The
ClamAV 0.103 LTS release is nearing end-of-life (EOL) with regards to security
vulnerability fix support from our team. This end of life date will be
Sept. 14, 2024.
ClamAV 0.103 users will be able to update signatures from the official database
mirror for an additional one year after the EOL date.
After Sept. 14, 2025, we may block ClamAV 0.103 from downloading signature
updates.
We recommend that users update to the newest LTS release, ClamAV 1.0.6.
For users that want to upgrade to the newest non-LTS release, use ClamAV 1.3.1.
The most recent version of ClamAV can be found here: https://www.clamav.net/downloads
The following is a list of major changes available to users in the newest
versions of ClamAV.
Since ClamAV 0.103, ClamAV 1.0 LTS adds:
·
A new detection capability based on comparing image fuzzy hashes.
·
[Windows] A feature to start clamd and freshclam as Windows services.
·
[Windows] A feature to scan process memory with either clamscan or clamdscan.
·
Signature database load progress bars for clamscan.
·
Support for extracting images from OLE2-based Excel documents.
·
The ability to use *.cat files with CRB signature rules to trust signed
Windows executables.
·
Support for decrypting read-only OLE2-based XLS files that are encrypted
with the default password.
·
Significant reliability improvements to the All-Match scanning mode.
·
Multiple libclamav API improvements.
· And more!
Since ClamAV 1.0 LTS, ClamAV 1.3.1 adds:
·
Support for extracting Universal Disk Format (UDF) partitions.
·
Support for extracting ALZ archives.
·
Support for extracting LHA/LZH archives.
·
Support for extracting images embedded in HTML CSS<style> blocks.
·
Support for extracting attachments found in Microsoft OneNote files.
·
An option to customize the size of ClamAV's clean file cache.
·
Effective removal of the MaxScanSize limit so the total amount of data
scanned when scanning a file or archive may exceed 4 gigabytes. Note: This does
not allow individual file size to exceed the 2 limit.
·
The ability for Freshclam to use a client certificate PEM file and a
private key PEM file for authentication to a private mirror.
·
A new ClamScan and ClamD option to fail to load if the provided signature
database is older than a given number of days.
·
Multiple libclamav API improvements.
Users updating to the newest version of ClamAV can find helpful resource below
and if you find you have a specific question, please join our Discord.
An assortment of installer packages for Mac (universal PKG installer), windows
(MSI and ZIP installers), and Linux (DEB and RPM installers). These are
available from:
https://www.clamav.net/downloads
https://github.com/Cisco-Talos/clamav/releases/
Alpine and Debian based Docker containers. These are published here:
https://hub.docker.com/u/clamav
Helpful documentation for compiling ClamAV:
- Linux: https://docs.clamav.net/manual/Installing/Installing-from-source-Unix.html
- Windows: https://docs.clamav.net/manual/Installing/Installing-from-source-Windows.html
- Reference
documentation for compile options: https://github.com/Cisco-Talos/clamav/blob/main/INSTALL.md
- Instructions for
cross-compiling from Linux x86_64 to Linux aarch64: https://github.com/Cisco-Talos/clamav/blob/main/INSTALL-cross-linux-arm64.md
- Instructions for
cross-compiling from Windows x86_64 to Windows ARM64: https://github.com/Cisco-Talos/clamav/blob/main/INSTALL-cross-windows-arm64.md
For users of installer packages instructions can be found here: https://docs.clamav.net/manual/Installing.html#installing-with-an-installer
Further information about ClamAV EOL policy can be found here:
https://docs.clamav.net/faq/faq-eol.html