> > https://blog.clamav.net/2021/07/clamav-01040-release-candidate-is-here.html > <https://blog.clamav.net/2021/07/clamav-01040-release-candidate-is-here.html> > > ClamAV 0.104.0 Release Candidate is here! > > We are pleased to announce the ClamAV 0.104.0 release candidate > <https://www.clamav.net/downloads>. > > Please help us validate this release. We need your feedback, so let us know > what you find and join us on the ClamAV mailing list > <https://lists.clamav.net/mailman/listinfo/clamav-users>, or on our Discord > <https://discord.gg/sGaxA5Q>, which is bridged with our IRC. > > This release candidate phase is only expected to last about two to four weeks > before the 0.104.0 Stable version will be published. Take this opportunity to > verify that you 0.104.0 can build and run in your environment. > > <>Please submit bug reports to the ClamAV project GitHub Issues > <https://github.com/Cisco-Talos/clamav/issues>. > ClamAV 0.104.0 includes the following improvements and changes. > > > <https://github.com/Cisco-Talos/clamav/blob/dev/0.104/NEWS.md#new-requirements> > New Requirements > > As of ClamAV 0.104, CMake is required to build ClamAV. > > We have added comprehensive build instructions for using CMake to the new > INSTALL.md file. The online documentation will also be updated to include > CMake build instructions. > The Autotools and the Visual Studio build systems have been removed. > <https://github.com/Cisco-Talos/clamav/blob/dev/0.104/NEWS.md#major-changes> > Major changes > > The built-in LLVM for the bytecode runtime has been removed. > > The bytecode interpreter is the default runtime for bytecode signatures just > as it was in ClamAV 0.103. > We wished to add support for newer versions of LLVM, but ran out of time. If > you're building ClamAV from source and you wish to use LLVM instead of the > bytecode interpreter, you will need to supply the development libraries for > LLVM version 3.6.2. See INSTALL.md to learn more. > There are now official ClamAV images on Docker Hub. > > Note: Until ClamAV 0.104.0 is released, these images are limited to > "unstable" versions, which are updated daily with the latest changes in the > default branch on GitHub. > You can find the images on Docker Hub under clamav > <https://hub.docker.com/r/clamav/clamav>. > > Docker Hub ClamAV tags: > > clamav/clamav:<version>: A release preloaded with signature databases. > > Using this container will save the ClamAV project some bandwidth. Use this if > you will keep the image around so that you don't download the entire database > set every time you start a new container. Updating with FreshClam from the > existing databases set does not use much data. > > clamav/clamav:<version>_base: A release with no signature databases. > > Use this container only if you mount a volume in your container under > /var/lib/clamav to persist your signature database databases. This method is > the best option because it will reduce data costs for ClamAV and for the > Docker registry, but it does require advanced familiarity with Linux and > Docker. > > Caution: Using this image without mounting an existing database directory > will cause FreshClam to download the entire database set each time you start > a new container. > > You can use the unstable version (i.e. clamav/clamav:unstable or > clamav/clamav:unstable_base) to try the latest from our development branch. > > Please, be kind when using "free" bandwidth for the virus databases and > Docker registry. Try not to download the entire database set or the larger > ClamAV database images on a regular basis. > > For more details, see the ClamAV Docker documentation > <https://docs.clamav.net/manual/Installing/Docker.html>. > > Special thanks to Olliver Schinagl for his excellent work creating ClamAV's > new Docker files, image database deployment tooling, and user documentation. > > clamd and freshclam are now available as Windows services. To install and run > them, use the --install-service option and net start [name] command. > > Special thanks to Gianluigi Tiesi for his original work on this feature. > > > <https://github.com/Cisco-Talos/clamav/blob/dev/0.104/NEWS.md#notable-changes> > Notable changes > > We added these features in 0.103.1 but wanted to re-post them here, as patch > versions do not generally introduce new options: > > Added a new scan option to alert on broken media (graphics) file formats. > This feature mitigates the risk of malformed media files intended to exploit > vulnerabilities in other software. Currently, media validation exists for > JPEG, TIFF, PNG, and GIF files. To enable this feature, set AlertBrokenMedia > yes in clamd.conf, or use the --alert-broken-media option when using > clamscan. These options are disabled by default in this patch, but may be > enabled in a subsequent release. Application developers may enable this scan > option by enabling CL_SCAN_HEURISTIC_BROKEN_MEDIA for the heuristic scan > option bit field. > > Added CL_TYPE_TIFF, CL_TYPE_JPEG types to match GIF and PNG typing behavior. > BMP and JPEG 2000 files will continue to detect as CL_TYPE_GRAPHICS because > ClamAV does not have BMP or JPEG 2000 format-checking capabilities. > > Added progress callbacks to libclamav for: > > database load: cl_engine_set_clcb_sigload_progress() > engine compile: cl_engine_set_clcb_engine_compile_progress() > engine free: cl_engine_set_clcb_engine_free_progress() > These new callbacks enable an application to monitor and estimate load, > compile and unload progress. See clamav.h for API details. > > Added progress bars to ClamScan for the signature load and engine compile > steps before a scan begins. The startup progress bars won't be enabled if > ClamScan isn't running in a terminal (i.e. if stdout is not a TTY), or if any > of these options are used: > > --debug > --quiet > --infected > --no-summary > > <https://github.com/Cisco-Talos/clamav/blob/dev/0.104/NEWS.md#other-improvements> > Other improvements > > Added the %f format string option to the ClamD VirusEvent feature to insert > the file path of the scan target when a virus event occurs. This supplements > the VirusEvent %v option that prints the signature (virus) name. The ClamD > VirusEvent feature also provides two environment variables, > $CLAM_VIRUSEVENT_FILENAME and $CLAM_VIRUSEVENT_VIRUSNAME for a similar > effect. This fix comes courtesy of Vasile Papp. > > Improvements to the AutoIt extraction module. Patch courtesy of cw2k. > > Added support for extracting images from Excel *.xls (OLE2) documents. > > Trusted SHA256-based Authenticode hashes can now be loaded in from *.cat > files. See our Authenticode documentation > <https://docs.clamav.net/appendix/Authenticode.html> for more info about > using *.cat files with *.crb rules to trust signed Windows executables. > > <https://github.com/Cisco-Talos/clamav/blob/dev/0.104/NEWS.md#bug-fixes> > Bug fixes > > Fixed a memory leak affecting logical signatures that use the "byte compare" > feature. Patch courtesy of Andrea De Pasquale. > > Fixed bytecode match evaluation for PDF bytecode hooks in PDF file scans. > > Other minor bug fixes. > > > <https://github.com/Cisco-Talos/clamav/blob/dev/0.104/NEWS.md#acknowledgements> > Acknowledgments > > The ClamAV team thanks the following individuals for their code submissions: > > Alexander Golovach > Andrea De Pasquale > Andrew Williams > Armin Kuster > Brian Bergstrand > cw2k > Duane Waddle > Gianluigi Tiesi > Jonas Zaddach > Kenneth Hau > Markus Strehle > Olliver Schinagl > Orion Poplawski > Sergey Valentey > Sven Rueß > Tom Briden > Vasile Papp > Yasuhiro Kimura
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
clamav-devel mailing list clamav-devel@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-devel Please submit your patches to our Github: https://github.com/Cisco-Talos/clamav-devel/pulls Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml