 Jul 2021 02:37:53 +
"Joel Esler (jesler)" wrote:
> > On Jul 30, 2021, at 14:41, Paul Kosinski via clamav-users
> > wrote:
> >
> > (I don't see exactly how a LTS would have helped with the bandwidth issue,
> > but I suppose it w
On Sat, 31 Jul 2021 12:03:36 +
"Micah Snyder \(micasnyd\) via clamav-users"
wrote:
> Hi all,
>
> I could use your opinion about a change we'd planned to make in 0.104. By
> request, I'd made this pull request to change the default directory for the
> config files from /etc to
On Thu, 29 Jul 2021 23:33:02 +0100 (BST)
"G.W. Haywood via clamav-users" wrote:
> Hi there,
>
> On Thu, 29 Jul 2021, Paul Kosinski via clamav-users wrote:
>
> > ... do any firewall distros address inter-LAN filtering?
>
> We're well off-topic here so I th
LTS sounds like a great idea!
Recently, the bandwidth hogging episodes have resulted in rapid changes to
ClamAV versions, followed by EOL of versions that many people (not including
me) were still using. So recently I have had to spend far more time on updating
ClamAV than updating anything
On Thu, 29 Jul 2021 08:52:57 +0100 (BST)
"G.W. Haywood via clamav-users" wrote:
> Maybe there's no need to worry about that. I've seen cases where the
> build process looks for a shared object, finds a 32 bit version when
> it's building for 64 bit, and then complains that it doesn't exist.
>
On Wed, 28 Jul 2021 12:53:38 +0100 (BST)
"G.W. Haywood via clamav-users" wrote:
> I'd recommend not using any big distro for your perimiter firewall.
> I use one of the purpose-built stripped-down firewall distributions.
"..our home firewall and gateway -- with iptables, multi-LAN routing (with
On Wed, 28 Jul 2021 23:31:05 +1000
"Gary R. Schmidt" wrote:
> I second what Ged is saying here, for firewalls and so on the Raspberry
> Pi and its ilk are a much better choice than a full-on system, they use
> /much/ less power, and keeping a spare or three isn't a board- (or
> wife-) level
On Wed, 28 Jul 2021 09:59:14 +0200
Matus UHLAR - fantomas wrote:
> a bit OT, but I upgrade debian servers for years in a short steps, combining
>
> "apt-get upgrade" so only safe packages are upgraded
> and manual upgrades a few at once via aptitude
> (so packages with complicated dependencies
On Tue, 27 Jul 2021 16:41:03 +0100
Mark Fortescue via clamav-users wrote:
> Hi Joel,
>
> One quick answer to why people do not upgrade the OS is that the
> hardware does not support the upgrade (mostly due to memory and x86_64).
>
> I work with embedded systems where the code is very specific
On Tue, 27 Jul 2021 15:30:05 +
"Joel Esler (jesler)" wrote:
> You can’t support everything, forever.
When you are part of critical infrastructure -- as computers have become -- you
must. (Well, not quite forever.)
Compare the rollout of IPv6 with the rollout of x86_64 (not to mention the
On Mon, 26 Jul 2021 11:35:29 -0400
"Rick Cooper" wrote:
> And what, exactly, is the reason for moving to cmake? I am sure you know
> it's going to be problematic for thousands of people so I am curious what
> tremendous gain of speed, size, memory usage or seciurity the other users
> get from
On Wed, 14 Jul 2021 23:55:06 +
"Micah Snyder \(micasnyd\) via clamav-users"
wrote:
> Hi Paul, all:
>
> We're triaging this issue now, also reported by a user on Discord.
>
> We issue a zero-byte CDIFF database patch file whenever we want Freshclam to
> download a whole CVD instead of
On Tue, 13 Jul 2021 14:05:53 +
"Joel Esler \(jesler\) via clamav-users" wrote:
> Tomorrow, Wednesday July 14th, we are planning on publishing a brand new
> main.cvd and daily.cvd, as we do periodically to move more of the long term
> signatures into the main.cvd and make the daily.cvd
Just FYI: this is the first time I remember seeing openSUSE notifying something
about ClamAV.
Begin forwarded message:
Date: Mon, 5 Jul 2021 15:17:01 +0200 (CEST)
From: opensuse-secur...@opensuse.org
To: opensuse-security-annou...@opensuse.org
Subject: openSUSE-SU-2021:2242-1: important:
All these stories about QNAP (etc.) make me glad that I build my own servers,
rather than getting some easy-to-setup, but non-upgradable, box. (E.g., I'm
running 0.103.2, at the minor cost of having to build it from source.)
On Thu, 6 May 2021 13:18:20 +0100 (BST)
"G.W. Haywood via
You're comparing daily.CLD with main.CVD: as I understand it, CVDs are
compressed, CLDs aren't.
On Sat, 17 Apr 2021 21:15:29 +0200 (CEST)
"Robert M. Stockmann via clamav-users" wrote:
> Here's the freshclam virus data files which were first downloaded when
> i upgraded to 0.103.2 :
>
>
It's worse than that. Not only do almost all users ignore security (as do many
organizations), it seems that every new piece or version of software or
hardware *reduces* security. And this applies to some new protocols (remember
WiFi's WEP debacle?) and some extensions to or uses of existing
I have sometimes been able to find older RPMs for various system components at
rpm.pbone.net, but it can be tedious.
On Mon, 12 Apr 2021 15:10:01 -0500
"J.R. via clamav-users" wrote:
> > I've made some investigation and the people on google says that this
> > is a BUG with zlib, and the last
Seems to me that this behavior, advertising a 4GB limit while silently imposing
a 2GB limit and reporting "OK" for anything in between, is a *major* security
flaw: ClamAV *must* report that the file was too big to deal with (however
worded).
Thus I've taken to using clamscan rather than
On Fri, 12 Mar 2021 15:47:02 + (GMT)
"G.W. Haywood via clamav-users" wrote:
> Hi there,
>
> On Fri, 12 Mar 2021, Arjen de Korte via clamav-users wrote:
>
> > Citeren "G.W. Haywood via clamav-users" :
> >
> >> I think the OP was saying that he's not allowed to do that. ...
> >
> > I see
clamav-users
> mailto:clamav-users@lists.clamav.net>> wrote:
>
>
>
> On Mar 10, 2021, at 12:31 PM, Paul Smith via clamav-users
> mailto:clamav-users@lists.clamav.net>> wrote:
>
> On 10/03/2021 17:00, Paul Kosinski via clamav-users wrote:
> I wo
I wrote a little script that run off cron every hour or so. But it *only*
invokes freshclam after querying ClamAV's DNS TXT record to see if any
advertised versions of 'daily', 'bytecode' or 'main' are newer than the local
versions of the CVD files, as determined by 'head', not the files'
I wonder how many "ordinary" users of ClamAV are giving up on using it after
getting permanent 403s. I would imagine there are lots of people who don't
pursue the issue. They may even tell others that ClamAV is unreliable (which
would tarnish its reputation).
On Wed, 10 Mar 2021 11:58:13
"Out of procedural curiosity, why would someone want to disable ipv6?"
Although our FIOS connection supports IPv6, our firewall/gateway complex, which
I custom built from scratch 16+ years ago using iptables etc., doesn't. Since
this firewall/gateway also does lots of inter-LAN routing and
t;Joel Esler (jesler)" wrote:
> This is what happens when you don’t pay people for SEO.
>
> Sent from my iPhone
>
> > On Feb 19, 2021, at 12:10, Paul Kosinski via clamav-users
> > wrote:
> >
> > https://www.safetydetectives.com/best-antivirus/li
https://www.safetydetectives.com/best-antivirus/linux/
___
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
37 + (GMT)
"G.W. Haywood via clamav-users" wrote:
> Hi there,
>
> On Thu, 11 Feb 2021, Paul Kosinski via clamav-users wrote:
>
> > in my clamav.0.103.0/share/clamav/ directory?
> >
> > They don't seem to have been
in my clamav.0.103.0/share/clamav/ directory?
They don't seem to have been there with clamav.0.102.0 and earlier.
___
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a
>
> > On Feb 9, 2021, at 10:14, Paul Kosinski via clamav-users
> > wrote:
> >
> > I save all the ClamAV mail, and couldn't find an announcement.
___
clamav-users mailing list
clamav-users@lists.clamav.net
https://lis
I save all the ClamAV mail, and couldn't find an announcement.
___
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
The problem with only scanning files that have changed since they were
last scanned is that there usually have been virus signature updates in
the meantime. So you could have an "old" file that contains what was a
zero-day virus at the time it was scanned, and now there is a signature
that would
Since the password has to be included for the victim to be able to
decrypt, it ought to be possible to automatically find the password in
the email. Of course, eventually the criminals will start hiding the
password in some way that a human can easily find it, but non-AI
automation can't.
On
be particularly relevant.
On Mon, 14 Dec 2020 02:57:48 +
"Joel Esler \(jesler\) via clamav-users" wrote:
> Both of those things are done as well.
>
> Sent from my iPhone
>
> > On Dec 13, 2020, at 19:24, Dave Warren via clamav-users
> > wrote:
> >
>
I agree. I don't run ClamAV from systemd, and I wouldn't be pleased to
have to spend time changing my scripts "just because".
P.S. I do run other things from systemd -- if the OS set them up that
way -- and I do appreciate the parallelism: it saves a few minutes of
start-up time when I reboot
"The whole CVD filename is not versioned (always "daily.cvd") which is
why the CloudFlare caching issue may result in serving the previous
version."
HTML filenames for Web pages are not versioned either. Does this mean
that CDNs like Cloudflare often serve up obsolete Web pages? If so, does
Does ClamAV (Talos?) check *all* the Cloudflare anycast servers?
I thought it could only check those "near" to ClamAV POPs.
On Thu, 10 Dec 2020 18:00:15 +
"Joel Esler (jesler)" wrote:
> > On Dec 10, 2020, at 11:58 AM, Paul Kosinski via clamav-users
> >
With regard to "sleep for awhile".
I remember that Cloudflare's BOS server on occasion remained behind the
latest CVD version (according to the DNS TXT record) for more than one
hour!
Might the following be possible instead?
I would imagine that Cloudflare has a means of fetching a specific
"This is one of the IPs which I was expecting to see. I wouldn't
expect any problems with it, our ClamAV server updated from it at
1818 GMT last night."
Unfortunately, given the way Cloudflare works, the IP address
(e.g., 104.16.218.84) isn't the whole story. A particular Anycast IP
address such
gments", "sequences", "pieces"?
On Wed, 4 Nov 2020 17:49:09 +
"Micah Snyder (micasnyd)" wrote:
> Do you reckon folks will be less confused if it rounds up?
>
> -Micah
>
> On 11/3/20, 1:37 PM, "clamav-users on behalf o
> disk sector.
>
> Can you not just round up by adding (BlockSize - 1) bytes when setting
> the block variables ?
>
> Regards
> Mark.
>
> On 03/11/2020 16:07, Paul Kosinski via clamav-users wrote:
> > "This is a display problem, not a storage
0 17:44:18 +1100
"Gary R. Schmidt" wrote:
> On 03/11/2020 16:00, Paul Kosinski via clamav-users wrote:
> > "(don't you love C?)"
> >
> > I have never understood why the originators of C didn't give integers
> > explicit widths in bits: their scheme made
I'm not a big Windows fan, but it sounds like ClamAV regexes are rather
unfriendly to Windows since they don't seem to have an "ignore case"
option (unlike most other regex-using programs).
Assuming that is the case (sic), you might try:
ExcludePath "[Cc]:\\[Ww][Ii][Nn][Dd][Oo][Ww][Ss]"
as a
d cap the scan limit
> at 4GB. Changing the variable to be an uint64_t would be "best", but it
> would be a non-backwards compatible change to the API which is very much not
> worth it.
>
> Sigh :-/
>
> > -Original Message-
> > From: clamav-
scanned/read output.
>
> -Micah
>
> On 11/2/20, 9:47 AM, "clamav-users on behalf of G.W. Haywood via
> clamav-users" clamav-users@lists.clamav.net> wrote:
>
> Hi there,
>
> On Mon, 2 Nov 2020, Paul Kosinski via clamav-users wrote:
>
> &
When I first saw this message, I quickly concluded it was a roundoff
behavior. But I still think it is a bad message that should be fixed.
First, most file managers that only display file sizes in "human
readable" form, still display a non-zero size for small files. Second,
it is not logically
"Vaccine for Emotet Malware" at "Schneier on Security":
https://www.schneier.com/crypto-gram/archives/2020/0915.html#cg2
On Wed, 16 Sep 2020 16:27:45 +0200
Brent Clark via clamav-users wrote:
> Hiya
>
> Thanks so much.
>
> I know the community and the internet as a whole, stands to gain
"...we also only release updates once a day."
Are there *never* any urgent virus updates released in between? In
other words, is it always useless to check the TXT record more often?
On Mon, 27 Jul 2020 22:09:31 +
"Joel Esler \(jesler\) via clamav-users" wrote:
>
replied to an email he sent me from what seemed to be
his private email address (i.e., not his clamav address), it was held
for a few days at his MTA, "timed out" and was then bounced -- twice.
On Sun, 10 May 2020 09:33:11 +0100 (BST)
"G.W. Haywood via clamav-users" wrote:
&
g no clout with Cloudflare).
On Tue, 5 May 2020 19:02:20 +0100 (BST)
"G.W. Haywood via clamav-users" wrote:
> Hi there,
>
> On Tue, 5 May 2020, Paul Kosinski via clamav-users wrote:
>
> >>> To try to solve this issue, i have added this line in my /e
> > To try to solve this issue, i have added this line in my /etc/hosts file :
> >
> > * 104.16.218.84 database.clamav.net
>
> Don't do things like that. Sooner or later it will break, and you'll
> find yourself back here again asking why.
Our firewall blocks our mail server from issuing
ywood via clamav-users" wrote:
> Hi there,
>
> On Wed, 22 Apr 2020, Paul Kosinski via clamav-users wrote:
>
> > Your list includes a number of databases I haven't seen before. Could
> > you provide a list of source sites that provide the DBs that you find
> >
Your list includes a number of databases I haven't seen before. Could
you provide a list of source sites that provide the DBs that you find
most useful?
Thanks!
On Wed, 22 Apr 2020 18:43:47 +0100 (BST)
"G.W. Haywood via clamav-users" wrote:
> Hi there,
>
> On Wed, 22 Apr 2020, Karmendra
ke it
> so that `make install` won't try to register clamd as a systemd
> service
>
> -Andrew
>
> On Sun, Apr 19, 2020 at 1:26 PM Paul Kosinski via clamav-users <
> clamav-users@lists.clamav.net> wrote:
>
> > I finally built 0.102.2 a few days ago and w
I finally built 0.102.2 a few days ago and was rather shocked that it was
tightly integrated into systemd. In a point release, converting ClamAV into a
mandatory server strikes me as weird, especially since there is no
"--without-systemd" option.
I am not philosophically opposed to systemd
er investigating a closely
> related issue regarding ISO/GPT file formats. This definitely gives
> us more reason to do so.
>
> -Micah
>
> On 4/10/20, 6:55 PM, "Paul Kosinski" wrote:
>
> Is this a generic problem with compressed archives (like the
> Fir
ger than
> expected to scan.
>
> -Micah
>
>
> Micah Snyder
> ClamAV Development
> Talos
> Cisco Systems, Inc.
>
>
>
>
> On 4/7/20, 1:38 PM, "clamav-users on behalf of Paul Kosinski via
> clamav-users" clamav-users@lists.clamav.net> wrote:
>
nature database into RAM. How long does it take using clamdscan?
>
> Sent from my iPad
>
> -Al-
>
> On Apr 6, 2020, at 12:29, Paul Kosinski via clamav-users
> wrote:
> >
> > It *does* take more than 120 secs for the clamscan command to fully
> > scan
ot; with 32 GB RAM.
On Mon, 6 Apr 2020 15:23:42 +
"Micah Snyder (micasnyd)" wrote:
> Paul,
>
> Are you seeing many files that take longer than 2 minutes to scan?
> We thought the default scan time limit was already quite high at 2
> minutes.
>
> -Micah
1 - 100 of 317 matches
Mail list logo
