Read this online at: https://blog.clamav.net/2024/08/clamav-140-feature-release-and-clamav.html
The ClamAV 1.4.0 feature release is now stable. We encourage everyone to download the latest version now from the ClamAV downloads page<https://www.clamav.net/downloads>, on the GitHub Release page<https://github.com/Cisco-Talos/clamav/releases>, and through Docker Hub*: * Alpine-based images<https://hub.docker.com/r/clamav/clamav/> * Debian-based multi-arch images<https://hub.docker.com/r/clamav/clamav-debian/> *The Docker images are built on release day and will be made available when they are ready. We are also publishing ClamAV bytecode compiler version 1.4.0. The ClamAV bytecode compiler release files are available for download on the GitHub Release page<https://github.com/Cisco-Talos/clamav-bytecode-compiler/releases> and through Docker Hub.<https://hub.docker.com/r/clamav/clambc-compiler/tags> ClamAV platform support changes We will no longer provide Linux 32-bit packages. With RHEL 7 reaching end-of-life, we had to upgrade our build hosts and selected Alma Linux 8. Alma Linux does not provide 32-bit images. ClamAV users on 32-bit platforms can still build from source. We now provide ARM64 packages for Windows. We are not able to provide ARM64/aarch64 Linux packages for this release. Regarding future versions An expired signing certificate used to create one of the test files is causing feature test failures in previous versions (1.3.1, 1.0.6 LTS). This is only a test issue and does not impact ClamAV functionality or detection. We are preparing patch versions for the 1.3 and 1.0 feature releases to address the test issue. The next LTS release will be announced later this year. It will likely be the feature release after 1.4. The 0.103 LTS release will soon reach end-of-life for security fixes. Check out our recent blog post for full details<https://blog.clamav.net/2024/08/clamav-0103-lts-end-of-life-announcement.html>. Continue reading to learn what changed in these versions. ClamAV 1.4.0 ClamAV 1.4.0 includes the following improvements and changes: Major changes * Added support for extracting ALZ archives. The new ClamAV file type for ALZ archives is CL_TYPE_ALZ. Added a DCONF<https://docs.clamav.net/manual/Signatures/DynamicConfig.html> option to enable or disable ALZ archive support. Tip: DCONF (Dynamic CONFiguration) is a feature that allows for some configuration changes to be made via ClamAV .cfg "signatures". * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1183> * Added support for extracting LHA/LZH archives. The new ClamAV file type for LHA/LZH archives is CL_TYPE_LHA_LZH. Added a DCONF<https://docs.clamav.net/manual/Signatures/DynamicConfig.html> option to enable or disable LHA/LZH archive support. * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1192> * Added the ability to disable image fuzzy hashing, if needed. For context, image fuzzy hashing is a detection mechanism useful for identifying malware by matching images included with the malware or phishing email/document. New ClamScan options: --scan-image[=yes(*)/no] --scan-image-fuzzy-hash[=yes(*)/no] New ClamD config options: ScanImage yes(*)/no ScanImageFuzzyHash yes(*)/no New libclamav scan options: options.parse &= ~CL_SCAN_PARSE_IMAGE; options.parse &= ~CL_SCAN_PARSE_IMAGE_FUZZY_HASH; Added a DCONF<https://docs.clamav.net/manual/Signatures/DynamicConfig.html> option to enable or disable image fuzzy hashing support. * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1186> Other improvements * Added cross-compiling instructions for targeting ARM64/aarch64 processors for Windows<https://github.com/Cisco-Talos/clamav/blob/main/INSTALL-cross-windows-arm64.md> and Linux<https://github.com/Cisco-Talos/clamav/blob/main/INSTALL-cross-linux-arm64.md>. * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1116> * Improved the Freshclam warning messages when being blocked or rate limited to include the Cloudflare Ray ID, which helps with issue triage. * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1195> * Removed unnecessary memory allocation checks when the size to be allocated is fixed or comes from a trusted source. We also renamed internal memory allocation functions and macros, so it is more obvious what each function does. * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1137> * Improved the Freshclam documentation to make it clear that the --datadir option must be an absolute path to a directory that already exists, is writable by Freshclam, and is readable by ClamScan and ClamD. * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1199> * Added an optimization to avoid calculating the file hash if the clean file cache has been disabled. The file hash may still be calculated as needed to perform hash-based signature matching if any hash-based signatures exist that target a file of the same size, or if any hash-based signatures exist that target "any" file size. * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1167> * Added an improvement to the SystemD service file for ClamOnAcc so that the service will shut down faster on some systems. * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1164> * Added a CMake build dependency on the version map files so that the build will re-run if changes are made to the version map files. Work courtesy of Sebastian Andrzej Siewior. * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1294> * Added an improvement to the CMake build so that the RUSTFLAGS settings are inherited from the environment. Work courtesy of liushuyu. * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1301> Bug fixes * Silenced confusing warning message when scanning some HTML files. * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1252> * Fixed minor compiler warnings. * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1197> * Since the build system changed from Autotools to CMake, ClamAV no longer supports building with configurations where bzip2, libxml2, libz, libjson-c, or libpcre2 are not available. Libpcre is no longer supported in favor of libpcre2. In this release, we removed all the dead code associated with those unsupported build configurations. * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1217> * Fixed assorted typos. Patch courtesy of RainRat. * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1228> * Added missing documentation for the ClamScan --force-to-disk option. * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1186> * Fixed an issue where ClamAV unit tests would prefer an older libclamunrar_iface library from the install path, if present, rather than the recently compiled library in the build path. * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1258> * Fixed a build issue on Windows with newer versions of Rust. Also upgraded GitHub Actions imports to fix CI failures. Fixes courtesy of liushuyu. * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1307> * Fixed an unaligned pointer dereference issue on select architectures. Fix courtesy of Sebastian Andrzej Siewior. * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1293> * Fixed a bug that prevented loading plaintext (non-CVD) signature files when using the --fail-if-cvd-older-than=DAYS / FailIfCvdOlderThan option. Fix courtesy of Bark. * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1309> Acknowledgments Special thanks to the following people for code contributions and bug reports: * Bark * liushuyu * Sebastian Andrzej Siewior * RainRat ClamAV Bytecode Compiler 1.4.0 ➕ Upgrade bytecode compiler project to LLVM 16. * The bytecode compiler project now builds multiple shared object files, instead of just one with all of the passes. This is due to running with the "new" pass manager, instead of running with the legacy pass manager, as before. See https://llvm.org/docs/NewPassManager.html and https://blog.llvm.org/posts/2021-03-26-the-new-pass-manager/ for more details. * The bytecode compiler currently uses (deprecated) non-opaque pointers. Updating to all opaque pointers will be required for the next release. See https://llvm.org/docs/OpaquePointers.html for more information. 🌌 New Requirements: * LLVM 16 * Clang 16 Micah Snyder (they/them) ClamAV Development Talos Cisco Systems, Inc. _______________________________________________ clamav-devel mailing list clamav-devel@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-devel Please submit your patches to our Github: https://github.com/Cisco-Talos/clamav-devel/pulls Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
