Re: [clamav-users] No daily sig since July 28th
On Mon, Aug 01, 2022 at 11:57 PM, G.W. Haywood via clamav-users wrote: > Al, the real reason for this post is that you mentioned the other day > that you'd also seen no viusdb mail for CVE CVE_2021_4034 although the > signature had appeared in the DB. The mail was sent on June 4th, the > sig was the first in the list: > ... > Maybe you trash-canned it? Thanks Ged., no it's still there. Looks like InfoClick let me down this time. Had to rebuild the database to pick it up. -Al- smime.p7s Description: S/MIME cryptographic signature ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
Re: [clamav-users] No daily sig since July 28th
Hi all, There was a server outage in our primary datacenter on Friday that left the signature database build server's database in a bad state. Unfortunately, I'm told that it also impacted the service responsible for alerting us to the problem and so we didn't realize until yesterday morning. Yesterday the incomplete build in the build server's database was cleaned up and a build was expected to work and go out this AM. That obviously didn't happen. I have teammates working on server maintenance now. I expect that the daily signature publication will resume by tomorrow morning. Regards, Micah Micah Snyder ClamAV Development Talos Cisco Systems, Inc. From: clamav-users on behalf of Al Varnell via clamav-users Sent: Monday, August 1, 2022 5:11 PM To: ClamAV users ML Cc: Al Varnell Subject: Re: [clamav-users] No daily sig since July 28th There have been no such announcements on the [clamav-virusdb] email list since the 28th. Sent from my iPad -Al- -- ClamXAV User On Aug 1, 2022, at 06:48, Shawn Iverson via clamav-users wrote: > Hello, > > I've noticed that a daily hasn't been posted since the 28th of July. Are > daily sigs being posted? ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
Re: [clamav-users] No daily sig since July 28th
Hi there, On Mon, 1 Aug 2022, Al Varnell via clamav-users wrote: There have been no such announcements on the [clamav-virusdb] email list since the 28th. My guess is that somebody at Talos went on holiday. :) Al, the real reason for this post is that you mentioned the other day that you'd also seen no viusdb mail for CVE CVE_2021_4034 although the signature had appeared in the DB. The mail was sent on June 4th, the sig was the first in the list: 8<-- Date: Sat, 4 Jun 2022 04:05:56 -0400 From: nore...@sourcefire.com To: clamav-viru...@lists.clamav.net Subject: [clamav-virusdb] Signatures Published daily - 26562 ... ... ClamAV Signature Publishing Notice Datefile: daily Version:26562 Publisher: David Raynor New Sigs: 10 Dropped Sigs: 0 Ignored Sigs: 113 New Detection Signatures: * Osx.Exploit.CVE_2021_4034-9951522-1 ... ... 8<-- Maybe you trash-canned it? -- 73, Ged. ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
Re: [clamav-users] No daily sig since July 28th
There have been no such announcements on the [clamav-virusdb] email list since the 28th. Sent from my iPad -Al- -- ClamXAV User On Aug 1, 2022, at 06:48, Shawn Iverson via clamav-users wrote: > Hello, > > I've noticed that a daily hasn't been posted since the 28th of July. Are > daily sigs being posted? ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
Re: [clamav-users] No daily sig since July 28th
On Mon, 1 Aug 2022 16:24:50 +0100 (BST)
Andrew C Aitchison via clamav-users wrote:
> On Mon, 1 Aug 2022, Shawn Iverson via clamav-users wrote:
>
> > Hello,
> >
> > I've noticed that a daily hasn't been posted since the 28th of July. Are
> > daily sigs being posted?
>
> # clamscan --version
> ClamAV 0.103.7/26615/Thu Jul 28 08:58:07 2022
>
> # host -t txt current.cvd.clamav.net.
> current.cvd.clamav.net descriptive text
> "0.103.7:62:26615:1659362400:1:90:49192:333"
>
> # date -u -d "1970-01-01 UTC 1659362400 seconds"
> Mon Aug 1 14:00:00 UTC 2022
>
> ... so the magic DNS timestamp is being updated,
> but the daily version number has not changed since Thursday.
=
Same here on the Cloudflare 'BOS' anycast mirror.
-- Thursday 28 July 2022 at 04:43:01
--
/opt/clamav/bin/testclam-dns
--> UPD D 26615/26614 M 62/62 B 333/333
/opt/clamav/bin/freshclam -v --stdout --on-update-execute=EXIT_1
...
...
-- Monday 01 August 2022 at 12:43:01
--
/opt/clamav/bin/testclam-dns
--> DNS D 26615/26615 M 62/62 B 333/333
P.S. Testclam-dns is something I created a few years ago (before the bandwidth
abuse) when the BOS mirror was often out of date in serving the latest CVD file
(which I then mirrored locally). It reports the latest vs the currently
installed versions of the 3 principal signature files ("daily", "main" &
"bytecode"), and whether freshclam should be invoked. I still use it for its
detailed reporting, but now each freshclam instance simply uses the CDIFFs
directly. This saves bandwidth compared to locally mirrored CVDs -- unless one
has *lots* of ClamAV instances.
___
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat
Re: [clamav-users] No daily sig since July 28th
On Mon, 1 Aug 2022, Shawn Iverson via clamav-users wrote: Hello, I've noticed that a daily hasn't been posted since the 28th of July. Are daily sigs being posted? # clamscan --version ClamAV 0.103.7/26615/Thu Jul 28 08:58:07 2022 # host -t txt current.cvd.clamav.net. current.cvd.clamav.net descriptive text "0.103.7:62:26615:1659362400:1:90:49192:333" # date -u -d "1970-01-01 UTC 1659362400 seconds" Mon Aug 1 14:00:00 UTC 2022 ... so the magic DNS timestamp is being updated, but the daily version number has not changed since Thursday. -- Andrew C. Aitchison Kendal, UK and...@aitchison.me.uk ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
Re: [clamav-users] No daily sig since July 28th
On Mon, 1 Aug 2022, Shawn Iverson via clamav-users wrote: > Date: Mon, 1 Aug 2022 09:48:01 -0400 > From: Shawn Iverson via clamav-users > To: clamav-users@lists.clamav.net > Cc: Shawn Iverson > Subject: [clamav-users] No daily sig since July 28th > > Hello, > > I've noticed that a daily hasn't been posted since the 28th of July. Are > daily sigs being posted? > same here : [hubble:root]:(/var/lib/clamav)# ll total 349280 -rw-r--r-- 1 clamav clamav293670 Jul 28 01:13 bytecode.cvd -rw-r--r-- 1 clamav clamav 186877440 Jul 28 11:07 daily.cld -rw-r--r-- 1 clamav clamav69 Jul 28 01:12 freshclam.dat -rw-r--r-- 1 clamav clamav 170479789 Jul 28 01:13 main.cvd [hubble:root]:(/var/lib/clamav)# date Mon Aug 1 15:51:53 CEST 2022 [hubble:root]:(/var/lib/clamav)# freshclam.log.1.gz : -- ClamAV update process started at Thu Jul 28 11:07:00 2022 daily database available for update (local version: 26614, remote version: 26615) Testing database: '/var/lib/clamav/tmp.a2732d54fd/clamav-3a8cccfa9c215b7da1e072dd8e94e89a.tmp-daily.cld' ... Database test passed. daily.cld updated (version: 26615, sigs: 1992518, f-level: 90, builder: raynman) main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr) bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63, builder: awillia2) Clamd successfully notified about the update. -- -- Robert M. Stockmann - RHCE Network Engineer - UNIX/Linux Specialist crashrecovery.org st...@stokkie.net ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
[clamav-users] No daily sig since July 28th
Hello, I've noticed that a daily hasn't been posted since the 28th of July. Are daily sigs being posted? ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
