ClamAV 0.99.3 has been released!

Discussion in 'other anti-virus software' started by mood, Jan 26, 2018.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    9,512
    ClamAV 0.99.3 Released (January 25, 2018)
    This release fixes 7 critical vulnerabilities:
    Announcement
    Download

    ClamAV Version number adjustment
    January 25, 2018
    http://blog.clamav.net/2018/01/clamav-version-number-adjustment.html
     
  2. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    6,166
    Location:
    Hawaii
    Thank you, Mood.
     
  3. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    9,512
  4. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    9,512
    ClamAV 0.99.4 Released (March 1, 2018)
    Announcement
    Download
     
  5. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    9,512
    ClamAV 0.100.0 Released (April 9, 2018)
    Announcement
    Download
    Some of the more prominent submissions include:
    • Interfaces to the Prelude SIEM open source package for collecting ClamAV virus events.
    • Support for Visual Studio 2015 for Windows builds. Please note that we have deprecated support for Windows XP, and while Vista may still work, we no longer test ClamAV on Windows XP or Vista.
    • Support libmspack internal code or as a shared object library. The internal library is the default and includes modifications to enable parsing of CAB files that do not entirely adhere to the CAB file format.
    • Linking with OpenSSL 1.1.0.
    • Deprecation of the AllowSupplementaryGroups parameter statement in clamd, clamav-milter, and freshclam. Use of supplementary is now in effect by default.
    • Numerous bug fixes, typo corrections, and compiler warning fixes.
    Additionally, we have introduced important changes and new features in ClamAV 0.100, including but not limited to:
    Deprecating internal LLVM code support. The configure script has changed to search the system for an installed instance of the LLVM development libraries, and to otherwise use the bytecode interpreter for ClamAV bytecode signatures. To use the LLVM Just-In-Time compiler for executing bytecode signatures, please ensure that the LLVM development package at version 3.6 or lower is installed. Using the deprecated LLVM code is possible with the command: ./configure --with-system-llvm=no, but it no longer compiles on all platforms.
    • Compute and check PE import table hash (a.k.a. "imphash") signatures.
    • Support file property collection and analysis for MHTML files.
    • Raw scanning of PostScript files.
    • Fix clamsubmit to use the new virus and false positive submission web interface.
    • Optionally, flag files with the virus "Heuristic.Limits.Exceeded" when size limitations are exceeded.
    • Improved decoders for PDF files.
    • Reduced number of compile time warnings.
    • Improved support for C++11.
    • Improved detection of system installed libraries.
    • Fixes to ClamAV's Container system and the introduction of Intermediates for more descriptive signatures.
    • Improvements to clamd's On-Access scanning capabilities for Linux.
     
  6. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    9,512
    ClamAV 0.100.1 Released (July 9, 2018)
    Announcement
    Download
    • Fixes for the following CVE's:
    • Fixes for a few additional bugs:
      • Buffer over-read in unRAR code due to missing max value checks in table initialization. Reported by Rui Reis.
      • Libmspack heap buffer over-read in CHM parser. Reported by Hanno Böck.
      • PDF parser bugs reported by Alex Gaynor.
        • Buffer length checks when reading integers from non-NULL terminated strings.
        • Buffer length tracking when reading strings from dictionary objects.
    • HTTPS support for clamsubmit.
    • Fix for DNS resolution for users on IPv4-only machines where IPv6 is not available or is link-local only. Patch provided by Guilherme Benkenstein.
     
  7. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    6,166
    Location:
    Hawaii
    Ah... they finally got to .100. I wonder if they will ever get to a version 1.0? In any event, I have a huge system disk so I always keep the latest Clam Av on-board. Rarely installed, but ... on-board.

    Thanks for the updates, mood!
     
  8. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    9,512
    You're welcome :)

    It will take a very long time until they reach v1.0 ;)
    2009 - ClamAV v0.95
    2018 - ClamAV v0.100.1
    ...
     
  9. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    9,512
    ClamAV 0.101.0 Released (December 3, 2018)
    Announcement
    Download
    Highlighted Changes:
    • Our user manual has been converted from latex/pdf/html into Markdown! Markdown is easier to read & edit than latex, and is easier to contribute to as it eliminates the need to generate documents (the PDF, HTML). The user manual is now shipped in:docs/UserManual[.md]. However, the most up to date version at any time will be on ClamAV.net (This is not live right now, but will be shortly)
    • Support for RAR v5 archive extraction! We replaced the legacy C-based unrar implementation with RarLabs UnRAR 5.6.5 library. Licensing is the same as before, although our libclamunrar_ifacesupporting library has changed from LGPL to the BSD 3-Clause license.
    • Libclamav API changes:
      • The following scanning functions now require a filename argument.
      • This will enable ClamAV to report more details warning and error information in the future, and will also allow for more sensible temp file names. The filename argument may be NULL if a filename is not available.
        • cl_scandesc
        • cl_scandesc_callback
        • cl_scanmap_callback
    • Scanning options have been converted from a single flag bit-field into a structure of multiple categorized flag bit-fields. This change enabled us to add new scanning options requested by the community. In addition, the name of each scan option has changed a little. As a result, the API changes will require libclamav users to modify how they initialize and pass scan options into calls such as cl_scandesc() .
    • With our move to openssl versions >1.0.1, the cl_cleanup_crypto() function has been deprecated. This is because cleanup of open-ssl init functions is now handled by an auto-deinit procedure within the openssl library, meaning the call to EVP_cleanup() may cause problems to processes external to Clam.
    • CL_SCAN_HEURISTIC_ENCRYPTED scan option was replaced by 2 new scan options:
      • CL_SCAN_HEURISTIC_ENCRYPTED_ARCHIVE
      • CL_SCAN_HEURISTIC_ENCRYPTED_DOC
    • clamd.conf and command line interface (CLI) changes:
      • As in 0.100.2, the clamd.conf OnAccessExtraScanning has been temporarily disabled in order to prevent resource cleanup issues from impacting clamd stability. As noted below, OnAccessExtraScanning is an opt-in minor feature of on-access scanning on Linux systems and its loss does not significantly impact the effectiveness of on-access scanning. The option still exists, but the feature will not be enabled and a warning will show if LogVerbose is enabled.
      • For details, see: https://bugzilla.clamav.net/show_bug.cgi?id=12048
    • "Heuristic Alerts" (aka "Algorithmic Detection") options have been changed to make the names more consistent. The original options are deprecated in 0.101, and will be removed in a future feature release.
    • In addition, two new scan options were added to alert specifically on encrypted archives or encrypted docs. Previous functionality did both, even though it claimed to be specific to archives:
    • Scan option details: [...]
    Some more subtle improvements:
    • Logical signatures have been extended with a new sub-signature type which allows for numerical byte sequence comparison. For those familiar with Snort, this byte comparison feature works similarly to the byte_extract and byte_test feature, in that it allows signature writers to extract and compare a specified number of bytes (offset from a match) against another numeric value. You can read more about this feature, see how it works, and look over examples in our documentation.
    • Backwards compatibility improvements for detecting the OpenSSL dependency.
    • Freshclam updated to match exit codes defined in the freshclam.1 man page.
    • Upgrade from libmspack 0.5alpha to libmspack 0.7.1alpha. As a reminder, we support system-installed versions of libmspack. However, at this time the ClamAV-provided version of libmspack provides additional abilities to parse broken or non-standard CAB files beyond what the stock libmspack 0.7.1alpha provides. We are working with the upstream project to incorporate our modifications, and hopefully these changes will appear in a future release of libmspack.
    • Updated the bundled 3rd party library libxml2 included for Windows builds to version 2.9.8.
    • Updated the bundled 3rd party library pcre included for Windows builds to pcre2 version 10.31.
    • Upgraded Aspack PE unpacking capability with support up to version 2.42.
    • Improvements to PDF parsing capability.
    • Replaced the Windows installer with a new installer built using InnoSetup 5.
    • Improved curl-config detection logic
      • GitHub pull-request by Thomas Petazzoni.
    • Added file type CL_TYPE_LNK to more easily identify Windows Shortcut files when writing signatures.
    • Improved parsing of Windows executable (PE) Authenticode signatures.
      • Pull request by Andrew Williams.
    • Added support for Authenticode signature properties commonly used by Windows system files. These files are now much more likely to be whitelisted correctly.
    • Signature parsing now works correctly on big endian systems.
    • Some simplification to freshclam mirror management code, including changes to reduce timeout on ignoring mirrors after errors, and to make freshclam more tolerant when there is a delay between the time the new signature database content is announced and the time that the content-delivery-network has the content available for download.
    • Email MIME Header parsing changes to accept argument values with unbalanced quotes. Improvement should improve detection of attachments on malformed emails.
      • GitHub pull request by monnerat.
    • Included the config filename when reporting errors parsing ClamAV configs.
      • GitHub pull request by Josh Soref.
    • Improvement to build scripts for clamav-milter.
      • GitHub pull request by Renato Botelho.

    Other changes:
    • Removed option handler for AllowSupplementaryGroups from libfreshclam. This option was previously deprecated from freshclam in ClamAV 0.100.0 but remained in libfreshclam by mistake.
    • In older versions of pcre2 and in pcre, a higher PCRERecMatchLimit may cause
      clamd
      to crash on select files. We have lowered the default PCRERecMatchLimit to 2000 to reduce the likelihood of a crash and have added warnings to recommend using pcre2 v10.30 or higher to eliminate the issue.
     
  10. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,179
    Location:
    Pennsylvania.
    Clam AV has been around for how many years, since 2001 and no 1.0 version of it yet?
     
  11. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    9,512
    ClamAV 0.101.1 Released (January 7, 2019)
    Announcement
    Download
     
  12. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    4,379
    Location:
    USA still the best. But getting worse!
    LOL. I was just gonna say.

    I believe unless ClamAV gets a big sponsor like Canonical etc. It'll never get to a final edition but always a beta or alpha.
     
  13. Ultra Male

    Ultra Male Registered Member

    Joined:
    Jun 21, 2016
    Posts:
    326
    Location:
    Dubai
    Not touching an AV which has a 0.xx in its version number with a 10 foot pole
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.