Tuesday, October 14, 2014

ClamAV 0.98.5-rc1 is now available for download.  Shown below are the notes for this release:

ClamAV 0.98.5 also includes these new features:

    - Support for the XDP file format and extracting, decoding, and
      scanning PDF files within XDP files.
    - Addition of shared library support for LLVM verions 3.1 - 3.4
      for the purpose of just-in-time(JIT) compilation of ClamAV
      bytecode signatures. Andreas Cadhalpun submitted the patch
      implementing this support.
    - Enhancements to the clambc command line utility to assist
      ClamAV bytecode signature authors by providing introspection
      into compiled bytecode programs.
    - Resolution of many of the warning messages from ClamAV compilation.
    - Bug fixes and other feature enhancements. See Changelog or
      git log for details.

Thanks to the following ClamAV community members for code submissions
and bug reporting included in ClamAV 0.98.5:

Andreas Cadhalpun
Sebastian Andrzej Siewior

----

The RC is available for download from:
http://www.clamav.net/download.html under the "Development Releases" section.

Please download, test, and provide feedback to the team here:

http://lists.clamav.net/mailman/listinfo/clamav-users

--

The ClamAV team (http://www.clamav.net/about.html#credits)

Tuesday, August 26, 2014

For the past several months we've been working diligently on a complete refresh of several Open Source websites, designs and logos.  The first website we rolled out a refresh of was Snort.org back in June.

At the same time, we've been working hard on ClamAV.net.  When the ClamAV project was acquired in 2007 by Sourcefire (now a part of Cisco), we retained the original website and hosting provider the website was built on, but we took this opportunity to start from scratch.

As with Snort.org, this wasn't just a facelift for the website, this was a complete rewrite.  Much of the content you are looking for is the same, for instance the virus submission forms are still on the site, but we've build some improvements:
  • Simple Navigation
    • Much like we tried to do with Snort.org, almost all content on ClamAV.net is one or two clicks away.
  • Faster
    • Not only is the site faster to load on the browser, but it is less load on the server side too.
  • Documentation
    • We now dynamically load the ClamAV FAQ from Github onto the site.  If someone would like to contribute to the FAQ, they may do so by submitting a pull request (at https://github.com/vrtadmin/clamav-faq.  Which, once accepted, will be rendered on the main clamav.net site for all to see.
  • Elimination of dead links and pages
We really hope that you enjoy on the new ClamAV.net, and are looking forward to hearing your feedback at snort-site@cisco.com

Please take a look at the new website over at: http://www.clamav.net

Tuesday, July 29, 2014

ClamAV Community,

This notice is to inform you that effective immediately ClamAV 0.96 (and all minor versions) is no longer supported in accordance with ClamAV's EOL policy which can be found here:

https://github.com/vrtadmin/clamav-faq/blob/master/faq/faq-eol.md

While the current CVD's being distributed will still work on ClamAV 0.96, we are enabling the functionality to actually make those versions no longer be able to update.  There is detection that we have written that cannot be shipped to the 0.96 branch.

Thank you for using ClamAV!

Wednesday, July 9, 2014

Introduction

In order to support more advanced features planned in future releases, ClamAV has switched to using OpenSSL for hashing. The ClamAV Visual Studio project included with ClamAV's source code requires the OpenSSL distributables to be placed in a specific directory. This article will teach you how to compile OpenSSL on a Microsoft Windows system and how to link ClamAV against OpenSSL.

This blog article is based on another article.


Prerequisites


You will need ActiveState ActivePerl installed. OpenSSL uses Perl-based Makefiles. You will also need Visual Studio 2010 or later.


Download OpenSSL


You can find OpenSSL's source here. Download the latest version. When this article was first authored, the latest version of OpenSSL was 1.0.1h. This article will reference that version throughout.

We will be using separate build and installation directories for 32bit and 64bit compilations. We'll extract the source code twice, to C:\openssl-src-32 and C:\openss-src-64. We'll then create two directories to hold the OpenSSL installation: C:\openssl-build-32 and C:\openssl-build-64.


Compiling OpenSSL


We will first build the 32bit libraries. You will need to open a Visual Studio 32bit command prompt. Please note that you cannot build OpenSSL 64bit from a 32bit Visual Studio command prompt and vice-versa.

We'll run these commands in the command prompt:
  1. C:
  2. cd \openssl-src-32
  3. perl Configure VC-WIN32 --prefix=C:\openssl-build-32
  4. ms\do_ms
  5. nmake -f ms\ntdll.mak
  6. nmake -f ms\ntdll.mak install
Once those commands have run, you'll need to create the 64bit OpenSSL distributables in a Visual Studio x64 comamnd prompt:
  1. C:
  2. cd \openssl-src-64
  3. perl Configure VC-WIN64A --prefix=C:\openssl-build-64
  4. ms\do_win64a
  5. nmake -f ms\ntdll.mak
  6. nmake -f ms\ntdll.mak install
You now have both the 32bit and 64bit builds of OpenSSL compiled and installed in their respective build directories.


ClamAV Dependencies Directory


Now that you have distributables for both 32bit and 64bit, we'll now need to create the directories where the ClamAV Visual Studio project expects the OpenSSL dependencies to be.

Create these directories:
  1. C:\clamdeps
  2. C:\clamdeps\win32
  3. C:\clamdeps\win32\openssl
  4. C:\clamdeps\win32\openssl\lib
  5. C:\clamdeps\win64
  6. C:\clamdeps\win64\openssl
  7. C:\clamdeps\win64\openssl\lib

Copy the 32bit directories and files over:
  1. C:\openssl-build-32\include to C:\clamdeps\win32\openssl
  2. C:\openssl-build-32\lib\libeay32.lib to C:\clamdeps\win32\openssl\lib
  3. C:\openssl-build-32\lib\ssleay32.lib to C:\clamdeps\win32\openssl\lib
  4. C:\openssl-build-32\bin\libeay32.dll to C:\clamdeps\win32\openssl\lib
  5. C:\openssl-build-32\bin\ssleay32.dll to C:\clamdeps\win32\openssl\lib
Now copy the 64bit directories and files over:
  • C:\openssl-build-64\include to C:\clamdeps\win64\openssl
  • C:\openssl-build-64\lib\libeay32.lib to C:\clamdeps\win64\openssl\lib
  • C:\openssl-build-64\lib\ssleay32.lib to C:\clamdeps\win64\openssl\lib
  • C:\openssl-build-64\bin\libeay32.dll to C:\clamdeps\win64\openssl\lib
  • C:\openssl-build-64\bin\ssleay32.dll to C:\clamdeps\win64\openssl\lib


Conclusion


We've now built the OpenSSL libraries that ClamAV now depends on. ClamAV requires them to be in C:\clamdeps\win{32,64}\openssl.

Tuesday, July 8, 2014

The ClamAV team is proud to announce the availability of ClamAV 0.98.5 beta ready for testing!

0.98.5
------

Welcome to ClamAV 0.98.5 beta! ClamAV 0.98.5 will include important new features for collecting and analyzing file properties. Software developers and analysts may collect file properties using the ClamAV API and then analyze them with ClamAV bytecode programs. Using the new features will require that libjson-c is installed.

Look for our upcoming series of blog posts to learn more about using the ClamAV API and bytecode facilities for collecting and analyzing file properties.

The release can be downloaded from http://sourceforge.net/projects/clamav/files/beta/.  Please download, test and provide any feedback via the mailing lists.


--
The ClamAV team (http://www.clamav.net/team)

Monday, June 16, 2014

The ClamAV team is pleased to announce the release of ClamAV 0.98.4!  Below are the release notes for 0.98.4:


0.98.4
------

ClamAV 0.98.4 is a bug fix release. The following issues are now resolved:

- Various build problems on Solaris, OpenBSD, AIX.
- Crashes of clamd on Windows and Mac OS X platforms when reloading the virus signature database.
- Infinite loop in clamdscan when clamd is not running.
- Freshclam failure on Solaris 10.
- Buffer underruns when handling multi-part MIME email attachments.
- Configuration of OpenSSL on various platforms.
- Name collisions on Ubuntu 14.04, Debian sid, and Slackware 14.1.
- Linking issues with libclamunrar
Thanks to the following individuals for testing, writing patches, and
initiating quality improvements in this release:

Tuomo Soini
Scott Kitterman
Jim Klimov
Curtis Smith
Steve Basford
Martin Preen
Lars Hecking
Stuart Henderson
Ismail Paruk
Larry Rosenbaum
Dave Simonson
Sebastian Andrzej Siewior


The newest release can be downloaded from the following link: http://www.clamav.net/download/sources

Please download this release, and provide us any feedback on our mailing lists.


Friday, May 16, 2014

ClamAV 0.98.4rc1 is now available for download.  Shown below are the notes concerning this release:


0.98.4rc1
------

ClamAV 0.98.4 is a bug fix release. The following issues are now resolved:

- Various build problems on Solaris, OpenBSD, AIX.

- Crashes of clamd on Windows and Mac OS X platforms when reloading
the virus signature database.

- Infinite loop in clamdscan when clamd is not running.

- Freshclam failure on Solaris 10.

- Buffer underruns when handling multi-part MIME email attachments.

- Configuration of OpenSSL on various platforms.

----

ClamAV 0.98.4rc1 is available for download here: http://sourceforge.net/projects/clamav/files/RC/clamav-0.98.4-rc1/.  Please download, test, and provide feedback to the mailing list here:

http://lists.clamav.net/mailman/listinfo/clamav-users


--
The ClamAV team (http://www.clamav.net/team)