You absolutely must upgrade. While the issue at hand is probably because your libpcre package is older and can’t handle newer features used in the current database, I must stress that 0.99.2 has unpatched publicly known vulnerabilities. Scanning untrusted user content carries an inherent risk and doubly so for product versions with disclosed vulnerabilities. I should also note that RHEL 5 is also past end-of-life, meaning ClamAV probably isn’t the only unpatched package on your system. Even RHEL 6 is coming up on EOL this November.
I have a vague recollection that ClamAV behavior changed in 0.100 to skip signatures that fail to load – rather than failing to load the entire database. It doesn’t help you, but from my perspective there isn’t much I can do to improve ClamAV to avoid this issue in the future. I also don’t think that re-writing the regex signatures to be compatible with older libcpre versions is in the cards. It’s not my call, but I wouldn’t recommend investing the time either. Please, just find a way to upgrade. Regards, Micah From: clamav-users <[email protected]> on behalf of 99r c via clamav-users <[email protected]> Reply-To: ClamAV users ML <[email protected]> Date: Tuesday, February 18, 2020 at 2:44 PM To: "[email protected]" <[email protected]> Cc: 99r c <[email protected]> Subject: [clamav-users] new clamav definitions arent working with current install I have ClamAV engine 0.99.2 installed and it no longer works with currently provided definitions is there some way to reformat the currently downloaded definition so they will work in this older environment? (I have tried to upgrade my PCRE version but to no avail I am running RHEL 5.5 which I cannot upgrade for reasons I wont go into) [root@wclceste5 pcre]# clamscan -v LibClamAV Error: cli_pcre_compile: PCRE compilation failed at offset 20: unrecognized character after (?< LibClamAV Error: cli_pcre_build: failed to build pcre regex ERROR: Database initialization error: Malformed database ----------- SCAN SUMMARY ----------- Known viruses: 6744096 Engine version: 0.99.2 Scanned directories: 0 Scanned files: 0 Infected files: 0 Data scanned: 0.00 MB Data read: 0.00 MB (ratio 0.00:1) Time: 110.135 sec (1 m 50 s) [root@wclceste5 pcre]#
_______________________________________________ clamav-users mailing list [email protected] https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
