tag:blogger.com,1999:blog-23666899743682395732024-03-13T06:55:10.069-04:00ClamAV® blogThe leading open source anti-malware software, brought to you by Sourcefire.Twillowkinshttp://www.blogger.com/profile/11855722994118441179noreply@blogger.comBlogger227125tag:blogger.com,1999:blog-2366689974368239573.post-4408668683847962872024-02-07T11:48:00.002-05:002024-02-07T12:07:57.799-05:00ClamAV 1.3.0 feature release and 1.2.2, 1.0.5 security patch release!<p><span style="font-family: inherit;"><span style="font-variant-ligatures: none; white-space-collapse: preserve;">The ClamAV 1.3.0 feature release is now stable!</span></span></p><div><span style="font-family: inherit;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US">Today, we are also publishing the 1.2.2 and 1.0.5 security patch versions. </span></span></div><div><span style="font-family: inherit;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"><br /></span></span></div><div><span style="font-family: inherit;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US">ClamAV 1.1 is <a href="https://docs.clamav.net/faq/faq-eol.html" target="_blank">past EOL</a> for security fixes and will not receive an update. Switch to the 1.0 LTS, 1.2, or 1.3 versions for continued support.</span></span></div><div><span style="font-family: inherit;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"><br /></span></span></div><div><span style="font-family: inherit;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">The release files are available for download on the </span><a class="Hyperlink SCXW156866380 BCX0" href="https://www.clamav.net/downloads" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: normal; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">ClamAV downloads page</span></span></a><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">, on the </span><a class="Hyperlink SCXW156866380 BCX0" href="https://github.com/Cisco-Talos/clamav/releases" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; line-height: 17.2667px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Github</span><span class="NormalTextRun SCXW156866380 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> Release page</span></span></a><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">, and through Docker Hub<b>*</b>:</span></span></span></span></span></div><div><ul style="text-align: left;"><li><span style="font-family: inherit;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><a href="https://hub.docker.com/r/clamav/clamav/" rel="nofollow" target="_blank">Alpine-based images</a></span></span></span></span></span></li><li><span style="font-family: inherit;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><a href="https://hub.docker.com/r/clamav/clamav-debian/" rel="nofollow" target="_blank">Debian-based multi-arch images</a></span></span></span></span></span></li></ul></div><div><span style="font-family: inherit;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"><i><b>*</b>The Docker images are built on release day and may not be available until later in the day.</i></span></span></div><div><span style="font-family: inherit;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"><i><br /></i></span></span></div><div><span style="font-family: inherit;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"><i><span style="background-color: white; font-style: normal; font-variant-ligatures: normal; white-space-collapse: collapse;"><br /></span></i></span></span></div><div><span style="font-family: inherit;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"><i><span style="background-color: white; font-style: normal; font-variant-ligatures: normal; white-space-collapse: collapse;">Continue reading to learn what changed in each version.</span></i></span></span></div><div><span style="font-family: inherit;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"><i><span style="background-color: white; font-style: normal; font-variant-ligatures: normal; white-space-collapse: collapse;"><br /></span></i></span></span></div><h4 style="text-align: left;"><span style="font-family: inherit;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"><i><span style="background-color: white; font-style: normal; font-variant-ligatures: normal; white-space-collapse: collapse;"><br /></span></i></span></span><span style="font-family: inherit;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"><i><span style="background-color: white; font-style: normal; font-variant-ligatures: normal; white-space-collapse: collapse;">1.3.0</span></i></span></span></h4><div><span><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><p class="code-line" data-line="7" dir="auto" style="color: #3b3b3b; font-family: inherit; font-variant-ligatures: normal; margin-bottom: 16px; margin-top: 0px; position: relative; white-space-collapse: collapse;"><span style="font-family: inherit;">ClamAV 1.3.0 includes the following improvements and changes:</span></p><h3 class="code-line" data-line="9" id="major-changes" style="color: #3b3b3b; font-family: inherit; font-variant-ligatures: normal; line-height: 1.25; margin-bottom: 16px; margin-top: 24px; position: relative; white-space-collapse: collapse;"><span style="font-family: inherit; font-size: small;">Major changes</span></h3><ul class="code-line" data-line="11" dir="auto" style="color: #3b3b3b; font-family: inherit; font-variant-ligatures: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; white-space-collapse: collapse;"><li class="code-line" data-line="11" dir="auto" style="position: relative;"><span style="font-family: inherit;">Added support for extracting and scanning attachments found in Microsoft OneNote section files. OneNote parsing will be enabled by default, but may be optionally disabled using one of the following options:<br />a. The <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">clamscan</code> command line option: <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">--scan-onenote=no</code>,<br />b. The <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">clamd.conf</code> config option: <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">ScanOneNote no</code>,<br />c. The libclamav scan option <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">options.parse &= ~CL_SCAN_PARSE_ONENOTE;</code>,<br />d. A signature change to the <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">daily.cfg</code> dynamic configuration (DCONF).</span></li><ul class="code-line" data-line="19" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="19" dir="auto" style="position: relative;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/1048" href="https://github.com/Cisco-Talos/clamav/pull/1048" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/1048">GitHub pull request</a></li></ul></ul><div style="font-family: inherit; font-variant-ligatures: normal; white-space-collapse: collapse;"><h3 class="code-line" data-line="9" id="major-changes" style="color: #3b3b3b; line-height: 1.25; margin-bottom: 16px; margin-top: 24px; position: relative;"><span style="font-family: inherit; font-size: small;">Other improvements</span></h3></div><ul class="code-line" data-line="23" style="font-variant-ligatures: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; white-space-collapse: collapse;"><li class="code-line" data-line="23" style="color: #3b3b3b; font-family: inherit; position: relative;"><p class="code-line" data-line="23" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed issue when building ClamAV on the Haiku (BeOS-like) operating system. Patch courtesy of Luca D'Amico</span></p><ul class="code-line" data-line="25" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="25" style="position: relative;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/1061" href="https://github.com/Cisco-Talos/clamav/pull/1061" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/1061">GitHub pull request</a></li></ul></li><li class="code-line" data-line="27" style="color: #3b3b3b; font-family: inherit; position: relative;"><p class="code-line" data-line="27" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">ClamD: When starting, ClamD will now check if the directory specified by <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">TemporaryDirectory</code> in <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">clamd.conf</code> exists. If it doesn't, ClamD will print an error message and will exit with exit code 1. Patch courtesy of Andrew Kiggins.</span></p><ul class="code-line" data-line="31" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="31" style="position: relative;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/1037" href="https://github.com/Cisco-Talos/clamav/pull/1037" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/1037">GitHub pull request</a></li></ul></li><li class="code-line" data-line="33" style="color: #3b3b3b; position: relative;"><p class="code-line" data-line="33" style="font-family: inherit; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">CMake: If configured to build static libraries, CMake will now also install the libclamav_rust, libclammspack, libclamunrar_iface, and libclamunrar static libraries required by libclamav.</span></p><p class="code-line" data-line="37" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Note: These libraries are all linked into the </span><span style="font-family: courier;">clamscan</span><span style="font-family: inherit;">, </span><span style="font-family: courier;">clamd</span><span style="font-family: inherit;">, </span><span style="font-family: courier;">sigtool</span><span style="font-family: inherit;">, and </span><span style="font-family: courier;">freshclam </span><span style="font-family: inherit;">programs, which is why they did not need to be installed to function. However, these libraries would be required if you wish to build some other program that uses the libclamav static library.</span></p><p class="code-line" data-line="42" style="font-family: inherit; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Patch courtesy of driverxdw.</span></p><ul class="code-line" data-line="43" style="font-family: inherit; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="43" style="position: relative;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/1100" href="https://github.com/Cisco-Talos/clamav/pull/1100" rel="nofollow" style="text-decoration-line: none;" target="_blank" title="https://github.com/Cisco-Talos/clamav/pull/1100">GitHub pull request</a></li></ul></li><li class="code-line" data-line="45" style="position: relative;"><p class="code-line" data-line="45" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="color: #3b3b3b;"><span style="font-family: inherit;">Added file type recognition for compiled Python (</span><span style="font-family: courier;">`.pyc`</span><span style="font-family: inherit;">) files.</span></span></p><p class="code-line" data-line="45" style="font-family: inherit; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="color: #3b3b3b;"> The file type appears as a string parameter for these callback functions:</span></p><p class="code-line" data-line="45" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="color: #3b3b3b;"><span style="font-family: inherit;"> - </span><span style="font-family: courier;">clcb_pre_cache</span></span></p><p class="code-line" data-line="45" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="color: #3b3b3b;"><span style="font-family: inherit;"> - </span><span style="font-family: courier;">clcb_pre_scan</span></span></p><p class="code-line" data-line="45" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="color: #3b3b3b;"><span style="font-family: inherit;"> - </span><span style="font-family: courier;">clcb_file_inspection</span></span></p><p class="code-line" data-line="45" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="color: #3b3b3b;"><span style="font-family: inherit;"> When scanning a `</span><span style="font-family: courier;">.pyc</span><span style="font-family: inherit;">` file, the `</span><span style="font-family: courier;">type</span><span style="font-family: inherit;">` parameter will now show</span></span></p><p class="code-line" data-line="45" style="font-family: inherit; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="color: #3b3b3b;"> "CL_TYPE_PYTHON_COMPILED" instead of "CL_TYPE_BINARY_DATA".</span></p></li><ul style="font-family: inherit;"><li class="code-line" data-line="45" style="position: relative;"><a href="https://github.com/Cisco-Talos/clamav/pull/1111" rel="nofollow" target="_blank">GitHub pull request</a></li></ul></ul><div style="font-family: inherit;"><ul><li>Improved support for decrypting PDFs with empty passwords.</li><ul><li><a href="https://github.com/Cisco-Talos/clamav/pull/1141" rel="nofollow" target="_blank">GitHub pull request</a></li></ul></ul></div><div style="font-family: inherit; font-variant-ligatures: normal; white-space-collapse: collapse;"><ul><li>Assorted minor improvements and typo fixes.</li></ul></div><h3 class="code-line" data-line="47" id="bug-fixes" style="color: #3b3b3b; font-family: inherit; font-variant-ligatures: normal; line-height: 1.25; margin-bottom: 16px; margin-top: 24px; position: relative; white-space-collapse: collapse;"><span style="font-family: inherit; font-size: small;">Bug fixes</span></h3><ul class="code-line" data-line="49" dir="auto" style="color: #3b3b3b; font-family: inherit; font-variant-ligatures: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; white-space-collapse: collapse;"><li class="code-line" data-line="49" dir="auto" style="position: relative;"><p class="code-line" data-line="49" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed a warning when scanning some HTML files.</span></p><ul class="code-line" data-line="50" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="50" dir="auto" style="position: relative;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/1084" href="https://github.com/Cisco-Talos/clamav/pull/1084" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/1084">GitHub pull request</a></li></ul></li><li class="code-line" data-line="52" dir="auto" style="position: relative;"><p class="code-line" data-line="52" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed an issue decrypting some PDF's with an empty password.</span></p><ul class="code-line" data-line="53" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="53" dir="auto" style="position: relative;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/1079" href="https://github.com/Cisco-Talos/clamav/pull/1079" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/1079">GitHub pull request</a></li></ul></li><li class="code-line" data-line="55" dir="auto" style="position: relative;"><p class="code-line" data-line="55" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">ClamOnAcc: Fixed an infinite loop when a watched directory does not exist.</span></p></li><ul class="code-line" data-line="56" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="56" dir="auto" style="position: relative;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/1047" href="https://github.com/Cisco-Talos/clamav/pull/1047" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/1047">GitHub pull request</a></li></ul></ul><div style="font-family: inherit;"><ul><li>ClamOnAcc: Fixed an infinite loop when a file has been deleted before a scan.<br />Patch courtesy of gsuehiro.</li><ul><li><a href="https://github.com/Cisco-Talos/clamav/pull/1150" rel="nofollow" target="_blank">GitHub pull request</a></li></ul></ul></div><ul class="code-line" data-line="49" dir="auto" style="color: #3b3b3b; font-family: inherit; font-variant-ligatures: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; white-space-collapse: collapse;"><li class="code-line" data-line="58" dir="auto" style="position: relative;"><p class="code-line" data-line="58" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed a possible crash when processing VBA files on HP-UX/IA 64bit. Patch courtesy of Albert Chin-A-Young.</span></p></li><ul class="code-line" data-line="60" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="60" dir="auto" style="position: relative;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/526" href="https://github.com/Cisco-Talos/clamav/pull/526" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/526">GitHub pull request</a></li></ul></ul><div><ul><li><span style="font-family: inherit;">ClamConf: Fixed an issue printing `</span><span style="font-family: courier;">MaxScanSize</span><span style="font-family: inherit;">` introduced with the change to allow a `</span><span style="font-family: courier;">MaxScanSize</span><span style="font-family: inherit;">` greater than 4 GB.</span><br /><span style="font-family: inherit;">Fix courtesy of teoberi.</span></li><ul style="font-family: inherit;"><li><a href="https://github.com/Cisco-Talos/clamav/pull/1121" rel="nofollow" target="_blank">GitHub pull request</a></li></ul></ul><ul style="font-family: inherit;"><li>Fixed an issue building a ClamAV RPM in some configurations.<br />The issue was caused by faulty CMake logic that intended to create an empty database directory during the installation.</li><ul><li><a href="https://github.com/Cisco-Talos/clamav/pull/1144" rel="nofollow" target="_blank">GitHub pull request</a></li></ul></ul></div><h3 style="color: #3b3b3b; font-family: inherit; font-variant-ligatures: normal; line-height: 1.25; margin-bottom: 16px; margin-top: 24px; position: relative; white-space-collapse: collapse;"><span style="font-family: inherit; font-size: small;">Acknowledgments</span></h3><p class="code-line" data-line="64" dir="auto" style="color: #3b3b3b; font-family: inherit; font-variant-ligatures: normal; margin-bottom: 16px; margin-top: 0px; position: relative; white-space-collapse: collapse;"><span style="font-family: inherit;">Special thanks to the following people for code contributions and bug reports:</span></p><ul class="code-line" data-line="65" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="65" dir="auto" style="color: #3b3b3b; font-family: inherit; font-variant-ligatures: normal; position: relative; white-space-collapse: collapse;"><span style="font-family: inherit;">Albert Chin-A-Young</span></li><li class="code-line" data-line="66" dir="auto" style="color: #3b3b3b; font-family: inherit; font-variant-ligatures: normal; position: relative; white-space-collapse: collapse;"><span style="font-family: inherit;">Andrew Kiggins</span></li><li class="code-line" data-line="67" dir="auto" style="color: #3b3b3b; font-family: inherit; font-variant-ligatures: normal; position: relative; white-space-collapse: collapse;"><span style="font-family: inherit;">driverxdw</span></li><li class="code-line" data-line="67" dir="auto" style="position: relative;"><span style="color: #3b3b3b;">gsuehiro</span></li><li class="code-line" data-line="68" dir="auto" style="color: #3b3b3b; font-family: inherit; font-variant-ligatures: normal; position: relative; white-space-collapse: collapse;"><span style="font-family: inherit;">Luca D'Amico</span></li><li class="code-line" data-line="69" dir="auto" style="color: #3b3b3b; font-family: inherit; font-variant-ligatures: normal; position: relative; white-space-collapse: collapse;"><span style="font-family: inherit;">RainRat</span></li><li class="code-line" data-line="69" dir="auto" style="position: relative;"><span style="color: #3b3b3b;">teoberi</span></li></ul></span></span></div><div style="text-align: left;"><span style="font-family: inherit;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"><ul style="font-variant-ligatures: normal; white-space-collapse: collapse;"></ul></span></span></div><div><span style="font-family: inherit;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"><i><span style="background-color: white; font-style: normal; font-variant-ligatures: normal; white-space-collapse: collapse;"><br /></span></i></span></span></div><h4 style="text-align: left;"><span style="font-family: inherit;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"><i><span style="background-color: white; font-style: normal; font-variant-ligatures: normal; white-space-collapse: collapse;">1.2.2 and 1.0.5</span></i></span></span></h4><div><span><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span style="background-color: white;"><div>ClamAV 1.2.2 and ClamAV 1.0.5 are critical patch versions with the following fixes:</div><div><br /></div><div><ul style="text-align: left;"><li><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20290" rel="nofollow" target="_blank">CVE-2024-20290</a>: Fixed a possible heap overflow read bug in the OLE2 file parser that could cause a denial-of-service (DoS) condition.<br /><br />Thank you to OSS-Fuzz for identifying this issue.<br /><br />Affected versions:</li><ul><li>1.0.0 through 1.0.4 (LTS)</li><li>1.1 (all patch versions)</li><li>1.2.0 and 1.2.1</li></ul></ul></div></span></span></span></div><div><span><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span style="background-color: white;"><div><ul style="text-align: left;"><li><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20328" rel="nofollow" target="_blank">CVE-2024-20328</a>: Fixed a possible command injection vulnerability in the "VirusEvent" feature of ClamAV's ClamD service.<br /><br />To fix this issue, we disabled the '<span style="font-family: courier;">%f</span>' format string parameter. ClamD administrators may continue to use the `<span style="font-family: courier;">CLAM_VIRUSEVENT_FILENAME</span>` environment variable, instead of '<span style="font-family: courier;">%f</span>'. But you should do so only from within an executable, such as a Python script, and not directly in the <span style="font-family: courier;">clamd.conf</span> "VirusEvent" command.<br /><br />Thank you to Amit Schendel for identifying this issue.<br /><br />Affected versions:</li><ul><li>0.104 (all patch versions)</li><li>0.105 (all patch versions)</li><li>1.0.0 through 1.0.4 (LTS)</li><li>1.1 (all patch versions)</li><li>1.2.0 and 1.2.1</li></ul></ul></div></span></span></span></div><div><br /></div>Micah Snyderhttp://www.blogger.com/profile/07798916006145826441noreply@blogger.comtag:blogger.com,1999:blog-2366689974368239573.post-18705787493670686972024-01-24T15:31:00.001-05:002024-01-27T11:33:26.528-05:00ClamAV 1.3.0 Second Release Candidate now available!<p><span style="font-family: inherit;">We are excited to announce the ClamAV 1.3.0 release candidate.</span></p><p><span style="font-family: inherit; font-size: small;">You can find the source code and installers for this release on <a href="https://www.clamav.net/downloads">the clamav.net/downloads page</a> or t<a href="https://github.com/Cisco-Talos/clamav/releases/tag/clamav-1.3.0-rc2">he ClamAV GitHub release page</a>.</span></p><p><i>Tip: If you are downloading the source from the GitHub release page, the package labeled "clamav-1.3.0-rc2.tar.gz" does not require an internet connection to build. All dependencies are included in this package. But if you download the ZIP or TAR.GZ generated by GitHub, located at the very bottom, then an internet connection will be required during the build to download additional Rust dependencies.</i></p><p class="code-line" data-line="7" dir="auto" style="-webkit-text-stroke-width: 0px; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;">For Docker users, there is no specific Docker tag for the release candidate, but you can use these tags:</span></p><p class="code-line" data-line="7" dir="auto" style="-webkit-text-stroke-width: 0px; margin-bottom: 0.7em; margin-top: 0px; position: relative;"></p><ul><li><span style="font-family: inherit;"><code style="line-height: 1.357em;">clamav/clamav:unstable</code></span></li><li><span style="font-family: inherit;"><code style="line-height: 1.357em;">clamav/clamav:unstable_base</code></span><span style="font-family: inherit;"> </span></li><li><span style="font-family: inherit;"><code style="line-height: 1.357em;">clamav/clamav-debian:unstable</code></span></li><li><span style="font-family: inherit;"><code style="line-height: 1.357em;">clamav/clamav-debian:unstable_base</code></span><span style="font-family: inherit;"> </span></li></ul><p></p><p class="code-line" data-line="7" dir="auto" style="-webkit-text-stroke-width: 0px; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">This release candidate phase is expected to last two weeks before we publish the stable release</span><span style="font-family: inherit;">. Please take this time to evaluate ClamAV 1.3.0. </span></span><span style="font-family: inherit; font-size: small;"> </span></p><p><span style="font-family: inherit;"><span>Please help us validate this release by providing feedback via the </span><span style="color: black;"><a href="https://lists.clamav.net/mailman/listinfo/clamav-users" target="_blank">ClamAV mailing list</a> or <a href="https://discord.gg/sGaxA5Q" target="_blank">our Discord</a>.</span></span></p><p class="code-line" data-line="7" dir="auto" style="color: #3b3b3b; margin-bottom: 16px; margin-top: 0px; position: relative;">Changes since the first release candidate include:</p><ul style="text-align: left;"><li>Improved support for decrypting PDFs with empty passwords.</li><ul><li><a href="https://github.com/Cisco-Talos/clamav/pull/1141" rel="nofollow" target="_blank">GitHub pull request</a></li></ul></ul><ul style="text-align: left;"><li>ClamOnAcc: Fixed an infinite loop when a file has been deleted before a scan. <br />Patch courtesy of gsuehiro.</li><ul><li><a href="https://github.com/Cisco-Talos/clamav/pull/1150" rel="nofollow" target="_blank">GitHub pull request</a></li></ul></ul><ul style="text-align: left;"><li>ClamConf: Fixed an issue printing `MaxScanSize` introduced with the change to allow a `MaxScanSize` greater than 4 GB. <br />Fix courtesy of teoberi.</li><ul><li><a href="https://github.com/Cisco-Talos/clamav/pull/1121" rel="nofollow" target="_blank">GitHub pull request</a></li></ul></ul><ul style="text-align: left;"><li>Fixed an issue building a ClamAV RPM in some configurations. <br />The issue was caused by faulty CMake logic that intended to create an empty database directory during the installation.</li><ul><li><a href="https://github.com/Cisco-Talos/clamav/pull/1144" rel="nofollow" target="_blank">GitHub pull request</a></li></ul></ul><p></p><p class="code-line" data-line="7" dir="auto" style="color: #3b3b3b; margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">You can find the full list of changes and improvements in <a href="https://blog.clamav.net/2023/12/clamav-130-release-candidate-now.html" target="_blank">the blog post for the first release candidate</a>.</span></p>Micah Snyderhttp://www.blogger.com/profile/07798916006145826441noreply@blogger.comtag:blogger.com,1999:blog-2366689974368239573.post-56485044908118943292024-01-22T13:01:00.000-05:002024-01-22T13:01:54.902-05:00ClamAV Debian multi-Arch Docker images now available!<p>We now offer official ClamAV docker images based on `debian:11-slim`.</p><p>In addition to offering an alternative to <a href="https://hub.docker.com/r/clamav/clamav/tags" rel="nofollow" target="_blank">the original Alpine Linux images</a>, the new images are multi-arch images supporting `linux/amd64`, `linux/arm64`, and `linux/ppc64le`.</p><p>ClamAV's Alpine-based and Debian-based Docker images are now built weekly to pick up security fixes in the base images. </p><p>Check it out <a href="https://hub.docker.com/r/clamav/clamav-debian/tags" target="_blank">here</a>.</p>Micah Snyderhttp://www.blogger.com/profile/07798916006145826441noreply@blogger.comtag:blogger.com,1999:blog-2366689974368239573.post-36113091014203436532023-12-15T11:09:00.005-05:002024-01-22T15:00:20.240-05:00ClamAV 1.3.0 release candidate now available!<p><span style="font-family: inherit;">The ClamAV 1.3.0 release candidate is now available.</span></p><p><span style="font-family: inherit; font-size: small;">You may find the source code and installers for this release on t</span><span style="font-family: inherit;">he </span><a href="https://www.clamav.net/downloads" style="font-family: inherit;" target="_blank">clamav.net/downloads</a><span style="font-family: inherit;"> page or t</span><span style="font-family: inherit;">he </span><a href="https://github.com/Cisco-Talos/clamav/releases/tag/clamav-1.2.0-rc" rel="nofollow" style="font-family: inherit;" target="_blank">ClamAV GitHub release page</a>.</p><p><i>Tip: If you are downloading the source from the GitHub release page, the package labeled "clamav-1.3.0-rc.tar.gz" does not require an internet connection to build. All dependencies are included in this package. But if you download the ZIP or TAR.GZ generated by GitHub, located at the very bottom, then an internet connection will be required during the build to download additional Rust dependencies.</i></p><p class="code-line" data-line="7" dir="auto" style="-webkit-text-stroke-width: 0px; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">For Docker users, there is no specific Docker tag for the release candidate, but you can use the </span><span style="font-family: inherit;"><span></span><code style="line-height: 1.357em;">clamav:unstable</code><span> or </span></span><span style="font-family: inherit;"></span><span style="font-family: inherit;"><span></span><code style="line-height: 1.357em;">clamav:unstable_base</code></span><span style="font-family: inherit;"><span> tags.</span></span><span style="font-family: inherit;"></span></span></p><p class="code-line" data-line="7" dir="auto" style="-webkit-text-stroke-width: 0px; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">The release candidate phase is expected to last two to three weeks before we publish the stable release or a second release candidate</span><span style="font-family: inherit;">. Please take this time to evaluate ClamAV 1.3.0. </span></span><span style="font-family: inherit; font-size: small;"> </span></p><p><span style="font-family: inherit;"><span>Please help us validate this release by providing feedback via the </span><span style="color: black;"><a href="https://lists.clamav.net/mailman/listinfo/clamav-users" target="_blank">ClamAV mailing list</a> or on <a href="https://discord.gg/sGaxA5Q" target="_blank">our Discord</a>.</span></span></p><p class="code-line" data-line="7" dir="auto" style="color: #3b3b3b; margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">ClamAV 1.3.0 includes the following improvements and changes:</span></p><h3 class="code-line" data-line="9" id="major-changes" style="color: #3b3b3b; line-height: 1.25; margin-bottom: 16px; margin-top: 24px; position: relative;"><span style="font-family: inherit; font-size: small;">Major changes</span></h3><ul class="code-line" data-line="11" dir="auto" style="color: #3b3b3b; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="11" dir="auto" style="position: relative;"><span style="font-family: inherit;">Added support for extracting and scanning attachments found in Microsoft OneNote section files. OneNote parsing will be enabled by default, but may be optionally disabled using one of the following options:<br />a. The <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">clamscan</code> command line option: <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">--scan-onenote=no</code>,<br />b. The <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">clamd.conf</code> config option: <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">ScanOneNote no</code>,<br />c. The libclamav scan option <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">options.parse &= ~CL_SCAN_PARSE_ONENOTE;</code>,<br />d. A signature change to the <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">daily.cfg</code> dynamic configuration (DCONF).</span></li><ul class="code-line" data-line="19" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="19" dir="auto" style="position: relative;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/1048" href="https://github.com/Cisco-Talos/clamav/pull/1048" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/1048">GitHub pull request</a></li></ul></ul><div><h3 class="code-line" data-line="9" id="major-changes" style="color: #3b3b3b; line-height: 1.25; margin-bottom: 16px; margin-top: 24px; position: relative;"><span style="font-family: inherit; font-size: small;">Other improvements</span></h3></div><ul class="code-line" data-line="23" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="23" style="color: #3b3b3b; position: relative;"><p class="code-line" data-line="23" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed issue when building ClamAV on the Haiku (BeOS-like) operating system. Patch courtesy of Luca D'Amico</span></p><ul class="code-line" data-line="25" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="25" style="position: relative;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/1061" href="https://github.com/Cisco-Talos/clamav/pull/1061" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/1061">GitHub pull request</a></li></ul></li><li class="code-line" data-line="27" style="color: #3b3b3b; position: relative;"><p class="code-line" data-line="27" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">ClamD: When starting, ClamD will now check if the directory specified by <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">TemporaryDirectory</code> in <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">clamd.conf</code> exists. If it doesn't, ClamD will print an error message and will exit with exit code 1. Patch courtesy of Andrew Kiggins.</span></p><ul class="code-line" data-line="31" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="31" style="position: relative;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/1037" href="https://github.com/Cisco-Talos/clamav/pull/1037" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/1037">GitHub pull request</a></li></ul></li><li class="code-line" data-line="33" style="color: #3b3b3b; position: relative;"><p class="code-line" data-line="33" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">CMake: If configured to build static libraries, CMake will now also install the libclamav_rust, libclammspack, libclamunrar_iface, and libclamunrar static libraries required by libclamav.</span></p><p class="code-line" data-line="37" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Note: These libraries are all linked into the clamscan, clamd, sigtool, and freshclam programs, which is why they did not need to be installed to function. However, these libraries would be required if you wish to build some other program that uses the libclamav static library.</span></p><p class="code-line" data-line="42" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Patch courtesy of driverxdw.</span></p><ul class="code-line" data-line="43" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="43" style="position: relative;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/1100" href="https://github.com/Cisco-Talos/clamav/pull/1100" rel="nofollow" style="text-decoration-line: none;" target="_blank" title="https://github.com/Cisco-Talos/clamav/pull/1100">GitHub pull request</a></li></ul></li><li class="code-line" data-line="45" style="position: relative;"><p class="code-line" data-line="45" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="color: #3b3b3b;">Added file type recognition for compiled Python (`.pyc`) files.</span></p><p class="code-line" data-line="45" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="color: #3b3b3b;"> The file type appears as a string parameter for these callback functions:</span></p><p class="code-line" data-line="45" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="color: #3b3b3b;"> - `clcb_pre_cache`</span></p><p class="code-line" data-line="45" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="color: #3b3b3b;"> - `clcb_pre_scan`</span></p><p class="code-line" data-line="45" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="color: #3b3b3b;"> - `clcb_file_inspection`</span></p><p class="code-line" data-line="45" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="color: #3b3b3b;"> When scanning a `.pyc` file, the `type` parameter will now show</span></p><p class="code-line" data-line="45" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="color: #3b3b3b;"> "CL_TYPE_PYTHON_COMPILED" instead of "CL_TYPE_BINARY_DATA".</span></p></li><ul><li class="code-line" data-line="45" style="position: relative;"><a href="https://github.com/Cisco-Talos/clamav/pull/1111" rel="nofollow" target="_blank">GitHub pull request</a></li></ul></ul><div><ul><li>Assorted minor improvements and typo fixes.</li></ul></div><h3 class="code-line" data-line="47" id="bug-fixes" style="color: #3b3b3b; line-height: 1.25; margin-bottom: 16px; margin-top: 24px; position: relative;"><span style="font-family: inherit; font-size: small;">Bug fixes</span></h3><ul class="code-line" data-line="49" dir="auto" style="color: #3b3b3b; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="49" dir="auto" style="position: relative;"><p class="code-line" data-line="49" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed a warning when scanning some HTML files.</span></p><ul class="code-line" data-line="50" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="50" dir="auto" style="position: relative;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/1084" href="https://github.com/Cisco-Talos/clamav/pull/1084" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/1084">GitHub pull request</a></li></ul></li><li class="code-line" data-line="52" dir="auto" style="position: relative;"><p class="code-line" data-line="52" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed an issue decrypting some PDF's with an empty password.</span></p><ul class="code-line" data-line="53" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="53" dir="auto" style="position: relative;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/1079" href="https://github.com/Cisco-Talos/clamav/pull/1079" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/1079">GitHub pull request</a></li></ul></li><li class="code-line" data-line="55" dir="auto" style="position: relative;"><p class="code-line" data-line="55" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">ClamOnAcc: Fixed an infinite loop when a watched directory does not exist.</span></p><ul class="code-line" data-line="56" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="56" dir="auto" style="position: relative;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/1047" href="https://github.com/Cisco-Talos/clamav/pull/1047" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/1047">GitHub pull request</a></li></ul></li><li class="code-line" data-line="58" dir="auto" style="position: relative;"><p class="code-line" data-line="58" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed a possible crash when processing VBA files on HP-UX/IA 64bit. Patch courtesy of Albert Chin-A-Young.</span></p><ul class="code-line" data-line="60" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="60" dir="auto" style="position: relative;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/526" href="https://github.com/Cisco-Talos/clamav/pull/526" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/526">GitHub pull request</a></li></ul></li></ul><h3 style="color: #3b3b3b; line-height: 1.25; margin-bottom: 16px; margin-top: 24px; position: relative;"><span style="font-family: inherit; font-size: small;">Acknowledgments</span></h3><p class="code-line" data-line="64" dir="auto" style="color: #3b3b3b; margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Special thanks to the following people for code contributions and bug reports:</span></p><ul class="code-line" data-line="65" dir="auto" style="color: #3b3b3b; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="65" dir="auto" style="position: relative;"><span style="font-family: inherit;">Albert Chin-A-Young</span></li><li class="code-line" data-line="66" dir="auto" style="position: relative;"><span style="font-family: inherit;">Andrew Kiggins</span></li><li class="code-line" data-line="67" dir="auto" style="position: relative;"><span style="font-family: inherit;">driverxdw</span></li><li class="code-line" data-line="68" dir="auto" style="position: relative;"><span style="font-family: inherit;">Luca D'Amico</span></li><li class="code-line" data-line="69" dir="auto" style="position: relative;"><span style="font-family: inherit;">RainRat</span></li></ul>Micah Snyderhttp://www.blogger.com/profile/07798916006145826441noreply@blogger.comtag:blogger.com,1999:blog-2366689974368239573.post-52789672665428185992023-10-25T13:36:00.005-04:002023-10-25T13:36:44.514-04:00ClamAV 1.2.1, 1.1.3, 1.0.4, 0.103.11 patch versions published<p><span class="TextRun SCXW156866380 BCX0" data-contrast="none" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-family: inherit; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Today, we are publishing the 1.2.1, 1.1.3, 1.0.4, and 0.103.11 security patch versions. </span></span></p><div><span style="font-family: inherit;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">The release files for the patch versions are available for download on the </span><a class="Hyperlink SCXW156866380 BCX0" href="https://www.clamav.net/downloads" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: normal; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">ClamAV downloads page</span></span></a><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">, on the </span><a class="Hyperlink SCXW156866380 BCX0" href="https://github.com/Cisco-Talos/clamav/releases" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; line-height: 17.2667px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">GitHub</span><span class="NormalTextRun SCXW156866380 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> Release page</span></span></a><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">, and through </span><a class="Hyperlink SCXW156866380 BCX0" href="https://hub.docker.com/r/clamav/clamav/" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; line-height: 17.2667px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Docker Hub</span></span></a><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">.</span></span></span><i style="font-variant-ligatures: none; white-space-collapse: preserve;"> </i></span></div><div class="ListContainerWrapper SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; margin: 0px; padding: 0px; position: relative; user-select: text;"><div class="ListContainerWrapper SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; position: relative; user-select: text;"><div class="ListContainerWrapper SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; position: relative; user-select: text;"></div></div><div class="ListContainerWrapper SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; position: relative; user-select: text;"><span style="font-family: inherit;"><br /></span></div><div class="ListContainerWrapper SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; position: relative; user-select: text;"><span style="font-family: inherit;">Continue reading to learn what changed in each version.</span></div><div class="ListContainerWrapper SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; position: relative; user-select: text;"><span style="font-family: inherit;"><br /></span></div><div class="ListContainerWrapper SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; position: relative; user-select: text;"><span><h4 style="border-bottom: 1px solid rgba(255, 255, 255, 0.18); border-left-color: rgba(255, 255, 255, 0.18); border-right-color: rgba(255, 255, 255, 0.18); border-top-color: rgba(255, 255, 255, 0.18); font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; line-height: 1.25; margin-bottom: 16px; margin-top: 24px; padding-bottom: 0.3em; position: relative; text-align: left;"><span style="font-size: medium;">1.2.1</span></h4><p class="code-line" data-line="3" dir="auto" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-size: 14px; margin-bottom: 16px; margin-top: 0px; position: relative;">ClamAV 1.2.1 is a patch release with the following fixes:</p><ul class="code-line" data-line="5" dir="auto" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-size: 14px; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="5" dir="auto" style="position: relative;"><p class="code-line" data-line="5" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;">Eliminate security warning about unused "atty" dependency.</p><ul class="code-line" data-line="6" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="6" dir="auto" style="position: relative;"><a href="https://github.com/Cisco-Talos/clamav/pull/1033" rel="nofollow" target="_blank">GitHub pull request</a>.</li></ul></li><li class="code-line" data-line="8" dir="auto" style="position: relative;"><p class="code-line" data-line="8" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;">Upgrade the bundled UnRAR library (libclamunrar) to version 6.2.12.</p><ul class="code-line" data-line="9" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="9" dir="auto" style="position: relative;"><a href="https://github.com/Cisco-Talos/clamav/pull/1056" rel="nofollow" target="_blank">GitHub pull request</a>.</li></ul></li><li class="code-line" data-line="11" dir="auto" style="position: relative;"><p class="code-line" data-line="11" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;">Build system: Fix link error with Clang/LLVM/LLD version 17. Patch courtesy of Yasuhiro Kimura.</p><ul class="code-line" data-line="13" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="13" dir="auto" style="position: relative;"><a href="https://github.com/Cisco-Talos/clamav/pull/1060" rel="nofollow" target="_blank">GitHub pull request</a>.</li></ul></li><li class="code-line" data-line="15" dir="auto" style="position: relative;"><p class="code-line" data-line="15" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;">Fix alert-exceeds-max feature for files > 2GB and < max-filesize.</p><ul class="code-line" data-line="16" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="16" dir="auto" style="position: relative;"><a href="https://github.com/Cisco-Talos/clamav/pull/1039" rel="nofollow" target="_blank">GitHub pull request</a>. </li></ul></li></ul><p class="code-line" data-line="18" dir="auto" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-size: 14px; margin-bottom: 16px; margin-top: 0px; position: relative;">Special thanks to Yasuhiro Kimura for code contributions and bug reports.</p><h4 style="border-bottom: 1px solid rgba(255, 255, 255, 0.18); border-left-color: rgba(255, 255, 255, 0.18); border-right-color: rgba(255, 255, 255, 0.18); border-top-color: rgba(255, 255, 255, 0.18); font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; line-height: 1.25; margin-bottom: 16px; margin-top: 24px; padding-bottom: 0.3em; position: relative; text-align: left;"><span style="font-size: medium;">1.1.3</span></h4><p class="code-line" data-line="24" dir="auto" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-size: 14px; margin-bottom: 16px; margin-top: 0px; position: relative;">ClamAV 1.1.3 is a patch release with the following fixes:</p><ul class="code-line" data-line="26" dir="auto" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-size: 14px; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="26" dir="auto" style="position: relative;"><p class="code-line" data-line="26" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;">Eliminate security warning about unused "atty" dependency.</p><ul class="code-line" data-line="27" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="27" dir="auto" style="position: relative;"><a href="https://github.com/Cisco-Talos/clamav/pull/1034" rel="nofollow" target="_blank">GitHub pull request.</a></li></ul></li><li class="code-line" data-line="29" dir="auto" style="position: relative;"><p class="code-line" data-line="29" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;">Upgrade the bundled UnRAR library (libclamunrar) to version 6.2.12.</p><ul class="code-line" data-line="30" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="30" dir="auto" style="position: relative;"><a href="https://github.com/Cisco-Talos/clamav/pull/1055" rel="nofollow" target="_blank">GitHub pull request</a>. </li></ul></li><li class="code-line" data-line="32" dir="auto" style="position: relative;"><p class="code-line" data-line="32" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;">Windows: libjson-c 0.17 compatibility fix with ssize_t type definition.</p><ul class="code-line" data-line="33" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="33" dir="auto" style="position: relative;"><a href="https://github.com/Cisco-Talos/clamav/pull/1063" rel="nofollow" target="_blank">GitHub pull request</a>.</li></ul></li><li class="code-line" data-line="35" dir="auto" style="position: relative;"><p class="code-line" data-line="35" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;">Build system: Fix link error with Clang/LLVM/LLD version 17. Patch courtesy of Yasuhiro Kimura.</p><ul class="code-line" data-line="37" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="37" dir="auto" style="position: relative;"><a href="https://github.com/Cisco-Talos/clamav/pull/1059" rel="nofollow" target="_blank">GitHub pull request</a>.</li></ul></li><li class="code-line" data-line="39" dir="auto" style="position: relative;"><p class="code-line" data-line="39" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;">Fix alert-exceeds-max feature for files > 2GB and < max-filesize.</p><ul class="code-line" data-line="40" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="40" dir="auto" style="position: relative;"><a href="https://github.com/Cisco-Talos/clamav/pull/1040" rel="nofollow" target="_blank">GitHub pull request</a>.</li></ul></li></ul><p class="code-line" data-line="42" dir="auto" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-size: 14px; margin-bottom: 16px; margin-top: 0px; position: relative;">Special thanks to Yasuhiro Kimura for code contributions and bug reports.</p><h4 style="border-bottom: 1px solid rgba(255, 255, 255, 0.18); border-left-color: rgba(255, 255, 255, 0.18); border-right-color: rgba(255, 255, 255, 0.18); border-top-color: rgba(255, 255, 255, 0.18); font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; line-height: 1.25; margin-bottom: 16px; margin-top: 24px; padding-bottom: 0.3em; position: relative; text-align: left;"><span style="font-size: medium;">1.0.4</span></h4><p class="code-line" data-line="47" dir="auto" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-size: 14px; margin-bottom: 16px; margin-top: 0px; position: relative;">ClamAV 1.0.4 is a patch release with the following fixes:</p><ul class="code-line" data-line="49" dir="auto" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-size: 14px; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="49" dir="auto" style="position: relative;"><p class="code-line" data-line="49" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;">Eliminate security warning about unused "atty" dependency.</p><ul class="code-line" data-line="50" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="50" dir="auto" style="position: relative;"><a href="https://github.com/Cisco-Talos/clamav/pull/1035" rel="nofollow" target="_blank">GitHub pull request</a>.</li></ul></li><li class="code-line" data-line="52" dir="auto" style="position: relative;"><p class="code-line" data-line="52" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;">Upgrade the bundled UnRAR library (libclamunrar) to version 6.2.12.</p><ul class="code-line" data-line="53" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="53" dir="auto" style="position: relative;"><a href="https://github.com/Cisco-Talos/clamav/pull/1054" rel="nofollow" target="_blank">GitHub pull request</a>.</li></ul></li><li class="code-line" data-line="55" dir="auto" style="position: relative;"><p class="code-line" data-line="55" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;">Windows: libjson-c 0.17 compatibility fix with ssize_t type definition.</p><ul class="code-line" data-line="56" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="56" dir="auto" style="position: relative;"><a href="https://github.com/Cisco-Talos/clamav/pull/1064" rel="nofollow" target="_blank">GitHub pull request</a>.</li></ul></li><li class="code-line" data-line="58" dir="auto" style="position: relative;"><p class="code-line" data-line="58" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;">Freshclam: Removed a verbose warning printed for each Freshclam HTTP request.</p><ul class="code-line" data-line="59" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="59" dir="auto" style="position: relative;"><a href="https://github.com/Cisco-Talos/clamav/pull/1042" rel="nofollow" target="_blank">GitHub pull request</a>.</li></ul></li><li class="code-line" data-line="61" dir="auto" style="position: relative;"><p class="code-line" data-line="61" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;">Build system: Fix link error with Clang/LLVM/LLD version 17. Patch courtesy of Yasuhiro Kimura.</p><ul class="code-line" data-line="63" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="63" dir="auto" style="position: relative;"><a href="https://github.com/Cisco-Talos/clamav/pull/1058" rel="nofollow" target="_blank">GitHub pull request</a>.</li></ul></li><li class="code-line" data-line="65" dir="auto" style="position: relative;"><p class="code-line" data-line="65" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;">Fix alert-exceeds-max feature for files > 2GB and < max-filesize.</p><ul class="code-line" data-line="66" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="66" dir="auto" style="position: relative;"><a href="https://github.com/Cisco-Talos/clamav/pull/1041" rel="nofollow" target="_blank">GitHub pull request</a>.</li></ul></li></ul><p class="code-line" data-line="68" dir="auto" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-size: 14px; margin-bottom: 16px; margin-top: 0px; position: relative;">Special thanks to Yasuhiro Kimura for code contributions and bug reports.</p><h2 class="code-line" data-line="71" dir="auto" id="010311" style="border-bottom: 1px solid rgba(255, 255, 255, 0.18); border-left-color: rgba(255, 255, 255, 0.18); border-right-color: rgba(255, 255, 255, 0.18); border-top-color: rgba(255, 255, 255, 0.18); font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; line-height: 1.25; margin-bottom: 16px; margin-top: 24px; padding-bottom: 0.3em; position: relative;"><span style="font-size: medium;">0.103.11</span></h2><p class="code-line" data-line="73" dir="auto" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-size: 14px; margin-bottom: 16px; margin-top: 0px; position: relative;">ClamAV 0.103.11 is a patch release with the following fixes:</p><ul class="code-line" data-line="75" dir="auto" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-size: 14px; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="75" dir="auto" style="position: relative;"><p class="code-line" data-line="75" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;">Upgrade the bundled UnRAR library (libclamunrar) to version 6.2.12.</p><ul class="code-line" data-line="76" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="76" dir="auto" style="position: relative;"><a href="https://github.com/Cisco-Talos/clamav/pull/1053" rel="nofollow" target="_blank">GitHub pull request</a>.</li></ul></li><li class="code-line" data-line="78" dir="auto" style="position: relative;"><p class="code-line" data-line="78" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;">Windows: libjson-c 0.17 compatibility fix with ssize_t type definition.</p><ul class="code-line" data-line="79" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="79" dir="auto" style="position: relative;"><a href="https://github.com/Cisco-Talos/clamav/pull/1065" rel="nofollow" target="_blank">GitHub pull request</a>.</li></ul></li><li class="code-line" data-line="81" dir="auto" style="position: relative;"><p class="code-line" data-line="81" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;">Windows: Update build system to use OpenSSL 3 and PThreads-Win32 v3.</p></li><ul class="code-line" data-line="82" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line code-active-line" data-line="82" dir="auto" style="position: relative;"><a href="https://github.com/Cisco-Talos/clamav/pull/1057" rel="nofollow" target="_blank">GitHub pull request</a>.</li></ul></ul><div><span face="-apple-system, BlinkMacSystemFont, Segoe WPC, Segoe UI, system-ui, Ubuntu, Droid Sans, sans-serif"><span style="font-size: 14px;"><br /></span></span></div></span></div></div>Micah Snyderhttp://www.blogger.com/profile/07798916006145826441noreply@blogger.comtag:blogger.com,1999:blog-2366689974368239573.post-4996045813505417362023-08-28T17:15:00.002-04:002023-09-26T21:52:23.208-04:00ClamAV 1.2.0 feature version and 1.1.2, 1.0.3, 0.103.10 patch versions published<p><span style="font-family: inherit;"><span face="Segoe UI, Segoe UI Web, Arial, Verdana, sans-serif"><span style="font-variant-ligatures: none; white-space-collapse: preserve;">The ClamAV 1.2.0 feature release is now stable and available for download</span></span><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"> on the </span><a class="Hyperlink SCXW156866380 BCX0" href="https://www.clamav.net/downloads" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text; white-space-collapse: preserve;" target="_blank"><span class="TextRun Underlined SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">ClamAV downloads page</span></span></a><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US">, on the </span><a class="Hyperlink SCXW156866380 BCX0" href="https://github.com/Cisco-Talos/clamav/releases" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text; white-space-collapse: preserve;" target="_blank"><span class="TextRun Underlined SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Github</span><span class="NormalTextRun SCXW156866380 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> Release page</span></span></a><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US">, and through </span><a class="Hyperlink SCXW156866380 BCX0" href="https://hub.docker.com/r/clamav/clamav/" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text; white-space-collapse: preserve;" target="_blank"><span class="TextRun Underlined SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Docker Hub</span></span></a><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US">.</span></span></p><div><span style="font-family: inherit;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Today, we are also publishing the 1.1.2, 1.0.3, and 0.103.10 security patch versions. </span></span><span face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" style="background-color: white;">You may be surprised about the impromptu patch release. Indeed, we just published patch versions </span><a href="https://blog.clamav.net/2023/07/2023-08-16-releases.html" target="_blank">earlier this month</a><span face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" style="background-color: white;">. Unfortunately, a recent CVE for the UnRAR<b>*</b> library has prompted us to prepare these additional updates.</span><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> </span></span></span></div><div><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-family: inherit; margin: 0px; padding: 0px; user-select: text;"><br /></span></span></div><div><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"><span style="background-color: white; font-family: inherit; font-variant-ligatures: normal; white-space-collapse: collapse;">We strongly encourage everyone to upgrade to one of these versions. </span></span></span></div><div><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; font-family: inherit; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><br /></span></span></span></div><div><span style="font-family: inherit;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">The release files for the patch versions are also available for download on the </span><a class="Hyperlink SCXW156866380 BCX0" href="https://www.clamav.net/downloads" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: normal; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">ClamAV downloads page</span></span></a><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">, on the </span><a class="Hyperlink SCXW156866380 BCX0" href="https://github.com/Cisco-Talos/clamav/releases" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; line-height: 17.2667px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Github</span><span class="NormalTextRun SCXW156866380 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> Release page</span></span></a><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">, and through </span><a class="Hyperlink SCXW156866380 BCX0" href="https://hub.docker.com/r/clamav/clamav/" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; line-height: 17.2667px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Docker Hub</span></span></a><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">.</span></span></span><i style="font-variant-ligatures: none; white-space-collapse: preserve;"> </i><span face=""Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif" style="font-variant-ligatures: none; white-space-collapse: preserve;">Because ClamAV 1.2.0 is now the latest release, the release files for version 1.1.2 will be found under the "Previous Stable Releases" section of the ClamAV.net downloads page.</span></span></div><div class="ListContainerWrapper SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; margin: 0px; padding: 0px; position: relative; user-select: text;"><div class="ListContainerWrapper SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; margin: 0px; padding: 0px; position: relative; user-select: text;"><span style="font-family: inherit;"><br /></span></div><div class="ListContainerWrapper SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; margin: 0px; padding: 0px; position: relative; user-select: text;"><div class="ListContainerWrapper SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; position: relative; user-select: text;"><span style="font-family: inherit;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"><b>*</b><i>UnRAR is an open source library by the makers of WinRAR which we </i></span></span><i>bundle with ClamAV under the name "libclamunrar". We are concerned that ClamAV may be affected by </i></span><span style="white-space: normal;"><i>CVE-2023-40477. </i></span><i style="font-family: inherit;">Special thanks to </i><i style="font-family: inherit;">Jan Pokorny, at St. Anne's University Hospital, for identifying its potential impact on ClamAV and reporting it to us.</i></div><div class="ListContainerWrapper SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; position: relative; user-select: text;"></div></div><div class="ListContainerWrapper SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; margin: 0px; padding: 0px; position: relative; user-select: text;"><span style="font-family: inherit;"><br /></span></div><div class="ListContainerWrapper SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; margin: 0px; padding: 0px; position: relative; user-select: text;"><span style="font-family: inherit;">Continue reading to learn what changed in each version.</span></div><div class="ListContainerWrapper SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; margin: 0px; padding: 0px; position: relative; user-select: text;"><div><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><h4 style="border-bottom: 1px solid rgba(255, 255, 255, 0.18); border-left-color: rgba(255, 255, 255, 0.18); border-right-color: rgba(255, 255, 255, 0.18); border-top-color: rgba(255, 255, 255, 0.18); font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-variant-ligatures: normal; line-height: 1.25; margin-bottom: 16px; margin-top: 24px; padding-bottom: 0.3em; position: relative; text-align: left;"><span style="font-size: x-large;">1.2.0</span></h4><p class="code-line" data-line="7" dir="auto" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-size: 14px; font-variant-ligatures: normal; margin-bottom: 16px; margin-top: 0px; position: relative;">ClamAV 1.2.0 includes the following improvements and changes:</p><h3 class="code-line" data-line="9" id="major-changes" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-variant-ligatures: normal; line-height: 1.25; margin-bottom: 16px; margin-top: 24px; position: relative; text-align: left;"><span style="font-size: large;">Major changes</span></h3><ul class="code-line" data-line="11" dir="auto" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-size: 14px; font-variant-ligatures: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="11" dir="auto" style="position: relative;"><p class="code-line" data-line="11" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">Added support for extracting Universal Disk Format (UDF) partitions.</p><p class="code-line" data-line="13" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">Specifically, this version adds support for the Beginning Extended Area Descriptor (BEA01) type of UDF files.</p><ul class="code-line" data-line="15" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="15" dir="auto" style="position: relative;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/941" href="https://github.com/Cisco-Talos/clamav/pull/941" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/941">https://github.com/Cisco-Talos/clamav/pull/941</a></li></ul></li><li class="code-line" data-line="17" dir="auto" style="position: relative;"><p class="code-line" data-line="17" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">Added an option to customize the size of ClamAV's clean file cache.</p><p class="code-line" data-line="19" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">Increasing the size of the clean file cache may improve scan performance but will require more RAM. The cache size value should be a square number or will be rounded up to the nearest square number.</p><p class="code-line" data-line="23" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">The cache size option for <code style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em;">clamd</code> and <code style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em;">clamscan</code> is <code style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em;">--cache-size</code>. Alternatively, you can customize the cache size for ClamD by setting <code style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em;">CacheSize</code> in <code style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em;">clamd.conf</code>.</p><p class="code-line" data-line="27" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">Patch courtesy of Craig Andrews.</p><ul class="code-line" data-line="28" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="28" dir="auto" style="position: relative;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/882" href="https://github.com/Cisco-Talos/clamav/pull/882" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/882">https://github.com/Cisco-Talos/clamav/pull/882</a></li></ul></li><li class="code-line" data-line="30" dir="auto" style="position: relative;"><p class="code-line" data-line="30" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">Introduced a SystemD timer for running Freshclam updates, without sending Freshclam into the background. This takes the "burden of timing the updates" from Freshclam and puts it onto SystemD. The timer can be activated, audited, and the logs inspected:</p><pre style="background-color: var(--vscode-textCodeBlock-background); border-radius: 3px; margin-top: 0px; overflow: auto; padding: 16px; text-wrap: wrap;"><code class="code-line language-sh" data-line="34" dir="auto" style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em; position: relative; tab-size: 4;">sudo systemctl <span class="hljs-built_in">enable</span> --now clamav-freshclam-once.timer
sudo systemctl list-timers
sudo systemctl status clamav-freshclam-once.timer
sudo systemctl status clamav-freshclam-once.service
journalctl -u clamav-freshclam-once.service
</code></pre><p class="code-line" data-line="41" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">If you want a different update interval you can edit the timer unit file:</p><pre style="background-color: var(--vscode-textCodeBlock-background); border-radius: 3px; margin-top: 0px; overflow: auto; padding: 16px; text-wrap: wrap;"><code class="code-line language-sh" data-line="42" dir="auto" style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em; position: relative; tab-size: 4;">sudo systemctl edit clamav-freshclam-once.timer
</code></pre><p class="code-line" data-line="45" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">Patch courtesy of Nils Werner.</p><ul class="code-line" data-line="46" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="46" dir="auto" style="position: relative;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/962" href="https://github.com/Cisco-Talos/clamav/pull/962" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/962">https://github.com/Cisco-Talos/clamav/pull/962</a></li></ul></li><li class="code-line" data-line="48" dir="auto" style="position: relative;"><p class="code-line" data-line="48" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">Raised the MaxScanSize limit so the total amount of data scanned when scanning a file or archive may exceed 4 gigabytes.</p><p class="code-line" data-line="51" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">Introduced the ability to suffix the MaxScanSize and other config file size options with a "G" or "g" for the number of gigabytes. For example, for ClamD you may now specify <code style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em;">MaxScanSize 10G</code> in <code style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em;">clamd.conf</code>. And for ClamScan, you may now specify <code style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em;">--max-scansize=10g</code>.</p><p class="code-line" data-line="56" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">The <code style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em;">MaxFileSize</code> is still limited internally in ClamAV to 2 gigabytes. Any file, or embedded file, larger than 2GB will be skipped. You may use <code style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em;">clamscan --alert-exceeds-max</code>, or the <code style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em;">clamd.conf</code> option <code style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em;">AlertExceedsMax yes</code> to tell if a scan is not completed because of the scan limits.</p><p class="code-line" data-line="62" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">Patch courtesy of matthias-fratz-bsz.</p><ul class="code-line" data-line="63" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="63" dir="auto" style="position: relative;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/945" href="https://github.com/Cisco-Talos/clamav/pull/945" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/945">https://github.com/Cisco-Talos/clamav/pull/945</a></li></ul></li><li class="code-line" data-line="65" dir="auto" style="position: relative;"><p class="code-line" data-line="65" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">Added ability for Freshclam to use a client certificate PEM file and a private key PEM file for authentication to a private mirror by setting the following environment variables:</p><ul class="code-line" data-line="68" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="68" dir="auto" style="position: relative;"><code style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em;">FRESHCLAM_CLIENT_CERT</code>: May be set to the path of a file (PEM) containing the client certificate.</li><li class="code-line" data-line="70" dir="auto" style="position: relative;"><code style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em;">FRESHCLAM_CLIENT_KEY</code>: May be set to the path of a file (PEM) containing the client private key.</li><li class="code-line" data-line="72" dir="auto" style="position: relative;"><code style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em;">FRESHCLAM_CLIENT_KEY_PASSWD</code>: May be set to a password for the client key PEM file, if it is password protected.</li></ul><p class="code-line" data-line="75" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">Patch courtesy of jedrzej.</p><ul class="code-line" data-line="76" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="76" dir="auto" style="position: relative;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/955" href="https://github.com/Cisco-Talos/clamav/pull/955" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/955">https://github.com/Cisco-Talos/clamav/pull/955</a></li></ul></li></ul><h2 class="code-line" data-line="78" dir="auto" id="other-improvements" style="border-bottom: 1px solid rgba(255, 255, 255, 0.18); border-left-color: rgba(255, 255, 255, 0.18); border-right-color: rgba(255, 255, 255, 0.18); border-top-color: rgba(255, 255, 255, 0.18); font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-variant-ligatures: normal; line-height: 1.25; margin-bottom: 16px; margin-top: 24px; padding-bottom: 0.3em; position: relative;"><span style="font-size: large;">Other improvements</span></h2><ul class="code-line" data-line="80" dir="auto" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-size: 14px; font-variant-ligatures: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="80" dir="auto" style="position: relative;"><p class="code-line" data-line="80" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">Fix an issue extracting files from ISO9660 partitions where the files are listed in the plain ISO tree and there also exists an empty Joliet tree.</p><ul class="code-line" data-line="82" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="82" dir="auto" style="position: relative;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/938" href="https://github.com/Cisco-Talos/clamav/pull/938" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/938">https://github.com/Cisco-Talos/clamav/pull/938</a></li></ul></li><li class="code-line" data-line="84" dir="auto" style="position: relative;"><p class="code-line" data-line="84" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">CMake build system improvement to support compiling with OpenSSL 3.x on macOS with the Xcode toolchain.</p><p class="code-line" data-line="87" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">The official ClamAV installers and packages are now built with OpenSSL 3.1.1 or newer.</p><ul class="code-line" data-line="89" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="89" dir="auto" style="position: relative;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/970" href="https://github.com/Cisco-Talos/clamav/pull/970" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/970">https://github.com/Cisco-Talos/clamav/pull/970</a></li></ul></li><li class="code-line" data-line="91" dir="auto" style="position: relative;"><p class="code-line" data-line="91" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">The suggested path for the <code style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em;">clamd.pid</code> and <code style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em;">clamd.sock</code> file in the sample configs have been updated to reflect the recommended locations for these files in the Docker images. These are:</p><ul class="code-line" data-line="94" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="94" dir="auto" style="position: relative;"><code style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em;">/run/clamav/clamd.pid</code></li><li class="code-line" data-line="95" dir="auto" style="position: relative;"><code style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em;">/run/clamav/clamd.sock</code></li></ul><p class="code-line" data-line="97" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">For consistency, it now specifies <code style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em;">clamd.sock</code> instead of <code style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em;">clamd.socket</code>.</p><p class="code-line" data-line="99" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">Patch courtesy of computersalat.</p><ul class="code-line" data-line="100" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="100" dir="auto" style="position: relative;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/931" href="https://github.com/Cisco-Talos/clamav/pull/931" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/931">https://github.com/Cisco-Talos/clamav/pull/931</a></li></ul></li></ul><h3 class="code-line" data-line="102" id="bug-fixes" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-variant-ligatures: normal; line-height: 1.25; margin-bottom: 16px; margin-top: 24px; position: relative; text-align: left;"><span style="font-size: large;">Bug fixes</span></h3><ul class="code-line" data-line="104" dir="auto" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-size: 14px; font-variant-ligatures: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="104" dir="auto" style="position: relative;"><p class="code-line" data-line="104" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">Fixed an issue where ClamAV does not abort the signature load process after partially loading an invalid signature. The bug would later cause a crash when scanning certain files.</p><ul class="code-line" data-line="107" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="107" dir="auto" style="position: relative;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/934" href="https://github.com/Cisco-Talos/clamav/pull/934" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/934">https://github.com/Cisco-Talos/clamav/pull/934</a></li></ul></li><li class="code-line" data-line="109" dir="auto" style="position: relative;"><p class="code-line" data-line="109" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">Fixed a possible buffer over-read bug when unpacking PE files.</p><ul class="code-line" data-line="110" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="110" dir="auto" style="position: relative;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/927" href="https://github.com/Cisco-Talos/clamav/pull/927" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/927">https://github.com/Cisco-Talos/clamav/pull/927</a></li></ul></li><li class="code-line" data-line="112" dir="auto" style="position: relative;"><p class="code-line" data-line="112" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">Removed a warning message showing the HTTP response codes during the Freshclam database update process.</p><ul class="code-line" data-line="114" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="114" dir="auto" style="position: relative;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/935" href="https://github.com/Cisco-Talos/clamav/pull/935" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/935">https://github.com/Cisco-Talos/clamav/pull/935</a></li></ul></li><li class="code-line" data-line="116" dir="auto" style="position: relative;"><p class="code-line" data-line="116" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">Added missing command line options to the ClamD and ClamAV-Milter <code style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em;">--help</code> message and manpages.</p><ul class="code-line" data-line="118" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="118" dir="auto" style="position: relative;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/936" href="https://github.com/Cisco-Talos/clamav/pull/936" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/936">https://github.com/Cisco-Talos/clamav/pull/936</a></li></ul></li><li class="code-line" data-line="120" dir="auto" style="position: relative;"><p class="code-line" data-line="120" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">ClamOnAcc: Fixed error message when using <code style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em;">--wait</code> without <code style="font-family: var(--vscode-editor-font-family, "SF Mono", Monaco, Menlo, Consolas, "Ubuntu Mono", "Liberation Mono", "DejaVu Sans Mono", "Courier New", monospace); font-size: 1em; line-height: 1.357em;">--ping</code> option. Patch courtesy of Răzvan Cojocaru.</p><ul class="code-line" data-line="122" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="122" dir="auto" style="position: relative;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/984" href="https://github.com/Cisco-Talos/clamav/pull/984" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/984">https://github.com/Cisco-Talos/clamav/pull/984</a></li></ul></li><li class="code-line" data-line="124" dir="auto" style="position: relative;"><p class="code-line" data-line="124" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">Fixed an assortment of code quality issues identified by Coverity:</p><ul class="code-line" data-line="125" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="125" dir="auto" style="position: relative;">GitHub pull requests:<ul class="code-line" data-line="126" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="126" dir="auto" style="position: relative;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/989" href="https://github.com/Cisco-Talos/clamav/pull/989" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/989"><span style="color: black;">https://github.com/Cisco-Talos/clamav/pull/989</span></a></li><li class="code-line code-active-line" data-line="127" dir="auto" style="position: relative;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/998" href="https://github.com/Cisco-Talos/clamav/pull/998" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/998"><span style="color: black;">https://github.com/Cisco-Talos/clamav/pull/998</span></a></li></ul></li></ul></li><li class="code-line" data-line="129" dir="auto" style="position: relative;"><p class="code-line" data-line="129" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">Windows: Fixed a build issue with the CMake-Rust integration regarding detecting native static libraries that caused builds to fail with Rust version 1.70 and newer.</p><ul class="code-line" data-line="132" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="132" dir="auto" style="position: relative;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/992" href="https://github.com/Cisco-Talos/clamav/pull/992" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/992">https://github.com/Cisco-Talos/clamav/pull/992</a></li></ul></li><li class="code-line" data-line="134" dir="auto" style="position: relative;"><p class="code-line" data-line="134" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">Fixed a bounds check issue in the PDF parser that may result in a 1-byte buffer over read but does not cause a crash.</p><ul class="code-line" data-line="136" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="136" dir="auto" style="position: relative;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/988" href="https://github.com/Cisco-Talos/clamav/pull/988" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/988">https://github.com/Cisco-Talos/clamav/pull/988</a></li></ul></li><li class="code-line" data-line="138" dir="auto" style="position: relative;"><p class="code-line" data-line="138" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">Upgraded the bundled UnRAR library (libclamunrar) to version 6.2.10.</p><ul class="code-line" data-line="139" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="139" dir="auto" style="position: relative;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/1008" href="https://github.com/Cisco-Talos/clamav/pull/1008" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/1008">https://github.com/Cisco-Talos/clamav/pull/1008</a></li></ul></li><li class="code-line" data-line="141" dir="auto" style="position: relative;"><p class="code-line" data-line="141" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;">Fixed a compatibility issue with libjson-c version 0.17.</p><ul class="code-line" data-line="142" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="142" dir="auto" style="position: relative;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/1002" href="https://github.com/Cisco-Talos/clamav/pull/1002" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/1002">https://github.com/Cisco-Talos/clamav/pull/1002</a></li></ul></li></ul><h3 class="code-line" data-line="144" dir="auto" id="acknowledgments" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-variant-ligatures: normal; line-height: 1.25; margin-bottom: 16px; margin-top: 24px; position: relative;"><span style="font-size: large;">Acknowledgments</span></h3><p class="code-line" data-line="146" dir="auto" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-size: 14px; font-variant-ligatures: normal; margin-bottom: 16px; margin-top: 0px; position: relative;">Special thanks to the following people for code contributions and bug reports:</p><ul class="code-line" data-line="147" dir="auto" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-size: 14px; font-variant-ligatures: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="147" dir="auto" style="position: relative;">computersalat</li><li class="code-line" data-line="148" dir="auto" style="position: relative;">Craig Andrews</li><li class="code-line" data-line="149" dir="auto" style="position: relative;">jedrzej</li><li class="code-line" data-line="150" dir="auto" style="position: relative;">matthias-fratz-bsz</li><li class="code-line" data-line="151" dir="auto" style="position: relative;">Nils Werner</li><li class="code-line" data-line="152" dir="auto" style="position: relative;">Răzvan Cojocaru</li></ul><div><span face="-apple-system, BlinkMacSystemFont, Segoe WPC, Segoe UI, system-ui, Ubuntu, Droid Sans, sans-serif"><span style="font-size: 14px;"><br /></span></span></div><div><h4 style="border-bottom: 1px solid rgba(255, 255, 255, 0.18); border-left-color: rgba(255, 255, 255, 0.18); border-right-color: rgba(255, 255, 255, 0.18); border-top-color: rgba(255, 255, 255, 0.18); font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; line-height: 1.25; margin-bottom: 16px; margin-top: 24px; padding-bottom: 0.3em; position: relative; text-align: left;"><span style="font-size: x-large;">1.1.2</span></h4><p class="code-line" data-line="7" dir="auto" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-size: 14px; margin-bottom: 16px; margin-top: 0px; position: relative;">ClamAV 1.1.2 is a critical patch release with the following fixes:</p><ul class="code-line" data-line="9" dir="auto" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-size: 14px; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="9" dir="auto" style="position: relative;">Upgrade the bundled UnRAR library (libclamunrar) to version 6.2.10.</li><ul class="code-line" data-line="10" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="10" dir="auto" style="position: relative;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/1011" href="https://github.com/Cisco-Talos/clamav/pull/1011" style="text-decoration-line: none;">https://github.com/Cisco-Talos/clamav/pull/1011</a></li></ul></ul><div><span face="-apple-system, BlinkMacSystemFont, Segoe WPC, Segoe UI, system-ui, Ubuntu, Droid Sans, sans-serif"><span style="font-size: 14px;"><br /></span></span></div><div><h4 style="border-bottom: 1px solid rgba(255, 255, 255, 0.18); border-left-color: rgba(255, 255, 255, 0.18); border-right-color: rgba(255, 255, 255, 0.18); border-top-color: rgba(255, 255, 255, 0.18); font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; line-height: 1.25; margin-bottom: 16px; margin-top: 24px; padding-bottom: 0.3em; position: relative; text-align: left;"><span style="font-size: x-large;">1.0.3</span></h4><p class="code-line" data-line="7" dir="auto" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-size: 14px; margin-bottom: 16px; margin-top: 0px; position: relative;">ClamAV 1.0.3 is a critical patch release with the following fixes:</p><ul class="code-line" data-line="9" dir="auto" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-size: 14px; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="9" dir="auto" style="position: relative;">Upgrade the bundled UnRAR library (libclamunrar) to version 6.2.10.</li><ul class="code-line" data-line="10" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="10" dir="auto" style="position: relative;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/1010" href="https://github.com/Cisco-Talos/clamav/pull/1010" style="text-decoration-line: none;">https://github.com/Cisco-Talos/clamav/pull/1010</a></li></ul></ul><div><span face="-apple-system, BlinkMacSystemFont, Segoe WPC, Segoe UI, system-ui, Ubuntu, Droid Sans, sans-serif"><span style="font-size: 14px;"><br /></span></span></div></div><div><h4 style="border-bottom: 1px solid rgba(255, 255, 255, 0.18); border-left-color: rgba(255, 255, 255, 0.18); border-right-color: rgba(255, 255, 255, 0.18); border-top-color: rgba(255, 255, 255, 0.18); font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; line-height: 1.25; margin-bottom: 16px; margin-top: 24px; padding-bottom: 0.3em; position: relative; text-align: left;"><span style="font-size: x-large;">0.103.10</span></h4><p class="code-line" data-line="7" dir="auto" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-size: 14px; margin-bottom: 16px; margin-top: 0px; position: relative;">ClamAV 0.103.10 is a critical patch release with the following fixes:</p><ul class="code-line" data-line="9" dir="auto" style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-size: 14px; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="9" dir="auto" style="position: relative;">Upgrade the bundled UnRAR library (libclamunrar) to version 6.2.10.</li><ul class="code-line" data-line="10" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="10" dir="auto" style="position: relative;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/1009" href="https://github.com/Cisco-Talos/clamav/pull/1009" style="text-decoration-line: none;">https://github.com/Cisco-Talos/clamav/pull/1009</a></li></ul></ul><div><span face="-apple-system, BlinkMacSystemFont, Segoe WPC, Segoe UI, system-ui, Ubuntu, Droid Sans, sans-serif" style="color: #d4d4d4;"><span style="font-size: 14px;"><br /></span></span></div></div></div></span></div></div></div>Micah Snyderhttp://www.blogger.com/profile/07798916006145826441noreply@blogger.comtag:blogger.com,1999:blog-2366689974368239573.post-66132981278497019482023-08-15T17:39:00.000-04:002023-08-16T11:55:30.565-04:00ClamAV 1.1.1, 1.0.2, 0.103.9 patch versions published<div class="OutlineElement Ltr SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; clear: both; cursor: text; direction: ltr; font-family: "Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif; margin: 0px; overflow: visible; padding: 0px; position: relative; user-select: text;"><p class="Paragraph SCXW156866380 BCX0" paraeid="{c9cf900b-f319-4d00-914a-02998267371f}{252}" paraid="629201387" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; color: #444444; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Today, we are releasing the following critical patch versions for </span><span class="NormalTextRun SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">ClamAV</span><span class="NormalTextRun SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">:</span></span><span class="EOP SCXW156866380 BCX0" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; color: #444444; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;"> </span></p></div><div class="ListContainerWrapper SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; font-family: "Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif; margin: 0px; padding: 0px; position: relative; user-select: text;"><p class="Paragraph SCXW156866380 BCX0" paraeid="{a8b85af5-187f-4c6d-9928-dfb8c036e3ab}{2}" paraid="949688297" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-family: Arial, Arial_MSFontService, sans-serif; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; text-align: left; user-select: text; vertical-align: baseline; white-space-collapse: preserve;"></p><ul style="text-align: left;"><li><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; color: #444444; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">1.1.1</span><span class="EOP SCXW156866380 BCX0" data-ccp-props="{"201341983":0,"335559739":0,"335559740":259}" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; color: #444444; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;"> </span></li><li><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: #444444; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US">1.0.2</span><span class="EOP SCXW156866380 BCX0" data-ccp-props="{"201341983":0,"335559739":0,"335559740":259}" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: #444444; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;"> </span></li><li><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: #444444; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;" xml:lang="EN-US">0.103.9</span><span class="EOP SCXW156866380 BCX0" data-ccp-props="{"201341983":0,"335559739":0,"335559740":259}" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: #444444; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text; white-space-collapse: preserve;"> </span></li></ul><p></p></div><div class="OutlineElement Ltr SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; clear: both; cursor: text; direction: ltr; font-family: "Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif; margin: 0px; overflow: visible; padding: 0px; position: relative; user-select: text;"><p class="Paragraph SCXW156866380 BCX0" paraeid="{a651b064-1f67-4422-95bc-f476a6a511b0}{169}" paraid="324278037" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; color: #444444; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"></span></span><span class="EOP SCXW156866380 BCX0" data-ccp-props="{"201341983":0,"335559739":0,"335559740":259}" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; color: #444444; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;"> </span></p></div><div class="OutlineElement Ltr SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; clear: both; cursor: text; direction: ltr; font-family: "Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif; margin: 0px; overflow: visible; padding: 0px; position: relative; user-select: text;"><p class="Paragraph SCXW156866380 BCX0" paraeid="{a8b85af5-187f-4c6d-9928-dfb8c036e3ab}{60}" paraid="669862797" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; color: #444444; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">ClamAV</span><span class="NormalTextRun SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> 0.105 and 0.104 have reached end-of-life according to the </span></span><a class="Hyperlink SCXW156866380 BCX0" href="https://docs.clamav.net/faq/faq-eol.html" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="FieldRange SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: #e1e3e6; color: black; margin: 0px; padding: 0px; user-select: text;"><span class="TextRun Underlined SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; color: #0563c1; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" color="var(--clrFieldRange, #000000) !important" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: var(--clrFieldRangeBackground, #e1e3e6) !important; margin: 0px; padding: 0px; user-select: text;">ClamAV</span><span class="NormalTextRun SCXW156866380 BCX0" color="var(--clrFieldRange, #000000) !important" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: var(--clrFieldRangeBackground, #e1e3e6) !important; margin: 0px; padding: 0px; user-select: text;">’s</span><span class="NormalTextRun SCXW156866380 BCX0" color="var(--clrFieldRange, #000000) !important" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: var(--clrFieldRangeBackground, #e1e3e6) !important; margin: 0px; padding: 0px; user-select: text;"> End of Life (EOL) policy</span></span></span></a><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; color: #444444; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> and will not be patched.</span></span></p></div><div class="OutlineElement Ltr SCXW156866380 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: white; clear: both; cursor: text; direction: ltr; font-family: "Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif; margin: 0px; overflow: visible; padding: 0px; position: relative; user-select: text;"><p class="Paragraph SCXW156866380 BCX0" lang="EN-US" paraeid="{f110407d-2e65-43c7-84b4-79ab5cd1d08f}{167}" paraid="695784065" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; color: #444444; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><br /></span></p><p class="Paragraph SCXW156866380 BCX0" lang="EN-US" paraeid="{f110407d-2e65-43c7-84b4-79ab5cd1d08f}{167}" paraid="695784065" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; color: #444444; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">The release files are available for download on </span><a class="Hyperlink SCXW156866380 BCX0" href="https://www.clamav.net/downloads" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; color: #0563c1; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">ClamAV.net</span></span></a><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; color: #444444; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">, on the </span><a class="Hyperlink SCXW156866380 BCX0" href="https://github.com/Cisco-Talos/clamav/releases" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; color: #0563c1; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Github</span><span class="NormalTextRun SCXW156866380 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> Release page</span></span></a><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; color: #444444; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">, and through </span><a class="Hyperlink SCXW156866380 BCX0" href="https://hub.docker.com/r/clamav/clamav/" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; color: #0563c1; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW156866380 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Docker Hub</span></span></a><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; color: #444444; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">.</span></p><p class="Paragraph SCXW156866380 BCX0" lang="EN-US" paraeid="{f110407d-2e65-43c7-84b4-79ab5cd1d08f}{167}" paraid="695784065" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; color: #444444; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><br /></span></p><p class="Paragraph SCXW156866380 BCX0" lang="EN-US" paraeid="{f110407d-2e65-43c7-84b4-79ab5cd1d08f}{167}" paraid="695784065" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"><span class="TextRun SCXW156866380 BCX0" data-contrast="none" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; color: #444444; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><i>Note: We observed an issue building ClamAV on Windows using the recently released libjson-c version 0.17. If you are building ClamAV for Windows, you should use libjson-c version 0.16 or prior. </i></span></p></div><div style="background-color: white; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif;"><p class="code-line" data-line="7" style="color: #444444; font-size: 14px; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><br /></span></p><div><div class="OutlineElement Ltr SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; clear: both; color: black; cursor: text; direction: ltr; font-family: "Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif; margin: 0px; overflow: visible; padding: 0px; position: relative; user-select: text;"><p aria-level="2" class="Paragraph SCXW262084301 BCX0" lang="EN-US" paraeid="{571a9cbd-a2c1-4ed6-b1e2-366f590ac215}{51}" paraid="703754038" role="heading" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: #2f5496; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"><span style="font-size: large;"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: bold; line-height: 24.8208px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">1.1.1</span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134245418":true,"134245529":true,"201341983":0,"335559738":40,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; line-height: 24.8208px; margin: 0px; padding: 0px; user-select: text;"> </span></span></p></div><div class="OutlineElement Ltr SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; clear: both; cursor: text; direction: ltr; font-family: "Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif; margin: 0px; overflow: visible; padding: 0px; position: relative; user-select: text;"><p class="Paragraph SCXW262084301 BCX0" lang="EN-US" paraeid="{571a9cbd-a2c1-4ed6-b1e2-366f590ac215}{60}" paraid="981876013" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">ClamAV 1.1.1 is a critical patch release with the following fixes:</span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":0,"335551620":0,"335559738":0,"335559739":240,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></p><p class="Paragraph SCXW262084301 BCX0" lang="EN-US" paraeid="{571a9cbd-a2c1-4ed6-b1e2-366f590ac215}{60}" paraid="981876013" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"><br /></p><p class="Paragraph SCXW262084301 BCX0" lang="EN-US" paraeid="{571a9cbd-a2c1-4ed6-b1e2-366f590ac215}{60}" paraid="981876013" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"></p><ul style="text-align: left;"><li style="color: windowtext;"><a class="Hyperlink SCXW262084301 BCX0" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20197" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-family: "Segoe UI", "Segoe UI_MSFontService", sans-serif; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">CVE-2023-20197</span></span></a><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> </span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Fixed a </span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">possible denial</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> of service vulnerability in the HFS+ file parser. This issue affects versions 1.1.0, 1.0.1 through 1.0.0, 0.105.2 through 0.105.0, 0.104.4 through 0.104.0, and 0.103.8 through 0.103.0. Thank you to Steve Smith for reporting this issue.</span></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":0,"335551620":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li><li style="color: windowtext;"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Fixed a build issue when using the Rust nightly toolchain, which was affecting the </span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">oss</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">-fuzz build environment used for regression tests.</span></span></li><ul style="color: windowtext;"><li><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">GitHub pull request:</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> </span></span><a class="Hyperlink SCXW262084301 BCX0" href="https://github.com/Cisco-Talos/clamav/pull/997" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-family: "Segoe UI", "Segoe UI_MSFontService", sans-serif; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">https://github.com/Cisco-Talos/clamav/pull/997</span></span></a><span class="TextRun EmptyTextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":0,"335551620":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li></ul><li style="color: windowtext;"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">Fixed a build issue on Windows when using Rust version 1.70 or newer.</span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":0,"335551620":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li><ul style="color: windowtext;"><li><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">GitHub pull request:</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> </span></span><a class="Hyperlink SCXW262084301 BCX0" href="https://github.com/Cisco-Talos/clamav/pull/994" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-family: "Segoe UI", "Segoe UI_MSFontService", sans-serif; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">https://github.com/Cisco-Talos/clamav/pull/994</span></span></a><span class="TextRun EmptyTextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":0,"335551620":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li></ul><li><span class="TextRun SCXW262084301 BCX0" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">CMake</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> build system improvement to support compiling with OpenSSL 3.x on macOS with the Xcode toolchain.</span></span><span class="EOP SCXW262084301 BCX0" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":0,"335551620":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span>The official ClamAV installers and packages are now built with OpenSSL 3.1.1 or newer.<span class="EOP SCXW262084301 BCX0" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":0,"335551620":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li><ul style="color: windowtext;"><li><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">GitHub pull request:</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> </span></span><a class="Hyperlink SCXW262084301 BCX0" href="https://github.com/Cisco-Talos/clamav/pull/972" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-family: "Segoe UI", "Segoe UI_MSFontService", sans-serif; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">https://github.com/Cisco-Talos/clamav/pull/972</span></span></a><span class="TextRun EmptyTextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":0,"335551620":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li></ul><li style="color: windowtext;"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Removed a warning message showing the HTTP response codes during the </span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Freshclam</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> database update process.</span></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":0,"335551620":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li><ul style="color: windowtext;"><li><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">GitHub pull request:</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> </span></span><a class="Hyperlink SCXW262084301 BCX0" href="https://github.com/Cisco-Talos/clamav/pull/939" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-family: "Segoe UI", "Segoe UI_MSFontService", sans-serif; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">https://github.com/Cisco-Talos/clamav/pull/939</span></span></a><span class="TextRun EmptyTextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":0,"335551620":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li></ul></ul><p></p></div><div class="OutlineElement Ltr SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; clear: both; color: black; cursor: text; direction: ltr; font-family: "Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif; margin: 0px; overflow: visible; padding: 0px; position: relative; user-select: text;"><p class="Paragraph SCXW262084301 BCX0" lang="EN-US" paraeid="{78dadd32-1110-4e1a-b3c4-dda81bf22428}{250}" paraid="861054298" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"></span></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":0,"335551620":0,"335559738":0,"335559739":240,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></p></div><div class="OutlineElement Ltr SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; clear: both; color: black; cursor: text; direction: ltr; font-family: "Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif; margin: 0px; overflow: visible; padding: 0px; position: relative; user-select: text;"><p class="Paragraph SCXW262084301 BCX0" lang="EN-US" paraeid="{571a9cbd-a2c1-4ed6-b1e2-366f590ac215}{246}" paraid="503233816" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">Special thanks to the following people for code contributions and bug reports:</span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":0,"335551620":0,"335559738":0,"335559739":240,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></p><p class="Paragraph SCXW262084301 BCX0" lang="EN-US" paraeid="{571a9cbd-a2c1-4ed6-b1e2-366f590ac215}{246}" paraid="503233816" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"></p><ul style="text-align: left;"><li><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">Steve Smith</span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":0,"335551620":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li></ul><p></p></div><div class="OutlineElement Ltr SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; clear: both; color: black; cursor: text; direction: ltr; font-family: "Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif; font-size: 12px; margin: 0px; overflow: visible; padding: 0px; position: relative; user-select: text;"><p class="Paragraph SCXW262084301 BCX0" lang="EN-US" paraeid="{571a9cbd-a2c1-4ed6-b1e2-366f590ac215}{45}" paraid="1924332971" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-size: 11pt; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"></span></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-size: 11pt; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;"> </span></p></div><div class="OutlineElement Ltr SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; clear: both; color: black; cursor: text; direction: ltr; font-family: "Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif; margin: 0px; overflow: visible; padding: 0px; position: relative; user-select: text;"><h4 style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: #2f5496; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; text-align: left; user-select: text; vertical-align: baseline; white-space-collapse: preserve;"><span style="font-size: large;"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: bold; line-height: 24.8208px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">1.0.2</span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134245418":true,"134245529":true,"201341983":0,"335559738":40,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; line-height: 24.8208px; margin: 0px; padding: 0px; user-select: text;"> </span></span></h4><p aria-level="2" class="Paragraph SCXW262084301 BCX0" lang="EN-US" paraeid="{7e939ca0-36dd-4e8a-be70-31afea5011ac}{215}" paraid="1365942500" role="heading" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: #2f5496; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">ClamAV 1.0.2 is a critical patch release with the following fixes:</span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559685":0,"335559738":0,"335559739":240,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></p></div><div class="OutlineElement Ltr SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; clear: both; cursor: text; direction: ltr; font-family: "Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif; margin: 0px; overflow: visible; padding: 0px; position: relative; user-select: text;"><p class="Paragraph SCXW262084301 BCX0" lang="EN-US" paraeid="{db23328e-4aeb-4da2-8604-c152df4d37d1}{213}" paraid="1226810980" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"><br /></p><p class="Paragraph SCXW262084301 BCX0" lang="EN-US" paraeid="{db23328e-4aeb-4da2-8604-c152df4d37d1}{213}" paraid="1226810980" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"></p><ul style="text-align: left;"><li style="color: black;"><a class="Hyperlink SCXW262084301 BCX0" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20197" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-family: "Segoe UI", "Segoe UI_MSFontService", sans-serif; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">CVE-2023-20197</span></span></a><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> </span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Fixed a </span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">possible denial</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> of service vulnerability in the HFS+ file parser. This issue affects versions 1.1.0, 1.0.1 through 1.0.0, 0.105.2 through 0.105.0, 0.104.4 through 0.104.0, and 0.103.8 through 0.103.0. Thank you to Steve Smith for reporting this issue.</span></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li><li style="color: black;"><a class="Hyperlink SCXW262084301 BCX0" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20212" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-family: "Segoe UI", "Segoe UI_MSFontService", sans-serif; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">CVE-2023-20212</span></span></a><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> </span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Fixed a </span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">possible denial</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> of service vulnerability in the </span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">AutoIt</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> file parser. </span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">This issue affects versions 1.0.1 and 1.0.0. This issue does not affect version 1.1.0.</span></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li><li style="color: black;"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Fixed a build issue when using the Rust nightly toolchain, which was affecting the </span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">oss</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">-fuzz build environment used for regression tests.</span></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li><ul style="color: black;"><li><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">GitHub pull request:</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> </span></span><a class="Hyperlink SCXW262084301 BCX0" href="https://github.com/Cisco-Talos/clamav/pull/996" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-family: "Segoe UI", "Segoe UI_MSFontService", sans-serif; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">https://github.com/Cisco-Talos/clamav/pull/996</span></span></a><span class="TextRun EmptyTextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li></ul><li style="color: black;"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">Fixed a build issue on Windows when using Rust version 1.70 or newer.</span></li><ul style="color: black;"><li><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">GitHub pull request:</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> </span></span><a class="Hyperlink SCXW262084301 BCX0" href="https://github.com/Cisco-Talos/clamav/pull/993" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-family: "Segoe UI", "Segoe UI_MSFontService", sans-serif; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">https://github.com/Cisco-Talos/clamav/pull/993</span></span></a><span class="TextRun EmptyTextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li></ul><li><span class="TextRun SCXW262084301 BCX0" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">CMake</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> build system improvement to support compiling with OpenSSL 3.x on macOS with the Xcode toolchain.</span></span><span class="LineBreakBlob BlobObject DragDrop SCXW262084301 BCX0" face="WordVisiCarriageReturn_MSFontService, "Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"><span class="SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; text-wrap: nowrap; user-select: text;"> </span></span>The official ClamAV installers and packages are now built with OpenSSL 3.1.1 or newer.<span class="EOP SCXW262084301 BCX0" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li><ul style="color: black;"><li><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">GitHub pull request:</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> </span></span><a class="Hyperlink SCXW262084301 BCX0" href="https://github.com/Cisco-Talos/clamav/pull/973" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-family: "Segoe UI", "Segoe UI_MSFontService", sans-serif; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">https://github.com/Cisco-Talos/clamav/pull/973</span></span></a><span class="TextRun EmptyTextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li></ul><li style="color: black;"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">Fixed an issue where ClamAV does not abort the signature load process after partially loading an invalid signature. The bug would later cause a crash when scanning certain files.</span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li><ul style="color: black;"><li><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">GitHub pull request:</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> </span></span><a class="Hyperlink SCXW262084301 BCX0" href="https://github.com/Cisco-Talos/clamav/pull/952" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-family: "Segoe UI", "Segoe UI_MSFontService", sans-serif; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">https://github.com/Cisco-Talos/clamav/pull/952</span></span></a><span class="TextRun EmptyTextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li></ul><li style="color: black;"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">Fixed an issue so that ClamAV correctly removes temporary files generated by the VBA and XLM extraction modules so that the files are not leaked in patched versions of ClamAV where temporary files are written directly to the temp-directory instead of writing to a unique subdirectory.</span></li><ul style="color: black;"><li><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">GitHub pull request:</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> </span></span><a class="Hyperlink SCXW262084301 BCX0" href="https://github.com/Cisco-Talos/clamav/pull/900" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-family: "Segoe UI", "Segoe UI_MSFontService", sans-serif; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">https://github.com/Cisco-Talos/clamav/pull/900</span></span></a><span class="TextRun EmptyTextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li></ul><li style="color: black;"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Set Git attributes to prevent Git from altering line endings for bundled Rust libraries. Third-party Rust libraries are bundled in the ClamAV release </span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">tarball</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">. We do not commit them to our own Git repository, but community package maintainers may now store the </span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">tarball</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> contents in Git. The Rust build system verifies the library manifest, and this change ensures that the hashes are correct. Improvement courtesy of Nicolas R.</span></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li><ul style="color: black;"><li><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">GitHub pull request:</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> </span></span><a class="Hyperlink SCXW262084301 BCX0" href="https://github.com/Cisco-Talos/clamav/pull/856" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-family: "Segoe UI", "Segoe UI_MSFontService", sans-serif; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">https://github.com/Cisco-Talos/clamav/pull/856</span></span></a><span class="TextRun EmptyTextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li></ul><li style="color: black;"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Fixed two bugs that would cause </span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Freshclam</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> to fail update when applying a CDIFF database patch if that patch adds a file to the database archive or removes a file from the database archive. This bug also caused </span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Sigtool</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> to </span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">fail to</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> create such a patch.</span></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li><ul style="color: black;"><li><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">GitHub pull request:</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> </span></span><a class="Hyperlink SCXW262084301 BCX0" href="https://github.com/Cisco-Talos/clamav/pull/901" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-family: "Segoe UI", "Segoe UI_MSFontService", sans-serif; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">https://github.com/Cisco-Talos/clamav/pull/901</span></span></a><span class="TextRun EmptyTextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li></ul></ul><p style="color: black;"></p></div><div class="OutlineElement Ltr SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; clear: both; color: black; cursor: text; direction: ltr; font-family: "Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif; margin: 0px; overflow: visible; padding: 0px; position: relative; user-select: text;"><p class="Paragraph SCXW262084301 BCX0" lang="EN-US" paraeid="{605267b8-0a56-4050-8c6f-df4ca9861b6b}{3}" paraid="452515223" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"></span></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559685":0,"335559738":0,"335559739":240,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></p></div><div class="OutlineElement Ltr SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; clear: both; color: black; cursor: text; direction: ltr; font-family: "Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif; margin: 0px; overflow: visible; padding: 0px; position: relative; user-select: text;"><p class="Paragraph SCXW262084301 BCX0" lang="EN-US" paraeid="{d7985aeb-3d0d-4a74-b1a4-e37d04a61674}{167}" paraid="1434675140" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">Special thanks to the following people for code contributions and bug reports:</span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559685":0,"335559738":0,"335559739":240,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></p><p class="Paragraph SCXW262084301 BCX0" lang="EN-US" paraeid="{d7985aeb-3d0d-4a74-b1a4-e37d04a61674}{167}" paraid="1434675140" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"></p><ul style="text-align: left;"><li><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">Nicolas R.</span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li><li><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">Steve Smith</span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li></ul><p style="font-size: 12px;"></p></div><div class="OutlineElement Ltr SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; clear: both; color: black; cursor: text; direction: ltr; font-family: "Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif; font-size: 12px; margin: 0px; overflow: visible; padding: 0px; position: relative; user-select: text;"><p class="Paragraph SCXW262084301 BCX0" lang="EN-US" paraeid="{17af727e-8344-440d-aa00-ac01a1664fcf}{124}" paraid="1638240206" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-size: 10.5pt; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"></span></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":0,"335551620":0,"335559685":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-size: 10.5pt; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></p></div><div class="OutlineElement Ltr SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; clear: both; color: black; cursor: text; direction: ltr; font-family: "Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif; font-size: 12px; margin: 0px; overflow: visible; padding: 0px; position: relative; user-select: text;"><p class="Paragraph SCXW262084301 BCX0" lang="EN-US" paraeid="{e7f74a0e-8c28-4b2f-bf63-e128ee3c15d2}{162}" paraid="1248857026" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-size: 11pt; font-variant-ligatures: none; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"></span></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" face="Arial, Arial_EmbeddedFont, Arial_MSCustomFont, Arial_MSFontService, sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-size: 11pt; line-height: 17.2667px; margin: 0px; padding: 0px; user-select: text;"> </span></p></div><div class="OutlineElement Ltr SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; clear: both; color: black; cursor: text; direction: ltr; font-family: "Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif; margin: 0px; overflow: visible; padding: 0px; position: relative; user-select: text;"><h4 style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: #2f5496; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; text-align: left; user-select: text; vertical-align: baseline; white-space-collapse: preserve;"><span style="font-size: large;"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: bold; line-height: 24.8208px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">0.103.9</span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134245418":true,"134245529":true,"201341983":0,"335559738":40,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; line-height: 24.8208px; margin: 0px; padding: 0px; user-select: text;"> </span></span></h4></div><div class="OutlineElement Ltr SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; clear: both; color: black; cursor: text; direction: ltr; font-family: "Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif; margin: 0px; overflow: visible; padding: 0px; position: relative; user-select: text;"><p class="Paragraph SCXW262084301 BCX0" lang="EN-US" paraeid="{7e939ca0-36dd-4e8a-be70-31afea5011ac}{31}" paraid="957387229" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">ClamAV 0.103.9 is a critical patch release with the following fixes:</span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":240,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></p><p class="Paragraph SCXW262084301 BCX0" lang="EN-US" paraeid="{7e939ca0-36dd-4e8a-be70-31afea5011ac}{31}" paraid="957387229" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"><br /></p><p class="Paragraph SCXW262084301 BCX0" lang="EN-US" paraeid="{7e939ca0-36dd-4e8a-be70-31afea5011ac}{31}" paraid="957387229" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"></p><ul style="text-align: left;"><li><a class="Hyperlink SCXW262084301 BCX0" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20197" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-family: "Segoe UI", "Segoe UI_MSFontService", sans-serif; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">CVE-2023-20197</span></span></a><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> </span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Fixed a </span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">possible denial</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> of service vulnerability in the HFS+ file parser. This issue affects versions 1.1.0, 1.0.1 through 1.0.0, 0.105.2 through 0.105.0, 0.104.4 through 0.104.0, and 0.103.8 through 0.103.0. Thank you to Steve Smith for reporting this issue.</span></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li><li><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Fixed compiler warnings that may turn into errors in Clang 16. Patch courtesy of Michael </span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Orlitzky</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">.</span></span></li><ul><li><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">GitHub pull request:</span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"> </span></span><a class="Hyperlink SCXW262084301 BCX0" href="https://github.com/Cisco-Talos/clamav/pull/747" rel="noreferrer noopener" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-family: "Segoe UI", "Segoe UI_MSFontService", sans-serif; margin: 0px; padding: 0px; text-decoration-line: none; user-select: text;" target="_blank"><span class="TextRun Underlined SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; text-decoration-line: underline; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" data-ccp-charstyle="Hyperlink" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">https://github.com/Cisco-Talos/clamav/pull/747</span></span></a><span class="TextRun EmptyTextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li></ul></ul><p></p></div><div class="OutlineElement Ltr SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; clear: both; color: black; cursor: text; direction: ltr; font-family: "Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif; margin: 0px; overflow: visible; padding: 0px; position: relative; user-select: text;"><p class="Paragraph SCXW262084301 BCX0" lang="EN-US" paraeid="{605267b8-0a56-4050-8c6f-df4ca9861b6b}{11}" paraid="295032370" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"></span></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":240,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></p></div><div class="OutlineElement Ltr SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; clear: both; color: black; cursor: text; direction: ltr; font-family: "Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif; margin: 0px; overflow: visible; padding: 0px; position: relative; user-select: text;"><p class="Paragraph SCXW262084301 BCX0" lang="EN-US" paraeid="{7e939ca0-36dd-4e8a-be70-31afea5011ac}{85}" paraid="2104946314" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">Special thanks to the following people for code contributions and bug reports:</span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":240,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></p><p class="Paragraph SCXW262084301 BCX0" lang="EN-US" paraeid="{7e939ca0-36dd-4e8a-be70-31afea5011ac}{85}" paraid="2104946314" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"></p><ul style="text-align: left;"><li><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Michael </span><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;">Orlitzky</span></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li><li><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US">Steve Smith</span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":0,"335559740":259}" face=""Segoe UI", "Segoe UI_EmbeddedFont", "Segoe UI_MSCustomFont", "Segoe UI_MSFontService", sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; line-height: 20.5042px; margin: 0px; padding: 0px; user-select: text;"> </span></li></ul><p></p></div><div class="OutlineElement Ltr SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; clear: both; color: black; cursor: text; direction: ltr; font-family: "Segoe UI", "Segoe UI Web", Arial, Verdana, sans-serif; font-size: 12px; margin: 0px; overflow: visible; padding: 0px; position: relative; user-select: text;"><p class="Paragraph SCXW262084301 BCX0" lang="EN-US" paraeid="{7e939ca0-36dd-4e8a-be70-31afea5011ac}{18}" paraid="1391997194" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; color: windowtext; font-kerning: none; margin: 0px; overflow-wrap: break-word; padding: 0px; user-select: text; vertical-align: baseline; white-space-collapse: preserve;" xml:lang="EN-US"><span class="TextRun SCXW262084301 BCX0" color="windowtext" data-contrast="auto" face="Calibri, Calibri_EmbeddedFont, Calibri_MSCustomFont, Calibri_MSFontService, sans-serif" lang="EN-US" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; background-color: transparent; font-size: 11pt; font-variant-ligatures: none; line-height: 19.425px; margin: 0px; padding: 0px; user-select: text;" xml:lang="EN-US"><span class="NormalTextRun SCXW262084301 BCX0" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; margin: 0px; padding: 0px; user-select: text;"></span></span><span class="EOP SCXW262084301 BCX0" color="windowtext" data-ccp-props="{"201341983":0,"335559685":0,"335559739":0,"335559740":259}" face="Calibri, Calibri_EmbeddedFont, Calibri_MSCustomFont, Calibri_MSFontService, sans-serif" style="-webkit-tap-highlight-color: transparent; -webkit-user-drag: none; font-size: 11pt; line-height: 19.425px; margin: 0px; padding: 0px; user-select: text;"> </span></p></div></div></div>Micah Snyderhttp://www.blogger.com/profile/07798916006145826441noreply@blogger.comtag:blogger.com,1999:blog-2366689974368239573.post-14950668381425828912023-08-04T12:52:00.000-04:002023-08-04T12:52:43.024-04:00ClamAV 1.2.0 release candidate now available<p><span style="font-family: inherit;">We are excited to announce the ClamAV 1.2.0 release candidate.</span></p><p><span style="font-family: inherit; font-size: small;">You may find the source code and installers for this release on t</span><span style="font-family: inherit;">he </span><a href="https://www.clamav.net/downloads" style="font-family: inherit;" target="_blank">clamav.net/downloads</a><span style="font-family: inherit;"> page or t</span><span style="font-family: inherit;">he </span><a href="https://github.com/Cisco-Talos/clamav/releases/tag/clamav-1.2.0-rc" rel="nofollow" style="font-family: inherit;" target="_blank">ClamAV GitHub release page</a>.</p><p><i>Tip: If you are downloading the source from the GitHub release page, the package labeled "clamav-1.2.0-rc.tar.gz" does not require an internet connection to build. All dependencies are included in this package. But if you download the ZIP or TAR.GZ generated by GitHub, located at the very bottom, then an internet connection will be required during the build to download additional Rust dependencies.</i></p><p class="code-line" data-line="7" dir="auto" style="-webkit-text-stroke-width: 0px; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">For Docker users, there is no specific Docker tag for the release candidate, but you can use the </span><span style="font-family: inherit;"><span></span><code style="line-height: 1.357em;">clamav:unstable</code><span> or </span></span><span style="font-family: inherit;"></span><span style="font-family: inherit;"><span></span><code style="line-height: 1.357em;">clamav:unstable_base</code></span><span style="font-family: inherit;"><span> tags.</span></span><span style="font-family: inherit;"></span></span></p><p class="code-line" data-line="7" dir="auto" style="-webkit-text-stroke-width: 0px; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">The release candidate phase is expected to last two to three weeks before we publish the stable release or a second release candidate</span><span style="font-family: inherit;">. Please take this time to evaluate ClamAV 1.2.0. </span></span><span style="font-family: inherit; font-size: small;"> </span></p><p><span style="font-family: inherit;">Please help us validate this release by providing feedback via the </span><span style="color: black; font-family: inherit;"><a href="https://lists.clamav.net/mailman/listinfo/clamav-users" target="_blank">ClamAV mailing list</a> or on <a href="https://discord.gg/sGaxA5Q" target="_blank">our Discord</a>.</span> </p><p class="code-line" data-line="7" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">ClamAV 1.2.0 includes the following improvements and changes:</span></p><h4 style="line-height: 1.25; margin-bottom: 16px; margin-top: 24px; position: relative; text-align: left;"><span style="font-family: inherit;">Major changes</span></h4><ul class="code-line" data-line="11" dir="auto" style="font-size: 14px; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="11" dir="auto" style="position: relative;"><p class="code-line" data-line="11" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Added support for extracting Universal Disk Format (UDF) partitions.</span></p><p class="code-line" data-line="13" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Specifically, this version adds support for the Beginning Extended Area Descriptor (BEA01) type of UDF files.</span></p><ul class="code-line" data-line="15" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="15" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/941" href="https://github.com/Cisco-Talos/clamav/pull/941" style="text-decoration-line: none;">https://github.com/Cisco-Talos/clamav/pull/941</a></span></li></ul></li><li class="code-line" data-line="17" dir="auto" style="position: relative;"><p class="code-line" data-line="17" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Added an option to customize the size of ClamAV's clean file cache.</span></p><p class="code-line" data-line="19" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Increasing the size of the clean file cache may improve scan performance but will require more RAM. The cache size value should be a square number or will be rounded up to the nearest square number.</span></p><p class="code-line" data-line="23" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">The cache size option for <code style="font-size: 1em; line-height: 1.357em;">clamd</code> and <code style="font-size: 1em; line-height: 1.357em;">clamscan</code> is <code style="font-size: 1em; line-height: 1.357em;">--cache-size</code>. Alternatively, you can customize the cache size for ClamD by setting <code style="font-size: 1em; line-height: 1.357em;">CacheSize</code> in <code style="font-size: 1em; line-height: 1.357em;">clamd.conf</code>.</span></p><p class="code-line" data-line="27" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Patch courtesy of Craig Andrews.</span></p><ul class="code-line" data-line="28" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="28" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/882" href="https://github.com/Cisco-Talos/clamav/pull/882" style="text-decoration-line: none;">https://github.com/Cisco-Talos/clamav/pull/882</a></span></li></ul></li><li class="code-line" data-line="30" dir="auto" style="position: relative;"><p class="code-line" data-line="30" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Introduced a SystemD timer for running Freshclam updates, without sending Freshclam into the background. This takes the "burden of timing the updates" from Freshclam and puts it onto SystemD. The timer can be activated, audited, and the logs inspected:</span></p><pre style="border-radius: 3px; margin-top: 0px; overflow: auto; padding: 16px; text-wrap: wrap;"><code class="code-line language-sh" data-line="34" dir="auto" style="font-size: 1em; line-height: 1.357em; position: relative; tab-size: 4;"><span style="font-family: inherit;">sudo systemctl <span class="hljs-built_in">enable</span> --now clamav-freshclam-once.timer
sudo systemctl list-timers
sudo systemctl status clamav-freshclam-once.timer
sudo systemctl status clamav-freshclam-once.service
journalctl -u clamav-freshclam-once.service
</span></code></pre><p class="code-line" data-line="41" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">If you want a different update interval you can edit the timer unit file:</span></p><pre style="border-radius: 3px; margin-top: 0px; overflow: auto; padding: 16px; text-wrap: wrap;"><code class="code-line language-sh" data-line="42" dir="auto" style="font-size: 1em; line-height: 1.357em; position: relative; tab-size: 4;"><span style="font-family: inherit;">sudo systemctl edit clamav-freshclam-once.timer
</span></code></pre><p class="code-line" data-line="45" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Patch courtesy of Nils Werner.</span></p><ul class="code-line" data-line="46" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="46" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/962" href="https://github.com/Cisco-Talos/clamav/pull/962" style="text-decoration-line: none;">https://github.com/Cisco-Talos/clamav/pull/962</a></span></li></ul></li><li class="code-line" data-line="48" dir="auto" style="position: relative;"><p class="code-line" data-line="48" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Raised the MaxScanSize limit so the total amount of data scanned when scanning a file or archive may exceed 4 gigabytes.</span></p><p class="code-line" data-line="51" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Introduced the ability to suffix the MaxScanSize and other config file size options with a "G" or "g" for the number of gigabytes. For example, for ClamD you may now specify <code style="font-size: 1em; line-height: 1.357em;">MaxScanSize 10G</code> in <code style="font-size: 1em; line-height: 1.357em;">clamd.conf</code>. And for ClamScan, you may now specify <code style="font-size: 1em; line-height: 1.357em;">--max-scansize=10g</code>.</span></p><p class="code-line" data-line="56" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">The <code style="font-size: 1em; line-height: 1.357em;">MaxFileSize</code> is still limited internally in ClamAV to 2 gigabytes. Any file, or embedded file, larger than 2GB will be skipped. You may use <code style="font-size: 1em; line-height: 1.357em;">clamscan --alert-exceeds-max</code>, or the <code style="font-size: 1em; line-height: 1.357em;">clamd.conf</code> option <code style="font-size: 1em; line-height: 1.357em;">AlertExceedsMax yes</code> to tell if a scan is not completed because of the scan limits.</span></p><p class="code-line" data-line="62" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Patch courtesy of matthias-fratz-bsz.</span></p><ul class="code-line" data-line="63" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="63" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/945" href="https://github.com/Cisco-Talos/clamav/pull/945" style="text-decoration-line: none;">https://github.com/Cisco-Talos/clamav/pull/945</a></span></li></ul></li><li class="code-line" data-line="65" dir="auto" style="position: relative;"><p class="code-line" data-line="65" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Added ability for Freshclam to use a client certificate PEM file and a private key PEM file for authentication to a private mirror by setting the following environment variables:</span></p><ul class="code-line" data-line="68" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="68" dir="auto" style="position: relative;"><span style="font-family: inherit;"><code style="font-size: 1em; line-height: 1.357em;">FRESHCLAM_CLIENT_CERT</code>: May be set to the path of a file (PEM) containing the client certificate.</span></li><li class="code-line" data-line="70" dir="auto" style="position: relative;"><span style="font-family: inherit;"><code style="font-size: 1em; line-height: 1.357em;">FRESHCLAM_CLIENT_KEY</code>: May be set to the path of a file (PEM) containing the client private key.</span></li><li class="code-line" data-line="72" dir="auto" style="position: relative;"><span style="font-family: inherit;"><code style="font-size: 1em; line-height: 1.357em;">FRESHCLAM_CLIENT_KEY_PASSWD</code>: May be set to a password for the client key PEM file, if it is password protected.</span></li></ul><p class="code-line" data-line="75" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Patch courtesy of jedrzej.</span></p><ul class="code-line" data-line="76" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="76" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/955" href="https://github.com/Cisco-Talos/clamav/pull/955" style="text-decoration-line: none;">https://github.com/Cisco-Talos/clamav/pull/955</a></span></li></ul></li></ul><h4 style="border-bottom: 1px solid rgba(255, 255, 255, 0.18); border-left-color: rgba(255, 255, 255, 0.18); border-right-color: rgba(255, 255, 255, 0.18); border-top-color: rgba(255, 255, 255, 0.18); line-height: 1.25; margin-bottom: 16px; margin-top: 24px; padding-bottom: 0.3em; position: relative; text-align: left;"><span style="font-family: inherit;">Other improvements</span></h4><ul class="code-line" data-line="80" dir="auto" style="font-size: 14px; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="80" dir="auto" style="position: relative;"><p class="code-line" data-line="80" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fix an issue extracting files from ISO9660 partitions where the files are listed in the plain ISO tree and there also exists an empty Joliet tree.</span></p><ul class="code-line" data-line="82" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="82" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/938" href="https://github.com/Cisco-Talos/clamav/pull/938" style="text-decoration-line: none;">https://github.com/Cisco-Talos/clamav/pull/938</a></span></li></ul></li><li class="code-line" data-line="84" dir="auto" style="position: relative;"><p class="code-line" data-line="84" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">CMake build system improvement to support compiling with OpenSSL 3.x on macOS with the Xcode toolchain.</span></p><p class="code-line" data-line="87" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">The official ClamAV installers and packages are now built with OpenSSL 3.1.1 or newer.</span></p><ul class="code-line" data-line="89" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="89" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/970" href="https://github.com/Cisco-Talos/clamav/pull/970" style="text-decoration-line: none;">https://github.com/Cisco-Talos/clamav/pull/970</a></span></li></ul></li><li class="code-line" data-line="91" dir="auto" style="position: relative;"><p class="code-line" data-line="91" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">The suggested path for the <code style="font-size: 1em; line-height: 1.357em;">clamd.pid</code> and <code style="font-size: 1em; line-height: 1.357em;">clamd.sock</code> file in the sample configs have been updated to reflect the recommended locations for these files in the Docker images. These are:</span></p><ul class="code-line" data-line="94" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="94" dir="auto" style="position: relative;"><code style="font-size: 1em; line-height: 1.357em;"><span style="font-family: inherit;">/run/clamav/clamd.pid</span></code></li><li class="code-line" data-line="95" dir="auto" style="position: relative;"><code style="font-size: 1em; line-height: 1.357em;"><span style="font-family: inherit;">/run/clamav/clamd.sock</span></code></li></ul><p class="code-line" data-line="97" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">For consistency, it now specifies <code style="font-size: 1em; line-height: 1.357em;">clamd.sock</code> instead of <code style="font-size: 1em; line-height: 1.357em;">clamd.socket</code>.</span></p><p class="code-line" data-line="99" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Patch courtesy of computersalat.</span></p><ul class="code-line" data-line="100" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="100" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/931" href="https://github.com/Cisco-Talos/clamav/pull/931" style="text-decoration-line: none;">https://github.com/Cisco-Talos/clamav/pull/931</a></span></li></ul></li></ul><h4 style="line-height: 1.25; margin-bottom: 16px; margin-top: 24px; position: relative; text-align: left;"><span style="font-family: inherit;">Bug fixes</span></h4><ul class="code-line" data-line="104" dir="auto" style="font-size: 14px; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="104" dir="auto" style="position: relative;"><p class="code-line" data-line="104" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed an issue where ClamAV does not abort the signature load process after partially loading an invalid signature. The bug would later cause a crash when scanning certain files.</span></p><ul class="code-line" data-line="107" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="107" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/934" href="https://github.com/Cisco-Talos/clamav/pull/934" style="text-decoration-line: none;">https://github.com/Cisco-Talos/clamav/pull/934</a></span></li></ul></li><li class="code-line" data-line="109" dir="auto" style="position: relative;"><p class="code-line" data-line="109" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed a possible buffer over-read bug when unpacking PE files.</span></p><ul class="code-line" data-line="110" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="110" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/927" href="https://github.com/Cisco-Talos/clamav/pull/927" style="text-decoration-line: none;">https://github.com/Cisco-Talos/clamav/pull/927</a></span></li></ul></li><li class="code-line" data-line="112" dir="auto" style="position: relative;"><p class="code-line" data-line="112" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Removed a warning message showing the HTTP response codes during the Freshclam database update process.</span></p><ul class="code-line" data-line="114" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="114" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/935" href="https://github.com/Cisco-Talos/clamav/pull/935" style="text-decoration-line: none;">https://github.com/Cisco-Talos/clamav/pull/935</a></span></li></ul></li><li class="code-line" data-line="116" dir="auto" style="position: relative;"><p class="code-line" data-line="116" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Added missing command line options to the ClamD and ClamAV-Milter <code style="font-size: 1em; line-height: 1.357em;">--help</code> message and manpages.</span></p><ul class="code-line" data-line="118" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="118" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/936" href="https://github.com/Cisco-Talos/clamav/pull/936" style="text-decoration-line: none;">https://github.com/Cisco-Talos/clamav/pull/936</a></span></li></ul></li><li class="code-line" data-line="120" dir="auto" style="position: relative;"><p class="code-line" data-line="120" dir="auto" style="margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">ClamOnAcc: Fix error message when using <code style="font-size: 1em; line-height: 1.357em;">--wait</code> without <code style="font-size: 1em; line-height: 1.357em;">--ping</code> option. Patch courtesy of Răzvan Cojocaru.</span></p><ul class="code-line" data-line="122" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="122" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/984" href="https://github.com/Cisco-Talos/clamav/pull/984" style="text-decoration-line: none;">https://github.com/Cisco-Talos/clamav/pull/984</a></span></li></ul></li></ul><h4 style="line-height: 1.25; margin-bottom: 16px; margin-top: 24px; position: relative; text-align: left;"><span style="font-family: inherit;">Acknowledgments</span></h4><p class="code-line" data-line="556" dir="auto" style="font-size: 14px; margin-bottom: 16px; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Special thanks to the following people for code contributions and bug reports:</span></p><ul class="code-line" data-line="127" dir="auto" style="font-size: 14px; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="127" dir="auto" style="position: relative;"><span style="font-family: inherit;">computersalat</span></li><li class="code-line" data-line="181" dir="auto" style="position: relative;"><span style="font-family: inherit;">Craig Andrews</span></li><li class="code-line" data-line="129" dir="auto" style="position: relative;"><span style="font-family: inherit;">jedrzej</span></li><li class="code-line" data-line="130" dir="auto" style="position: relative;"><span style="font-family: inherit;">matthias-fratz-bsz</span></li><li class="code-line" data-line="131" dir="auto" style="position: relative;"><span style="font-family: inherit;">Nils Werner</span></li><li class="code-line" data-line="132" dir="auto" style="position: relative;"><span style="font-family: inherit;">Răzvan Cojocaru</span></li></ul>Micah Snyderhttp://www.blogger.com/profile/07798916006145826441noreply@blogger.comtag:blogger.com,1999:blog-2366689974368239573.post-52791465315999108162023-06-09T09:06:00.013-04:002023-06-09T09:09:08.753-04:00Shutting down old ClamAV Bugzilla<p>ClamAV will shut down the old <a href="https://bugzilla.clamav.net/" target="_blank">ClamAV Bugzilla</a> server in July. </p><p>Users who have any outstanding Bugzilla reports should move them to <a href="https://github.com/Cisco-Talos/clamav/issues" target="_blank">GitHub Issues </a>as soon as possible.</p><p>We <a href="https://blog.clamav.net/2021/12/clamav-bugzilla-new-ticket-creation.html" target="_blank">disabled new tickets in Bugzilla</a> in December 2021 in favor of GitHub Issues for all new ClamAV bug reports and a new process for reporting vulnerabilities as defined by a <a href="https://github.com/Cisco-Talos/clamav/security/policy" target="_blank">new security policy.</a> As it has now been 18 months since the switch to GitHub Issues, we have decided to shut down our old Bugzilla. </p><p>We plan to take the Bugzilla server off the internet sometime after July 1 and keep it as an internal reference for our development team. It will no longer be accessible to the public. </p>Jon Munshawhttp://www.blogger.com/profile/13414456218583234191noreply@blogger.comtag:blogger.com,1999:blog-2366689974368239573.post-50326488640860912592023-05-08T13:24:00.003-04:002023-05-08T13:54:36.806-04:00 End of life (EOL) policy change, 0.103 one year extension, 0.105 past end of life <div style="text-align: left;"><h4 style="text-align: left;">End of life (EOL) policy change </h4><div>ClamAV is making a minor change to our <a href="https://docs.clamav.net/faq/faq-eol.html" target="_blank">EOL policy</a>. </div><div><br /></div><div>The original EOL policy stated that Long Term Support (LTS) versions will lose access to signature updates on the same date that we end support for additional patch versions. </div><div><br /></div><div>We are changing the policy to allow signature updates for at least one year after we stop supporting the release with patch versions. </div><div><br /></div><h4 style="text-align: left;">0.103 support extension </h4><div>We are also announcing a one-year extension of support for ClamAV 0.103 LTS. </div><div><br /></div><div>We decided to extend the life of the 0.103 LTS release because of the significant changes to the build system in 0.104 and the change in 0.105 requiring the Rust programming language toolchain to compile ClamAV. </div><div><br /></div><div>The one-year support extension does not apply to future LTS releases. </div><div><br /></div><div>ClamAV 0.103.0 was initially released on Sept. 14, 2020. With the additional year of support, and considering the change in the EOL Policy that allows one additional year of access for signature updates, this means that EOL dates for ClamAV 0.103 LTS are as follows: </div><div><ul style="text-align: left;"><li>Expected End of Life (EOL): Sept. 14, 2024 </li><li>Patch versions continue until: Sept. 14, 2024 </li><li>Internal signature load testing until: Sept. 14, 2024 </li><li>Database downloads allowed until: Sept. 14, 2025 </li></ul></div><div><br /></div><h4 style="text-align: left;">0.105 EOL </h4><div>Finally, we would like to remind everyone that as per the EOL Policy, the release of ClamAV 1.1 heralds the end of patch versions supporting ClamAV 0.105. There will no more patch versions for ClamAV 0.105.</div><div><br /></div><div>ClamAV 0.105 will continue to have access to signature updates for an additional four months after the 1.1 release, which was on May 1, 2023. This means that we may block 0.105 from further updates after Sept. 1, 2023. </div><div><br /></div></div>Micah Snyderhttp://www.blogger.com/profile/07798916006145826441noreply@blogger.comtag:blogger.com,1999:blog-2366689974368239573.post-25259095405994163282023-05-01T17:07:00.000-04:002023-05-01T17:07:48.878-04:00ClamAV 1.1.0 released<p><span style="font-family: inherit;"><span style="background-color: white; color: #444444;">The ClamAV 1.1.0 feature release is now stable and available for</span><span style="background-color: white; color: #444444;"> </span><a href="https://www.clamav.net/downloads" rel="nofollow" style="background-color: white; color: #ef3e42; text-decoration-line: none;" target="_blank">download on ClamAV.net</a><span style="background-color: white; color: #444444;"> </span><span style="background-color: white; color: #444444;">or through</span><span style="background-color: white; color: #444444;"> </span><a href="https://hub.docker.com/r/clamav/clamav/" rel="nofollow" style="background-color: white; color: #ef3e42; text-decoration-line: none;" target="_blank">Docker Hub</a><span style="background-color: white; color: #444444;">.</span><span style="background-color: white; color: #444444;"> </span><span style="background-color: white; color: #444444;"> </span></span></p><p class="code-line" data-line="7" style="background-color: white; color: #444444; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">ClamAV 1.1.0 includes the following improvements and changes.</span></p><p class="code-line" data-line="7" style="background-color: white; color: #444444; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><br /></p><h3 class="code-line" data-line="9" id="major-changes" style="color: #333333; font-weight: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left;"><span style="font-family: inherit; font-size: large;">Major changes</span></h3><ul class="code-line" data-line="11" dir="auto" style="color: #333333; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="11" dir="auto" style="position: relative;"><p class="code-line" data-line="11" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Added the ability to extract images embedded in HTML CSS <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;"><style></code> blocks.</span></p><ul class="code-line" data-line="12" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="12" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/813" href="https://github.com/Cisco-Talos/clamav/pull/813" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/813">https://github.com/Cisco-Talos/clamav/pull/813</a></span></li></ul></li><li class="code-line" data-line="14" dir="auto" style="position: relative;"><p class="code-line" data-line="14" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Updated to Sigtool so that the <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">--vba</code> option will extract VBA code from Microsoft Office documents the same way that libclamav extracts VBA. This resolves several issues where Sigtool could not extract VBA. Sigtool will also now display the normalized VBA code instead of the pre-normalized VBA code.</span></p><ul class="code-line" data-line="19" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="19" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/852" href="https://github.com/Cisco-Talos/clamav/pull/852" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/852">https://github.com/Cisco-Talos/clamav/pull/852</a></span></li></ul></li><li class="code-line" data-line="21" dir="auto" style="position: relative;"><p class="code-line" data-line="21" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Added a new ClamScan and ClamD option: <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">--fail-if-cvd-older-than=days</code>. Additionally, we introduce <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">FailIfCvdOlderThan</code> as a <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">clamd.conf</code> synonym for <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">--fail-if-cvd-older-than</code>. When passed, it causes ClamD to exit on startup with a non-zero return code if the virus database is older than the specified number of days.</span></p><ul class="code-line" data-line="26" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="26" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/867" href="https://github.com/Cisco-Talos/clamav/pull/867" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/867">https://github.com/Cisco-Talos/clamav/pull/867</a></span></li></ul></li><li class="code-line" data-line="28" dir="auto" style="position: relative;"><p class="code-line" data-line="28" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Added a new function <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">cl_cvdgetage()</code> to the libclamav API. This function will retrieve the age in seconds of the youngest file in a database directory, or the age of a single CVD (or CLD) file.</span></p><ul class="code-line" data-line="31" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="31" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/867" href="https://github.com/Cisco-Talos/clamav/pull/867" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/867">https://github.com/Cisco-Talos/clamav/pull/867</a></span></li></ul></li><li class="code-line" data-line="33" dir="auto" style="position: relative;"><p class="code-line" data-line="33" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Added a new function <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">cl_engine_set_clcb_vba()</code> to the libclamav API. Use this function to set a <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">cb_vba</code> callback function. The cb_vba callback function will be run whenever VBA is extracted from office documents. The provided data will be a normalized copy of the extracted VBA. This callback was added to support Sigtool so that it can use the same VBA extraction logic that ClamAV uses to scan documents.</span></p><ul class="code-line" data-line="40" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="40" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/852" href="https://github.com/Cisco-Talos/clamav/pull/852" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/852">https://github.com/Cisco-Talos/clamav/pull/852</a></span></li></ul></li></ul><h3 style="color: #333333; font-weight: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left;"><span style="font-family: inherit; font-size: large;">Other improvements</span></h3><ul class="code-line" data-line="44" dir="auto" style="color: #333333; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="44" dir="auto" style="position: relative;"><p class="code-line" data-line="44" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Removed the vendored TomsFastMath library in favor of using OpenSSL to perform "big number"/multiprecision math operations. Work courtesy of Sebastian Andrzej Siewior.</span></p><ul class="code-line" data-line="47" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="47" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/840" href="https://github.com/Cisco-Talos/clamav/pull/840" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/840">https://github.com/Cisco-Talos/clamav/pull/840</a></span></li></ul></li><li class="code-line" data-line="49" dir="auto" style="position: relative;"><p class="code-line" data-line="49" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Build system: Added CMake option <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">DO_NOT_SET_RPATH</code> to avoid setting <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">RPATH</code> on Unix systems. Feature courtesy of Sebastian Andrzej Siewior.</span></p><ul class="code-line" data-line="52" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="52" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/815" href="https://github.com/Cisco-Talos/clamav/pull/815" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/815">https://github.com/Cisco-Talos/clamav/pull/815</a></span></li></ul></li><li class="code-line" data-line="54" dir="auto" style="position: relative;"><p class="code-line" data-line="54" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Build system: Enabled version-scripts with CMake to limit symbol exports for libclamav, libfreshclam, libclamunrar_iface, and libclamunrar shared libraries on Unix systems, excluding macOS. Improvement courtesy of Orion Poplawski and Sebastian Andrzej Siewior.</span></p><ul class="code-line" data-line="58" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="58" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/776" href="https://github.com/Cisco-Talos/clamav/pull/776" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/776">https://github.com/Cisco-Talos/clamav/pull/776</a></span></li></ul></li><li class="code-line" data-line="60" dir="auto" style="position: relative;"><p class="code-line" data-line="60" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Build system: Enabled users to pass in custom Rust compiler flags using the <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">RUSTFLAGS</code> CMake variable. Feature courtesy of Orion Poplawski.</span></p><ul class="code-line" data-line="63" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="63" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/835" href="https://github.com/Cisco-Talos/clamav/pull/835" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/835">https://github.com/Cisco-Talos/clamav/pull/835</a></span></li></ul></li><li class="code-line" data-line="65" dir="auto" style="position: relative;"><p class="code-line" data-line="65" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Removed a hard-coded alert for CVE-2004-0597. The CVE is old enough that it is no longer a threat and the detection had occasional false-positives.</span></p><ul class="code-line" data-line="68" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="68" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/855" href="https://github.com/Cisco-Talos/clamav/pull/855" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/855">https://github.com/Cisco-Talos/clamav/pull/855</a></span></li></ul></li><li class="code-line" data-line="70" dir="auto" style="position: relative;"><p class="code-line" data-line="70" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Set Git attributes to prevent Git from altering line endings for Rust vendored libraries. Third-party Rust libraries are bundled in the ClamAV release tarball. We do not commit them to our own Git repository, but community package maintainers may now store the tarball contents in Git. The Rust build system verifies the library manifest, and this change ensures that the hashes are correct. Improvement courtesy of Nicolas R.</span></p><ul class="code-line" data-line="77" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="77" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/800" href="https://github.com/Cisco-Talos/clamav/pull/800" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/800">https://github.com/Cisco-Talos/clamav/pull/800</a></span></li></ul></li><li class="code-line" data-line="79" dir="auto" style="position: relative;"><p class="code-line" data-line="79" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed compile time warnings. Improvement courtesy of Răzvan Cojocaru.</span></p><ul class="code-line" data-line="81" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="81" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/795" href="https://github.com/Cisco-Talos/clamav/pull/795" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/795">https://github.com/Cisco-Talos/clamav/pull/795</a></span></li></ul></li><li class="code-line" data-line="83" dir="auto" style="position: relative;"><p class="code-line" data-line="83" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Added a minor optimization when matching domain name regex signatures for PDB, WDB and CDB type signatures.</span></p><ul class="code-line" data-line="85" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="85" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/837" href="https://github.com/Cisco-Talos/clamav/pull/837" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/837">https://github.com/Cisco-Talos/clamav/pull/837</a></span></li></ul></li><li class="code-line" data-line="87" dir="auto" style="position: relative;"><p class="code-line" data-line="87" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Build system: Enabled the ability to select a specific Python version. When building, you may use the CMake option <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">-D PYTHON_FIND_VER=<version></code> to choose a specific Python version. Feature courtesy of Matt Jolly.</span></p><ul class="code-line" data-line="91" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="91" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/787" href="https://github.com/Cisco-Talos/clamav/pull/787" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/787">https://github.com/Cisco-Talos/clamav/pull/787</a></span></li></ul></li><li class="code-line" data-line="93" dir="auto" style="position: relative;"><p class="code-line" data-line="93" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Added improvements to the ClamOnAcc process log output so that it is easier to diagnose bugs.</span></p><ul class="code-line" data-line="95" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="95" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/822" href="https://github.com/Cisco-Talos/clamav/pull/822" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/822">https://github.com/Cisco-Talos/clamav/pull/822</a></span></li></ul></li><li class="code-line" data-line="97" dir="auto" style="position: relative;"><p class="code-line" data-line="97" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Windows: Enabled the MSI installer to upgrade between feature versions more easily when ClamAV is installed to a location different from the default (i.e., not <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">C:\Program Files\ClamAV</code>). This means that the MSI installer can find a previous ClamAV 1.0.x installation to upgrade to ClamAV 1.1.0.</span></p><ul class="code-line" data-line="101" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="101" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/872" href="https://github.com/Cisco-Talos/clamav/pull/872" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/872">https://github.com/Cisco-Talos/clamav/pull/872</a></span></li></ul></li><li class="code-line" data-line="103" dir="auto" style="position: relative;"><p class="code-line" data-line="103" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Sigtool: Added the ability to change the location of the temp directory using the <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">--tempdir</code> option and added the ability to retain the temp files created by Sigtool using the <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">--leave-temps</code> option.</span></p><ul class="code-line" data-line="106" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="106" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/852" href="https://github.com/Cisco-Talos/clamav/pull/852" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/852">https://github.com/Cisco-Talos/clamav/pull/852</a></span></li></ul></li><li class="code-line" data-line="108" dir="auto" style="position: relative;"><p class="code-line" data-line="108" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Other minor improvements.</span></p></li></ul><h3 class="code-line" data-line="110" id="bug-fixes" style="color: #333333; font-weight: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left;"><span style="font-family: inherit; font-size: large;">Bug fixes</span></h3><ul class="code-line" data-line="112" dir="auto" style="color: #333333; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="112" dir="auto" style="position: relative;"><p class="code-line" data-line="112" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed the broken <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">ExcludePUA</code> / <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">--exclude-pua</code> feature. Fix courtesy of Ged Haywood and Shawn Iverson.</span></p><ul class="code-line" data-line="114" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="114" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/780" href="https://github.com/Cisco-Talos/clamav/pull/780" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/780">https://github.com/Cisco-Talos/clamav/pull/780</a></span></li></ul></li><li class="code-line" data-line="116" dir="auto" style="position: relative;"><p class="code-line" data-line="116" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed an issue with integer endianness when parsing Windows executables on big-endian systems. Fix courtesy of Sebastian Andrzej Siewior.</span></p><ul class="code-line" data-line="119" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="119" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/814" href="https://github.com/Cisco-Talos/clamav/pull/814" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/814">https://github.com/Cisco-Talos/clamav/pull/814</a></span></li></ul></li><li class="code-line" data-line="121" dir="auto" style="position: relative;"><p class="code-line" data-line="121" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed a possible stack overflow read when parsing WDB signatures. This issue is not a vulnerability.</span></p><ul class="code-line" data-line="123" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="123" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/807" href="https://github.com/Cisco-Talos/clamav/pull/807" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/807">https://github.com/Cisco-Talos/clamav/pull/807</a></span></li></ul></li><li class="code-line" data-line="125" dir="auto" style="position: relative;"><p class="code-line" data-line="125" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed a possible index out of bounds when loading CRB signatures. This issue is not a vulnerability.</span></p><ul class="code-line" data-line="127" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="127" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/810" href="https://github.com/Cisco-Talos/clamav/pull/810" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/810">https://github.com/Cisco-Talos/clamav/pull/810</a></span></li></ul></li><li class="code-line" data-line="129" dir="auto" style="position: relative;"><p class="code-line" data-line="129" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed a possible use after free when reading logical signatures. This issue is not a vulnerability.</span></p><ul class="code-line" data-line="131" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="131" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/811" href="https://github.com/Cisco-Talos/clamav/pull/811" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/811">https://github.com/Cisco-Talos/clamav/pull/811</a></span></li></ul></li><li class="code-line code-active-line" data-line="133" dir="auto" style="position: relative;"><p class="code-line" data-line="133" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed a possible heap overflow read when reading PDB signatures. This issue is not a vulnerability.</span></p><ul class="code-line" data-line="135" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="135" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/812" href="https://github.com/Cisco-Talos/clamav/pull/812" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/812">https://github.com/Cisco-Talos/clamav/pull/812</a></span></li></ul></li><li class="code-line" data-line="137" dir="auto" style="position: relative;"><p class="code-line" data-line="137" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed a possible heap overflow read in javascript normalizer module. This issue is not a vulnerability.</span></p><ul class="code-line" data-line="139" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="139" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/868" href="https://github.com/Cisco-Talos/clamav/pull/868" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/868">https://github.com/Cisco-Talos/clamav/pull/868</a></span></li></ul></li><li class="code-line" data-line="141" dir="auto" style="position: relative;"><p class="code-line" data-line="141" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed two bugs that would cause Freshclam to fail update when applying a CDIFF database patch if that patch adds a file to the database archive or removes a file from the database archive. This bug also caused Sigtool to fail to create such a patch.</span></p><ul class="code-line" data-line="145" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="145" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/893" href="https://github.com/Cisco-Talos/clamav/pull/893" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/893">https://github.com/Cisco-Talos/clamav/pull/893</a></span></li></ul></li><li class="code-line" data-line="147" dir="auto" style="position: relative;"><p class="code-line" data-line="147" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed an assortment of complaints identified by Coverity static analysis.</span></p><ul class="code-line" data-line="148" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="148" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull requests:</span><ul class="code-line" data-line="149" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="149" dir="auto" style="position: relative;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/891" href="https://github.com/Cisco-Talos/clamav/pull/891" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/891"><span style="font-family: inherit;">https://github.com/Cisco-Talos/clamav/pull/891</span></a></li><li class="code-line" data-line="150" dir="auto" style="position: relative;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/899" href="https://github.com/Cisco-Talos/clamav/pull/899" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/899"><span style="font-family: inherit;">https://github.com/Cisco-Talos/clamav/pull/899</span></a></li></ul></li></ul></li><li class="code-line" data-line="152" dir="auto" style="position: relative;"><p class="code-line" data-line="152" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed one of the Freshclam tests that was failing on some Fedora systems due to a bug printing debug-level log messages to stdout. Fix courtesy of Arjen de Korte.</span></p><ul class="code-line" data-line="155" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="155" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/881" href="https://github.com/Cisco-Talos/clamav/pull/881" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/881">https://github.com/Cisco-Talos/clamav/pull/881</a></span></li></ul></li><li class="code-line" data-line="157" dir="auto" style="position: relative;"><p class="code-line" data-line="157" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Correctly remove temporary files generated by the VBA and XLM extraction modules so that the files are not leaked in patched versions of ClamAV where temporary files are written directly to the temp-directory instead of writing to a unique subdirectory.</span></p><ul class="code-line" data-line="161" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="161" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/894" href="https://github.com/Cisco-Talos/clamav/pull/894" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/894">https://github.com/Cisco-Talos/clamav/pull/894</a></span></li></ul></li></ul><h3 class="code-line" data-line="163" dir="auto" id="acknowledgments" style="color: #333333; font-weight: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative;"><span style="font-family: inherit; font-size: large;">Acknowledgments</span></h3><p class="code-line" data-line="165" dir="auto" style="color: #333333; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Special thanks to the following people for code contributions and bug reports:</span></p><ul class="code-line" data-line="166" dir="auto" style="color: #333333; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="166" dir="auto" style="position: relative;"><span style="font-family: inherit;">Arjen de Korte</span></li><li class="code-line" data-line="167" dir="auto" style="position: relative;"><span style="font-family: inherit;">Craig Andrews</span></li><li class="code-line" data-line="168" dir="auto" style="position: relative;"><span style="font-family: inherit;">Ged Haywood</span></li><li class="code-line" data-line="169" dir="auto" style="position: relative;"><span style="font-family: inherit;">Matt Jolly</span></li><li class="code-line" data-line="170" dir="auto" style="position: relative;"><span style="font-family: inherit;">Orion Poplawski</span></li><li class="code-line" data-line="171" dir="auto" style="position: relative;"><span style="font-family: inherit;">Nicolas R.</span></li><li class="code-line" data-line="172" dir="auto" style="position: relative;"><span style="font-family: inherit;">Răzvan Cojocaru</span></li><li class="code-line" data-line="173" dir="auto" style="position: relative;"><span style="font-family: inherit;">Red</span></li><li class="code-line" data-line="174" dir="auto" style="position: relative;"><span style="font-family: inherit;">Shawn Iverson</span></li><li class="code-line" data-line="175" dir="auto" style="position: relative;"><span style="font-family: inherit;">Sebastian Andrzej Siewior</span></li><li class="code-line" data-line="176" dir="auto" style="position: relative;"><span style="font-family: inherit;">The OSS-Fuzz project</span></li></ul>Micah Snyderhttp://www.blogger.com/profile/07798916006145826441noreply@blogger.comtag:blogger.com,1999:blog-2366689974368239573.post-28888799047589443832023-03-31T13:04:00.003-04:002023-03-31T13:04:49.442-04:00ClamAV 1.1.0 release candidate now available<p><span style="font-family: inherit;">We are excited to announce the ClamAV 1.1.0 release candidate.</span></p><p><span style="font-family: inherit; font-size: small;">You may find the source code and installers for this release on:<br /></span></p><ul><li><span style="font-family: inherit; font-size: small;">The <a href="https://www.clamav.net/downloads" target="_blank">clamav.net/downloads</a> page, or<br /></span></li><li><span style="font-family: inherit; font-size: small;">The <a href="https://github.com/Cisco-Talos/clamav/releases/tag/clamav-1.1.0-rc" rel="nofollow" target="_blank">ClamAV GitHub release page</a><br /></span></li></ul><p><i>Tip: If you are downloading the source from the GitHub release page, the package labeled "clamav-1.1.0-rc.tar.gz" does not require an internet connection to build. All dependencies are included in this package. But if you download the ZIP or TAR.GZ generated by GitHub, located at the very bottom, then an internet connection will be required during the build to download additional Rust dependencies.</i></p><p class="code-line" data-line="7" dir="auto" style="-webkit-text-stroke-width: 0px; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">For Docker users, there is no specific Docker tag for the release candidate, but you can use the </span><span style="font-family: inherit;"><span></span><code style="line-height: 1.357em;">clamav:unstable</code><span> or </span></span><span style="font-family: inherit;"></span><span style="font-family: inherit;"><span></span><code style="line-height: 1.357em;">clamav:unstable_base</code></span><span style="font-family: inherit;"><span> tags.</span></span><span style="font-family: inherit;"></span></span></p><p class="code-line" data-line="7" dir="auto" style="-webkit-text-stroke-width: 0px; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">The release candidate phase is expected to last two to three weeks before we publish the stable release or a second release candidate</span><span style="font-family: inherit;">. Please take this time to evaluate ClamAV 1.1.0. </span></span><span style="font-family: inherit; font-size: small;"> </span></p><p class="code-line" data-line="7" dir="auto" style="-webkit-text-stroke-width: 0px; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit; font-size: small;">Please help us validate this release by providing feedback via the <span style="color: black;"><a href="https://lists.clamav.net/mailman/listinfo/clamav-users" target="_blank">ClamAV mailing list</a> or on <a href="https://discord.gg/sGaxA5Q" target="_blank">our Discord</a>.</span></span></p><p class="code-line" data-line="7" dir="auto" style="-webkit-text-stroke-width: 0px; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">ClamAV 1.1.0 includes the following improvements and changes:</span></p><h4 style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-weight: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left;">Major changes</h4><ul class="code-line" data-line="11" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="11" dir="auto" style="position: relative;"><p class="code-line" data-line="11" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Added the ability to extract images embedded in HTML CSS <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;"><style></code> blocks.</span></p><ul class="code-line" data-line="12" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="12" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/813" href="https://github.com/Cisco-Talos/clamav/pull/813" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/813">https://github.com/Cisco-Talos/clamav/pull/813</a></span></li></ul></li><li class="code-line" data-line="14" dir="auto" style="position: relative;"><p class="code-line" data-line="14" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Updated to Sigtool so that the <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">--vba</code> option will extract VBA code from Microsoft Office documents the same way that libclamav extracts VBA. This resolves several issues where Sigtool could not extract VBA. Sigtool will also now display the normalized VBA code instead of the pre-normalized VBA code.</span></p><ul class="code-line" data-line="19" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="19" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/852" href="https://github.com/Cisco-Talos/clamav/pull/852" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/852">https://github.com/Cisco-Talos/clamav/pull/852</a></span></li></ul></li><li class="code-line" data-line="21" dir="auto" style="position: relative;"><p class="code-line code-active-line" data-line="21" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Added a new ClamScan and ClamD option: <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">--fail-if-cvd-older-than=days</code>. Additionally, we introduce <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">FailIfCvdOlderThan</code> as a <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">clamd.conf</code> synonym for <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">--fail-if-cvd-older-than</code>. When passed, it causes ClamD to exit on startup with a non-zero return code if the virus database is older than the specified number of days.</span></p><ul class="code-line" data-line="26" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="26" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/867" href="https://github.com/Cisco-Talos/clamav/pull/867" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/867">https://github.com/Cisco-Talos/clamav/pull/867</a></span></li></ul></li><li class="code-line" data-line="28" dir="auto" style="position: relative;"><p class="code-line" data-line="28" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Added a new function <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">cl_cvdgetage()</code> to the libclamav API. This function will retrieve the age in seconds of the youngest file in a database directory, or the age of a single CVD (or CLD) file.</span></p><ul class="code-line" data-line="31" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="31" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/867" href="https://github.com/Cisco-Talos/clamav/pull/867" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/867">https://github.com/Cisco-Talos/clamav/pull/867</a></span></li></ul></li><li class="code-line" data-line="33" dir="auto" style="position: relative;"><p class="code-line" data-line="33" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Added a new function <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">cl_engine_set_clcb_vba()</code> to the libclamav API. Use this function to set a <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">cb_vba</code> callback function. The cb_vba callback function will be run whenever VBA is extracted from office documents. The provided data will be a normalized copy of the extracted VBA. This callback was added to support Sigtool so that it can use the same VBA extraction logic that ClamAV uses to scan documents.</span></p><ul class="code-line" data-line="40" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="40" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/852" href="https://github.com/Cisco-Talos/clamav/pull/852" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/852">https://github.com/Cisco-Talos/clamav/pull/852</a></span></li></ul></li></ul><h4 style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-weight: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left;">Other improvements</h4><ul class="code-line" data-line="44" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="44" dir="auto" style="position: relative;"><p class="code-line" data-line="44" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Removed the vendored TomsFastMath library in favor of using OpenSSL to perform "big number"/multiprecision math operations. Work courtesy of Sebastian Andrzej Siewior.</span></p><ul class="code-line" data-line="47" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="47" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/840" href="https://github.com/Cisco-Talos/clamav/pull/840" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/840">https://github.com/Cisco-Talos/clamav/pull/840</a></span></li></ul></li><li class="code-line" data-line="49" dir="auto" style="position: relative;"><p class="code-line" data-line="49" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Build system: Added CMake option <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">DO_NOT_SET_RPATH</code> to avoid setting <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">RPATH</code> on Unix systems. Feature courtesy of Sebastian Andrzej Siewior.</span></p><ul class="code-line" data-line="52" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="52" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/815" href="https://github.com/Cisco-Talos/clamav/pull/815" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/815">https://github.com/Cisco-Talos/clamav/pull/815</a></span></li></ul></li><li class="code-line" data-line="54" dir="auto" style="position: relative;"><p class="code-line" data-line="54" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Build system: Enabled version-scripts with CMake to limit symbol exports for libclamav, libfreshclam, libclamunrar_iface, and libclamunrar shared libraries on Unix systems, excluding macOS. Improvement courtesy of Orion Poplawski and Sebastian Andrzej Siewior.</span></p><ul class="code-line" data-line="58" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="58" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/776" href="https://github.com/Cisco-Talos/clamav/pull/776" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/776">https://github.com/Cisco-Talos/clamav/pull/776</a></span></li></ul></li><li class="code-line" data-line="60" dir="auto" style="position: relative;"><p class="code-line" data-line="60" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Build system: Enabled users to pass in custom Rust compiler flags using the <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">RUSTFLAGS</code> CMake variable. Feature courtesy of Orion Poplawski.</span></p><ul class="code-line" data-line="63" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="63" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/835" href="https://github.com/Cisco-Talos/clamav/pull/835" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/835">https://github.com/Cisco-Talos/clamav/pull/835</a></span></li></ul></li><li class="code-line" data-line="65" dir="auto" style="position: relative;"><p class="code-line" data-line="65" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Removed a hard-coded alert for CVE-2004-0597. The CVE is old enough that it is no longer a threat and the detection had occasional false-positives.</span></p><ul class="code-line" data-line="68" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="68" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/855" href="https://github.com/Cisco-Talos/clamav/pull/855" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/855">https://github.com/Cisco-Talos/clamav/pull/855</a></span></li></ul></li><li class="code-line" data-line="70" dir="auto" style="position: relative;"><p class="code-line" data-line="70" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Set Git attributes to prevent Git from altering line endings for Rust vendored libraries. Third-party Rust libraries are bundled in the ClamAV release tarball. We do not commit them to our own Git repository, but community package maintainers may now store the tarball contents in Git. The Rust build system verifies the library manifest, and this change ensures that the hashes are correct. Improvement courtesy of Nicolas R.</span></p><ul class="code-line" data-line="77" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="77" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/800" href="https://github.com/Cisco-Talos/clamav/pull/800" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/800">https://github.com/Cisco-Talos/clamav/pull/800</a></span></li></ul></li><li class="code-line" data-line="79" dir="auto" style="position: relative;"><p class="code-line" data-line="79" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed compile time warnings. Improvement courtesy of Răzvan Cojocaru.</span></p><ul class="code-line" data-line="81" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="81" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/795" href="https://github.com/Cisco-Talos/clamav/pull/795" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/795">https://github.com/Cisco-Talos/clamav/pull/795</a></span></li></ul></li><li class="code-line" data-line="83" dir="auto" style="position: relative;"><p class="code-line" data-line="83" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Added a minor optimization when matching domain name regex signatures for PDB, WDB and CDB type signatures.</span></p><ul class="code-line" data-line="85" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="85" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/837" href="https://github.com/Cisco-Talos/clamav/pull/837" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/837">https://github.com/Cisco-Talos/clamav/pull/837</a></span></li></ul></li><li class="code-line" data-line="87" dir="auto" style="position: relative;"><p class="code-line" data-line="87" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Build system: Enabled the ability to select a specific Python version. When building, you may use the CMake option <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">-D PYTHON_FIND_VER=<version></code> to choose a specific Python version. Feature courtesy of Matt Jolly.</span></p><ul class="code-line" data-line="91" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="91" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/787" href="https://github.com/Cisco-Talos/clamav/pull/787" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/787">https://github.com/Cisco-Talos/clamav/pull/787</a></span></li></ul></li><li class="code-line" data-line="93" dir="auto" style="position: relative;"><p class="code-line" data-line="93" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Added improvements to the ClamOnAcc process log output so that it is easier to diagnose bugs.</span></p><ul class="code-line" data-line="95" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="95" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/822" href="https://github.com/Cisco-Talos/clamav/pull/822" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/822">https://github.com/Cisco-Talos/clamav/pull/822</a></span></li></ul></li><li class="code-line" data-line="97" dir="auto" style="position: relative;"><p class="code-line" data-line="97" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Windows: Enabled the MSI installer to upgrade between feature versions more easily when ClamAV is installed to a location different from the default (i.e., not <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">C:\Program Files\ClamAV</code>). This means that the MSI installer can find a previous ClamAV 1.0.x installation to upgrade to ClamAV 1.1.0.</span></p><ul class="code-line" data-line="101" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="101" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/872" href="https://github.com/Cisco-Talos/clamav/pull/872" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/872">https://github.com/Cisco-Talos/clamav/pull/872</a></span></li></ul></li><li class="code-line" data-line="103" dir="auto" style="position: relative;"><p class="code-line" data-line="103" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Sigtool: Added the ability to change the location of the temp directory using the <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">--tempdir</code> option and added the ability to retain the temp files created by Sigtool using the <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">--leave-temps</code> option.</span></p><ul class="code-line" data-line="106" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="106" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/852" href="https://github.com/Cisco-Talos/clamav/pull/852" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/852">https://github.com/Cisco-Talos/clamav/pull/852</a></span></li></ul></li><li class="code-line" data-line="108" dir="auto" style="position: relative;"><p class="code-line" data-line="108" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Other minor improvements.</span></p></li></ul><h4 style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-weight: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left;">Bug fixes</h4><ul class="code-line" data-line="112" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="112" dir="auto" style="position: relative;"><p class="code-line" data-line="112" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed the broken <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">ExcludePUA</code> / <code style="color: var(--vscode-textPreformat-foreground); line-height: 1.357em;">--exclude-pua</code> feature. Fix courtesy of Ged Haywood and Shawn Iverson.</span></p><ul class="code-line" data-line="114" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="114" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/780" href="https://github.com/Cisco-Talos/clamav/pull/780" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/780">https://github.com/Cisco-Talos/clamav/pull/780</a></span></li></ul></li><li class="code-line" data-line="116" dir="auto" style="position: relative;"><p class="code-line" data-line="116" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed an issue with integer endianness when parsing Windows executables on big-endian systems. Fix courtesy of Sebastian Andrzej Siewior.</span></p><ul class="code-line" data-line="119" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="119" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/814" href="https://github.com/Cisco-Talos/clamav/pull/814" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/814">https://github.com/Cisco-Talos/clamav/pull/814</a></span></li></ul></li><li class="code-line" data-line="121" dir="auto" style="position: relative;"><p class="code-line" data-line="121" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed a possible stack overflow read when parsing WDB signatures. This issue is not a vulnerability.</span></p><ul class="code-line" data-line="123" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="123" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/807" href="https://github.com/Cisco-Talos/clamav/pull/807" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/807">https://github.com/Cisco-Talos/clamav/pull/807</a></span></li></ul></li><li class="code-line" data-line="125" dir="auto" style="position: relative;"><p class="code-line" data-line="125" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed a possible index out of bounds when loading CRB signatures. This issue is not a vulnerability.</span></p><ul class="code-line" data-line="127" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="127" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/810" href="https://github.com/Cisco-Talos/clamav/pull/810" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/810">https://github.com/Cisco-Talos/clamav/pull/810</a></span></li></ul></li><li class="code-line" data-line="129" dir="auto" style="position: relative;"><p class="code-line" data-line="129" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed a possible use after free when reading logical signatures. This issue is not a vulnerability.</span></p><ul class="code-line" data-line="131" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="131" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/811" href="https://github.com/Cisco-Talos/clamav/pull/811" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/811">https://github.com/Cisco-Talos/clamav/pull/811</a></span></li></ul></li><li class="code-line" data-line="133" dir="auto" style="position: relative;"><p class="code-line" data-line="133" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed a possible heap overflow read when reading PDB signatures. This issue is not a vulnerability.</span></p><ul class="code-line" data-line="135" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="135" dir="auto" style="position: relative;"><span style="font-family: inherit;">GitHub pull request: <a data-href="https://github.com/Cisco-Talos/clamav/pull/812" href="https://github.com/Cisco-Talos/clamav/pull/812" style="text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/812">https://github.com/Cisco-Talos/clamav/pull/812</a></span></li></ul></li></ul><h4 style="font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", system-ui, Ubuntu, "Droid Sans", sans-serif; font-weight: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left;">Acknowledgments</h4><p class="code-line" data-line="139" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Special thanks to the following people for code contributions and bug reports:</span></p><p class="code-line" data-line="7" dir="auto" style="-webkit-text-stroke-width: 0px; margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit; font-size: small;"></span></p><ul class="code-line" data-line="140" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><li class="code-line" data-line="140" dir="auto" style="position: relative;"><span style="font-family: inherit;">Craig Andrews</span></li><li class="code-line" data-line="141" dir="auto" style="position: relative;"><span style="font-family: inherit;">Ged Haywood</span></li><li class="code-line" data-line="142" dir="auto" style="position: relative;"><span style="font-family: inherit;">Matt Jolly</span></li><li class="code-line" data-line="143" dir="auto" style="position: relative;"><span style="font-family: inherit;">Orion Poplawski</span></li><li class="code-line" data-line="144" dir="auto" style="position: relative;"><span style="font-family: inherit;">Nicolas R.</span></li><li class="code-line" data-line="145" dir="auto" style="position: relative;"><span style="font-family: inherit;">Răzvan Cojocaru</span></li><li class="code-line" data-line="146" dir="auto" style="position: relative;"><span style="font-family: inherit;">Red</span></li><li class="code-line" data-line="147" dir="auto" style="position: relative;"><span style="font-family: inherit;">Shawn Iverson</span></li><li class="code-line" data-line="148" dir="auto" style="position: relative;"><span style="font-family: inherit;">Sebastian Andrzej Siewior</span></li><li class="code-line" data-line="149" dir="auto" style="position: relative;"><span style="font-family: inherit;">The OSS-Fuzz project</span></li></ul>Micah Snyderhttp://www.blogger.com/profile/07798916006145826441noreply@blogger.comtag:blogger.com,1999:blog-2366689974368239573.post-6714088212493543452023-03-23T16:15:00.005-04:002023-03-23T17:09:31.225-04:00ClamAV EOL of 0.104.x versions<p class="code-line" data-line="0" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;">Effective March 28, 2023, ClamAV 0.104.0 (and all patch versions) will no longer be supported in accordance with <a href="https://docs.clamav.net/faq/faq-eol.html" target="_blank">ClamAV's EOL policy</a>. </p><p class="code-line" data-line="0" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><i>End of life (EOL) for ClamAV means: </i></p><p class="code-line" data-line="0" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"></p><ul style="text-align: left;"><li>We will no longer be testing against that version when we write signatures. </li><li>That version may no longer be working as part of future updates. </li><li>Signature updates for that version will be blocked when attempting to download from the mirror update system. </li></ul><p></p><p class="code-line" data-line="0" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;">Please upgrade to a supported version of ClamAV, currently at 0.103.8, 0.105.2, and 1.0.1, available for <a href="https://www.clamav.net/downloads" target="_blank">download now</a>.</p>Micah Snyderhttp://www.blogger.com/profile/07798916006145826441noreply@blogger.comtag:blogger.com,1999:blog-2366689974368239573.post-68332341425151358112023-02-15T14:08:00.014-05:002023-02-21T16:53:44.675-05:00ClamAV 0.103.8, 0.105.2 and 1.0.1 patch versions published<p class="code-line" data-line="2" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;"> Today, we are releasing the following critical patch versions for ClamAV:</span></p><ul style="text-align: left;"><li><span style="font-family: inherit; font-size: 14px;">0.103.8</span></li><li><span style="font-family: inherit; font-size: 14px;">0.105.2</span></li><li><span style="font-family: inherit; font-size: 14px;">1.0.1</span></li></ul><div><p class="code-line" data-line="7" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">ClamAV 0.104 has reached end-of-life according to the <a href="https://docs.clamav.net/faq/faq-eol.html" target="_blank">ClamAV End of Life (EOL) policy</a> and will not be patched. Anyone using ClamAV 0.104 must switch to a supported version</span><span style="font-family: inherit;">. All users should update as soon as possible to patch for the remote code execution vulnerability and remote information leak vulnerability.</span></p><p class="code-line" data-line="7" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">Edit: We are aware that technical details</span><span style="font-family: inherit;"> for CVE-2023-20032</span><span style="font-family: inherit;"> and a proof-of-concept sample to demonstrate the buffer overflow are publicly available</span><span style="font-family: inherit;">.<br /></span></p><p class="code-line" data-line="7" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">The release files are available for download on<span> </span><a data-href="https://www.clamav.net/downloads" href="https://www.clamav.net/downloads" style="text-decoration: none;" title="https://www.clamav.net/downloads">ClamAV.net</a><span>, on the <a href="https://github.com/Cisco-Talos/clamav/releases" rel="nofollow" target="_blank">Github Release page</a>, and </span>through<span> </span><a data-href="https://hub.docker.com/r/clamav/clamav/" href="https://hub.docker.com/r/clamav/clamav/" style="text-decoration: none;" title="https://hub.docker.com/r/clamav/clamav/">Docker Hub</a>.</span></p><h3 style="font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit; font-size: large;">1.0.1</span></h3><p class="code-line" data-line="11" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">ClamAV 1.0.1 is a critical patch release with the following fixes:</span></p><ul class="code-line" data-line="13" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="13" style="position: relative;"><p class="code-line" data-line="13" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><a data-href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032" style="text-decoration: none;" title="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032">CVE-2023-20032</a>: Fixed a possible remote code execution vulnerability in the HFS+ file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue.</span></p></li><li class="code-line" data-line="19" style="position: relative;"><p class="code-line" data-line="19" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><a data-href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052" style="text-decoration: none;" title="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052">CVE-2023-20052</a>: Fixed a possible remote information leak vulnerability in the DMG file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue.</span></p></li><li class="code-line" data-line="25" style="position: relative;"><p class="code-line" data-line="25" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fix an allmatch detection issue with the preclass bytecode hook.</span></p><ul class="code-line" data-line="26" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="26" style="position: relative;"><p><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/825" href="https://github.com/Cisco-Talos/clamav/pull/825" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/825">https://github.com/Cisco-Talos/clamav/pull/825</a></span></p></li></ul></li><li class="code-line" data-line="28" style="position: relative;"><p class="code-line" data-line="28" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Update the vendored libmspack library to version 0.11alpha.</span></p><ul class="code-line" data-line="29" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="29" style="position: relative;"><p><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/828" href="https://github.com/Cisco-Talos/clamav/pull/828" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/828">https://github.com/Cisco-Talos/clamav/pull/828</a></span></p></li></ul></li></ul><h3 style="font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit; font-size: large;">0.105.2</span></h3><p class="code-line" data-line="36" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">ClamAV 0.105.2 is a critical patch release with the following fixes:</span></p><ul class="code-line" data-line="38" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="38" style="position: relative;"><p class="code-line" data-line="38" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><a data-href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032" style="text-decoration: none;" title="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032">CVE-2023-20032</a>: Fixed a possible remote code execution vulnerability in the HFS+ file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue.</span></p></li><li class="code-line" data-line="44" style="position: relative;"><p class="code-line" data-line="44" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><a data-href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052" style="text-decoration: none;" title="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052">CVE-2023-20052</a>: Fixed a possible remote information leak vulnerability in the DMG file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue.</span></p></li><li class="code-line" data-line="50" style="position: relative;"><p class="code-line" data-line="50" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed an issue loading Yara rules containing regex strings with an escaped forward-slash (<code style="font-size: 1em; line-height: 1.357em;">\/</code>) followed by a colon (<code style="font-size: 1em; line-height: 1.357em;">:</code>).</span></p><ul class="code-line" data-line="52" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="52" style="position: relative;"><p><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/695" href="https://github.com/Cisco-Talos/clamav/pull/695" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/695">https://github.com/Cisco-Talos/clamav/pull/695</a></span></p></li></ul></li><li class="code-line" data-line="54" style="position: relative;"><p class="code-line" data-line="54" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Moved the ClamAV Docker files for building containers to a new Git repository. The Docker files are now in<span> </span><a data-href="https://github.com/Cisco-Talos/clamav-docker" href="https://github.com/Cisco-Talos/clamav-docker" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav-docker">https://github.com/Cisco-Talos/clamav-docker</a>. This change enables us to fix issues with the images and with the supporting scripts used to publish and update the images without committing changes directly to files in the ClamAV release branches.</span></p><ul class="code-line" data-line="59" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="59" style="position: relative;"><p><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/765" href="https://github.com/Cisco-Talos/clamav/pull/765" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/765">https://github.com/Cisco-Talos/clamav/pull/765</a></span></p></li></ul></li><li class="code-line" data-line="61" style="position: relative;"><p class="code-line" data-line="61" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Update the vendored libmspack library to version 0.11alpha.</span></p><ul class="code-line" data-line="62" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="62" style="position: relative;"><p><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/829" href="https://github.com/Cisco-Talos/clamav/pull/829" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/829">https://github.com/Cisco-Talos/clamav/pull/829</a></span></p></li></ul></li></ul><h3 style="font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit; font-size: large;">0.103.8</span></h3><p class="code-line" data-line="69" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">ClamAV 0.103.8 is a critical patch release with the following fixes:</span></p><ul class="code-line" data-line="71" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="71" style="position: relative;"><p class="code-line" data-line="71" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><a data-href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032" style="text-decoration: none;" title="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032">CVE-2023-20032</a>: Fixed a possible remote code execution vulnerability in the HFS+ file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue.</span></p></li><li class="code-line" data-line="77" style="position: relative;"><p class="code-line" data-line="77" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><a data-href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052" style="text-decoration: none;" title="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052">CVE-2023-20052</a>: Fixed a possible remote information leak vulnerability in the DMG file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue.</span></p></li><li class="code-line" data-line="83" style="position: relative;"><p class="code-line" data-line="83" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Update the vendored libmspack library to version 0.11alpha.</span></p><ul class="code-line" data-line="84" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="84" style="position: relative;"><p><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/830" href="https://github.com/Cisco-Talos/clamav/pull/830" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/830">https://github.com/Cisco-Talos/clamav/pull/830</a></span></p></li></ul></li></ul></div>Micah Snyderhttp://www.blogger.com/profile/07798916006145826441noreply@blogger.comtag:blogger.com,1999:blog-2366689974368239573.post-8571469512914307072022-11-28T12:31:00.000-05:002022-11-28T15:17:54.033-05:00ClamAV 1.0.0 LTS released<p class="code-line" data-line="7" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: small;"><span>The ClamAV 1.0.0 feature release is now stable and available for <a href="https://www.clamav.net/downloads" rel="nofollow" target="_blank">download on ClamAV.net</a> or through <a href="https://hub.docker.com/r/clamav/clamav/" rel="nofollow" target="_blank">Docker Hub</a>. </span><span style="font-family: inherit;"> </span></span></p><p class="code-line" data-line="7" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: small;"><span style="font-family: inherit;">ClamAV 1.0.0 includes the following improvements and changes.</span></span></p><h4 class="code-line" data-line="9" id="major-changes" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: large;"><span style="font-family: inherit;">Major changes</span></span></h4><ul class="code-line" data-line="11" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="11" style="position: relative;"><p class="code-line" data-line="11" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Support for decrypting read-only OLE2-based XLS files that are encrypted with the default password. Use of the default password will now appear in the metadata JSON.</span></span></p><ul class="code-line" data-line="14" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="14" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/700" href="https://github.com/Cisco-Talos/clamav/pull/700" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/700">https://github.com/Cisco-Talos/clamav/pull/700</a></span></span></p></li></ul></li><li class="code-line" data-line="16" style="position: relative;"><p class="code-line" data-line="16" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Overhauled the implementation of the all-match feature. The newer code is more reliable and easier to maintain.</span></span></p><ul class="code-line" data-line="18" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="18" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">This project fixed several known issues with signature detection in all- match mode:</span></span></p><ul class="code-line" data-line="20" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="20" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">Enabled embedded file-type recognition signatures to match when a malware signature also matched in a scan of the same layer.</span></span></p></li><li class="code-line" data-line="22" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">Enabled bytecode signatures to run in all-match mode after a match has occurred.</span></span></p></li><li class="code-line" data-line="24" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">Fixed an assortment of all-match edge case issues.</span></span></p></li></ul></li><li class="code-line" data-line="25" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">Added multiple test cases to verify correct all-match behavior.</span></span></p></li><li class="code-line" data-line="26" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/687" href="https://github.com/Cisco-Talos/clamav/pull/687" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/687">https://github.com/Cisco-Talos/clamav/pull/687</a></span></span></p></li></ul></li><li class="code-line" data-line="28" style="position: relative;"><p class="code-line" data-line="28" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Added a new callback to the public API for inspecting file content during a scan at each layer of archive extraction.</span></span></p><ul class="code-line" data-line="30" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="30" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">The new callback function type is<span> </span><code style="line-height: 1.357em;">clcb_file_inspection</code><span> </span>defined in<span> </span><code style="line-height: 1.357em;">clamav.h</code>.</span></span></p></li><li class="code-line" data-line="32" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">The function<span> </span><code style="line-height: 1.357em;">cl_engine_set_clcb_file_inspection()</code><span> </span>may be used to enable the callback prior to performing a scan.</span></span></p></li><li class="code-line" data-line="34" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">This new callback is to be considered<span> </span><em>unstable</em><span> </span>for the 1.0 release. We may alter this function in a subsequent feature version.</span></span></p></li><li class="code-line" data-line="36" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/170" href="https://github.com/Cisco-Talos/clamav/pull/170" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/170">https://github.com/Cisco-Talos/clamav/pull/170</a></span></span></p></li></ul></li><li class="code-line" data-line="38" style="position: relative;"><p class="code-line" data-line="38" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Added a new function to the public API for unpacking CVD signature archives.</span></span></p><ul class="code-line" data-line="39" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="39" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">The new function is<span> </span><code style="line-height: 1.357em;">cl_cvdunpack()</code>. The last parameter for the function may be set to verify if a CVD's signature is valid before unpacking the CVD content to the destination directory.</span></span></p></li><li class="code-line" data-line="42" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/690" href="https://github.com/Cisco-Talos/clamav/pull/690" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/690">https://github.com/Cisco-Talos/clamav/pull/690</a></span></span></p></li></ul></li><li class="code-line" data-line="44" style="position: relative;"><p class="code-line" data-line="44" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">The option to build with an external TomsFastMath library has been removed. ClamAV requires non-default build options for TomsFastMath to support bigger floating point numbers. Without this change, database and Windows EXE/DLL authenticode certificate validation may fail. The<span> </span><code style="line-height: 1.357em;">ENABLE_EXTERNAL_TOMSFASTMATH</code><span> </span>build is now ignored.</span></span></p><ul class="code-line" data-line="49" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="49" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/742" href="https://github.com/Cisco-Talos/clamav/pull/742" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/742">https://github.com/Cisco-Talos/clamav/pull/742</a></span></span></p></li></ul></li><li class="code-line" data-line="51" style="position: relative;"><p class="code-line" data-line="51" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Moved the Dockerfile and supporting scripts from the main ClamAV repository over to a new repository:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav-docker" href="https://github.com/Cisco-Talos/clamav-docker" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav-docker">https://github.com/Cisco-Talos/clamav-docker</a></span></span></p><p class="code-line" data-line="54" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">The separate repository will make it easier to update the images and fix issues with images for released ClamAV versions.</span></span></p><p class="code-line" data-line="57" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Any users building the ClamAV Docker image rather than pulling them from Docker Hub will have to get the latest Docker files from the new location.</span></span></p><ul class="code-line" data-line="60" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="60" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/764" href="https://github.com/Cisco-Talos/clamav/pull/764" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/764">https://github.com/Cisco-Talos/clamav/pull/764</a></span></span></p></li></ul></li><li class="code-line" data-line="62" style="position: relative;"><p class="code-line" data-line="62" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Increased the SONAME major version for libclamav because of ABI changes between the 0.103 LTS release and the 1.0 LTS release.</span></span></p><ul class="code-line" data-line="64" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="64" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/778" href="https://github.com/Cisco-Talos/clamav/pull/778" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/778">https://github.com/Cisco-Talos/clamav/pull/778</a></span></span></p></li></ul></li></ul><h4 class="code-line" data-line="66" id="other-improvements" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: large;"><span style="font-family: inherit;">Other improvements</span></span></h4><ul class="code-line" data-line="68" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="68" style="position: relative;"><p class="code-line" data-line="68" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Add checks to limit PDF object extraction recursion.</span></span></p><ul class="code-line" data-line="69" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="69" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/629" href="https://github.com/Cisco-Talos/clamav/pull/629" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/629">https://github.com/Cisco-Talos/clamav/pull/629</a></span></span></p></li></ul></li><li class="code-line" data-line="71" style="position: relative;"><p class="code-line" data-line="71" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Increased the limit for memory allocations based on untrusted input and altered the warning message when the limit is exceeded so that it is more helpful and less dramatic.</span></span></p><ul class="code-line" data-line="74" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="74" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/723" href="https://github.com/Cisco-Talos/clamav/pull/723" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/723">https://github.com/Cisco-Talos/clamav/pull/723</a></span></span></p></li></ul></li><li class="code-line" data-line="76" style="position: relative;"><p class="code-line" data-line="76" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Dramatically improved the build time of libclamav-Rust unit tests. The unit test build is included in the time limit for the test itself and was timing out on slower systems. The ClamAV Rust code modules now share the same build directory, which also reduces the amount of disk space used for the build.</span></span></p><ul class="code-line" data-line="81" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="81" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/694" href="https://github.com/Cisco-Talos/clamav/pull/694" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/694">https://github.com/Cisco-Talos/clamav/pull/694</a></span></span></p></li></ul></li><li class="code-line" data-line="83" style="position: relative;"><p class="code-line" data-line="83" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">For Windows: The debugging symbol (PDB) files are now installed alongside the DLL and LIB library files when built in "RelWithDebInfo" or "Debug" mode.</span></span></p><ul class="code-line" data-line="85" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="85" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/669" href="https://github.com/Cisco-Talos/clamav/pull/669" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/669">https://github.com/Cisco-Talos/clamav/pull/669</a></span></span></p></li></ul></li><li class="code-line" data-line="87" style="position: relative;"><p class="code-line" data-line="87" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Relaxed the constraints on the check for overlapping ZIP file entries so as not to alert on slightly malformed, but non-malicious, Java (JAR) archives.</span></span></p><ul class="code-line" data-line="89" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="89" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/561" href="https://github.com/Cisco-Talos/clamav/pull/561" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/561">https://github.com/Cisco-Talos/clamav/pull/561</a></span></span></p></li></ul></li><li class="code-line" data-line="91" style="position: relative;"><p class="code-line" data-line="91" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Increased the time limit in FreshClam before warning if the DNS entry is stale. In combination with changes to update the DNS entry more frequently, this should prevent false alarms of failures in the database publication system.</span></span></p><ul class="code-line" data-line="95" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="95" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/597" href="https://github.com/Cisco-Talos/clamav/pull/597" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/597">https://github.com/Cisco-Talos/clamav/pull/597</a></span></span></p></li></ul></li><li class="code-line" data-line="97" style="position: relative;"><p class="code-line" data-line="97" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Docker: The C library header files are now included in the Docker image. Patch courtesy of GitHub user TerminalFi.</span></span></p><ul class="code-line" data-line="99" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="99" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/693" href="https://github.com/Cisco-Talos/clamav/pull/693" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/693">https://github.com/Cisco-Talos/clamav/pull/693</a></span></span></p></li></ul></li><li class="code-line" data-line="101" style="position: relative;"><p class="code-line" data-line="101" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Show the BYTECODE_RUNTIME build options when using the<span> </span><code style="line-height: 1.357em;">ccmake</code><span> </span>GUI for CMake. Patch courtesy of Дилян Палаузов.</span></span></p><ul class="code-line" data-line="103" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="103" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/678" href="https://github.com/Cisco-Talos/clamav/pull/678" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/678">https://github.com/Cisco-Talos/clamav/pull/678</a></span></span></p></li></ul></li><li class="code-line" data-line="105" style="position: relative;"><p class="code-line" data-line="105" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Added explicit minimum and maximum supported LLVM versions so that the build will fail if you try to build with a version that is too old or too new and will print a helpful message rather than simply failing to compile because of compatibility issues. Patch courtesy of Matt Jolly.</span></span></p><ul class="code-line" data-line="109" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="109" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/692" href="https://github.com/Cisco-Talos/clamav/pull/692" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/692">https://github.com/Cisco-Talos/clamav/pull/692</a></span></span></p></li></ul></li><li class="code-line" data-line="118" style="position: relative;"><p class="code-line" data-line="118" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Fixed compiler warnings that may turn into errors in Clang 16. Patch courtesy of Michael Orlitzky.</span></span></p><ul class="code-line" data-line="120" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="120" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/767" href="https://github.com/Cisco-Talos/clamav/pull/767" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/767">https://github.com/Cisco-Talos/clamav/pull/767</a></span></span></p></li></ul></li><li class="code-line" data-line="122" style="position: relative;"><p class="code-line" data-line="122" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Allow building with a custom RPATH so that the executables may be moved after build in a development environment to a final installation directory.</span></span></p><ul class="code-line" data-line="124" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="124" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/768" href="https://github.com/Cisco-Talos/clamav/pull/768" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/768">https://github.com/Cisco-Talos/clamav/pull/768</a></span></span></p></li></ul></li></ul><h4 class="code-line" data-line="126" id="bug-fixes" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: large;"><span style="font-family: inherit;">Bug fixes</span></span></h4><ul class="code-line" data-line="128" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="128" style="position: relative;"><p class="code-line" data-line="128" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Assorted code quality fixes. These are not security issues and will not be backported to prior feature versions:</span></span></p><ul class="code-line" data-line="130" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="130" style="position: relative;"><p class="code-line" data-line="130" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Several heap buffer overflows while loading PDB and WDB databases were found by OSS-Fuzz and by Michał Dardas.</span></span></p><ul class="code-line" data-line="132" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="132" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/530" href="https://github.com/Cisco-Talos/clamav/pull/530" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/530">https://github.com/Cisco-Talos/clamav/pull/530</a></span></span></p></li><li class="code-line" data-line="133" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">Follow-up Optimization:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/712" href="https://github.com/Cisco-Talos/clamav/pull/712" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/712">https://github.com/Cisco-Talos/clamav/pull/712</a></span></span></p></li></ul></li><li class="code-line" data-line="135" style="position: relative;"><p class="code-line" data-line="135" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">oss-fuzz 43843: heap buffer overflow read (1) cli_sigopts_handler</span></span></p><ul class="code-line" data-line="136" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="136" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/560" href="https://github.com/Cisco-Talos/clamav/pull/560" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/560">https://github.com/Cisco-Talos/clamav/pull/560</a></span></span></p></li></ul></li><li class="code-line" data-line="138" style="position: relative;"><p class="code-line" data-line="138" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">oss-fuzz 44849: heap buffer overflow read (4) in HTML/js-norm</span></span></p><ul class="code-line" data-line="139" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="139" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/503" href="https://github.com/Cisco-Talos/clamav/pull/503" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/503">https://github.com/Cisco-Talos/clamav/pull/503</a></span></span></p></li></ul></li><li class="code-line" data-line="141" style="position: relative;"><p class="code-line" data-line="141" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">oss-fuzz 43816: heap buffer overflow read (8) in cli_bcomp_freemeta</span></span></p><ul class="code-line" data-line="142" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="142" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/583" href="https://github.com/Cisco-Talos/clamav/pull/583" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/583">https://github.com/Cisco-Talos/clamav/pull/583</a></span></span></p></li></ul></li><li class="code-line" data-line="144" style="position: relative;"><p class="code-line" data-line="144" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">oss-fuzz 43832: heap buffer overflow read (2) in cli_parse_add</span></span></p><ul class="code-line" data-line="145" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="145" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/611" href="https://github.com/Cisco-Talos/clamav/pull/611" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/611">https://github.com/Cisco-Talos/clamav/pull/611</a></span></span></p></li></ul></li><li class="code-line" data-line="147" style="position: relative;"><p class="code-line" data-line="147" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">oss-fuzz 44493: integer overflow in cli_scannulsft</span></span></p><ul class="code-line" data-line="148" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="148" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/554" href="https://github.com/Cisco-Talos/clamav/pull/554" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/554">https://github.com/Cisco-Talos/clamav/pull/554</a></span></span></p></li></ul></li><li class="code-line" data-line="150" style="position: relative;"><p class="code-line" data-line="150" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">CIFuzz leak detected in IDB parser</span></span></p><ul class="code-line" data-line="151" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="151" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/547" href="https://github.com/Cisco-Talos/clamav/pull/547" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/547">https://github.com/Cisco-Talos/clamav/pull/547</a></span></span></p></li></ul></li><li class="code-line" data-line="153" style="position: relative;"><p class="code-line" data-line="153" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">oss-fuzz assorted signature parser leaks</span></span></p><ul class="code-line" data-line="154" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="154" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull requests:</span></span></p><ul class="code-line" data-line="155" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="155" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/532" href="https://github.com/Cisco-Talos/clamav/pull/532" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/532">https://github.com/Cisco-Talos/clamav/pull/532</a></span></span></p></li><li class="code-line" data-line="156" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/533" href="https://github.com/Cisco-Talos/clamav/pull/533" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/533">https://github.com/Cisco-Talos/clamav/pull/533</a></span></span></p></li><li class="code-line" data-line="157" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/535" href="https://github.com/Cisco-Talos/clamav/pull/535" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/535">https://github.com/Cisco-Talos/clamav/pull/535</a></span></span></p></li></ul></li></ul></li><li class="code-line" data-line="159" style="position: relative;"><p class="code-line" data-line="159" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">oss-fuzz 40601: leak detected in pdf_parseobj</span></span></p><ul class="code-line" data-line="160" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="160" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/553" href="https://github.com/Cisco-Talos/clamav/pull/553" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/553">https://github.com/Cisco-Talos/clamav/pull/553</a></span></span></p></li></ul></li></ul></li><li class="code-line" data-line="162" style="position: relative;"><p class="code-line" data-line="162" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Fixed a build failure when using LIBCLAMAV_ONLY mode with tests enabled.</span></span></p><ul class="code-line" data-line="163" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="163" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/714" href="https://github.com/Cisco-Talos/clamav/pull/714" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/714">https://github.com/Cisco-Talos/clamav/pull/714</a></span></span></p></li></ul></li><li class="code-line" data-line="165" style="position: relative;"><p class="code-line" data-line="165" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Fixed an issue verifying EXE/DLL authenticode signatures to determine a given file can be trusted (skipped).</span></span></p><ul class="code-line" data-line="167" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="167" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/727" href="https://github.com/Cisco-Talos/clamav/pull/727" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/727">https://github.com/Cisco-Talos/clamav/pull/727</a></span></span></p></li></ul></li><li class="code-line" data-line="169" style="position: relative;"><p class="code-line" data-line="169" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Fixed a caching bug relating to the Container and Intermediates logical signature condition.</span></span></p><ul class="code-line" data-line="171" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="171" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/724" href="https://github.com/Cisco-Talos/clamav/pull/724" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/724">https://github.com/Cisco-Talos/clamav/pull/724</a></span></span></p></li></ul></li><li class="code-line" data-line="173" style="position: relative;"><p class="code-line" data-line="173" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Fixed a build issue when build with RAR disabled or when building with an external libmspack library rather than the bundled library.</span></span></p><ul class="code-line" data-line="175" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="175" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/672" href="https://github.com/Cisco-Talos/clamav/pull/672" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/672">https://github.com/Cisco-Talos/clamav/pull/672</a></span></span></p></li></ul></li><li class="code-line" data-line="177" style="position: relative;"><p class="code-line" data-line="177" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Fixed the capitalization of the<span> </span><code style="line-height: 1.357em;">-W</code><span> </span>option for<span> </span><code style="line-height: 1.357em;">clamonacc</code><span> </span>in the<span> </span><code style="line-height: 1.357em;">clamonacc</code><span> </span>manpage. Patch courtesy of GitHub user monkz.</span></span></p><ul class="code-line" data-line="179" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="179" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull requests:</span></span></p><ul class="code-line" data-line="180" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="180" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/709" href="https://github.com/Cisco-Talos/clamav/pull/709" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/709">https://github.com/Cisco-Talos/clamav/pull/709</a></span></span></p></li><li class="code-line" data-line="181" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/710" href="https://github.com/Cisco-Talos/clamav/pull/710" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/710">https://github.com/Cisco-Talos/clamav/pull/710</a></span></span></p></li></ul></li></ul></li><li class="code-line" data-line="183" style="position: relative;"><p class="code-line" data-line="183" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">macOS: Fixed an issue with memory-map (<code style="line-height: 1.357em;">mmap</code>) system call detection affecting versions 0.105 and 0.104. Memory maps may be used in ClamAV to improve signature load performance and scan performance, as well as RAM usage.</span></span></p><ul class="code-line" data-line="186" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="186" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/705" href="https://github.com/Cisco-Talos/clamav/pull/705" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/705">https://github.com/Cisco-Talos/clamav/pull/705</a></span></span></p></li></ul></li><li class="code-line" data-line="188" style="position: relative;"><p class="code-line" data-line="188" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Fixed a performance issue with Rust code when the build type is not explicitly set to "Release" or "RelWithDebInfo". The Rust default build type is now "RelWithDebInfo" just like the C code, instead of Debug. This means it is now optimized by default.</span></span></p><ul class="code-line" data-line="192" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="192" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/701" href="https://github.com/Cisco-Talos/clamav/pull/701" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/701">https://github.com/Cisco-Talos/clamav/pull/701</a></span></span></p></li></ul></li><li class="code-line" data-line="194" style="position: relative;"><p class="code-line" data-line="194" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Fixed an issue loading Yara rules containing regex strings with an escaped forward-slash (<code style="line-height: 1.357em;">\/</code>) followed by a colon (<code style="line-height: 1.357em;">:</code>).</span></span></p><ul class="code-line" data-line="196" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="196" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/696" href="https://github.com/Cisco-Talos/clamav/pull/696" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/696">https://github.com/Cisco-Talos/clamav/pull/696</a></span></span></p></li></ul></li><li class="code-line" data-line="198" style="position: relative;"><p class="code-line" data-line="198" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Fixed an issue detecting and scanning ZIP file entries appended to very small files. The fix is part of the all-match feature overhaul.</span></span></p></li><li class="code-line" data-line="201" style="position: relative;"><p class="code-line" data-line="201" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Fixed a detection issue with EXE/DLL import-address-table hash signatures that specify a wildcard (<code style="line-height: 1.357em;">*</code>) for the size field. The fix is part of the all-match feature overhaul.</span></span></p></li><li class="code-line" data-line="205" style="position: relative;"><p class="code-line" data-line="205" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Fixed the default bytecode timeout value listed in the manpages and in the sample config files. Patches courtesy of Liam Jarvis and Ben Bodenmiller.</span></span></p><ul class="code-line" data-line="207" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="207" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull requests:</span></span></p><ul class="code-line" data-line="208" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="208" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/631" href="https://github.com/Cisco-Talos/clamav/pull/631" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/631">https://github.com/Cisco-Talos/clamav/pull/631</a></span></span></p></li><li class="code-line" data-line="209" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/661" href="https://github.com/Cisco-Talos/clamav/pull/661" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/661">https://github.com/Cisco-Talos/clamav/pull/661</a></span></span></p></li></ul></li></ul></li><li class="code-line" data-line="211" style="position: relative;"><p class="code-line" data-line="211" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Fixed an issue building the libclamav_rust test program when running<span> </span><code style="line-height: 1.357em;">ctest</code><span> </span>if building with<span> </span><code style="line-height: 1.357em;">BYTECODE_RUNTIME=llvm</code><span> </span>and when the<span> </span><code style="line-height: 1.357em;">FindLLVM.cmake</code><span> </span>module is used to find the LLVM libraries. Patch courtesy of GitHub user teoberi.</span></span></p><ul class="code-line" data-line="214" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="214" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/572" href="https://github.com/Cisco-Talos/clamav/pull/572" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/572">https://github.com/Cisco-Talos/clamav/pull/572</a></span></span></p></li></ul></li><li class="code-line" data-line="216" style="position: relative;"><p class="code-line" data-line="216" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Fixed an issue where scans sent to<span> </span><code style="line-height: 1.357em;">clamd</code><span> </span>with the all-match mode enabled caused all subsequent scans to also use all-match mode.</span></span></p><ul class="code-line" data-line="218" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="218" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/741" href="https://github.com/Cisco-Talos/clamav/pull/741" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/741">https://github.com/Cisco-Talos/clamav/pull/741</a></span></span></p></li></ul></li><li class="code-line" data-line="220" style="position: relative;"><p class="code-line" data-line="220" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Fixed bug when starting<span> </span><code style="line-height: 1.357em;">clamonacc</code><span> </span>with the<span> </span><code style="line-height: 1.357em;">--log=FILE</code><span> </span>option that created randomly named files in the current directory.</span></span></p><ul class="code-line" data-line="222" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="222" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/751" href="https://github.com/Cisco-Talos/clamav/pull/751" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/751">https://github.com/Cisco-Talos/clamav/pull/751</a></span></span></p></li></ul></li><li class="code-line" data-line="224" style="position: relative;"><p class="code-line" data-line="224" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-size: small;">Other assorted bug fixes.</span></span></p></li></ul><h4 class="code-line" data-line="226" id="acknowledgments" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: large;"><span style="font-family: inherit;">Acknowledgments</span></span></h4><p class="code-line" data-line="228" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;"><span style="font-size: small;">Special thanks to the following people for code contributions and bug reports:</span></span></p><ul class="code-line" data-line="229" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="229" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">Anthony Chan</span></span></p></li><li class="code-line" data-line="230" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">Ben Bodenmiller</span></span></p></li><li class="code-line" data-line="231" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">Дилян Палаузов</span></span></p></li><li class="code-line" data-line="232" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">Liam Jarvis</span></span></p></li><li class="code-line" data-line="233" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">Matt Jolly</span></span></p></li><li class="code-line" data-line="234" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">Michael Orlitzky</span></span></p></li><li class="code-line" data-line="235" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">monkz</span></span></p></li><li class="code-line" data-line="236" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">teoberi</span></span></p></li><li class="code-line code-active-line" data-line="237" style="position: relative;"><p><span style="font-family: inherit;"><span style="font-size: small;">TerminalFi</span></span></p></li></ul>Micah Snyderhttp://www.blogger.com/profile/07798916006145826441noreply@blogger.comtag:blogger.com,1999:blog-2366689974368239573.post-18827346019308057032022-11-15T09:47:00.002-05:002022-11-17T12:58:54.630-05:00Second ClamAV 1.0.0 release candidate AND updated packages for 0.105.1<p class="code-line" data-line="1" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: small;"><span style="font-family: inherit;">Today we are publishing a second release candidate for ClamAV 1.0.0. If you didn't get a chance to test the 1.0.0 release candidate yet, please have a look before we publish the stable release. You can find the ClamAV 1.0.0-rc2 release candidate files on the<span> </span><a data-href="https://www.clamav.net/downloads" href="https://www.clamav.net/downloads" style="text-decoration: none;" title="https://www.clamav.net/downloads">ClamAV.net Downloads page</a>.</span></span></p><p class="code-line" data-line="5" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: small;"><span style="font-family: inherit;">We expect to publish the stable 1.0.0 release in two weeks.</span></span></p><p class="code-line" data-line="7" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: small;"><span style="font-family: inherit;">Today we are also publishing updated packages for ClamAV 0.105.1.</span></span></p><div class="code-line" data-line="9" id="why-we-updated-the-01051-packages-again" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><h3 style="text-align: left;"><span style="font-size: medium;"><span style="font-family: inherit;">Why we updated the 0.105.1 packages, again</span></span></h3></div><div class="code-line" data-line="11" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><p style="text-align: left;"><span style="font-size: small;"><span style="font-family: inherit;">On October 31st, we repackaged all currently supported ClamAV versions to patch the <span style="-webkit-text-stroke-width: 0px; color: black; display: inline; float: none; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">bundled<span> </span></span><code style="-webkit-text-stroke-width: 0px; color: var(--vscode-textPreformat-foreground); font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; line-height: 1.357em; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">libxml2</code><span style="-webkit-text-stroke-width: 0px; color: black; display: inline; float: none; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span> </span>and<span> </span></span><code style="-webkit-text-stroke-width: 0px; color: var(--vscode-textPreformat-foreground); font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; line-height: 1.357em; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">zlib</code><span style="-webkit-text-stroke-width: 0px; color: black; display: inline; float: none; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span> </span>library<span> </span></span><span style="font-family: inherit;">dependencies. For 0.105.1, this was intended to also include bug fixes </span>for the<span> </span><code style="line-height: 1.357em;">jpeg</code><span> </span>and<span> </span><code style="line-height: 1.357em;">tiff</code><span> </span>Rust-based libraries that are bundled with the source code tarball. Unfortunately, those fixes were not all release-ready in time for the<span> </span><code style="line-height: 1.357em;">0.105.1-2</code><span> </span>packages. We have fixed the issue and are now publishing a third revision for ClamAV 0.105.1 packages.</span></span></p></div><div class="code-line" data-line="17" id="where-to-find-the-updated-packages" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><h3 style="text-align: left;"><span style="font-size: medium;"><span style="font-family: inherit;">Where to find the updated packages</span></span></h3></div><p class="code-line" data-line="19" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: small;"><span style="font-family: inherit;">The new packages have a "<code style="line-height: 1.357em;">-3</code>" suffix to indicate the package revision. For example,<span> </span><code style="line-height: 1.357em;">clamav-0.105.1-3.macos.universal.pkg</code><span> </span>is the updated package replacing<span> </span><code style="line-height: 1.357em;">clamav-0.105.1-2.macos.universal.pkg</code>.</span></span></p><p class="code-line" data-line="21" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: small;"><span style="font-family: inherit;">As always, you can get the updated packages from the<span> </span><a data-href="https://www.clamav.net/downloads" href="https://www.clamav.net/downloads" style="text-decoration: none;" title="https://www.clamav.net/downloads">ClamAV.net Downloads page</a>. The original packages have been hidden on the web page and replaced by the updated packages. If you need the originals, the URLs to download them still work.</span></span></p><div class="code-line" data-line="23" id="100-rc2-release-notes" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><h4 style="text-align: left;"><span style="font-size: medium;"><span style="font-family: inherit;">1.0.0-rc2 release notes</span></span></h4></div><p class="code-line" data-line="25" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: small;"><span style="font-family: inherit;">ClamAV 1.0.0-rc2 includes the following improvements and changes.</span></span></p><p class="code-line" data-line="27" id="major-changes" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: small;"><span style="font-family: inherit;">Major changes:</span></span></p><ul class="code-line" data-line="29" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="29" style="position: relative;"><p class="code-line" data-line="29" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Support for decrypting read-only OLE2-based XLS files that are encrypted with the default password. Use of the default password will now appear in the metadata JSON.</span></span></p><ul class="code-line" data-line="32" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="32" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/700" href="https://github.com/Cisco-Talos/clamav/pull/700" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/700">https://github.com/Cisco-Talos/clamav/pull/700</a></span></span></p></li></ul></li><li class="code-line" data-line="34" style="position: relative;"><p class="code-line" data-line="34" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Overhauled the implementation of the all-match feature. The newer code is more reliable and easier to maintain.</span></span></p><ul class="code-line" data-line="36" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="36" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">This project fixed several known issues with signature detection in all- match mode:</span></span></p><ul class="code-line" data-line="38" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="38" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">Enabled embedded file-type recognition signatures to match when a malware signature also matched in a scan of the same layer.</span></span></p></li><li class="code-line" data-line="40" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">Enabled bytecode signatures to run in all-match mode after a match has occurred.</span></span></p></li><li class="code-line" data-line="42" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">Fixed an assortment of all-match edge case issues.</span></span></p></li></ul></li><li class="code-line" data-line="43" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">Added multiple test cases to verify correct all-match behavior.</span></span></p></li><li class="code-line" data-line="44" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/687" href="https://github.com/Cisco-Talos/clamav/pull/687" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/687">https://github.com/Cisco-Talos/clamav/pull/687</a></span></span></p></li></ul></li><li class="code-line" data-line="46" style="position: relative;"><p class="code-line" data-line="46" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Added a new callback to the public API for inspecting file content during a scan at each layer of archive extraction.</span></span></p><ul class="code-line" data-line="48" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="48" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">The new callback function type is<span> </span><code style="line-height: 1.357em;">clcb_file_inspection</code><span> </span>defined in<span> </span><code style="line-height: 1.357em;">clamav.h</code>.</span></span></p></li><li class="code-line" data-line="50" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">The function<span> </span><code style="line-height: 1.357em;">cl_engine_set_clcb_file_inspection()</code><span> </span>may be used to enable the callback prior to performing a scan.</span></span></p></li><li class="code-line" data-line="52" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">This new callback is to be considered<span> </span><i>unstable</i><span> </span>for the 1.0 release. We may alter this function in a subsequent feature version.</span></span></p></li><li class="code-line" data-line="54" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/170" href="https://github.com/Cisco-Talos/clamav/pull/170" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/170">https://github.com/Cisco-Talos/clamav/pull/170</a></span></span></p></li></ul></li><li class="code-line" data-line="56" style="position: relative;"><p class="code-line" data-line="56" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Added a new function to the public API for unpacking CVD signature archives.</span></span></p><ul class="code-line" data-line="57" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="57" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">The new function is<span> </span><code style="line-height: 1.357em;">cl_cvdunpack()</code>. The last parameter for the function may be set to verify if a CVD's signature is valid before unpacking the CVD content to the destination directory.</span></span></p></li><li class="code-line" data-line="60" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/690" href="https://github.com/Cisco-Talos/clamav/pull/690" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/690">https://github.com/Cisco-Talos/clamav/pull/690</a></span></span></p></li></ul></li><li class="code-line" data-line="62" style="position: relative;"><p class="code-line" data-line="62" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">The option to build with an external TomsFastMath library has been removed. ClamAV requires non-default build options for TomsFastMath to support bigger floating point numbers. Without this change, database and Windows EXE/DLL authenticode certificate validation may fail. The<span> </span><code style="line-height: 1.357em;">ENABLE_EXTERNAL_TOMSFASTMATH</code><span> </span>build is now ignored.</span></span></p><ul class="code-line" data-line="67" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="67" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/742" href="https://github.com/Cisco-Talos/clamav/pull/742" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/742">https://github.com/Cisco-Talos/clamav/pull/742</a></span></span></p></li></ul></li></ul><p class="code-line" data-line="69" id="other-improvements" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: small;"><span style="font-family: inherit;">Other improvements:</span></span></p><ul class="code-line" data-line="71" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="71" style="position: relative;"><p class="code-line" data-line="71" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Add checks to limit PDF object extraction recursion.</span></span></p><ul class="code-line" data-line="72" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="72" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/629" href="https://github.com/Cisco-Talos/clamav/pull/629" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/629">https://github.com/Cisco-Talos/clamav/pull/629</a></span></span></p></li></ul></li><li class="code-line" data-line="74" style="position: relative;"><p class="code-line" data-line="74" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Increased the limit for memory allocations based on untrusted input and altered the warning message when the limit is exceeded so that it is more helpful and less dramatic.</span></span></p><ul class="code-line" data-line="77" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="77" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/723" href="https://github.com/Cisco-Talos/clamav/pull/723" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/723">https://github.com/Cisco-Talos/clamav/pull/723</a></span></span></p></li></ul></li><li class="code-line" data-line="79" style="position: relative;"><p class="code-line" data-line="79" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Dramatically improved the build time of libclamav-Rust unit tests. The unit test build is included in the time limit for the test itself and was timing out on slower systems. The ClamAV Rust code modules now share the same build directory, which also reduces the amount of disk space used for the build.</span></span></p><ul class="code-line" data-line="84" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="84" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/694" href="https://github.com/Cisco-Talos/clamav/pull/694" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/694">https://github.com/Cisco-Talos/clamav/pull/694</a></span></span></p></li></ul></li><li class="code-line" data-line="86" style="position: relative;"><p class="code-line" data-line="86" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">For Windows: The debugging symbol (PDB) files are now installed alongside the DLL </span></span><span style="font-family: inherit;">and LIB library files when built in "RelWithDebInfo" or "Debug" mode.</span></p></li><ul><li><span style="font-family: inherit;">GitHub pull request:</span><span style="font-family: inherit;"> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/669" href="https://github.com/Cisco-Talos/clamav/pull/669" style="font-family: inherit; text-decoration-line: none;" title="https://github.com/Cisco-Talos/clamav/pull/669">https://github.com/Cisco-Talos/clamav/pull/669</a> <br /></li></ul></ul><div><ul class="code-line" data-line="71" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="90" style="position: relative;"><p class="code-line" data-line="90" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Relaxed the constraints on the check for overlapping ZIP file entries so as not to alert on slightly malformed, but non-malicious, Java (JAR) archives.</span></span></p><ul class="code-line" data-line="92" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="93" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/561" href="https://github.com/Cisco-Talos/clamav/pull/561" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/561">https://github.com/Cisco-Talos/clamav/pull/561</a></span></span></p></li></ul></li></ul><ul class="code-line" data-line="71" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="95" style="position: relative;"><p class="code-line" data-line="95" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Increased the time limit in FreshClam before warning if the DNS entry is stale. In combination with changes to update the DNS entry more frequently, this should prevent false alarms of failures in the database publication system.</span></span></p><ul class="code-line" data-line="99" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="99" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/597" href="https://github.com/Cisco-Talos/clamav/pull/597" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/597">https://github.com/Cisco-Talos/clamav/pull/597</a></span></span></p></li></ul></li><li class="code-line" data-line="101" style="position: relative;"><p class="code-line" data-line="101" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Docker: The C library header files are now included in the Docker image. Patch courtesy of GitHub user TerminalFi.</span></span></p><ul class="code-line" data-line="103" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="103" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/693" href="https://github.com/Cisco-Talos/clamav/pull/693" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/693">https://github.com/Cisco-Talos/clamav/pull/693</a></span></span></p></li></ul></li><li class="code-line" data-line="105" style="position: relative;"><p class="code-line" data-line="105" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Show the BYTECODE_RUNTIME build options when using the<span> </span><code style="line-height: 1.357em;">ccmake</code><span> </span>GUI for CMake. Patch courtesy of Дилян Палаузов.</span></span></p><ul class="code-line" data-line="107" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="107" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/678" href="https://github.com/Cisco-Talos/clamav/pull/678" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/678">https://github.com/Cisco-Talos/clamav/pull/678</a></span></span></p></li></ul></li><li class="code-line" data-line="109" style="position: relative;"><p class="code-line" data-line="109" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Added explicit minimum and maximum supported LLVM versions so that the build will fail if you try to build with a version that is too old or too new and will print a helpful message rather than simply failing to compile because of compatibility issues. Patch courtesy of Matt Jolly.</span></span></p><ul class="code-line" data-line="113" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="113" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/692" href="https://github.com/Cisco-Talos/clamav/pull/692" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/692">https://github.com/Cisco-Talos/clamav/pull/692</a></span></span></p></li></ul></li></ul><p class="code-line" data-line="115" id="bug-fixes" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: small;"><span style="font-family: inherit;">Bug fixes:</span></span></p><ul class="code-line" data-line="117" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="117" style="position: relative;"><p class="code-line" data-line="117" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Assorted code quality fixes. These are not security issues and will not be backported to prior feature versions:</span></span></p><ul class="code-line" data-line="119" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="119" style="position: relative;"><p class="code-line" data-line="119" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Several heap buffer overflows while loading PDB and WDB databases were found by OSS-Fuzz and by Michał Dardas.</span></span></p><ul class="code-line" data-line="121" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="121" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/530" href="https://github.com/Cisco-Talos/clamav/pull/530" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/530">https://github.com/Cisco-Talos/clamav/pull/530</a></span></span></p></li><li class="code-line" data-line="122" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">Follow-up Optimization:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/712" href="https://github.com/Cisco-Talos/clamav/pull/712" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/712">https://github.com/Cisco-Talos/clamav/pull/712</a></span></span></p></li></ul></li><li class="code-line" data-line="124" style="position: relative;"><p class="code-line" data-line="124" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">oss-fuzz 43843: heap buffer overflow read (1) cli_sigopts_handler</span></span></p><ul class="code-line" data-line="125" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="125" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/560" href="https://github.com/Cisco-Talos/clamav/pull/560" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/560">https://github.com/Cisco-Talos/clamav/pull/560</a></span></span></p></li></ul></li><li class="code-line" data-line="127" style="position: relative;"><p class="code-line" data-line="127" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">oss-fuzz 44849: heap buffer overflow read (4) in HTML/js-norm</span></span></p><ul class="code-line" data-line="128" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="128" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/503" href="https://github.com/Cisco-Talos/clamav/pull/503" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/503">https://github.com/Cisco-Talos/clamav/pull/503</a></span></span></p></li></ul></li><li class="code-line" data-line="130" style="position: relative;"><p class="code-line" data-line="130" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">oss-fuzz 43816: heap buffer overflow read (8) in cli_bcomp_freemeta</span></span></p><ul class="code-line" data-line="131" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="131" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/583" href="https://github.com/Cisco-Talos/clamav/pull/583" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/583">https://github.com/Cisco-Talos/clamav/pull/583</a></span></span></p></li></ul></li><li class="code-line" data-line="133" style="position: relative;"><p class="code-line" data-line="133" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">oss-fuzz 43832: heap buffer overflow read (2) in cli_parse_add</span></span></p><ul class="code-line" data-line="134" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="134" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/611" href="https://github.com/Cisco-Talos/clamav/pull/611" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/611">https://github.com/Cisco-Talos/clamav/pull/611</a></span></span></p></li></ul></li><li class="code-line" data-line="136" style="position: relative;"><p class="code-line" data-line="136" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">oss-fuzz 44493: integer overflow in cli_scannulsft</span></span></p><ul class="code-line" data-line="137" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="137" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/554" href="https://github.com/Cisco-Talos/clamav/pull/554" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/554">https://github.com/Cisco-Talos/clamav/pull/554</a></span></span></p></li></ul></li><li class="code-line" data-line="139" style="position: relative;"><p class="code-line" data-line="139" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">CIFuzz leak detected in IDB parser</span></span></p><ul class="code-line" data-line="140" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="140" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/547" href="https://github.com/Cisco-Talos/clamav/pull/547" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/547">https://github.com/Cisco-Talos/clamav/pull/547</a></span></span></p></li></ul></li><li class="code-line" data-line="142" style="position: relative;"><p class="code-line" data-line="142" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">oss-fuzz assorted signature parser leaks</span></span></p><ul class="code-line" data-line="143" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="143" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull requests:</span></span></p><ul class="code-line" data-line="144" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="144" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/532" href="https://github.com/Cisco-Talos/clamav/pull/532" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/532">https://github.com/Cisco-Talos/clamav/pull/532</a></span></span></p></li><li class="code-line" data-line="145" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/533" href="https://github.com/Cisco-Talos/clamav/pull/533" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/533">https://github.com/Cisco-Talos/clamav/pull/533</a></span></span></p></li><li class="code-line" data-line="146" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/535" href="https://github.com/Cisco-Talos/clamav/pull/535" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/535">https://github.com/Cisco-Talos/clamav/pull/535</a></span></span></p></li></ul></li></ul></li><li class="code-line" data-line="148" style="position: relative;"><p class="code-line" data-line="148" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">oss-fuzz 40601: leak detected in pdf_parseobj</span></span></p><ul class="code-line" data-line="149" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="149" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/553" href="https://github.com/Cisco-Talos/clamav/pull/553" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/553">https://github.com/Cisco-Talos/clamav/pull/553</a></span></span></p></li></ul></li></ul></li><li class="code-line" data-line="151" style="position: relative;"><p class="code-line" data-line="151" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Fixed a build failure when using LIBCLAMAV_ONLY mode with tests enabled.</span></span></p><ul class="code-line" data-line="152" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="152" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/714" href="https://github.com/Cisco-Talos/clamav/pull/714" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/714">https://github.com/Cisco-Talos/clamav/pull/714</a></span></span></p></li></ul></li><li class="code-line" data-line="154" style="position: relative;"><p class="code-line" data-line="154" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Fixed an issue verifying EXE/DLL authenticode signatures to determine a given file can be trusted (skipped).</span></span></p><ul class="code-line" data-line="156" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="156" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/727" href="https://github.com/Cisco-Talos/clamav/pull/727" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/727">https://github.com/Cisco-Talos/clamav/pull/727</a></span></span></p></li></ul></li><li class="code-line" data-line="158" style="position: relative;"><p class="code-line" data-line="158" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Fixed a caching bug relating to the Container and Intermediates logical signature condition.</span></span></p><ul class="code-line" data-line="160" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="160" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/724" href="https://github.com/Cisco-Talos/clamav/pull/724" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/724">https://github.com/Cisco-Talos/clamav/pull/724</a></span></span></p></li></ul></li><li class="code-line" data-line="162" style="position: relative;"><p class="code-line" data-line="162" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Fixed a build issue when build with RAR disabled or when building with an external libmspack library rather than the bundled library.</span></span></p><ul class="code-line" data-line="164" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="164" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/672" href="https://github.com/Cisco-Talos/clamav/pull/672" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/672">https://github.com/Cisco-Talos/clamav/pull/672</a></span></span></p></li></ul></li><li class="code-line" data-line="166" style="position: relative;"><p class="code-line" data-line="166" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Fixed the capitalization of the<span> </span><code style="line-height: 1.357em;">-W</code><span> </span>option for<span> </span><code style="line-height: 1.357em;">clamonacc</code><span> </span>in the<span> </span><code style="line-height: 1.357em;">clamonacc</code><span> </span>manpage. Patch courtesy of GitHub user monkz.</span></span></p><ul class="code-line" data-line="168" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="168" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull requests:</span></span></p><ul class="code-line" data-line="169" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="169" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/709" href="https://github.com/Cisco-Talos/clamav/pull/709" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/709">https://github.com/Cisco-Talos/clamav/pull/709</a></span></span></p></li><li class="code-line" data-line="170" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/710" href="https://github.com/Cisco-Talos/clamav/pull/710" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/710">https://github.com/Cisco-Talos/clamav/pull/710</a></span></span></p></li></ul></li></ul></li><li class="code-line" data-line="172" style="position: relative;"><p class="code-line" data-line="172" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">macOS: Fixed an issue with memory-map (<code style="line-height: 1.357em;">mmap</code>) system call detection affecting versions 0.105 and 0.104. Memory maps may be used in ClamAV to improve signature load performance and scan performance, as well as RAM usage.</span></span></p><ul class="code-line" data-line="175" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="175" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/705" href="https://github.com/Cisco-Talos/clamav/pull/705" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/705">https://github.com/Cisco-Talos/clamav/pull/705</a></span></span></p></li></ul></li><li class="code-line" data-line="177" style="position: relative;"><p class="code-line" data-line="177" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Fixed a performance issue with Rust code when the build type is not explicitly set to "Release" or "RelWithDebInfo". The Rust default build type is now "RelWithDebInfo" just like the C code, instead of Debug. This means it is now optimized by default.</span></span></p><ul class="code-line" data-line="181" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="181" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/701" href="https://github.com/Cisco-Talos/clamav/pull/701" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/701">https://github.com/Cisco-Talos/clamav/pull/701</a></span></span></p></li></ul></li><li class="code-line" data-line="183" style="position: relative;"><p class="code-line" data-line="183" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Fixed an issue loading Yara rules containing regex strings with an escaped forward-slash (<code style="line-height: 1.357em;">\/</code>) followed by a colon (<code style="line-height: 1.357em;">:</code>).</span></span></p><ul class="code-line" data-line="185" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="185" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/696" href="https://github.com/Cisco-Talos/clamav/pull/696" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/696">https://github.com/Cisco-Talos/clamav/pull/696</a></span></span></p></li></ul></li><li class="code-line" data-line="187" style="position: relative;"><p class="code-line" data-line="187" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Fixed an issue detecting and scanning ZIP file entries appended to very small files. The fix is part of the all-match feature overhaul.</span></span></p></li><li class="code-line" data-line="190" style="position: relative;"><p class="code-line" data-line="190" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Fixed a detection issue with EXE/DLL import-address-table hash signatures that specify a wildcard (<code style="line-height: 1.357em;">*</code>) for the size field. The fix is part of the all-match feature overhaul.</span></span></p></li><li class="code-line" data-line="194" style="position: relative;"><p class="code-line" data-line="194" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Fixed the default bytecode timeout value listed in the manpages and in the sample config files. Patches courtesy of Liam Jarvis and Ben Bodenmiller.</span></span></p><ul class="code-line" data-line="196" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="196" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull requests:</span></span></p><ul class="code-line" data-line="197" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="197" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/631" href="https://github.com/Cisco-Talos/clamav/pull/631" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/631">https://github.com/Cisco-Talos/clamav/pull/631</a></span></span></p></li><li class="code-line" data-line="198" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/661" href="https://github.com/Cisco-Talos/clamav/pull/661" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/661">https://github.com/Cisco-Talos/clamav/pull/661</a></span></span></p></li></ul></li></ul></li><li class="code-line" data-line="200" style="position: relative;"><p class="code-line" data-line="200" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Fixed an issue building the libclamav_rust test program when running<span> </span><code style="line-height: 1.357em;">ctest</code><span> </span>if building with<span> </span><code style="line-height: 1.357em;">BYTECODE_RUNTIME=llvm</code><span> </span>and when the<span> </span><code style="line-height: 1.357em;">FindLLVM.cmake</code><span> </span>module is used to find the LLVM libraries. Patch courtesy of GitHub user teoberi.</span></span></p><ul class="code-line" data-line="203" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="203" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/572" href="https://github.com/Cisco-Talos/clamav/pull/572" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/572">https://github.com/Cisco-Talos/clamav/pull/572</a></span></span></p></li></ul></li><li class="code-line" data-line="205" style="position: relative;"><p class="code-line" data-line="205" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Fixed an issue where scans sent to<span> </span><code style="line-height: 1.357em;">clamd</code><span> </span>with the all-match mode enabled caused all subsequent scans to also use all-match mode.</span></span></p><ul class="code-line" data-line="207" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="207" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><a data-href="https://github.com/Cisco-Talos/clamav/pull/741" href="https://github.com/Cisco-Talos/clamav/pull/741" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/741">https://github.com/Cisco-Talos/clamav/pull/741</a></span></span></p></li></ul></li></ul><p class="code-line" data-line="209" id="acknowledgments" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: small;"><span style="font-family: inherit;">Acknowledgments</span></span></p><p class="code-line" data-line="211" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: small;"><span style="font-family: inherit;">Special thanks to the following people for code contributions and bug reports:</span></span></p><ul class="code-line" data-line="212" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="212" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">Ben Bodenmiller</span></span></p></li><li class="code-line" data-line="213" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">Дилян Палаузов</span></span></p></li><li class="code-line" data-line="214" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">Liam Jarvis</span></span></p></li><li class="code-line" data-line="215" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">Matt Jolly</span></span></p></li><li class="code-line" data-line="216" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">monkz</span></span></p></li><li class="code-line" data-line="217" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">teoberi</span></span></p></li><li class="code-line" data-line="218" style="position: relative;"><p><span style="font-size: small;"><span style="font-family: inherit;">TerminalFi</span></span></p></li></ul></div>Micah Snyderhttp://www.blogger.com/profile/07798916006145826441noreply@blogger.comtag:blogger.com,1999:blog-2366689974368239573.post-72686646960814598572022-10-31T15:15:00.000-04:002022-10-31T15:15:20.809-04:00New packages for ClamAV 0.103.7, 0.104.4, 0.105.1 to resolve CVE's<p class="code-line" data-line="0" dir="auto" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">Today we are publishing updated packages for ClamAV 0.103.7, 0.104.4, and 0.105.1.</span></p><h4 class="code-line" data-line="2" id="why-update-the-installer-packages" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">Why we updated the installer packages</span></h4><p class="code-line" data-line="4" dir="auto" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">The ClamAV RPM, DEB, PKG, MSI and ZIP installer packages come with all library dependencies bundled. The updated installer packages resolve the following CVE's:</span></p><ul class="code-line" data-line="5" dir="auto" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="5" dir="auto" style="position: relative;"><span style="font-family: inherit;"><span style="color: black;"><a data-href="https://nvd.nist.gov/vuln/detail/CVE-2022-37434" href="https://nvd.nist.gov/vuln/detail/CVE-2022-37434" style="text-decoration: none;" title="https://nvd.nist.gov/vuln/detail/CVE-2022-37434">CVE-2022-37434</a><span> </span>- A critical severity vulnerability in the<span> </span><code style="font-size: 1em; line-height: 1.357em;">zlib</code><span> </span>library.</span></span></li><li class="code-line" data-line="6" dir="auto" style="position: relative;"><span style="font-family: inherit;"><span style="color: black;"><a data-href="https://nvd.nist.gov/vuln/detail/CVE-2022-40303" href="https://nvd.nist.gov/vuln/detail/CVE-2022-40303" style="text-decoration: none;" title="https://nvd.nist.gov/vuln/detail/CVE-2022-40303">CVE-2022-40303</a><span> </span>- A high severity vulnerability in the<span> </span><code style="font-size: 1em; line-height: 1.357em;">libxml2</code><span> </span>library. Note: As of writing, the details of this CVE are not published. However, you can find additional details<span> </span><a data-href="https://www.suse.com/pt-br/security/cve/CVE-2022-40303.html" href="https://www.suse.com/pt-br/security/cve/CVE-2022-40303.html" style="text-decoration: none;" title="https://www.suse.com/pt-br/security/cve/CVE-2022-40303.html">on other sites</a>.</span></span></li><li class="code-line" data-line="7" dir="auto" style="position: relative;"><span style="font-family: inherit;"><span style="color: black;"><a data-href="https://nvd.nist.gov/vuln/detail/CVE-2022-40304" href="https://nvd.nist.gov/vuln/detail/CVE-2022-40304" style="text-decoration: none;" title="https://nvd.nist.gov/vuln/detail/CVE-2022-40304">CVE-2022-40304</a><span> </span>- A high severity vulnerability in the<span> </span><code style="font-size: 1em; line-height: 1.357em;">libxml2</code><span> </span>library. Note: As of writing, the details of this CVE are not published. However, you can find additional details<span> </span><a data-href="https://www.suse.com/pt-br/security/cve/CVE-2022-40304.html" href="https://www.suse.com/pt-br/security/cve/CVE-2022-40304.html" style="text-decoration: none;" title="https://www.suse.com/pt-br/security/cve/CVE-2022-40304.html">on other sites</a>.</span></span></li></ul><div><span style="font-size: 14px;"><br /></span></div><h4 class="code-line" data-line="9" id="why-update-the-clamav-01051-source-package" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">Why we updated the 0.105.1 source package</span></h4><p class="code-line" data-line="11" dir="auto" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">Starting with ClamAV 0.105.1, some of the ClamAV project is written in Rust and depends on Rust libraries. To make it possible for our users to build ClamAV offline, we bundle in the Rust dependencies.</span></p><p class="code-line" data-line="13" dir="auto" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">There are no CVEs present for the Rust libraries bundled in the original 0.105.1 package. However, there are several critical bugs in the JPEG and TIFF image processing libraries in the original 0.105.1 source package. The known issues were resolved in<span> </span><span style="color: black;"><a data-href="https://github.com/image-rs/image-tiff/releases/tag/v0.7.4" href="https://github.com/image-rs/image-tiff/releases/tag/v0.7.4" style="text-decoration: none;" title="https://github.com/image-rs/image-tiff/releases/tag/v0.7.4"><code style="font-size: 1em; line-height: 1.357em;">image-tiff</code><span> </span>version 0.7.4</a><span> </span>and<span> </span><a data-href="https://github.com/image-rs/jpeg-decoder/releases/tag/v0.3.0" href="https://github.com/image-rs/jpeg-decoder/releases/tag/v0.3.0" style="text-decoration: none;" title="https://github.com/image-rs/jpeg-decoder/releases/tag/v0.3.0"><code style="font-size: 1em; line-height: 1.357em;">jpeg-decoder</code><span> </span>version 0.3.0</a>. The<span> </span><code style="font-size: 1em; line-height: 1.357em;">clamav-0.105.1-2.tar.gz</code><span> </span>source package includes the updated libraries.</span></span></p><p class="code-line" data-line="15" dir="auto" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">Linux/Unix package maintainers are encouraged to publish new revisions of their own packages for ClamAV 0.105.1 to get these fixes. Anyone who built ClamAV from the original<span> </span><code style="font-size: 1em; line-height: 1.357em;">clamav-0.105.1.tar.gz</code><span> </span>source package is encouraged to reinstall from the newer source package.</span></p><p class="code-line" data-line="15" dir="auto" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;"><br /></span></p><h4 class="code-line" data-line="17" id="where-to-find-the-updated-packages" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">Where to find the updated packages</span></h4><p class="code-line" data-line="19" dir="auto" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">The new packages have a<span> </span><code style="font-size: 1em; line-height: 1.357em;">-2</code><span> </span>suffix to indicate the package revision. For example,<span> </span><code style="font-size: 1em; line-height: 1.357em;">clamav-0.105.1-2.macos.universal.pkg</code><span> </span>is the updated package replacing<span> </span><code style="font-size: 1em; line-height: 1.357em;">clamav-0.105.1.macos.universal.pkg</code>.</span></p><p class="code-line" data-line="21" dir="auto" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">As always, you can get the updated packages from<span> </span><span style="color: black;"><a data-href="https://www.clamav.net/downloads" href="https://www.clamav.net/downloads" style="text-decoration: none;" title="https://www.clamav.net/downloads">the ClamAV.net Downloads page</a>. The original packages have been hidden on the web page and replaced by the updated packages. If you need the originals, the URLs to download them still work.</span></span></p><p class="code-line" data-line="21" dir="auto" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;"><span style="color: black;"><br /></span></span></p><h4 class="code-line" data-line="23" id="what-about-the-docker-images" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">What about the Docker images</span></h4><p class="code-line" data-line="25" dir="auto" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">The official ClamAV docker image has been updated to patch the<span> </span><code style="font-size: 1em; line-height: 1.357em;">zlib</code><span> </span>and<span> </span><code style="font-size: 1em; line-height: 1.357em;">libxml2</code><span> </span>vulnerabilities. The following tags have been updated to point to the new images:</span></p><ul class="code-line" data-line="26" dir="auto" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="26" dir="auto" style="position: relative;"><span style="font-family: inherit;"><code style="font-size: 1em; line-height: 1.357em;">clamav/clamav:latest</code></span></li><li class="code-line" data-line="27" dir="auto" style="position: relative;"><span style="font-family: inherit;"><code style="font-size: 1em; line-height: 1.357em;">clamav/clamav:latest_base</code></span></li><li class="code-line" data-line="28" dir="auto" style="position: relative;"><span style="font-family: inherit;"><code style="font-size: 1em; line-height: 1.357em;">clamav/clamav:stable</code></span></li><li class="code-line" data-line="29" dir="auto" style="position: relative;"><span style="font-family: inherit;"><code style="font-size: 1em; line-height: 1.357em;">clamav/clamav:stable_base</code></span></li><li class="code-line" data-line="30" dir="auto" style="position: relative;"><span style="font-family: inherit;"><code style="font-size: 1em; line-height: 1.357em;">clamav/clamav:0.105</code></span></li><li class="code-line" data-line="31" dir="auto" style="position: relative;"><span style="font-family: inherit;"><code style="font-size: 1em; line-height: 1.357em;">clamav/clamav:0.105_base</code></span></li><li class="code-line" data-line="32" dir="auto" style="position: relative;"><span style="font-family: inherit;"><code style="font-size: 1em; line-height: 1.357em;">clamav/clamav:0.105.1</code></span></li><li class="code-line" data-line="33" dir="auto" style="position: relative;"><span style="font-family: inherit;"><code style="font-size: 1em; line-height: 1.357em;">clamav/clamav:0.105.1_base</code></span></li></ul><p class="code-line" data-line="35" dir="auto" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">Be sure to use<span> </span><code style="font-size: 1em; line-height: 1.357em;">docker pull</code><span> </span>to get the latest version of the image. For example:</span></p><pre class="code-active-line" style="-webkit-text-stroke-width: 0px; background-color: rgba(10, 10, 10, 0.4); border-radius: 3px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-top: 0px; overflow: auto; padding: 16px; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: pre-wrap; word-spacing: 0px;"><span style="font-family: inherit;"><code class="code-line language-sh" data-line="36" dir="auto" style="font-size: 1em; line-height: 1.357em; position: relative; tab-size: 4;"><div>docker pull clamav/clamav:0.105_base</div></code></span></pre>Micah Snyderhttp://www.blogger.com/profile/07798916006145826441noreply@blogger.comtag:blogger.com,1999:blog-2366689974368239573.post-16148290173478173262022-10-25T15:51:00.000-04:002022-10-25T15:51:00.876-04:00ClamAV 1.0.0 release candidate now available<p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhd2TsLWQCQxqIe0Q9HVo_GwIRH4ph8NRhcMPukRLxSs1CJJapj4OyVCeCl-AHsQrF_t39xgbhfuCrpUxLYFHSVelY-78Wb9J11ljpiM6aZNGLWx-EkirdflaI84Uxl6XeGVqEzeOClPUhvy7wsZfpzXMivHWpGyVjbJPe3o8EUyarduThs2kFyeTFj/s2000/ClamAV-1.0.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="1000" data-original-width="2000" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhd2TsLWQCQxqIe0Q9HVo_GwIRH4ph8NRhcMPukRLxSs1CJJapj4OyVCeCl-AHsQrF_t39xgbhfuCrpUxLYFHSVelY-78Wb9J11ljpiM6aZNGLWx-EkirdflaI84Uxl6XeGVqEzeOClPUhvy7wsZfpzXMivHWpGyVjbJPe3o8EUyarduThs2kFyeTFj/w640-h320/ClamAV-1.0.jpg" width="640" /></a></div><br /><span style="font-family: inherit; font-size: small;"><br /></span><p></p><p><span style="font-family: inherit; font-size: small;">We are excited to announce the ClamAV 1.0.0 release candidate!</span></p><p><span style="font-family: inherit; font-size: small;">You may find the source code and installers for this release on:<br /></span></p><ul style="text-align: left;"><li><span style="font-family: inherit; font-size: small;"><span style="color: black;">the <a href="https://www.clamav.net/downloads" target="_blank">clamav.net/downloads</a>, or<br /></span></span></li><li><span style="font-family: inherit; font-size: small;"><span style="color: black;">the <a href="https://github.com/Cisco-Talos/clamav/releases/tag/clamav-1.0.0-rc" rel="nofollow" target="_blank">ClamAV GitHub release page</a><br /></span></span></li></ul><p><i><span style="font-family: inherit; font-size: small;">Note: If you are looking for the source code on </span><span style="font-family: inherit; font-size: small;"><span style="color: black;"> <a href="https://www.clamav.net/downloads" target="_blank">clamav.net/downloads</a></span></span><span style="font-size: small;"><span style="font-family: inherit;"> - </span></span><span style="font-size: small;"><span style="font-family: inherit;">there is an issue preventing the "Source" section from showing for release candidates. Until we fix this issue, </span></span></i><span style="font-size: small;"><span style="font-family: inherit;"><i>you find it under the "Linux" section. </i></span></span></p><p><span style="font-size: small;"><span style="font-family: inherit;"><i>Tip: If you are downloading the source from the GitHub release page, the package labeled "clamav-1.0.0-rc.tar.gz" does not require an internet connection to build. All dependencies are included in this package. But if you download the ZIP or TAR.GZ generated by GitHub, located at the very bottom, then an internet connection will be required during the build to download additional Rust dependencies. </i><br /></span></span></p><p class="code-line" data-line="7" dir="auto" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: small;"><span style="font-family: inherit;">For Docker users, there is no specific Docker tag for the release candidate, but you can use the </span><span style="font-family: inherit;"><span></span><code style="line-height: 1.357em;">clamav:unstable</code><span> or </span></span><span style="font-family: inherit;"></span><span style="font-family: inherit;"><span></span><code style="line-height: 1.357em;">clamav:unstable_base</code></span><span style="font-family: inherit;"><span> tags. </span></span><span style="font-family: inherit;"></span></span></p><p class="code-line" data-line="7" dir="auto" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: small;"><span style="font-family: inherit;">The release candidate phase is expected to last two to three weeks before we publish the stable release or a second release candidate</span><span style="font-family: inherit;">. Please take this time to evaluate ClamAV 1.0.0. </span></span><span style="font-family: inherit; font-size: small;"> </span></p><p class="code-line" data-line="7" dir="auto" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit; font-size: small;">Please help us validate this release by providing feedback via the <span style="color: black;"><a href="https://lists.clamav.net/mailman/listinfo/clamav-users" target="_blank">ClamAV mailing list</a> or on <a href="https://discord.gg/sGaxA5Q" target="_blank">our Discord</a>.</span></span></p><p class="code-line" data-line="7" dir="auto" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: small;"><span style="font-family: inherit;">ClamAV 1.0.0 includes the following improvements and changes.</span></span></p><h3 class="code-line" data-line="9" id="major-changes" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: large;"><span style="font-family: inherit;">Major changes</span></span></h3><ul class="code-line" data-line="11" dir="auto" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="11" dir="auto" style="position: relative;"><p class="code-line" data-line="11" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Support for decrypting read-only OLE2-based XLS files that are encrypted with the default "VelvetSweatshop" password. Use of the VelvetSweatshop password will now appear in the metadata JSON.</span></span></p><ul class="code-line" data-line="14" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="14" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/700" href="https://github.com/Cisco-Talos/clamav/pull/700" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/700">https://github.com/Cisco-Talos/clamav/pull/700</a></span></span></span></li></ul></li><li class="code-line" data-line="16" dir="auto" style="position: relative;"><p class="code-line" data-line="16" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Overhauled the implementation of the all-match feature. The newer code is more reliable and easier to maintain.</span></span></p><ul class="code-line" data-line="18" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="18" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">This project fixed several known issues with signature detection in all- match mode:</span></span><ul class="code-line" data-line="20" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="20" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Enabled embedded file-type-recognition-signatures to match when a malware signature also matched in a scan of the same layer.</span></span></li><li class="code-line" data-line="22" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Enabled bytecode signatures to run in all-match mode after a match has occurred.</span></span></li><li class="code-line" data-line="24" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Fixed an assortment of all-match edge case issues:</span></span></li></ul></li><li class="code-line" data-line="25" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Added multiple test cases to verify correct all-match behavior.</span></span></li><li class="code-line" data-line="26" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/687" href="https://github.com/Cisco-Talos/clamav/pull/687" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/687">https://github.com/Cisco-Talos/clamav/pull/687</a></span></span></span></li></ul></li><li class="code-line" data-line="28" dir="auto" style="position: relative;"><p class="code-line" data-line="28" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Added a new callback to the public API for inspecting file content during a scan at each layer of archive extraction.</span></span></p><ul class="code-line" data-line="30" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="30" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">The new callback function type is<span> </span><code style="line-height: 1.357em;">clcb_file_inspection</code><span> </span>defined in<span> </span><code style="line-height: 1.357em;">clamav.h</code>.</span></span></li><li class="code-line" data-line="32" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">The function<span> </span><code style="line-height: 1.357em;">cl_engine_set_clcb_file_inspection()</code><span> </span>may be used to enable the callback prior to performing a scan.</span></span></li><li class="code-line" data-line="34" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">This new callback is to be considered<span> </span><i>unstable</i><span> </span>for the 1.0 release. We may alter this function in a subsequent feature version.</span></span></li><li class="code-line" data-line="36" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/170" href="https://github.com/Cisco-Talos/clamav/pull/170" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/170">https://github.com/Cisco-Talos/clamav/pull/170</a></span></span></span></li></ul></li><li class="code-line" data-line="38" dir="auto" style="position: relative;"><p class="code-line" data-line="38" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Added a new function to the public API for unpacking CVD signature archives.</span></span></p><ul class="code-line" data-line="39" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="39" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">The new function is<span> </span><code style="line-height: 1.357em;">cl_cvdunpack()</code>. The last parameter for the function may be set to verify if a CVD's signature is valid before unpacking the CVD content to the destination directory.</span></span></li><li class="code-line" data-line="42" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/690" href="https://github.com/Cisco-Talos/clamav/pull/690" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/690">https://github.com/Cisco-Talos/clamav/pull/690</a></span></span></span></li></ul></li></ul><h3 class="code-line" data-line="44" dir="auto" id="other-improvements" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: large;"><span style="font-family: inherit;">Other improvements</span></span></h3><ul class="code-line" data-line="46" dir="auto" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="46" dir="auto" style="position: relative;"><p class="code-line" data-line="46" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Add checks to limit PDF object extraction recursion.</span></span></p><ul class="code-line" data-line="47" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="47" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/629" href="https://github.com/Cisco-Talos/clamav/pull/629" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/629">https://github.com/Cisco-Talos/clamav/pull/629</a></span></span></span></li></ul></li><li class="code-line" data-line="49" dir="auto" style="position: relative;"><p class="code-line code-active-line" data-line="49" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Increased the limit for memory allocations based on untrusted input and altered the warning message when the limit is exceeded so that it is more helpful and less dramatic.</span></span></p><ul class="code-line" data-line="52" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="52" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/723" href="https://github.com/Cisco-Talos/clamav/pull/723" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/723">https://github.com/Cisco-Talos/clamav/pull/723</a></span></span></span></li></ul></li><li class="code-line" data-line="54" dir="auto" style="position: relative;"><p class="code-line" data-line="54" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Dramatically improved the build time of libclamav-Rust unit tests. The unit test build is included in the time limit for the test itself and was timing out on slower systems. The ClamAV Rust code modules now share the same build directory, which also reduces the amount of disk space used for the build.</span></span></p><ul class="code-line" data-line="59" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="59" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/694" href="https://github.com/Cisco-Talos/clamav/pull/694" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/694">https://github.com/Cisco-Talos/clamav/pull/694</a></span></span></span></li></ul></li><li class="code-line" data-line="61" dir="auto" style="position: relative;"><p class="code-line" data-line="61" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Windows: The debugging symbol (PDB) files are now installed alongside the DLL</span></span></p></li><li class="code-line" data-line="62" dir="auto" style="position: relative;"><p class="code-line" data-line="62" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">and LIB library files when built in "RelWithDebInfo" or "Debug" mode.</span></span></p><ul class="code-line" data-line="63" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="63" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/669" href="https://github.com/Cisco-Talos/clamav/pull/669" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/669">https://github.com/Cisco-Talos/clamav/pull/669</a></span></span></span></li></ul></li><li class="code-line" data-line="65" dir="auto" style="position: relative;"><p class="code-line" data-line="65" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Relaxed the constraints on the check for overlapping ZIP file entries so as not to alert on slightly malformed, but non-malicious, Java (JAR) archives.</span></span></p><ul class="code-line" data-line="67" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="67" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Talos escalations issues:</span></span></li><li class="code-line" data-line="68" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/561" href="https://github.com/Cisco-Talos/clamav/pull/561" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/561">https://github.com/Cisco-Talos/clamav/pull/561</a></span></span></span></li></ul></li><li class="code-line" data-line="70" dir="auto" style="position: relative;"><p class="code-line" data-line="70" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Increased the time limit in FreshClam before warning if the DNS entry is stale. In combination with changes to update the DNS entry more frequently, this should prevent false alarms of failures in the database publication system.</span></span></p><ul class="code-line" data-line="74" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="74" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/597" href="https://github.com/Cisco-Talos/clamav/pull/597" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/597">https://github.com/Cisco-Talos/clamav/pull/597</a></span></span></span></li></ul></li><li class="code-line" data-line="76" dir="auto" style="position: relative;"><p class="code-line" data-line="76" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Docker: The C library header files are now included in the Docker image. Patch courtesy of GitHub user TerminalFi.</span></span></p><ul class="code-line" data-line="78" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="78" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/693" href="https://github.com/Cisco-Talos/clamav/pull/693" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/693">https://github.com/Cisco-Talos/clamav/pull/693</a></span></span></span></li></ul></li><li class="code-line" data-line="80" dir="auto" style="position: relative;"><p class="code-line" data-line="80" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Show the BYTECODE_RUNTIME build options when using the<span> </span><code style="line-height: 1.357em;">ccmake</code><span> </span>GUI for CMake. Patch courtesy of Дилян Палаузов.</span></span></p><ul class="code-line" data-line="82" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="82" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/678" href="https://github.com/Cisco-Talos/clamav/pull/678" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/678">https://github.com/Cisco-Talos/clamav/pull/678</a></span></span></span></li></ul></li><li class="code-line" data-line="84" dir="auto" style="position: relative;"><p class="code-line" data-line="84" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Added explicit minimum and maximum supported LLVM versions so that the build will fail if you try to build with the version that is too old or too new and will print a helpful message rather than simply failing to compile because of compatibility issues. Patch courtesy of Matt Jolly.</span></span></p><ul class="code-line" data-line="88" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="88" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/692" href="https://github.com/Cisco-Talos/clamav/pull/692" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/692">https://github.com/Cisco-Talos/clamav/pull/692</a></span></span></span></li></ul></li></ul><h3 class="code-line" data-line="90" dir="auto" id="bug-fixes" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: large;"><span style="font-family: inherit;">Bug fixes</span></span></h3><ul class="code-line" data-line="92" dir="auto" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="92" dir="auto" style="position: relative;"><p class="code-line" data-line="92" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Assorted code quality fixes. These are not security issues and will not be backported to prior feature versions:</span></span></p><ul class="code-line" data-line="94" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="94" dir="auto" style="position: relative;"><p class="code-line" data-line="94" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Several heap buffer overflows while loading PDB and WDB databases were found by OSS-Fuzz and by Michał Dardas.</span></span></p><ul class="code-line" data-line="96" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="96" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/530" href="https://github.com/Cisco-Talos/clamav/pull/530" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/530">https://github.com/Cisco-Talos/clamav/pull/530</a></span></span></span></li><li class="code-line" data-line="97" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Follow-up Optimization:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/712" href="https://github.com/Cisco-Talos/clamav/pull/712" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/712">https://github.com/Cisco-Talos/clamav/pull/712</a></span></span></span></li></ul></li><li class="code-line" data-line="99" dir="auto" style="position: relative;"><p class="code-line" data-line="99" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">oss-fuzz 43843: heap buffer overflow read (1) cli_sigopts_handler</span></span></p><ul class="code-line" data-line="100" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="100" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/560" href="https://github.com/Cisco-Talos/clamav/pull/560" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/560">https://github.com/Cisco-Talos/clamav/pull/560</a></span></span></span></li></ul></li><li class="code-line" data-line="102" dir="auto" style="position: relative;"><p class="code-line" data-line="102" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">oss-fuzz 44849: heap buffer overflow read (4) in HTML/js-norm</span></span></p><ul class="code-line" data-line="103" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="103" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/503" href="https://github.com/Cisco-Talos/clamav/pull/503" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/503">https://github.com/Cisco-Talos/clamav/pull/503</a></span></span></span></li></ul></li><li class="code-line" data-line="105" dir="auto" style="position: relative;"><p class="code-line" data-line="105" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">oss-fuzz 43816: heap buffer overflow read (8) in cli_bcomp_freemeta</span></span></p><ul class="code-line" data-line="106" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="106" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/583" href="https://github.com/Cisco-Talos/clamav/pull/583" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/583">https://github.com/Cisco-Talos/clamav/pull/583</a></span></span></span></li></ul></li><li class="code-line" data-line="108" dir="auto" style="position: relative;"><p class="code-line" data-line="108" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">oss-fuzz 43832: heap buffer overflow read (2) in cli_parse_add</span></span></p><ul class="code-line" data-line="109" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="109" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/611" href="https://github.com/Cisco-Talos/clamav/pull/611" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/611">https://github.com/Cisco-Talos/clamav/pull/611</a></span></span></span></li></ul></li><li class="code-line" data-line="111" dir="auto" style="position: relative;"><p class="code-line" data-line="111" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">oss-fuzz 44493: integer overflow in cli_scannulsft</span></span></p><ul class="code-line" data-line="112" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="112" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/554" href="https://github.com/Cisco-Talos/clamav/pull/554" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/554">https://github.com/Cisco-Talos/clamav/pull/554</a></span></span></span></li></ul></li><li class="code-line" data-line="114" dir="auto" style="position: relative;"><p class="code-line" data-line="114" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">CIFuzz leak detected in IDB parser</span></span></p><ul class="code-line" data-line="115" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="115" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/547" href="https://github.com/Cisco-Talos/clamav/pull/547" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/547">https://github.com/Cisco-Talos/clamav/pull/547</a></span></span></span></li></ul></li><li class="code-line" data-line="117" dir="auto" style="position: relative;"><p class="code-line" data-line="117" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">oss-fuzz assorted signature parser leaks</span></span></p><ul class="code-line" data-line="118" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="118" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull requests:</span></span><ul class="code-line" data-line="119" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="119" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;"><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/532" href="https://github.com/Cisco-Talos/clamav/pull/532" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/532">https://github.com/Cisco-Talos/clamav/pull/532</a></span></span></span></li><li class="code-line" data-line="120" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;"><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/533" href="https://github.com/Cisco-Talos/clamav/pull/533" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/533">https://github.com/Cisco-Talos/clamav/pull/533</a></span></span></span></li><li class="code-line" data-line="121" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;"><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/535" href="https://github.com/Cisco-Talos/clamav/pull/535" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/535">https://github.com/Cisco-Talos/clamav/pull/535</a></span></span></span></li></ul></li></ul></li><li class="code-line" data-line="123" dir="auto" style="position: relative;"><p class="code-line" data-line="123" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">oss-fuzz 40601: leak detected in pdf_parseobj</span></span></p><ul class="code-line" data-line="124" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="124" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/553" href="https://github.com/Cisco-Talos/clamav/pull/553" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/553">https://github.com/Cisco-Talos/clamav/pull/553</a></span></span></span></li></ul></li></ul></li><li class="code-line" data-line="126" dir="auto" style="position: relative;"><p class="code-line" data-line="126" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Fixed a build failure when using LIBCLAMAV_ONLY mode with tests enabled.</span></span></p><ul class="code-line" data-line="127" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="127" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/714" href="https://github.com/Cisco-Talos/clamav/pull/714" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/714">https://github.com/Cisco-Talos/clamav/pull/714</a></span></span></span></li></ul></li><li class="code-line" data-line="129" dir="auto" style="position: relative;"><p class="code-line" data-line="129" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Fixed an issue verifying EXE/DLL authenticode signatures to determine a given file can be trusted (skipped).</span></span></p><ul class="code-line" data-line="131" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="131" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/727" href="https://github.com/Cisco-Talos/clamav/pull/727" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/727">https://github.com/Cisco-Talos/clamav/pull/727</a></span></span></span></li></ul></li><li class="code-line" data-line="133" dir="auto" style="position: relative;"><p class="code-line" data-line="133" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Fixed a caching bug relating to the Container and Intermediates logical signature condition.</span></span></p><ul class="code-line" data-line="135" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="135" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/724" href="https://github.com/Cisco-Talos/clamav/pull/724" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/724">https://github.com/Cisco-Talos/clamav/pull/724</a></span></span></span></li></ul></li><li class="code-line" data-line="137" dir="auto" style="position: relative;"><p class="code-line" data-line="137" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Fixed a build issues when build with RAR disabled or when building with an external libmspack library rather than the vendored library.</span></span></p><ul class="code-line" data-line="139" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="139" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/672" href="https://github.com/Cisco-Talos/clamav/pull/672" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/672">https://github.com/Cisco-Talos/clamav/pull/672</a></span></span></span></li></ul></li><li class="code-line" data-line="141" dir="auto" style="position: relative;"><p class="code-line" data-line="141" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Fixed the capitalization of the<span> </span><code style="line-height: 1.357em;">-W</code><span> </span>option for<span> </span><code style="line-height: 1.357em;">clamonacc</code><span> </span>in the<span> </span><code style="line-height: 1.357em;">clamonacc</code><span> </span>manpage. Patch courtesy of GitHub user monkz.</span></span></p><ul class="code-line" data-line="143" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="143" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull requests:</span></span><ul class="code-line" data-line="144" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="144" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;"><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/709" href="https://github.com/Cisco-Talos/clamav/pull/709" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/709">https://github.com/Cisco-Talos/clamav/pull/709</a></span></span></span></li><li class="code-line" data-line="145" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;"><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/710" href="https://github.com/Cisco-Talos/clamav/pull/710" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/710">https://github.com/Cisco-Talos/clamav/pull/710</a></span></span></span></li></ul></li></ul></li><li class="code-line" data-line="147" dir="auto" style="position: relative;"><p class="code-line" data-line="147" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">macOS: Fixed an issue with memory-map (<code style="line-height: 1.357em;">mmap</code>) system call detection affecting versions 0.105 and 0.104. Memory maps may be used in ClamAV to improve signature load performance, scan performance, and RAM usage.</span></span></p><ul class="code-line" data-line="150" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="150" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/705" href="https://github.com/Cisco-Talos/clamav/pull/705" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/705">https://github.com/Cisco-Talos/clamav/pull/705</a></span></span></span></li></ul></li><li class="code-line" data-line="152" dir="auto" style="position: relative;"><p class="code-line" data-line="152" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Fixed a performance issue with Rust code when the build type is not explicitly set to "Release" or "RelWithDebInfo". The Rust default build type is now "RelWithDebInfo" just like the C code, instead of Debug. This means it is now optimized by default.</span></span></p><ul class="code-line" data-line="156" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="156" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/701" href="https://github.com/Cisco-Talos/clamav/pull/701" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/701">https://github.com/Cisco-Talos/clamav/pull/701</a></span></span></span></li></ul></li><li class="code-line" data-line="158" dir="auto" style="position: relative;"><p class="code-line" data-line="158" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Fixed an issue loading Yara rules containing regex strings with an escaped forward-slash (<code style="line-height: 1.357em;">\/</code>) followed by a colon (<code style="line-height: 1.357em;">:</code>).</span></span></p><ul class="code-line" data-line="160" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="160" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/696" href="https://github.com/Cisco-Talos/clamav/pull/696" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/696">https://github.com/Cisco-Talos/clamav/pull/696</a></span></span></span></li></ul></li><li class="code-line" data-line="162" dir="auto" style="position: relative;"><p class="code-line" data-line="162" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Fixed an issue detecting and scanning ZIP file entries appended to very small files. The fix is part of the all-match feature overhaul.</span></span></p></li><li class="code-line" data-line="165" dir="auto" style="position: relative;"><p class="code-line" data-line="165" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Fixed a detection issue with EXE/DLL import-address-table hash signatures that specify a wildcard (<code style="line-height: 1.357em;">*</code>) for the size field. The fix is part of the all-match feature overhaul.</span></span></p></li><li class="code-line" data-line="169" dir="auto" style="position: relative;"><p class="code-line" data-line="169" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Fix the default bytecode timeout value listed in the manpages and in the sample config files. Patches courtesy of Liam Jarvis and Ben Bodenmiller.</span></span></p><ul class="code-line" data-line="171" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="171" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull requests:</span></span><ul class="code-line" data-line="172" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="172" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;"><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/631" href="https://github.com/Cisco-Talos/clamav/pull/631" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/631">https://github.com/Cisco-Talos/clamav/pull/631</a></span></span></span></li><li class="code-line" data-line="173" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;"><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/661" href="https://github.com/Cisco-Talos/clamav/pull/661" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/661">https://github.com/Cisco-Talos/clamav/pull/661</a></span></span></span></li></ul></li></ul></li><li class="code-line" data-line="175" dir="auto" style="position: relative;"><p class="code-line" data-line="175" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Fix issue building the libclamav_rust test program when running<span> </span><code style="line-height: 1.357em;">ctest</code><span> </span>if building with<span> </span><code style="line-height: 1.357em;">BYTECODE_RUNTIME=llvm</code><span> </span>and when the<span> </span><code style="line-height: 1.357em;">FindLLVM.cmake</code><span> </span>module is used to find the LLVM libraries. Patch courtesy of GitHub user teoberi.</span></span></p><ul class="code-line" data-line="178" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="178" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">GitHub pull request:<span> </span><span style="color: black;"><a data-href="https://github.com/Cisco-Talos/clamav/pull/572" href="https://github.com/Cisco-Talos/clamav/pull/572" style="text-decoration: none;" title="https://github.com/Cisco-Talos/clamav/pull/572">https://github.com/Cisco-Talos/clamav/pull/572</a></span></span></span></li></ul></li></ul><h3 class="code-line" data-line="180" dir="auto" id="acknowledgments" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: large;"><span style="font-family: inherit;">Acknowledgments</span></span></h3><p class="code-line" data-line="182" dir="auto" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-size: small;"><span style="font-family: inherit;">Special thanks to the following people for code contributions and bug reports:</span></span></p><ul class="code-line" data-line="183" dir="auto" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="183" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Ben Bodenmiller</span></span></li><li class="code-line" data-line="184" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Дилян Палаузов</span></span></li><li class="code-line" data-line="185" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Liam Jarvis</span></span></li><li class="code-line" data-line="186" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">Matt Jolly</span></span></li><li class="code-line" data-line="187" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">monkz</span></span></li><li class="code-line" data-line="188" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">teoberi</span></span></li><li class="code-line" data-line="189" dir="auto" style="position: relative;"><span style="font-size: small;"><span style="font-family: inherit;">TerminalFi</span></span></li></ul>Micah Snyderhttp://www.blogger.com/profile/07798916006145826441noreply@blogger.comtag:blogger.com,1999:blog-2366689974368239573.post-66263004874687804542022-07-26T15:45:00.005-04:002022-07-28T17:31:49.225-04:00ClamAV 0.103.7, 0.104.4 and 0.105.1 patch versions published<p>Today, we are releasing the following critical patch versions:<br /></p><ul style="text-align: left;"><li>0.103.7</li><li>0.104.4</li><li>0.105.1</li></ul><p>As a friendly reminder, 0.104.4 will be the last patch version for the 0.104 feature release per the <a href="https://docs.clamav.net/faq/faq-eol.html#version-support-matrix" rel="nofollow" target="_blank">ClamAV End-of-Life Policy</a>. The 0.103 Long Term Support release will continue to receive patch versions until September 2023.</p><p>The release files are<span style="font-size: small;"><span style="font-family: inherit;"> <span>available for <a href="https://www.clamav.net/downloads" rel="nofollow" target="_blank">download on ClamAV.net</a> or through <a href="https://hub.docker.com/r/clamav/clamav/" rel="nofollow" target="_blank">Docker Hub</a>.<span></span></span></span></span></p><a name='more'></a><p></p><h2 dir="auto">0.103.7</h2>
<p dir="auto">ClamAV 0.103.7 is a critical patch release with the following fixes:</p>
<ul dir="auto"><li>
<p dir="auto">Upgrade the vendored UnRAR library to version 6.1.7.</p>
</li><li>
<p dir="auto">Fix logical signature "Intermediates" feature.</p>
</li><li>
<p dir="auto">Relax constraints on slightly malformed zip archives that contain overlapping
file entries.</p>
</li></ul><p></p><h2 dir="auto">0.104.4</h2>
<p dir="auto">ClamAV 0.104.4 is a critical patch release with the following fixes:</p>
<ul dir="auto"><li>
<p dir="auto">Upgrade the vendored UnRAR library to version 6.1.7.</p>
</li><li>
<p dir="auto">Fix logical signature "Intermediates" feature.</p>
</li><li>
<p dir="auto">Relax constraints on slightly malformed zip archives that contain overlapping
file entries.</p>
</li></ul><p></p><h2 dir="auto">0.105.1</h2>
<p dir="auto">ClamAV 0.105.1 is a critical patch release with the following fixes:</p>
<ul dir="auto"><li>
<p dir="auto">Upgrade the vendored UnRAR library to version 6.1.7.</p>
</li><li>
<p dir="auto">Fix issue building macOS universal binaries in some configurations.</p>
</li><li>
<p dir="auto">Silence error message when the logical signature maximum functionality level
is lower than the current functionality level.</p>
</li><li>
<p dir="auto">Fix scan error when scanning files containing malformed images that cannot be
loaded to calculate an image fuzzy hash.</p>
</li><li>
<p dir="auto">Fix logical signature "Intermediates" feature.</p>
</li><li>
<p dir="auto">Relax constraints on slightly malformed ZIP archives that contain overlapping
file entries.</p></li></ul>Micah Snyderhttp://www.blogger.com/profile/07798916006145826441noreply@blogger.comtag:blogger.com,1999:blog-2366689974368239573.post-69911939855951438752022-07-01T09:55:00.001-04:002022-07-01T09:55:00.201-04:00ClamAV bytecode compiler release <div class="WACEditing EditMode EditingSurfaceBody FireFox WACViewPanel_DisableLegacyKeyCodeAndCharCode usehover" contenteditable="false" id="WACViewPanel_ClipboardElement" spellcheck="false" style="overflow: hidden; text-align: left; visibility: visible;" tabindex="0"><div class="SCXW12273192 BCX2"><div class="OutlineElement Ltr SCXW12273192 BCX2"><p class="Paragraph SCXW12273192 BCX2" lang="EN-US" style="background-color: transparent; color: windowtext; font-style: normal; font-weight: normal; margin-left: 0px; margin-right: 0px; padding-left: 0px; padding-right: 0px; text-align: left; text-indent: 0px; vertical-align: baseline;"><span style="font-family: inherit;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun SCXW12273192 BCX2">ClamAV</span><span class="NormalTextRun SCXW12273192 BCX2"> is releasing a</span><span class="NormalTextRun SCXW12273192 BCX2">n update today that completely overhauls the </span><span class="NormalTextRun SCXW12273192 BCX2">ClamAV</span><span class="NormalTextRun SCXW12273192 BCX2"> Bytecode Compiler (</span><span class="NormalTextRun SCXW12273192 BCX2">ClamBC</span><span class="NormalTextRun SCXW12273192 BCX2">-Compiler).</span></span><span class="TextRun EmptyTextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"></span><span class="EOP SCXW12273192 BCX2" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" style="font-size: 11pt; line-height: 19.425px;"> </span></span></p></div><div class="OutlineElement Ltr SCXW12273192 BCX2"><p class="Paragraph SCXW12273192 BCX2" lang="EN-US" style="background-color: transparent; color: windowtext; font-style: normal; font-weight: normal; margin-left: 0px; margin-right: 0px; padding-left: 0px; padding-right: 0px; text-align: left; text-indent: 0px; vertical-align: baseline;"><span style="font-family: inherit;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun SCXW12273192 BCX2">A b</span><span class="NormalTextRun SCXW12273192 BCX2">ytecode signature is a form of cross-platform </span><span class="NormalTextRun SCXW12273192 BCX2">ClamAV</span><span class="NormalTextRun SCXW12273192 BCX2"> plugin. They are distributed and loaded alongside the other </span><span class="NormalTextRun SCXW12273192 BCX2">ClamAV</span><span class="NormalTextRun SCXW12273192 BCX2"> databases. </span><span class="NormalTextRun SCXW12273192 BCX2">These signatures</span><span class="NormalTextRun SCXW12273192 BCX2"> are executed as supplemental parsers for specific files, or </span><span class="NormalTextRun SCXW12273192 BCX2">are triggered by traditional </span><span class="NormalTextRun SCXW12273192 BCX2">ClamAV</span><span class="NormalTextRun SCXW12273192 BCX2"> signature matches to </span><span class="NormalTextRun SCXW12273192 BCX2">provide</span><span class="NormalTextRun SCXW12273192 BCX2"> advanced analysis before </span><span class="NormalTextRun SCXW12273192 BCX2">providing</span><span class="NormalTextRun SCXW12273192 BCX2"> a scan verdict. </span><span class="NormalTextRun SCXW12273192 BCX2">These serve as a</span><span class="NormalTextRun SCXW12273192 BCX2"> mechanism for writing advanced detection rules and executable unpackers without having to wait to integrate and publish the logic in a full </span><span class="NormalTextRun SCXW12273192 BCX2">ClamAV</span><span class="NormalTextRun SCXW12273192 BCX2"> feature release. And</span></span><span class="TrackChangeTextInsertion TrackedChange SCXW12273192 BCX2" style="color: #0078d4;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="color: #0078d4; font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun SCXW12273192 BCX2">,</span></span></span><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun SCXW12273192 BCX2"> more importantly</span></span><span class="TrackChangeTextInsertion TrackedChange SCXW12273192 BCX2" style="color: #0078d4;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="color: #0078d4; font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun SCXW12273192 BCX2">,</span></span></span><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun SCXW12273192 BCX2"> that means such features can be rapidly upgraded or disabled should a problem arise, without the need to publish a </span><span class="NormalTextRun SCXW12273192 BCX2">ClamAV</span><span class="NormalTextRun SCXW12273192 BCX2"> critical patch version. They provide </span><span class="NormalTextRun SCXW12273192 BCX2">an </span><span class="NormalTextRun SCXW12273192 BCX2">option</span><span class="NormalTextRun SCXW12273192 BCX2"> for the Cisco Talos Malware Research Team to deliver malware detection capabilities that would not otherwise be possible with </span><span class="NormalTextRun SCXW12273192 BCX2">ClamAV's</span><span class="NormalTextRun SCXW12273192 BCX2"> content-match</span><span class="NormalTextRun SCXW12273192 BCX2">,</span><span class="NormalTextRun SCXW12273192 BCX2"> </span><span class="NormalTextRun SCXW12273192 BCX2">hash,</span><span class="NormalTextRun SCXW12273192 BCX2"> and file metadata-based signatures.</span></span><span class="EOP SCXW12273192 BCX2" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" style="font-size: 11pt; line-height: 19.425px;"> </span></span></p></div><div class="OutlineElement Ltr SCXW12273192 BCX2"><p class="Paragraph SCXW12273192 BCX2" lang="EN-US" style="background-color: transparent; color: windowtext; font-style: normal; font-weight: normal; margin-left: 0px; margin-right: 0px; padding-left: 0px; padding-right: 0px; text-align: left; text-indent: 0px; vertical-align: baseline;"><span style="font-family: inherit;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun SCXW12273192 BCX2">This release, version</span><span class="NormalTextRun SCXW12273192 BCX2"> 0.105.0</span></span><span class="TrackChangeTextInsertion TrackedChange SCXW12273192 BCX2" style="color: #0078d4;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="color: #0078d4; font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun SCXW12273192 BCX2">,</span></span></span><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun SCXW12273192 BCX2"> </span><span class="NormalTextRun SCXW12273192 BCX2">mirrors that of the latest </span><span class="NormalTextRun SCXW12273192 BCX2">ClamAV</span><span class="NormalTextRun SCXW12273192 BCX2"> release.</span><span class="NormalTextRun SCXW12273192 BCX2"> </span><span class="NormalTextRun SCXW12273192 BCX2">ClamBC</span><span class="NormalTextRun SCXW12273192 BCX2">-Compiler 0.105.0 carries the source code headers from </span><span class="NormalTextRun SCXW12273192 BCX2">ClamAV</span><span class="NormalTextRun SCXW12273192 BCX2"> 0.105.0 necessary to build bytecode signatures with all the latest features and fixes found in in </span><span class="NormalTextRun SCXW12273192 BCX2">ClamAV</span><span class="NormalTextRun SCXW12273192 BCX2"> 0.105.0 and prior. </span></span><span class="EOP SCXW12273192 BCX2" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" style="font-size: 11pt; line-height: 19.425px;"> </span></span></p></div><div class="OutlineElement Ltr SCXW12273192 BCX2"><p class="Paragraph SCXW12273192 BCX2" lang="EN-US" style="background-color: transparent; color: windowtext; font-style: normal; font-weight: normal; margin-left: 0px; margin-right: 0px; padding-left: 0px; padding-right: 0px; text-align: left; text-indent: 0px; vertical-align: baseline;"><span style="font-family: inherit;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun SCXW12273192 BCX2">But the real milestone here is a celebration of a major </span><span class="NormalTextRun SCXW12273192 BCX2">ClamBC</span><span class="NormalTextRun SCXW12273192 BCX2">-Compiler architecture change. In prior versions</span></span><span class="TrackChangeTextInsertion TrackedChange SCXW12273192 BCX2" style="color: #0078d4;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="color: #0078d4; font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun SCXW12273192 BCX2">,</span></span></span><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun SCXW12273192 BCX2"> the compiler project vendored a sizeable </span><span class="NormalTextRun SCXW12273192 BCX2">portion</span><span class="NormalTextRun SCXW12273192 BCX2"> of the LLVM project source code, </span><span class="NormalTextRun SCXW12273192 BCX2">modified</span><span class="NormalTextRun SCXW12273192 BCX2"> so it </span><span class="NormalTextRun SCXW12273192 BCX2">can</span><span class="NormalTextRun SCXW12273192 BCX2"> build </span><span class="NormalTextRun SCXW12273192 BCX2">ClamAV</span><span class="NormalTextRun SCXW12273192 BCX2"> bytecode signatures from C (-</span><span class="NormalTextRun SpellingErrorV2Themed SCXW12273192 BCX2">ish</span><span class="NormalTextRun SCXW12273192 BCX2">) source. As the LLVM project rapidly evolved, this design made it </span><span class="NormalTextRun SCXW12273192 BCX2">more difficult</span><span class="NormalTextRun SCXW12273192 BCX2"> to upgrade the </span><span class="NormalTextRun SCXW12273192 BCX2">ClamBC</span><span class="NormalTextRun SCXW12273192 BCX2">-Compiler project. </span><span class="NormalTextRun SCXW12273192 BCX2">Now, </span><span class="NormalTextRun SCXW12273192 BCX2">ClamBC</span><span class="NormalTextRun SCXW12273192 BCX2">-Compiler </span><span class="NormalTextRun SCXW12273192 BCX2">sports a new command-line interface and leverages OS distribution-</span><span class="NormalTextRun SCXW12273192 BCX2">provided</span><span class="NormalTextRun SCXW12273192 BCX2"> LLVM libraries and the Clang compiler alongside our custom compiler modules</span><span class="NormalTextRun SCXW12273192 BCX2">.</span></span><span class="EOP SCXW12273192 BCX2" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" style="font-size: 11pt; line-height: 19.425px;"> </span></span></p></div><div class="OutlineElement Ltr SCXW12273192 BCX2"><p class="Paragraph SCXW12273192 BCX2" lang="EN-US" style="background-color: transparent; color: windowtext; font-style: normal; font-weight: normal; margin-left: 0px; margin-right: 0px; padding-left: 0px; padding-right: 0px; text-align: left; text-indent: 0px; vertical-align: baseline;"><span style="font-family: inherit;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun SCXW12273192 BCX2">This upgrade also includes several </span><span class="NormalTextRun SCXW12273192 BCX2">improvements to</span><span class="NormalTextRun SCXW12273192 BCX2"> </span><span class="NormalTextRun SCXW12273192 BCX2">ClamBC</span><span class="NormalTextRun SCXW12273192 BCX2">-Compiler code quality, quality assurance tests</span></span><span class="TrackChangeTextDeletion TrackedChange SCXW12273192 BCX2" style="color: #0078d4;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="color: #0078d4; font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun SCXW12273192 BCX2">,</span></span></span><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun SCXW12273192 BCX2"> and test infrastructure. </span><span class="NormalTextRun SCXW12273192 BCX2">We</span><span class="NormalTextRun SCXW12273192 BCX2"> also fixed a handful of existing compiler bugs</span><span class="NormalTextRun SCXW12273192 BCX2">. </span></span><span class="EOP SCXW12273192 BCX2" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" style="font-size: 11pt; line-height: 19.425px;"> </span></span></p></div><div class="OutlineElement Ltr SCXW12273192 BCX2"><p class="Paragraph SCXW12273192 BCX2" lang="EN-US" style="background-color: transparent; color: windowtext; font-style: normal; font-weight: normal; margin-left: 0px; margin-right: 0px; padding-left: 0px; padding-right: 0px; text-align: left; text-indent: 0px; vertical-align: baseline;"><span style="font-family: inherit;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun SCXW12273192 BCX2">ClamBC</span><span class="NormalTextRun SCXW12273192 BCX2">-Compiler is available as source code on </span></span><a class="Hyperlink SCXW12273192 BCX2" href="https://github.com/Cisco-Talos/clamav-bytecode-compiler" rel="noreferrer noopener" style="color: inherit; text-decoration: none;" target="_blank"><span class="TextRun Underlined SCXW12273192 BCX2" data-contrast="none" lang="EN-US" style="color: #0563c1; font-size: 11pt; line-height: 19.425px; text-decoration: underline;"><span class="NormalTextRun SCXW12273192 BCX2" data-ccp-charstyle="Hyperlink">GitHub.com/Cisco-Talos/</span><span class="NormalTextRun SCXW12273192 BCX2" data-ccp-charstyle="Hyperlink">clamav</span><span class="NormalTextRun SCXW12273192 BCX2" data-ccp-charstyle="Hyperlink">-bytecode-compiler</span></span></a><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun SCXW12273192 BCX2"> and as a ready-to-go container </span></span><a class="Hyperlink SCXW12273192 BCX2" href="https://hub.docker.com/r/clamav/clambc-compiler/tags" rel="noreferrer noopener" style="color: inherit; text-decoration: none;" target="_blank"><span class="TextRun Underlined SCXW12273192 BCX2" data-contrast="none" lang="EN-US" style="color: #0563c1; font-size: 11pt; line-height: 19.425px; text-decoration: underline;"><span class="NormalTextRun SCXW12273192 BCX2" data-ccp-charstyle="Hyperlink">on Docker Hub under </span><span class="NormalTextRun SCXW12273192 BCX2" data-ccp-charstyle="Hyperlink">clamav</span><span class="NormalTextRun SCXW12273192 BCX2" data-ccp-charstyle="Hyperlink">/</span><span class="NormalTextRun SCXW12273192 BCX2" data-ccp-charstyle="Hyperlink">clambc</span><span class="NormalTextRun SCXW12273192 BCX2" data-ccp-charstyle="Hyperlink">-compiler</span></span></a><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun SCXW12273192 BCX2">. </span><span class="NormalTextRun SCXW12273192 BCX2">We look forward to </span><span class="NormalTextRun SCXW12273192 BCX2">leveraging</span><span class="NormalTextRun SCXW12273192 BCX2"> this new release to deliver new and improved malware detection content.</span></span><span class="EOP TrackedChange SCXW12273192 BCX2" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" style="font-size: 11pt; line-height: 19.425px;"> </span></span></p></div><div class="OutlineElement Ltr SCXW12273192 BCX2"><p class="Paragraph SCXW12273192 BCX2" lang="EN-US" style="background-color: transparent; color: windowtext; font-style: normal; font-weight: normal; margin-left: 0px; margin-right: 0px; padding-left: 0px; padding-right: 0px; text-align: left; text-indent: 0px; vertical-align: baseline;"><span style="font-family: inherit;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun SCXW12273192 BCX2"></span></span><span class="EOP SCXW12273192 BCX2" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" style="font-size: 11pt; line-height: 19.425px;"> </span></span></p></div><div class="OutlineElement Ltr SCXW12273192 BCX2"><h3 style="text-align: left;"><span style="font-family: inherit;"><span class="TextRun SCXW12273192 BCX2" data-contrast="none" lang="EN-US" style="color: #2f5496; font-size: 11pt; line-height: 18.3458px;"><span class="NormalTextRun SCXW12273192 BCX2" data-ccp-parastyle="heading 2">ClamBC</span><span class="NormalTextRun SCXW12273192 BCX2" data-ccp-parastyle="heading 2">-Compiler 0.105.0 Release Notes</span></span><span class="LineBreakBlob BlobObject DragDrop SCXW12273192 BCX2" style="color: #2f5496; font-size: 11pt; line-height: 18.3458px;"><span class="SCXW12273192 BCX2"> </span></span></span></h3><h3><span style="font-family: inherit;"><span class="LineBreakBlob BlobObject DragDrop SCXW12273192 BCX2" style="color: #2f5496; font-size: 11pt; line-height: 18.3458px;"></span></span></h3><p class="Paragraph SCXW12273192 BCX2" lang="EN-US" style="background-color: transparent; color: windowtext; font-style: normal; font-weight: normal; margin-left: 0px; margin-right: 0px; padding-left: 0px; padding-right: 0px; text-align: left; text-indent: 0px; vertical-align: baseline;"><span style="font-family: inherit;"><span class="TextRun EmptyTextRun SCXW12273192 BCX2" data-contrast="none" lang="EN-US" style="color: #2f5496; font-size: 11pt; line-height: 18.3458px;"></span><span class="EOP SCXW12273192 BCX2" data-ccp-props="{"201341983":0,"335559738":40,"335559739":0,"335559740":259}" style="color: #2f5496; font-size: 11pt; line-height: 18.3458px;"> </span><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun CommentStart CommentHighlightPipeRest CommentHighlightRest SCXW12273192 BCX2">➕ Complete overhaul of the bytecode compiler project.</span></span><span class="EOP CommentHighlightRest SCXW12273192 BCX2" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" style="font-size: 11pt; line-height: 19.425px;"> </span></span></p></div><div class="ListContainerWrapper SCXW12273192 BCX2"><ul style="text-align: left;"><li><span style="font-family: inherit;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2">The </span><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2">clamav</span><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2"> compiler passes now build against a </span><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2">system-installed</span><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2"> LLVM library. This builds a single shared library (i.e., libclambcc.so).</span></span><span class="EOP CommentHighlightRest SCXW12273192 BCX2" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" style="font-size: 11pt; line-height: 19.425px;"> </span></span><span style="font-family: inherit;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2"> </span></span></span></li><li><span style="font-family: inherit;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2">The compiler application is now a Python script that uses Clang with the bytecode compiler library to run the compiler passes.</span></span><span class="EOP CommentHighlightRest SCXW12273192 BCX2" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" style="font-size: 11pt; line-height: 19.425px;"> </span></span><span style="font-family: inherit;"><span class="EOP CommentHighlightRest SCXW12273192 BCX2" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" style="font-size: 11pt; line-height: 19.425px;"></span></span></li></ul></div><div class="OutlineElement Ltr SCXW12273192 BCX2"><p class="Paragraph SCXW12273192 BCX2" lang="EN-US" style="background-color: transparent; color: windowtext; font-style: normal; font-weight: normal; margin-left: 0px; margin-right: 0px; padding-left: 0px; padding-right: 0px; text-align: left; text-indent: 0px; vertical-align: baseline;"><span style="font-family: inherit;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2">🐛 Fixed bug causing signatures with malloc to </span><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2">fail to</span><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2"> run when using system installed LLVM.</span></span><span class="EOP CommentHighlightRest SCXW12273192 BCX2" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" style="font-size: 11pt; line-height: 19.425px;"> </span></span></p></div><div class="OutlineElement Ltr SCXW12273192 BCX2"><p class="Paragraph SCXW12273192 BCX2" lang="EN-US" style="background-color: transparent; color: windowtext; font-style: normal; font-weight: normal; margin-left: 0px; margin-right: 0px; padding-left: 0px; padding-right: 0px; text-align: left; text-indent: 0px; vertical-align: baseline;"><span style="font-family: inherit;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2">🐛 Fixed the peinfo.c example bytecode source.</span></span><span class="EOP CommentHighlightRest SCXW12273192 BCX2" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" style="font-size: 11pt; line-height: 19.425px;"> </span></span></p></div><div class="OutlineElement Ltr SCXW12273192 BCX2"><p class="Paragraph SCXW12273192 BCX2" lang="EN-US" style="background-color: transparent; color: windowtext; font-style: normal; font-weight: normal; margin-left: 0px; margin-right: 0px; padding-left: 0px; padding-right: 0px; text-align: left; text-indent: 0px; vertical-align: baseline;"><span style="font-family: inherit;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2">❌ Removed vendored/modified LLVM/Clang 2.7-ish source.</span></span><span class="EOP CommentHighlightRest SCXW12273192 BCX2" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" style="font-size: 11pt; line-height: 19.425px;"> </span></span></p></div><div class="OutlineElement Ltr SCXW12273192 BCX2"><p class="Paragraph SCXW12273192 BCX2" lang="EN-US" style="background-color: transparent; color: windowtext; font-style: normal; font-weight: normal; margin-left: 0px; margin-right: 0px; padding-left: 0px; padding-right: 0px; text-align: left; text-indent: 0px; vertical-align: baseline;"><span style="font-family: inherit;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2">🌌 Upgraded build system from </span><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2">Autotools</span><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2"> to </span><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2">CMake</span><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2">.</span></span><span class="EOP CommentHighlightRest SCXW12273192 BCX2" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" style="font-size: 11pt; line-height: 19.425px;"> </span></span></p></div><div class="OutlineElement Ltr SCXW12273192 BCX2"><p class="Paragraph SCXW12273192 BCX2" lang="EN-US" style="background-color: transparent; color: windowtext; font-style: normal; font-weight: normal; padding-left: 0px; padding-right: 0px; text-align: left; text-indent: 0px; vertical-align: baseline;"><span style="font-family: inherit;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2">🌌 New Requirements:</span></span><span class="EOP CommentHighlightRest SCXW12273192 BCX2" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" style="font-size: 11pt; line-height: 19.425px;"> </span><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2"> </span></span></span></p><ul style="text-align: left;"><li><span style="font-family: inherit;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2">LLVM 8</span></span><span class="EOP CommentHighlightRest SCXW12273192 BCX2" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" style="font-size: 11pt; line-height: 19.425px;"> </span></span><span style="font-family: inherit;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2"> </span></span></span></li><li><span style="font-family: inherit;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2">Clang 8</span></span><span class="EOP CommentHighlightRest SCXW12273192 BCX2" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" style="font-size: 11pt; line-height: 19.425px;"> </span></span><span style="font-family: inherit;"><span class="EOP CommentHighlightRest SCXW12273192 BCX2" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" style="font-size: 11pt; line-height: 19.425px;"></span></span><span style="font-family: inherit;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2"> </span></span></span></li><li><span style="font-family: inherit;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2">Python 3.6+</span></span><span class="EOP CommentHighlightRest SCXW12273192 BCX2" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" style="font-size: 11pt; line-height: 19.425px;"> </span></span><span style="font-family: inherit;"></span><span style="font-family: inherit;"></span></li></ul></div><div class="OutlineElement Ltr SCXW12273192 BCX2"><p class="Paragraph SCXW12273192 BCX2" lang="EN-US" style="background-color: transparent; color: windowtext; font-style: normal; font-weight: normal; margin-left: 0px; margin-right: 0px; padding-left: 0px; padding-right: 0px; text-align: left; text-indent: 0px; vertical-align: baseline;"><span style="font-family: inherit;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2">➕ Support for compiling bytecode signatures from multiple source file.</span></span><span class="EOP CommentHighlightRest SCXW12273192 BCX2" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" style="font-size: 11pt; line-height: 19.425px;"> </span></span></p></div><div class="OutlineElement Ltr SCXW12273192 BCX2"><p class="Paragraph SCXW12273192 BCX2" lang="EN-US" style="background-color: transparent; color: windowtext; font-style: normal; font-weight: normal; margin-left: 0px; margin-right: 0px; padding-left: 0px; padding-right: 0px; text-align: left; text-indent: 0px; vertical-align: baseline;"><span style="font-family: inherit;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun CommentHighlightRest SCXW12273192 BCX2">🐛 Many assorted bug fixes.</span></span><span class="EOP CommentHighlightPipeRest SCXW12273192 BCX2" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" style="font-size: 11pt; line-height: 19.425px;"> </span></span></p></div><div class="OutlineElement Ltr SCXW12273192 BCX2"><p class="Paragraph SCXW12273192 BCX2" lang="EN-US" style="background-color: transparent; color: windowtext; font-style: normal; font-weight: normal; margin-left: 0px; margin-right: 0px; padding-left: 0px; padding-right: 0px; text-align: left; text-indent: 0px; vertical-align: baseline;"><span style="font-family: inherit;"><span class="TextRun SCXW12273192 BCX2" data-contrast="auto" lang="EN-US" style="font-size: 11pt; line-height: 19.425px;"><span class="NormalTextRun SCXW12273192 BCX2"></span></span><span class="EOP SCXW12273192 BCX2" data-ccp-props="{"201341983":0,"335559739":160,"335559740":259}" style="font-size: 11pt; line-height: 19.425px;"> <br /></span></span></p></div></div></div>Micah Snyderhttp://www.blogger.com/profile/07798916006145826441noreply@blogger.comtag:blogger.com,1999:blog-2366689974368239573.post-72008351928552781272022-05-09T09:15:00.003-04:002022-05-09T09:15:34.808-04:00Celebrating 20 years of ClamAV <div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMLpI50P59msVm6S9_9YCBwjvDex5b-YgQsyycw5iv3EeQc46ndhroZCwyyKTJZv8L8s-fzga0jHI9KH2_c6l5ZIC75cOpK6rLFxBH0vrDwviPfPfPbEzhTNVjGEDNphoH36CYm0ifM_68SVsXeCyV1xw80lRRcTO4AP2Cg0L8GqQCoLTNLop_mx19/s2000/Artboard%201%20copy-100.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="602" data-original-width="2000" height="193" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMLpI50P59msVm6S9_9YCBwjvDex5b-YgQsyycw5iv3EeQc46ndhroZCwyyKTJZv8L8s-fzga0jHI9KH2_c6l5ZIC75cOpK6rLFxBH0vrDwviPfPfPbEzhTNVjGEDNphoH36CYm0ifM_68SVsXeCyV1xw80lRRcTO4AP2Cg0L8GqQCoLTNLop_mx19/w640-h193/Artboard%201%20copy-100.jpg" width="640" /></a></div><br /><p><br /></p><p>ClamAV has come a long way from being the reason a small Polish college was the target of a distributed denial-of-service attack. Today, 20 years after our first release, we’re proud that ClamAV is instead known for preventing these types of attacks on thousands of devices around the world. </p><p>After many releases, updates, bugs and late nights from our developers, ClamAV is proud to celebrate its 20th anniversary this week. We’re celebrating by inching closer to the long-anticipated 1.0 release and continuing to test our release candidate for 0.105.0. </p><p>Tomasz Kojm, the original creator of ClamAV, released the first 0.10 version of the open-source anti-virus engine on May 8, 2002, with the goal of making the internet safer at large and helping users filter out spam from their email inboxes. At the time, he was hosting the virus databases on his college and previous high school’s servers in Poland. Unfortunately, this led to a DoS condition on these pages because it was so popular, which Kojm told us via email he wishes he could have avoided. But if nothing else, this at least was an important lesson for Kojm and his co-creators to build off. <span></span></p><a name='more'></a><p></p><p>“It only took a few weeks for me to become ‘that guy who kills the internet,’” he joked. </p><p>Kojm had planned on calling it TurtleAV, but eventually went with ClamAV so the name better suited the software’s functions. </p><p>“[It] not only sounded better performance-wise but also on the efficacy side, as clams are very efficient filter feeds and can effectively clean and even immediately detect any contamination,” he said. </p><p>Kojm set out to create a solution that was easy for the public to pick up and use on first release, hence why 0.10.0 was the first public release. The public release came with a patch for Amavis — at the time, it was the most popular content filter for virus scanners — and the virus database update tool we still use today, <a href="https://docs.clamav.net/manual/Usage/SignatureManagement.html" target="_blank">FreshClam</a>. </p><p>ClamAV was an immediate hit. Kojm said he received many software patches and more than 50 emails just a few hours after the launch announcement. </p><p>Over the years, ClamAV has gone through many forms, eventually coming under the Sourcefire umbrella and then becoming part of Cisco Talos as part of the Sourcefire acquisition. We have come a long way from version 0.10, adding a bevy of features along the way and adding signatures to protect users from everyday spam to state-sponsored actors’ ransomware campaigns. ClamAV has become a commonplace software for filtering email traffic for malicious or otherwise undesirable emails, a popular alternative to paid anti-virus solutions for a wide range of network storage (NAS) devices, and a critical component for file analysis and classification in a variety of software products. If you’re new to ClamAV, we suggest starting with the <a href="https://docs.clamav.net/" target="_blank">ClamAV documentation page</a> to learn about using ClamAV. </p><p>Micah Snyder, the current ClamAV project lead and open-source community manager, said in his four-plus years of working on ClamAV, he’s most proud of the small, incremental changes he and his team have added to improve the user experience and make it easier for the community to contribute to the project, to provide feedback, and to report bugs and vulnerabilities. Recently, we <a href="https://blog.clamav.net/2021/12/clamav-bugzilla-new-ticket-creation.html" target="_blank">made the switch from Bugzilla to GitHub Issues</a> for reporting issues and vulnerabilities, allowing us to switch to using a template for reporting bugs that has already been shown to improve the quality of bug reports. </p><p>And over the past year, we’ve switched over to a new documentation system to make it easier for anyone to pick up and use ClamAV and <a href="https://blog.clamav.net/2021/06/join-clamav-on-discord.html" target="_blank">launched a Discord server</a> to open a new platform to communicate with the community. </p><p>We’re always looking to add new tools and features, too, and by the time we get to our 25th anniversary, ClamAV is sure to be in a completely new place. Snyder is particularly excited about recent and upcoming improvements to security-related ClamAV design features such as ClamAV’s adoption of the Rust programming language for new software development, and some early prototypes the team is working with to enable application sandboxing for the scanning process. Rust allows us to be a bit more flexible with our builds and increases customizability and makes our builds more stable. </p><p>We would like to thank all the community members and contributors who have helped us build ClamAV over the past 20 years. This software would not be where it is today without you. </p><p>As always, if you’d like to engage with the ClamAV team, you can join our <a href="https://discord.com/invite/6vNAqWnVgw" target="_blank">Discord</a> or <a href="https://docs.clamav.net/faq/faq-ml.html" target="_blank">mailing lists</a>, <a href="https://twitter.com/clamav" target="_blank">tweet at us</a> or use one of <a href="https://www.clamav.net/contact" target="_blank">these several contact methods</a> to submit a signature, report a false positive or bug, or just celebrate our anniversary along with us. </p>Jon Munshawhttp://www.blogger.com/profile/13414456218583234191noreply@blogger.comtag:blogger.com,1999:blog-2366689974368239573.post-73750396539974499032022-05-04T08:38:00.006-04:002022-05-04T19:50:05.434-04:00ClamAV 0.105.0, 0.104.3, 0.103.6 released<p style="text-align: left;"><span style="font-size: small;">The ClamAV 0.105.0 feature release is now stable and available for <a href="https://www.clamav.net/downloads" rel="nofollow" target="_blank">download on ClamAV.net</a> or through <a href="https://hub.docker.com/r/clamav/clamav/" rel="nofollow" target="_blank">Docker Hub</a>. <br /></span></p><p style="text-align: left;"><span style="font-size: small;">Today, we're also publishing the 0.104.3 and 0.103.6 security patch versions, including several CVE fixes. These fixes have also been included in the 0.105 feature release. The source package and installer packages for these versions can be found under the "Previous Stable Releases" section of our <a href="https://www.clamav.net/downloads" rel="nofollow" target="_blank">Downloads</a> page. <br /></span></p><p style="text-align: left;"><span style="font-size: small;">As a reminder, the 0.105 and 0.104 release files now include the following install packages:</span></p><ul style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="7" style="position: relative;"><p><span style="font-family: inherit; font-size: small;">x86_64 and i686 RPM packages are compatible with RPM-based Linux distributions running glibc version 2.17 or newer.</span></p></li><li class="code-line" data-line="8" style="position: relative;"><p><span style="font-family: inherit; font-size: small;">x86_64 and i686 DEB packages are compatible with Debian-based Linux distributions running glibc version 2.23 or newer.</span></p></li><li class="code-line" data-line="9" style="position: relative;"><p><span style="font-family: inherit; font-size: small;">An x86_64/ARM64 macOS installer package is compatible with Intel and Apple M1 systems.</span></p></li><li class="code-line" data-line="10" style="position: relative;"><p><span style="font-family: inherit; font-size: small;">x64 and win32 Windows packages are compatible with Windows 7 and newer. </span></p></li></ul><p style="text-align: left;"><span style="font-size: small;">Keep reading to find out what is in each version.</span> </p><p style="text-align: left;"><span style="font-size: small;"><span></span></span></p><a name='more'></a><p></p><h3 data-sourcepos="6:1-6:10" style="text-align: left;">0.105.0</h3>
<p data-sourcepos="8:1-8:63" dir="auto">ClamAV 0.105.0 includes the following improvements and changes.</p>
<h2 data-sourcepos="10:1-10:20" style="text-align: left;">
New Requirements</h2>
<ul data-sourcepos="12:1-33:0" dir="auto"><li data-sourcepos="12:1-33:0">
<p data-sourcepos="12:3-12:80">Starting with ClamAV v0.105, the Rust toolchain is required to compile ClamAV.</p>
<p data-sourcepos="14:3-19:76">You can install the Rust toolchain for your development environment by
following the instructions on the <a href="https://rustup.rs/" rel="nofollow noreferrer noopener" target="_blank"><code>rustup</code></a> website.
Some binary package distributions do provide relatively up-to-date packages of
the Rust toolchain, but many do not. Using <code>rustup</code> ensures that you have the
most up-to-date Rust compiler at the time of installation. Keep your toolchain
updated for new features and bug/security fixes by periodically executing:</p>
<div class="gl-relative markdown-code-block js-markdown-code">
<pre class="code highlight js-syntax-highlight language-shell solarized-dark" data-sourcepos="20:3-22:5" id="code-2" lang="shell"><code><span class="line" id="LC1" lang="shell">rustup update</span></code></pre>
</div></li></ul><ul data-sourcepos="12:1-33:0" dir="auto"><li data-sourcepos="12:1-33:0"><p data-sourcepos="24:3-25:57">Building ClamAV requires, at a minimum, Rust compiler version 1.56, as it
relies on features introduced in the Rust 2021 Edition.</p>
<p data-sourcepos="27:3-32:12">ClamAV's third-party Rust library dependencies are vendored into the release
tarball (<code>clamav-<version>.tar.gz</code>) file that we publish on
<a href="https://www.clamav.net/downloads" rel="nofollow noreferrer noopener" target="_blank">clamav.net/downloads</a>.
But, if you build from a Git clone or from an unofficial tarball taken from
GitHub.com, you will need the internet to download the Rust libraries during
the build.</p>
</li></ul>
<h2 data-sourcepos="34:1-34:17" style="text-align: left;">
Major changes</h2>
<ul data-sourcepos="36:1-94:0" dir="auto"><li data-sourcepos="36:1-45:0">
<p data-sourcepos="36:3-36:59">Increased the default limits for file and scan size:</p>
<ul data-sourcepos="37:3-45:0"><li data-sourcepos="37:3-37:36">MaxScanSize: 100M to 400M</li><li data-sourcepos="38:3-38:36">MaxFileSize: 25M to 100M</li><li data-sourcepos="39:3-39:36">StreamMaxLength: 25M to 100M</li><li data-sourcepos="40:3-40:36">PCREMaxFileSize: 25M to 100M</li><li data-sourcepos="41:3-41:35">MaxEmbeddedPE: 10M to 40M</li><li data-sourcepos="42:3-42:35">MaxHTMLNormalize: 10M to 40M</li><li data-sourcepos="43:3-43:35">MaxScriptNormalize: 5M to 20M</li><li data-sourcepos="44:3-45:0">MaxHTMLNoTags: 2M to 8M</li></ul>
</li><li data-sourcepos="46:1-80:0">
<p data-sourcepos="46:3-46:62">Added image fuzzy hash subsignatures for logical signatures.</p>
<p data-sourcepos="48:3-49:76">Image fuzzy hash subsignatures are a new feature for detecting images known to
be used in phishing campaigns or otherwise used when distributing malware.</p>
<p data-sourcepos="51:3-51:52">Image fuzzy hash subsignatures follow this format:</p>
<div class="gl-relative markdown-code-block js-markdown-code">
<pre class="code highlight js-syntax-highlight language-plaintext solarized-dark" data-sourcepos="52:3-54:5" id="code-3" lang="plaintext"><code><span class="line" id="LC1" lang="plaintext">fuzzy_img#<hash></span></code></pre>For example:<code><span class="line" id="LC1" lang="plaintext"> </span></code></div><div class="gl-relative markdown-code-block js-markdown-code"><code><span class="line" id="LC1" lang="plaintext"> </span></code></div><div class="gl-relative markdown-code-block js-markdown-code"><code><span class="line" id="LC1" lang="plaintext">logo.png;Engine:150-255,Target:0;0;fuzzy_img#af2ad01ed42993c7</span></code><code><span class="line" id="LC2" lang="plaintext"> </span></code></div><div class="gl-relative markdown-code-block js-markdown-code"><code><span class="line" id="LC2" lang="plaintext">logo.png-2;Engine:150-255,Target:0;0&1;49484452;fuzzy_img#af2ad01ed42993c7</span></code> </div><div class="gl-relative markdown-code-block js-markdown-code"> </div><div class="gl-relative markdown-code-block js-markdown-code">This initial implementation does not support matching with a hamming distance, but it may be added in the future.</div><div class="gl-relative markdown-code-block js-markdown-code"> </div><div class="gl-relative markdown-code-block js-markdown-code">ClamAV's image fuzzy hash is very close to, but not identical to, the
fuzzy hash generated by the Python <code>imagehash</code> package's <code>phash()</code> function.
These are only clean-room approximations of the pHash™️ algorithm.
ClamAV's image fuzzy hashes are not expected to match the fuzzy hashes
generated using other tools. </div><div class="gl-relative markdown-code-block js-markdown-code"> </div><div class="gl-relative markdown-code-block js-markdown-code">To generate the image fuzzy hash, run this command:<code><span class="line" id="LC1" lang="plaintext"> </span></code></div><div class="gl-relative markdown-code-block js-markdown-code"><code><span class="line" id="LC1" lang="plaintext"> </span></code></div><div class="gl-relative markdown-code-block js-markdown-code"><code><span class="line" id="LC1" lang="plaintext">sigtool --fuzzy-img FILE(S)</span></code> </div><div class="gl-relative markdown-code-block js-markdown-code"> </div><div class="gl-relative markdown-code-block js-markdown-code">Or, you may generate it through <code>clamscan</code> like:<code><span class="line" id="LC1" lang="plaintext"> </span></code></div><div class="gl-relative markdown-code-block js-markdown-code"><code><span class="line" id="LC1" lang="plaintext"> </span></code></div><div class="gl-relative markdown-code-block js-markdown-code"><code><span class="line" id="LC1" lang="plaintext">clamscan --gen-json --debug /path/to/file</span></code> </div><div class="gl-relative markdown-code-block js-markdown-code"> </div><div class="gl-relative markdown-code-block js-markdown-code">The hash will appear in the JSON above the "SCAN SUMMARY" under the object
named "ImageFuzzyHash".</div></li></ul><ul data-sourcepos="36:1-94:0" dir="auto"><li data-sourcepos="81:1-94:0">
<p data-sourcepos="81:3-81:38">ClamScan and ClamDScan (Windows only):</p>
<ul data-sourcepos="82:3-94:0"><li data-sourcepos="82:3-94:0">
<p data-sourcepos="82:5-82:68">Added a process memory scanning feature from ClamWin's ClamScan.</p>
<p data-sourcepos="84:5-84:69">This adds three new options to ClamScan and ClamDScan on Windows:</p>
<ul data-sourcepos="85:5-88:0"><li data-sourcepos="85:5-85:16"><code>--memory</code></li><li data-sourcepos="86:5-86:14"><code>--kill</code></li><li data-sourcepos="87:5-88:0"><code>--unload</code></li></ul>
<p data-sourcepos="89:5-89:22">Special thanks to:</p>
<ul data-sourcepos="90:5-94:0"><li data-sourcepos="90:5-91:52">Gianluigi Tiesi for allowing us to integrate the Windows process memory
scanning feature from ClamWin into ClamAV.</li><li data-sourcepos="92:5-94:0">Grace Kang for integrating the ClamScan feature, and for extending it to
work with ClamDScan in addition.</li></ul>
</li></ul>
</li></ul>
<h2 data-sourcepos="95:1-95:19" style="text-align: left;">
Notable changes</h2>
<ul data-sourcepos="97:1-133:0" dir="auto"><li data-sourcepos="97:1-110:0">
<p data-sourcepos="97:3-102:74">Updated the LLVM bytecode runtime support so that it can use LLVM versions
8 through 12 and removed support for earlier LLVM versions.
Using LLVM JIT for the bytecode runtime may improve scan performance over the
built-in bytecode interpreter runtime, which is the default.
If you wish to build using LLVM, you must obtain a complete build of
the LLVM libraries including the development headers and static libraries.</p>
<p data-sourcepos="104:3-106:78">There are some known issues in compiling and running the test suite with
some LLVM installations. We are working to further stabilize LLVM bytecode
runtime support, and document specific edge cases. Your feedback is welcome.</p>
<p data-sourcepos="108:3-109:65">For details about building ClamAV with the LLVM bytecode runtime, see the
<a href="https://github.com/Cisco-Talos/clamav/blob/main/INSTALL.md">install reference documentation</a>.</p>
</li><li data-sourcepos="111:1-118:0">
<p data-sourcepos="111:3-117:40">Added a <code>GenerateMetadataJson</code> option to ClamD.
The functionality is equivalent to the <code>clamscan --gen-json</code> option.
Scan metadata is useful for file analysis and for debugging scan behavior.
If <code>Debug</code> is enabled, ClamD will print out the JSON after each scan.
If <code>LeaveTemporaryFiles</code> is enabled, ClamD will drop a <code>metadata.json</code> file
in the scan-temp directory. You can customize the scan-temp directory path
using the <code>TemporaryDirectory</code> option.</p>
</li><li data-sourcepos="119:1-123:0">
<p data-sourcepos="119:3-122:16">The <code>libclamunrar.so</code> library's SO version now matches that of <code>libclamav.so</code>.
The upstream UnRAR library does not have an SO version that we should match.
This change is to prevent a possible collision when multiple ClamAV versions
are installed.</p>
</li><li data-sourcepos="124:1-133:0">
<p data-sourcepos="124:3-124:75">CMake: Added support for using an external TomsFastMath library (libtfm).</p>
<p data-sourcepos="126:3-128:24">To use an external TomsFastMath library, configure the build with the new
option <code>-D ENABLE_EXTERNAL_TOMSFASTMATH=ON</code>. The following CMake variables may
also be set as needed:</p>
<ul data-sourcepos="129:3-131:0"><li data-sourcepos="129:3-129:76">
<code>-D TomsFastMath_INCLUDE_DIR=<path></code> - The directory containing <code>tfm.h</code>.</li><li data-sourcepos="130:3-131:0">
<code>-D TomsFastMath_LIBRARY=<path></code> - The path to the TomsFastMath library.</li></ul>
<p data-sourcepos="132:3-132:64">Also updated the vendored TomsFastMath code to version 0.13.1.</p>
</li></ul>
<h2 data-sourcepos="134:1-134:22" style="text-align: left;">
Other improvements</h2>
<ul data-sourcepos="136:1-161:0" dir="auto"><li data-sourcepos="136:1-142:0">
<p data-sourcepos="136:3-136:12">Freshclam:</p>
<ul data-sourcepos="137:3-142:0"><li data-sourcepos="137:3-142:0">Improve <code>ReceiveTimeout</code> behavior so that will abort a download attempt if
the download is not making significant progress. Previously this limit was
an absolute time limit for the download and could abort prematurely for
those on a slower connection.
Special thanks to Simon Arlott for this improvement.</li></ul>
</li><li data-sourcepos="143:1-148:0">
<p data-sourcepos="143:3-147:28">Rewrote the ClamAV database archive incremental-update feature (CDIFF) from
scratch in Rust. The new implementation was our first module to be rewritten
in Rust. It is significantly faster at applying updates that remove large
numbers of signatures from a database, such as when migrating signatures from
<code>daily.cvd</code> to <code>main.cvd</code>.</p>
</li><li data-sourcepos="149:1-153:0">
<p data-sourcepos="149:3-149:20">Freshclam & ClamD:</p>
<ul data-sourcepos="150:3-153:0"><li data-sourcepos="150:3-153:0">Increased the maximum line-length for <code>freshclam.conf</code> and <code>clamd.conf</code> from
512-characters to 1024-characters. This change was by request to accommodate
very long <code>DatabaseMirror</code> options when using access tokens in the URI.</li></ul>
</li><li data-sourcepos="154:1-158:0">
<p data-sourcepos="154:3-157:48">Removed the Heuristics.PNG.CVE-2010-1205 detection. This alert had been placed
behind the <code>--alert-broken-media</code> (<code>SCAN_HEURISTIC_BROKEN_MEDIA</code>) option in
0.103.3 and 0.104 because of excessive alerts on slightly malformed but non-
malicious files. Now it is completely removed.</p>
</li><li data-sourcepos="159:1-161:0">
<p data-sourcepos="159:3-160:42">Added support for building ClamDTop using ncursesw if ncurses can not be
found. Patch courtesy of Carlos Velasco.</p>
</li></ul>
<h2 data-sourcepos="162:1-162:13" style="text-align: left;">
Bug fixes</h2>
<p data-sourcepos="164:1-164:73" dir="auto">The CVE's fixes below are also addressed in versions 0.104.3 and 0.103.6.</p>
<ul data-sourcepos="166:1-239:0" dir="auto"><li data-sourcepos="166:1-170:0">
<p data-sourcepos="166:3-169:31"><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20803" rel="nofollow" target="_blank">CVE-2022-20803</a>: Fixed a possible double-free vulnerability
in the OLE2 file parser.
Issue affects versions 0.104.0 through 0.104.2.
Issue identified by OSS-Fuzz.</p>
</li><li data-sourcepos="171:1-176:0">
<p data-sourcepos="171:3-175:55"><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20770" rel="nofollow" target="_blank">CVE-2022-20770</a>: Fixed a possible infinite loop vulnerability
in the CHM file parser.
Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
prior versions.
Thank you to Michał Dardas for reporting this issue.</p>
</li><li data-sourcepos="177:1-181:0">
<p data-sourcepos="177:3-180:80"><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20796" rel="nofollow" target="_blank">CVE-2022-20796</a>: Fixed a possible NULL-pointer dereference
crash in the scan verdict cache check.
Issue affects versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2.
Thank you to Alexander Patrakov and Antoine Gatineau for reporting this issue.</p>
</li><li data-sourcepos="182:1-190:0">
<p data-sourcepos="182:3-189:55"><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20771" rel="nofollow" target="_blank">CVE-2022-20771</a>: Fixed a possible infinite loop vulnerability
in the TIFF file parser.
Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
prior versions.
The issue only occurs if the "--alert-broken-media" ClamScan option is
enabled. For ClamD, the affected option is "AlertBrokenMedia yes", and for
libclamav it is the "CL_SCAN_HEURISTIC_BROKEN_MEDIA" scan option.
Thank you to Michał Dardas for reporting this issue.</p>
</li><li data-sourcepos="191:1-196:0">
<p data-sourcepos="191:3-195:55"><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20785" rel="nofollow" target="_blank">CVE-2022-20785</a>: Fixed a possible memory leak in the
HTML file parser / Javascript normalizer.
Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
prior versions.
Thank you to Michał Dardas for reporting this issue.</p>
</li><li data-sourcepos="197:1-203:0">
<p data-sourcepos="197:3-202:55"><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20792" rel="nofollow" target="_blank">CVE-2022-20792</a>: Fixed a possible multi-byte heap buffer
overflow write vulnerability in the signature database load module.
The fix was to update the vendored regex library to the latest version.
Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
prior versions.
Thank you to Michał Dardas for reporting this issue.</p>
</li><li data-sourcepos="204:1-206:0">
<p data-sourcepos="204:3-205:56">ClamOnAcc: Fixed a number of assorted stability issues and added niceties for
debugging ClamOnAcc. Patches courtesy of Frank Fegert.</p>
</li><li data-sourcepos="207:1-209:0">
<p data-sourcepos="207:3-208:78">Fixed an issue causing byte-compare subsignatures to cause an alert when they
match even if other conditions of the given logical signatures were not met.</p>
</li><li data-sourcepos="210:1-213:0">
<p data-sourcepos="210:3-212:10">Fixed an issue causing XLM macro false positives when scanning XLS documents
containing images if the <code>--alert-macros</code> (<code>AlertOLE2Macros</code>) option was
enabled.</p>
</li><li data-sourcepos="214:1-215:0">
<p data-sourcepos="214:3-214:77">Fixed an issue causing signature alerts for images in XLS files to be lost.</p>
</li><li data-sourcepos="216:1-217:0">
<p data-sourcepos="216:3-216:77">Fixed an issue preventing multiple matches when scanning in all-match mode.</p>
</li><li data-sourcepos="218:1-229:0">
<p data-sourcepos="218:3-218:9">Docker:</p>
<ul data-sourcepos="219:3-229:0"><li data-sourcepos="219:3-219:79">Fixed an issue exposing the health check port. Patch courtesy of Sammy Chu.</li><li data-sourcepos="220:3-221:48">Fixed an issue with health check failure false positives during container
startup. Patch courtesy of Olliver Schinagl.</li><li data-sourcepos="222:3-224:39">Set the default time zone to <code>Etc/UTC</code>. The <code>--env</code> parameter can be used to
customize the time zone by setting <code>TZ</code> environment variable.
Patch courtesy of Olliver Schinagl.</li><li data-sourcepos="225:3-229:0">Fixed an issue where ClamD would listen only for IPv4 connections in
environments where IPv6 is preferred. ClamD will now listen to all
addresses available (IPv4 and IPv6). This is the default behavior of ClamD.
Patch courtesy of Andre Breiler.</li></ul>
</li><li data-sourcepos="230:1-231:0">
<p data-sourcepos="230:3-230:79">Enable support for ncursesw, the wide-character / unicode version of ncurses.</p>
</li><li data-sourcepos="232:1-235:0">
<p data-sourcepos="232:3-234:56">Added support for detecting the curses library dependency even when the
associated pkg-config file is not present. This resolves a build issue on some
BSD distributions. Patch courtesy of Stuart Henderson.</p>
</li><li data-sourcepos="236:1-237:0">
<p data-sourcepos="236:3-236:77">Windows: Fix utf8 filepath issues affecting both scanning and log messages.</p>
</li><li data-sourcepos="238:1-239:0">
<p data-sourcepos="238:3-238:38">Assorted bug fixes and improvements.</p>
</li></ul>
<h2 data-sourcepos="240:1-240:20" style="text-align: left;">
Acknowledgments</h2>
<p data-sourcepos="242:1-242:78" dir="auto">Special thanks to the following people for code contributions and bug reports:</p>
<ul data-sourcepos="243:1-268:0" dir="auto"><li data-sourcepos="243:1-243:13">Ahmon Dancy</li><li data-sourcepos="244:1-244:20">Alexander Patrakov</li><li data-sourcepos="245:1-245:20">Alexander Sulfrian</li><li data-sourcepos="246:1-246:15">Andre Breiler</li><li data-sourcepos="247:1-247:18">Antoine Gatineau</li><li data-sourcepos="248:1-248:16">Carlos Velasco</li><li data-sourcepos="249:1-249:13">Bernd Kuhls</li><li data-sourcepos="250:1-250:18">David Korczynski</li><li data-sourcepos="251:1-251:18">Fabrice Fontaine</li><li data-sourcepos="252:1-252:14">Frank Fegert</li><li data-sourcepos="253:1-253:17">Gianluigi Tiesi</li><li data-sourcepos="254:1-254:17">Giovanni Bechis</li><li data-sourcepos="255:1-255:12">Grace Kang</li><li data-sourcepos="256:1-256:14">John Humlick</li><li data-sourcepos="257:1-257:14">Jordan Ernst</li><li data-sourcepos="258:1-258:13">JunWei Song</li><li data-sourcepos="259:1-259:16">Michał Dardas</li><li data-sourcepos="260:1-260:7">mko-x</li><li data-sourcepos="261:1-261:18">Olliver Schinagl</li><li data-sourcepos="262:1-262:18">Răzvan Cojocaru</li><li data-sourcepos="263:1-263:11">Sammy Chu</li><li data-sourcepos="264:1-264:17">Sergey Valentey</li><li data-sourcepos="265:1-265:14">Simon Arlott</li><li data-sourcepos="266:1-266:18">Stuart Henderson</li><li data-sourcepos="267:1-268:0">Yann E. Morin</li></ul><p style="text-align: left;"><span style="font-size: small;"><span></span></span></p><!--more--><p></p><h3 data-sourcepos="6:1-6:10" style="text-align: left;">0.104.3</h3>
<p data-sourcepos="8:1-8:68" dir="auto">ClamAV 0.104.3 is a critical patch release with the following fixes:</p>
<ul data-sourcepos="10:1-75:0" dir="auto"><li data-sourcepos="10:1-14:0">
<p data-sourcepos="10:3-13:31"><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20803" rel="nofollow" target="_blank">CVE-2022-20803</a>: Fixed a possible double-free vulnerability
in the OLE2 file parser.
Issue affects versions 0.104.0 through 0.104.2.
Issue identified by OSS-Fuzz.</p>
</li><li data-sourcepos="15:1-20:0">
<p data-sourcepos="15:3-19:55"><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20770" rel="nofollow" target="_blank">CVE-2022-20770</a>: Fixed a possible infinite loop vulnerability
in the CHM file parser.
Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
prior versions.
Thank you to Michał Dardas for reporting this issue.</p>
</li><li data-sourcepos="21:1-25:0">
<p data-sourcepos="21:3-24:80"><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20796" rel="nofollow" target="_blank">CVE-2022-20796</a>: Fixed a possible NULL-pointer dereference
crash in the scan verdict cache check.
Issue affects versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2.
Thank you to Alexander Patrakov and Antoine Gatineau for reporting this issue.</p>
</li><li data-sourcepos="26:1-34:0">
<p data-sourcepos="26:3-33:55"><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20771" rel="nofollow" target="_blank">CVE-2022-20771</a>: Fixed a possible infinite loop vulnerability
in the TIFF file parser.
Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
prior versions.
The issue only occurs if the "--alert-broken-media" ClamScan option is
enabled. For ClamD, the affected option is "AlertBrokenMedia yes", and for
libclamav it is the "CL_SCAN_HEURISTIC_BROKEN_MEDIA" scan option.
Thank you to Michał Dardas for reporting this issue.</p>
</li><li data-sourcepos="35:1-40:0">
<p data-sourcepos="35:3-39:55"><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20785" rel="nofollow" target="_blank">CVE-2022-20785</a>: Fixed a possible memory leak in the
HTML file parser / Javascript normalizer.
Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
prior versions.
Thank you to Michał Dardas for reporting this issue.</p>
</li><li data-sourcepos="41:1-47:0">
<p data-sourcepos="41:3-46:55"><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20792" rel="nofollow" target="_blank">CVE-2022-20792</a>: Fixed a possible multi-byte heap buffer
overflow write vulnerability in the signature database load module.
The fix was to update the vendored regex library to the latest version.
Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
prior versions.
Thank you to Michał Dardas for reporting this issue.</p>
</li><li data-sourcepos="48:1-50:0">
<p data-sourcepos="48:3-49:56">ClamOnAcc: Fixed a number of assorted stability issues and added niceties for
debugging ClamOnAcc. Patches courtesy of Frank Fegert.</p>
</li><li data-sourcepos="51:1-52:0">
<p data-sourcepos="51:3-51:79">Enable support for ncursesw, the wide-character/Unicode version of ncurses.</p>
</li><li data-sourcepos="53:1-56:0">
<p data-sourcepos="53:3-55:56">Added support for detecting the curses library dependency even when the
associated pkg-config file is not present. This resolves a build issue on some
BSD distributions. Patch courtesy of Stuart Henderson.</p>
</li><li data-sourcepos="57:1-64:0">
<p data-sourcepos="57:3-57:9">Docker:</p>
<ul data-sourcepos="58:3-64:0"><li data-sourcepos="58:3-58:79">Fixed an issue exposing the health check port. Patch courtesy of Sammy Chu.</li><li data-sourcepos="59:3-60:48">Fixed an issue with health check failure false positives during container
startup. Patch courtesy of Olliver Schinagl.</li><li data-sourcepos="61:3-64:0">Set the default time zone to <code>Etc/UTC</code>. The <code>--env</code> parameter can be used to
customize the time zone by setting <code>TZ</code> environment variable.
Patch courtesy of Olliver Schinagl.</li></ul>
</li><li data-sourcepos="65:1-68:0">
<p data-sourcepos="65:3-67:10">Fixed an issue causing XLM macro false positives when scanning XLS documents
containing images if the <code>--alert-macros</code> (<code>AlertOLE2Macros</code>) option was
enabled.</p>
</li><li data-sourcepos="69:1-70:0">
<p data-sourcepos="69:3-69:77">Fixed an issue causing signature alerts for images in XLS files to be lost.</p>
</li><li data-sourcepos="71:1-73:0">
<p data-sourcepos="71:3-72:78">Fixed an issue causing byte-compare subsignatures to cause an alert when they
match even if other conditions of the given logical signatures were not met.</p>
</li><li data-sourcepos="74:1-75:0">
<p data-sourcepos="74:3-74:38">Assorted bug fixes and improvements.</p>
</li></ul>
<p data-sourcepos="76:1-76:78" dir="auto">Special thanks to the following people for code contributions and bug reports:</p>
<ul data-sourcepos="77:1-84:0" dir="auto"><li data-sourcepos="77:1-77:20">Alexander Patrakov</li><li data-sourcepos="78:1-78:18">Antoine Gatineau</li><li data-sourcepos="79:1-79:14">Frank Fegert</li><li data-sourcepos="80:1-80:16">Michał Dardas</li><li data-sourcepos="81:1-81:18">Olliver Schinagl</li><li data-sourcepos="82:1-82:11">Sammy Chu</li><li data-sourcepos="83:1-84:0">Stuart Henderson</li></ul><p style="text-align: left;"><span style="font-size: small;"> <span></span></span></p><!--more--><p></p><p style="text-align: left;"><span style="font-size: small;"> </span></p><h3 data-sourcepos="6:1-6:10" style="text-align: left;">0.103.6</h3>
<p data-sourcepos="8:1-8:68" dir="auto">ClamAV 0.103.6 is a critical patch release with the following fixes:</p>
<ul data-sourcepos="10:1-54:0" dir="auto"><li data-sourcepos="10:1-15:0">
<p data-sourcepos="10:3-14:55"><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20770" rel="nofollow" target="_blank">CVE-2022-20770</a>: Fixed a possible infinite loop vulnerability
in the CHM file parser.
Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
prior versions.
Thank you to Michał Dardas for reporting this issue.</p>
</li><li data-sourcepos="16:1-20:0">
<p data-sourcepos="16:3-19:80"><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20796" rel="nofollow" target="_blank">CVE-2022-20796</a>: Fixed a possible NULL-pointer dereference
crash in the scan verdict cache check.
Issue affects versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2.
Thank you to Alexander Patrakov and Antoine Gatineau for reporting this issue.</p>
</li><li data-sourcepos="21:1-29:0">
<p data-sourcepos="21:3-28:55"><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20771" rel="nofollow" target="_blank">CVE-2022-20771</a>: Fixed a possible infinite loop vulnerability
in the TIFF file parser.
Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
prior versions.
The issue only occurs if the "--alert-broken-media" ClamScan option is
enabled. For ClamD, the affected option is "AlertBrokenMedia yes", and for
libclamav it is the "CL_SCAN_HEURISTIC_BROKEN_MEDIA" scan option.
Thank you to Michał Dardas for reporting this issue.</p>
</li><li data-sourcepos="30:1-35:0">
<p data-sourcepos="30:3-34:55"><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20785" rel="nofollow" target="_blank">CVE-2022-20785</a>: Fixed a possible memory leak in the
HTML file parser / Javascript normalizer.
Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
prior versions.
Thank you to Michał Dardas for reporting this issue.</p>
</li><li data-sourcepos="36:1-42:0">
<p data-sourcepos="36:3-41:55"><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20792" rel="nofollow" target="_blank">CVE-2022-20792</a>: Fixed a possible multi-byte heap buffer
overflow write vulnerability in the signature database load module.
The fix was to update the vendored regex library to the latest version.
Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
prior versions.
Thank you to Michał Dardas for reporting this issue.</p>
</li><li data-sourcepos="43:1-45:0">
<p data-sourcepos="43:3-44:56">ClamOnAcc: Fixed a number of assorted stability issues and added niceties for
debugging ClamOnAcc. Patches courtesy of Frank Fegert.</p>
</li><li data-sourcepos="46:1-48:0">
<p data-sourcepos="46:3-47:78">Fixed an issue causing byte-compare subsignatures to cause an alert when they
match even if other conditions of the given logical signatures were not met.</p>
</li><li data-sourcepos="49:1-52:0">
<p data-sourcepos="49:3-51:59">Fix memleak when using multiple byte-compare subsignatures.
This fix was backported from 0.104.0.
Thank you to Andrea De Pasquale for contributing the fix.</p>
</li><li data-sourcepos="53:1-54:0">
<p data-sourcepos="53:3-53:38">Assorted bug fixes and improvements.</p>
</li></ul>
<p data-sourcepos="55:1-55:78" dir="auto">Special thanks to the following people for code contributions and bug reports:</p>
<ul data-sourcepos="56:1-61:0" dir="auto"><li data-sourcepos="56:1-56:20">Alexander Patrakov</li><li data-sourcepos="57:1-57:20">Andrea De Pasquale</li><li data-sourcepos="58:1-58:18">Antoine Gatineau</li><li data-sourcepos="59:1-59:14">Frank Fegert</li><li data-sourcepos="60:1-61:0">Michał Dardas</li></ul><p style="text-align: left;"><span style="font-size: small;"> </span></p><p></p>Micah Snyderhttp://www.blogger.com/profile/07798916006145826441noreply@blogger.comtag:blogger.com,1999:blog-2366689974368239573.post-57703403714323393522022-04-05T10:56:00.002-04:002022-04-05T10:56:09.869-04:00Second release candidate for ClamAV 0.105.0<p>Today, we are publishing a<span style="font-family: inherit;"> <span style="color: black;"><a href="https://www.clamav.net/downloads" target="_blank">second release candidate for ClamAV 0.105.0</a>.</span></span></p><p><span style="font-family: inherit;">Please help us validate this release by providing feedback via the <span style="color: black;"><a href="https://lists.clamav.net/mailman/listinfo/clamav-users" target="_blank">ClamAV mailing list</a> or on <a href="https://discord.gg/sGaxA5Q" target="_blank">our Discord</a>.</span></span></p><p><span style="font-family: inherit;">This
release candidate phase is expected to last for another four
weeks before the 0.105.0 Stable version is published. Please take this
opportunity to verify that 0.105.0 can build and run in your
environment. <br /></span></p><p><span style="font-family: inherit;">Here's a rundown of what's changed since our <a href="https://blog.clamav.net/2022/03/clamav-01050-release-candidate-now.html" target="_blank">first release candidate</a> for 0.105.0:</span></p><ul style="text-align: left;"><li><span style="font-family: inherit;"><i>Fixed</i>: Yara rules containing regex strings will load once more. This worked in previous ClamAV releases but was accidentally broken during 0.105 development. <br /></span></li><li><span style="font-family: inherit;"><i>Fixed</i>: In the Docker image, ClamD will now listen for IPv4 and IPv6 connections. Previousl,y it was hard-coded to listen on only 0.0.0.0 which made connections fail on some systems that prefer IPv6.</span></li><li><span style="font-family: inherit;"><span style="font-family: inherit;"><i>Fixed</i>: </span>Assorted code quality issues.</span></li><li><span style="font-family: inherit;"><i>Added</i>: A SigTool <span style="font-family: courier;">--fuzzy-img</span> option to generate the image fuzzy hash. With this feature, analysts will not need to rely on ClamScan's debug output or the generated metadata JSON temp-file in order to generate hashes for new signatures.</span></li></ul><p><span style="font-family: inherit;"><span style="font-family: inherit;"><span></span></span><span style="font-family: inherit;"><a name="more"></a>Please submit bug reports to <span style="color: black;"><a href="https://github.com/Cisco-Talos/clamav/issues" target="_blank">the ClamAV project GitHub Issues</a>. </span></span></span></p><span style="font-family: inherit;"><a href="https://blog.clamav.net/2022/03/clamav-01050-release-candidate-now.html">Refer to the initial 0.105.0 release candidate announcement blog post</a> for the full list of improvements and changes in ClamAV 0.105.0. </span>Micah Snyderhttp://www.blogger.com/profile/07798916006145826441noreply@blogger.comtag:blogger.com,1999:blog-2366689974368239573.post-41571206296312523142022-03-14T15:57:00.005-04:002022-03-15T16:11:16.800-04:00ClamAV 0.105.0 release candidate now available<p><span style="font-family: inherit;">We are excited to announce the <span style="color: black;"><a href="https://www.clamav.net/downloads" target="_blank">ClamAV 0.105.0 release candidate</a>.</span></span></p><p><span style="font-family: inherit;">Please help us validate this release by providing feedback via the <span style="color: black;"><a href="https://lists.clamav.net/mailman/listinfo/clamav-users" target="_blank">ClamAV mailing list</a> or on <a href="https://discord.gg/sGaxA5Q" target="_blank">our Discord</a>.</span></span></p><p><span style="font-family: inherit;">This
release candidate phase is only expected to last about two to four
weeks before the 0.105.0 Stable version will be published. Take this
opportunity to verify that 0.105.0 can build and run in your
environment. <br /></span></p><p><span style="font-family: inherit;">There is one known issue:</span></p><ul style="text-align: left;"><li><span style="font-family: inherit;">Yara rules containing regex strings will fail to load. <a href="https://github.com/Cisco-Talos/clamav/pull/499" rel="nofollow" target="_blank">The fix for this issue</a> will be in the final release or next release candidate. <br /></span></li></ul><p><span style="font-family: inherit;"><span style="font-family: inherit;"><span></span></span><span style="font-family: inherit;"><a name="more"></a>Please submit bug reports to <span style="color: black;"><a href="https://github.com/Cisco-Talos/clamav/issues" target="_blank">the ClamAV project GitHub Issues</a>. </span></span></span></p><p class="code-line" data-line="7" dir="auto" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">ClamAV 0.105.0 includes the following improvements and changes. <br /></span></p><h3 class="code-line" data-line="9" dir="auto" id="new-requirements" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">New Requirements</span></h3><ul class="code-line" data-line="11" dir="auto" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="11" dir="auto" style="position: relative;"><p class="code-line" data-line="11" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Starting with ClamAV v0.105, the Rust toolchain is required to compile ClamAV.</span></p><p class="code-line" data-line="13" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">You can install the Rust toolchain for your development environment by following the instructions on the<span> </span><span style="color: black;"><a data-href="https://rustup.rs/" href="https://rustup.rs/" style="text-decoration: none;" title="https://rustup.rs/"><code style="font-size: 1em; line-height: 1.357em;">rustup</code></a><span> </span>website. Some binary package distributions provide up-to-date packages of the Rust toolchain, but many do not. Using<span> </span><code style="font-size: 1em; line-height: 1.357em;">rustup</code><span> </span>ensures that you have the most up-to-date Rust compiler at the time of installation. Keep your toolchain updated for new features and bug/security fixes by periodically executing:</span></span></p><p class="code-line" data-line="23" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="color: black;"><span style="font-family: courier;">rustup update</span></span> </span></p><p class="code-line" data-line="23" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Building ClamAV requires, at a minimum, Rust compiler version 1.56, as it relies on features introduced in the Rust 2021 Edition.</span></p><p class="code-line" data-line="26" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">ClamAV's third-party Rust library dependencies are vendored into the release tarball (<code style="font-size: 1em; line-height: 1.357em;">clamav-<version>.tar.gz</code>) file that we publish on<span> </span><span style="color: black;"><a data-href="https://www.clamav.net/downloads" href="https://www.clamav.net/downloads" style="text-decoration: none;" title="https://www.clamav.net/downloads">clamav.net/downloads</a>. But, if you build from a Git clone or an unofficial tarball taken from GitHub.com, you will need the internet to download the Rust libraries during the build.</span></span></p></li></ul><h3 class="code-line" data-line="33" dir="auto" id="major-changes" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">Major changes</span></h3><ul class="code-line" data-line="35" style="-webkit-text-stroke-width: 0px; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px;"><li class="code-line" data-line="35" style="position: relative;"><p class="code-line" data-line="35" style="font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">Increased the default limits for file-size and scan-size:</span></p><ul class="code-line" data-line="36" style="font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0px; margin-top: 0px; position: relative; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="36" style="position: relative;"><span style="font-family: inherit;">MaxScanSize: 100M -> 400M</span></li><li class="code-line" data-line="37" style="position: relative;"><span style="font-family: inherit;">MaxFileSize: 25M -> 100M</span></li><li class="code-line" data-line="38" style="position: relative;"><span style="font-family: inherit;">StreamMaxLength: 25M -> 100M</span></li><li class="code-line" data-line="39" style="position: relative;"><span style="font-family: inherit;">PCREMaxFileSize: 25M -> 100M</span></li><li class="code-line" data-line="40" style="position: relative;"><span style="font-family: inherit;">MaxEmbeddedPE: 10M -> 40M</span></li><li class="code-line" data-line="41" style="position: relative;"><span style="font-family: inherit;">MaxHTMLNormalize: 10M -> 40M</span></li><li class="code-line" data-line="42" style="position: relative;"><span style="font-family: inherit;">MaxScriptNormalize: 5M -> 20M</span></li><li class="code-line" data-line="43" style="position: relative;"><span style="font-family: inherit;">MaxHTMLNoTags: 2M -> 8M</span></li></ul></li></ul><span style="font-size: 14px;"><br /></span><ul class="code-line" data-line="35" style="-webkit-text-stroke-width: 0px; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px;"><li class="code-line" data-line="45" style="font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; position: relative; text-transform: none; white-space: normal; word-spacing: 0px;"><p class="code-line" data-line="45" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Added image fuzzy hash sub-signatures for logical signatures.</span></p><p class="code-line" data-line="47" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Image fuzzy hash sub-signatures are a new feature for detecting images known to be used in phishing campaigns or otherwise used when distributing malware.</span></p><p class="code-line" data-line="50" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Image fuzzy hash sub-signatures follow this format:</span></p><p class="code-line" data-line="50" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: courier;"><span>fuzzy_img#<hash> <br /></span></span></p><p class="code-line" data-line="54" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">For example:</span></p><p class="code-line" data-line="54" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-family: courier;">logo.png;Engine:150-255,Target:0;0;fuzzy_img#af2ad01ed42993c7<br />logo.png-2;Engine:150-255,Target:0;0&1;49484452;fuzzy_img#af2ad01ed42993c7 <br /></span></span></p><p class="code-line" data-line="60" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">This initial implementation does not support matching with a hamming distance. Support for matching with a hamming distance may be added in a future release.</span></p><p class="code-line" data-line="63" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">ClamAV's image fuzzy hash is very close to, but not 100% identical to, the fuzzy hash generated by the Python<span> </span><code style="font-size: 1em; line-height: 1.357em;">imagehash</code><span> </span>package's<span> </span><code style="font-size: 1em; line-height: 1.357em;">phash()</code><span> </span>function. Note that these are only clean-room approximations of the pHash™️ algorithm. ClamAV's image fuzzy hashes are not expected to match the fuzzy hashes generated using other tools. Some images may match, while others do not.</span></p><p class="code-line" data-line="69" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">To generate the image fuzzy hash you can run this command:</span></p><p class="code-line" data-line="69" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;"><span style="font-family: courier;">clamscan --gen-json --debug /path/to/file <br /></span></span></p><p class="code-line" data-line="73" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">The hash will appear in the JSON above the "SCAN SUMMARY" under the object named "ImageFuzzyHash".</span></p></li><li class="code-line" data-line="76" style="font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; position: relative; text-transform: none; white-space: normal; word-spacing: 0px;"><p class="code-line" data-line="76" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">ClamScan & ClamDScan (Windows only):</span></p><ul class="code-line" data-line="77" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="77" style="position: relative;"><p class="code-line" data-line="77" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Added a process memory scanning feature from ClamWin's ClamScan.</span></p><p class="code-line" data-line="79" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">This adds three new options to ClamScan and ClamDScan on Windows:</span></p><ul class="code-line" data-line="80" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="80" style="position: relative;"><span style="font-family: inherit;"><code style="font-size: 1em; line-height: 1.357em;">--memory</code></span></li><li class="code-line" data-line="81" style="position: relative;"><span style="font-family: inherit;"><code style="font-size: 1em; line-height: 1.357em;">--kill</code></span></li><li class="code-line" data-line="82" style="position: relative;"><span style="font-family: inherit;"><code style="font-size: 1em; line-height: 1.357em;">--unload</code></span></li></ul><p class="code-line" data-line="84" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Special thanks to:</span></p><ul class="code-line" data-line="85" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="85" style="position: relative;"><span style="font-family: inherit;">Gianluigi Tiesi for allowing us to integrate the Windows process memory scanning feature from ClamWin into the ClamAV.</span></li><li class="code-line" data-line="87" style="position: relative;"><span style="font-family: inherit;">Grace Kang for integrating the ClamScan feature, and for extending it to work with ClamDScan in addition.</span></li></ul></li></ul></li></ul><h3 class="code-line" data-line="90" dir="auto" id="notable-changes" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">Notable changes</span></h3><ul class="code-line" data-line="92" dir="auto" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="92" dir="auto" style="position: relative;"><p class="code-line" data-line="92" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Updated the LLVM bytecode runtime support so that it can use LLVM versions 8 through 12 and removed support for earlier LLVM versions. Using LLVM JIT for the bytecode runtime may improve scan performance over the built-in bytecode interpreter runtime, which is the default. If you wish to build using LLVM, you must obtain a complete build of the LLVM libraries including the development headers and static libraries.</span></p><p class="code-line" data-line="99" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">There are some known issues both compiling and running the test suite with some LLVM installations. We are working to further stabilize LLVM bytecode runtime support, and document specific edge cases. Your feedback is welcome.</span></p><p class="code-line" data-line="103" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">For details about building ClamAV with the LLVM bytecode runtime, see the<span> </span><span style="color: black;"><a data-href="INSTALL.md#bytecode-runtime" href="https://github.com/Cisco-Talos/clamav/blob/main/INSTALL.md#bytecode-runtime" style="text-decoration: none;" title="INSTALL.md#bytecode-runtime">install reference documentation</a>.</span></span></p></li><li class="code-line" data-line="106" dir="auto" style="position: relative;"><p class="code-line" data-line="106" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Added a<span> </span><code style="font-size: 1em; line-height: 1.357em;">GenerateMetadataJson</code><span> </span>option to ClamD. The functionality is equivalent to the<span> </span><code style="font-size: 1em; line-height: 1.357em;">clamscan --gen-json</code><span> </span>option. Scan metadata is useful for file analysis and for debugging scan behavior. If<span> </span><code style="font-size: 1em; line-height: 1.357em;">Debug</code><span> </span>is enabled, ClamD will print out the JSON after each scan. If<span> </span><code style="font-size: 1em; line-height: 1.357em;">LeaveTemporaryFiles</code><span> </span>is enabled, ClamD will drop a<span> </span><code style="font-size: 1em; line-height: 1.357em;">metadata.json</code><span> </span>file in the scan-temp directory. You can customize the scan-temp directory path using the<span> </span><code style="font-size: 1em; line-height: 1.357em;">TemporaryDirectory</code><span> </span>option.</span></p></li><li class="code-line" data-line="114" dir="auto" style="position: relative;"><p class="code-line" data-line="114" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">The<span> </span><code style="font-size: 1em; line-height: 1.357em;">libclamunrar.so</code><span> </span>library's SO versions now matches that of<span> </span><code style="font-size: 1em; line-height: 1.357em;">libclamav.so</code>. The upstream UnRAR library does not have an SO version that we should match. This change is to prevent a possible collision when multiple ClamAV versions are installed.</span></p></li><li class="code-line" data-line="119" dir="auto" style="position: relative;"><p class="code-line" data-line="119" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">CMake: Added support for using an external TomsFastMath library (libtfm).</span></p><p class="code-line" data-line="121" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">To use an external TomsFastMath library, configure the build with the new option<span> </span><code style="font-size: 1em; line-height: 1.357em;">-D ENABLE_EXTERNAL_TOMSFASTMATH=ON</code>. The following CMake variables may also be set as needed:</span></p><ul class="code-line" data-line="124" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="124" dir="auto" style="position: relative;"><span style="font-family: inherit;"><code style="font-size: 1em; line-height: 1.357em;">-D TomsFastMath_INCLUDE_DIR=<path></code><span> </span>- The directory containing<span> </span><code style="font-size: 1em; line-height: 1.357em;">tfm.h</code>.</span></li><li class="code-line" data-line="125" dir="auto" style="position: relative;"><span style="font-family: inherit;"><code style="font-size: 1em; line-height: 1.357em;">-D TomsFastMath_LIBRARY=<path></code><span> </span>- The path to the TomsFastMath library.</span></li></ul><p class="code-line" data-line="127" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Also updated the vendored TomsFastMath code to version 0.13.1.</span></p></li></ul><span style="font-size: 14px;"><br /></span><h3 class="code-line" data-line="129" dir="auto" id="other-improvements" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">Other improvements</span></h3><ul class="code-line" data-line="131" dir="auto" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="131" dir="auto" style="position: relative;"><p class="code-line" data-line="131" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Freshclam:</span></p><ul class="code-line" data-line="132" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="132" dir="auto" style="position: relative;"><span style="font-family: inherit;">Improve<span> </span><code style="font-size: 1em; line-height: 1.357em;">ReceiveTimeout</code><span> </span>behavior so that will abort a download attempt if the download is not making significant progress. Previously this limit was an absolute time limit for the download and could abort prematurely for those on a slower connection. Special thanks to Simon Arlott for this improvement.</span></li></ul></li><li class="code-line" data-line="138" dir="auto" style="position: relative;"><p class="code-line" data-line="138" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Rewrote the ClamAV database archive incremental-update feature (CDIFF) from scratch in Rust. The new implementation was our first module to be rewritten in Rust. It is significantly faster at applying updates that remove large numbers of signatures from a database, such as when migrating signatures from<span> </span><code style="font-size: 1em; line-height: 1.357em;">daily.cvd</code><span> </span>to<span> </span><code style="font-size: 1em; line-height: 1.357em;">main.cvd</code>.</span></p></li><li class="code-line" data-line="144" dir="auto" style="position: relative;"><p class="code-line" data-line="144" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Freshclam & ClamD:</span></p><ul class="code-line" data-line="145" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="145" dir="auto" style="position: relative;"><span style="font-family: inherit;">Increased the maximum line-length for<span> </span><code style="font-size: 1em; line-height: 1.357em;">freshclam.conf</code><span> </span>and<span> </span><code style="font-size: 1em; line-height: 1.357em;">clamd.conf</code><span> </span>from 512-characters to 1024-characters. This change was by request to accommodate very long<span> </span><code style="font-size: 1em; line-height: 1.357em;">DatabaseMirror</code><span> </span>options when using access tokens in the URI.</span></li></ul></li><li class="code-line" data-line="149" dir="auto" style="position: relative;"><p class="code-line" data-line="149" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Removed the Heuristics.PNG.CVE-2010-1205 detection. This alert had been placed behind the<span> </span><code style="font-size: 1em; line-height: 1.357em;">--alert-broken-media</code><span> </span>(<code style="font-size: 1em; line-height: 1.357em;">SCAN_HEURISTIC_BROKEN_MEDIA</code>) option in 0.103.3 and 0.104 because of excessive alerts on slightly malformed but non- malicious files. Now it is completely removed.</span></p></li><li class="code-line" data-line="154" dir="auto" style="position: relative;"><p class="code-line" data-line="154" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Added support for building ClamDTop using ncursesw if ncurses can not be found. Patch courtesy of Carlos Velasco.</span></p></li></ul><h3 class="code-line" data-line="157" dir="auto" id="bug-fixes" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">Bug fixes</span></h3><ul class="code-line" data-line="159" dir="auto" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="159" dir="auto" style="position: relative;"><p class="code-line" data-line="159" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">ClamOnAcc: Fixed a number of assorted stability issues and added niceties for debugging ClamOnAcc. Patches courtesy of Frank Fegert.</span></p></li><li class="code-line" data-line="162" dir="auto" style="position: relative;"><p class="code-line" data-line="162" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed an issue causing byte-compare sub-signatures to cause an alert when they match even if other conditions of the given logical signatures were not met.</span></p></li><li class="code-line" data-line="165" dir="auto" style="position: relative;"><p class="code-line" data-line="165" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed an issue causing XLM macro false positives when scanning XLS documents containing images if the<span> </span><code style="font-size: 1em; line-height: 1.357em;">--alert-macros</code><span> </span>(<code style="font-size: 1em; line-height: 1.357em;">AlertOLE2Macros</code>) option was enabled.</span></p></li><li class="code-line" data-line="169" dir="auto" style="position: relative;"><p class="code-line" data-line="169" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Fixed an issue preventing multiple matches when scanning in all-match mode.</span></p></li><li class="code-line" data-line="171" dir="auto" style="position: relative;"><p class="code-line" data-line="171" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Docker:</span></p><ul class="code-line" data-line="172" dir="auto" style="margin-bottom: 0px; margin-top: 0px; position: relative;"><li class="code-line" data-line="172" dir="auto" style="position: relative;"><span style="font-family: inherit;">Fixed an issue exposing the health check port. Patch courtesy of Sammy Chu.</span></li><li class="code-line" data-line="173" dir="auto" style="position: relative;"><span style="font-family: inherit;">Fixed an issue with health check failure false positives during container startup. Patch courtesy of Olliver Schinagl.</span></li><li class="code-line" data-line="175" dir="auto" style="position: relative;"><span style="font-family: inherit;">Set the default time zone to<span> </span><code style="font-size: 1em; line-height: 1.357em;">Etc/UTC</code>. The<span> </span><code style="font-size: 1em; line-height: 1.357em;">--env</code><span> </span>parameter can be used to customize the time zone by setting<span> </span><code style="font-size: 1em; line-height: 1.357em;">TZ</code><span> the </span>environment variables. Patch courtesy of Olliver Schinagl.</span></li></ul></li><li class="code-line" data-line="179" dir="auto" style="position: relative;"><p class="code-line" data-line="179" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Added support for detecting the curses library dependency even when the associated pkg-config file is not present. This resolves a build issue on some BSD distributions. Patch courtesy of Stuart Henderson.</span></p></li><li class="code-line" data-line="183" dir="auto" style="position: relative;"><p class="code-line" data-line="183" dir="auto" style="margin-bottom: 0.7em; margin-top: 0px; position: relative;"><span style="font-family: inherit;">Assorted bug fixes and improvements.</span></p></li></ul><h3 class="code-line" data-line="185" dir="auto" id="acknowledgements" style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; margin-bottom: 0.2em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">Acknowledgments</span></h3><p class="code-line" data-line="187" dir="auto" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><span style="font-family: inherit;">The ClamAV team thanks the following individuals for their code submissions:</span></p><ul class="code-line" data-line="188" dir="auto" style="-webkit-text-stroke-width: 0px; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; margin-bottom: 0.7em; margin-top: 0px; position: relative; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"><li class="code-line" data-line="188" dir="auto" style="position: relative;"><span style="font-family: inherit;">Ahmon Dancy</span></li><li class="code-line" data-line="189" dir="auto" style="position: relative;"><span style="font-family: inherit;">Alexander Sulfrian</span></li><li class="code-line" data-line="190" dir="auto" style="position: relative;"><span style="font-family: inherit;">Carlos Velasco</span></li><li class="code-line" data-line="191" dir="auto" style="position: relative;"><span style="font-family: inherit;">Bernd Kuhls</span></li><li class="code-line" data-line="192" dir="auto" style="position: relative;"><span style="font-family: inherit;">David Korczynski</span></li><li class="code-line" data-line="193" dir="auto" style="position: relative;"><span style="font-family: inherit;">Fabrice Fontaine</span></li><li class="code-line" data-line="194" dir="auto" style="position: relative;"><span style="font-family: inherit;">Frank Fegert</span></li><li class="code-line" data-line="195" dir="auto" style="position: relative;"><span style="font-family: inherit;">Gianluigi Tiesi</span></li><li class="code-line" data-line="196" dir="auto" style="position: relative;"><span style="font-family: inherit;">Giovanni Bechis</span></li><li class="code-line" data-line="197" dir="auto" style="position: relative;"><span style="font-family: inherit;">Grace Kang</span></li><li class="code-line" data-line="198" dir="auto" style="position: relative;"><span style="font-family: inherit;">John Humlick</span></li><li class="code-line" data-line="199" dir="auto" style="position: relative;"><span style="font-family: inherit;">Jordan Ernst</span></li><li class="code-line" data-line="200" dir="auto" style="position: relative;"><span style="font-family: inherit;">JunWei Song</span></li><li class="code-line" data-line="201" dir="auto" style="position: relative;"><span style="font-family: inherit;">mko-x</span></li><li class="code-line" data-line="202" dir="auto" style="position: relative;"><span style="font-family: inherit;">Olliver Schinagl</span></li><li class="code-line" data-line="203" dir="auto" style="position: relative;"><span style="font-family: inherit;">Sammy Chu</span></li><li class="code-line" data-line="204" dir="auto" style="position: relative;"><span style="font-family: inherit;">Sergey Valentey</span></li><li class="code-line" data-line="205" dir="auto" style="position: relative;"><span style="font-family: inherit;">Simon Arlott</span></li><li class="code-line" data-line="206" dir="auto" style="position: relative;"><span style="font-family: inherit;">Stuart Henderson</span></li><li class="code-line" data-line="207" dir="auto" style="position: relative;"><span style="font-family: inherit;">Yann E. Morin</span></li></ul><p> </p>Micah Snyderhttp://www.blogger.com/profile/07798916006145826441noreply@blogger.comtag:blogger.com,1999:blog-2366689974368239573.post-62712945479649870392022-01-12T14:11:00.003-05:002022-01-12T14:11:38.583-05:00ClamAV 0.103.5 and 0.104.2 security patch release; 0.102 past EOL<p>ClamAV versions 0.103.5 and 0.104.2 are now available for download on the <a href="https://www.clamav.net/downloads" rel="nofollow" target="_blank">clamav.net Downloads page</a>. </p><p>We would also like to take this opportunity to remind users that versions 0.102 and 0.101 have reached their end-of-life period. These versions exceeded our EOL dates on Jan. 3, 2022 and will soon be actively blocked from downloading signature database updates.</p><p>For additional details about ClamAV's end-of-life policy, <a href="https://docs.clamav.net/faq/faq-eol.html" rel="nofollow" target="_blank">please see our online documentation</a>.</p><span><a name='more'></a></span><p><br /></p><h2 data-sourcepos="6:1-6:10" dir="auto">0.103.5</h2>
<p data-sourcepos="8:1-8:68" dir="auto">ClamAV 0.103.5 is a critical patch release with the following fixes:</p>
<ul data-sourcepos="10:1-36:0" dir="auto"><li data-sourcepos="10:1-18:0">
<p data-sourcepos="10:3-14:21"><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20698" rel="nofollow noreferrer noopener" target="_blank">CVE-2022-20698</a>:
Fix for invalid pointer read that may cause a crash. This issue affects 0.104.1, 0.103.4 and prior when ClamAV is compiled with libjson-c and
the <code>CL_SCAN_GENERAL_COLLECT_METADATA</code> scan option (the <code>clamscan --gen-json</code>
option) is enabled.</p>
<p data-sourcepos="16:3-17:16">Cisco would like to thank Laurent Delosieres of ManoMano for reporting this
vulnerability.</p>
</li><li data-sourcepos="19:1-29:0">
<p data-sourcepos="19:3-19:79">Fixed ability to disable the file size limit with libclamav C API, like this:</p>
<pre class="code highlight js-syntax-highlight language-c solarized-dark" lang="c"><code><span class="line" id="LC1" lang="c"> <span class="n">cl_engine_set_num</span><span class="p">(</span><span class="n">engine</span><span class="p">,</span> <span class="n">CL_ENGINE_MAX_FILESIZE</span><span class="p">,</span> <span class="mi">0</span><span class="p">);</span></span></code></pre>
<p data-sourcepos="23:3-25:43">This issue didn't affect ClamD or ClamScan which also can disable the limit by
setting it to zero using <code>MaxFileSize 0</code> in <code>clamd.conf</code> for ClamD, or
<code>clamscan --max-filesize=0</code> for ClamScan.</p>
<p data-sourcepos="27:3-28:61">Note: Internally, the max file size is still set to 2 GiB. Disabling the limit
for a scan will fall back on the internal 2 GiB limitation.</p>
</li><li data-sourcepos="30:1-32:0">
<p data-sourcepos="30:3-31:55">Increased the maximum line length for ClamAV config files from 512 bytes to
1,024 bytes to allow for longer config option strings.</p>
</li><li data-sourcepos="33:1-36:0">
<p data-sourcepos="33:3-35:37">SigTool: Fix insufficient buffer size for <code>--list-sigs</code> that caused a failure
when listing a database containing one or more very long signatures.
This fix was backported from 0.104.</p>
</li></ul>
<p data-sourcepos="37:1-37:71" dir="auto">Special thanks to the following for code contributions and bug reports:</p>
<ul data-sourcepos="38:1-39:0" dir="auto"><li data-sourcepos="38:1-39:0">Laurent Delosieres</li></ul><h2 data-sourcepos="6:1-6:10" dir="auto">0.104.2</h2>
<p data-sourcepos="8:1-8:68" dir="auto">ClamAV 0.104.2 is a critical patch release with the following fixes:</p>
<ul data-sourcepos="10:1-32:0" dir="auto"><li data-sourcepos="10:1-18:0">
<p data-sourcepos="10:3-14:21"><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20698" rel="nofollow noreferrer noopener" target="_blank">CVE-2022-20698</a>:
Fix for invalid pointer read that may cause a crash.
Affects 0.104.1, 0.103.4 and prior when ClamAV is compiled with libjson-c and
the <code>CL_SCAN_GENERAL_COLLECT_METADATA</code> scan option (the <code>clamscan --gen-json</code>
option) is enabled.</p>
<p data-sourcepos="16:3-17:16">Cisco would like to thank Laurent Delosieres of ManoMano for reporting this
vulnerability.</p>
</li><li data-sourcepos="19:1-29:0">
<p data-sourcepos="19:3-19:79">Fixed ability to disable the file size limit with libclamav C API, like this:</p>
<pre class="code highlight js-syntax-highlight language-c solarized-dark" lang="c"><code><span class="line" id="LC1" lang="c"> <span class="n">cl_engine_set_num</span><span class="p">(</span><span class="n">engine</span><span class="p">,</span> <span class="n">CL_ENGINE_MAX_FILESIZE</span><span class="p">,</span> <span class="mi">0</span><span class="p">);</span></span></code></pre>
<p data-sourcepos="23:3-25:43">This issue didn't impact ClamD or ClamScan which also can disable the limit by
setting it to zero using <code>MaxFileSize 0</code> in <code>clamd.conf</code> for ClamD, or
<code>clamscan --max-filesize=0</code> for ClamScan.</p>
<p data-sourcepos="27:3-28:61">Note: Internally, the max file size is still set to 2 GiB. Disabling the limit
for a scan will fall back on the internal 2 GiB limitation.</p>
</li><li data-sourcepos="30:1-32:0">
<p data-sourcepos="30:3-31:55">Increased the maximum line length for ClamAV config files from 512 bytes to 1,024 bytes to allow for longer config option strings.</p>
</li></ul>
<p data-sourcepos="33:1-33:71" dir="auto">Special thanks to the following for code contributions and bug reports:</p>
<ul data-sourcepos="34:1-35:0" dir="auto"><li data-sourcepos="34:1-35:0">Laurent Delosieres</li></ul>Micah Snyderhttp://www.blogger.com/profile/07798916006145826441noreply@blogger.com