My old 0.103.x version of ClamAV received the following quite confusing error messaging when attempting to update the virus definition via *its* version of freshclam. (I could send the entire log if that would help; it also includes a "403 forbidden".)
... WARNING: downloadPatch: Can't download daily-27779.cdiff from https://database.clamav.net/daily-27779.cdiff The database server doesn't have the latest patch for the daily database (version 27779). The server will likely have updated if you check again in a few hours. ... This is reminiscent of when the local BOS Cloudflare server really didn't have the latest version advertised by DNS, but is probably an error message which is itself erroneous. In any case, in the past I have always built ClamAV myself, but now, since building ClamAV to run on my older Debian server might be difficult (given Rust et al), I am starting to use a brand new computer (which cost me $500) to run ClamAV (on "Leap 15.6") to be accessed via the LAN. This should be OK for scanning inbound email -- using clamdscan -- but I don't like the idea of having to scan local files that way: it's slow! Finally, setting up to scan remotely is very unintuitive and weird: you have to make a fake clamd.conf and explicitly set the options "TCPAddr [remote-IP]" and "TCPSocket [remote-port]". However, the description in the sample file talks about "TCPAddr" as an address to *bind* to (instead of INADDR_ANY), which is nonsense for a *remote* IP address. But at least if you ever want also to run a local clamd (for different virus defs or such) you can explicitly tell clamdscan which so-called clamd.conf to use. ------------------------------------------- On Wed, 1 Oct 2025 17:23:11 +0000 "Val Snyder \(micasnyd\) via clamav-users" <[email protected]> wrote: > All, > > Yesterday, Sep-30 2025, CDN rules were updated to enforce the end of life > rules and block ClamAV 0.103 from signature updates. > > As you may be aware from previous announcements, ClamAV 0.103 is now past end > of life for signature database updates. Specifically: > > * > ClamAV 0.103 exceeded end of life for security patch support on Sep-14 2024. > * > ClamAV 0.103 exceeded end of life for signature database updates as of Sep-14 > 2025. > > May 2023: 0.103 EOL 1-year extension: > https://blog.clamav.net/2023/05/end-of-life-eol-policy-change-0103-one.html > Aug 2024: 0.103 Security Fix EOL reminder: > https://blog.clamav.net/2024/08/clamav-0103-lts-end-of-life-announcement.html > Mar 2025: 0.103 Database Update EOL reminder: > https://blog.clamav.net/2025/03/advance-notice-end-of-life-for-clamav.html > > If you are affected, you will have to upgrade to ClamAV 1.0 LTS or newer to > continue to download signatures from database.clamav.net. > If your operating system does not support a newer version of ClamAV, you may > need to upgrade your operating system version, use the ClamAV team install > packages, or else build and install ClamAV from source. > > ClamAV EOL Policy / Supported Versions matrix, for reference: > https://docs.clamav.net/faq/faq-eol.html#version-support-matrix). > > Respectfully, > Val > > Valerie Snyder (she/they) > ClamAV Development > Talos > Cisco Systems, Inc. _______________________________________________ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
