Re: [Clamav-users] Scanning performance issues on some files
Hi, Thanks a lot for the fix. It's really appreciated to be helped that fast. I want to use this opportunity to thank every developer of this amazing software and for the great work they are doing. Thanks again -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de aCaB Envoyé : mardi 16 septembre 2008 19:56 À : ClamAV users ML Objet : Re: [Clamav-users] Scanning performance issues on some files Hi all, This is been worked around with a signature update (daily 8262). A definitive (in-the-code) solution will be inculded in 0.94.1 Thanks everyone, -aCaB ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Cannot compile clamav 0.94 on i386 openbsd 4.0
Is it an idea to try to enable the alternate implementation str.c instead of strcasestr? Or are there negative consequences in doing that? Stan -- Works fine: # gcc -o foo foo.c ./foo StrCASeSTR On Tue, 2008-09-16 at 13:08 +0300, Török Edwin wrote: gcc -o foo foo.c ./foo ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Cannot compile clamav 0.94 on i386 openbsd 4.0
On 2008-09-17 10:50, S.Madge wrote: Is it an idea to try to enable the alternate implementation str.c instead of strcasestr? Or are there negative consequences in doing that? You can edit clamav-config.h, and change the #define HAVE_STRCASESTR to #undef HAVE_STRCASESTR. Best regards, --Edwin ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] [Clamav-devel] Webinar Recording
Dixit Jacek Zapala [EMAIL PROTECTED] (le Wed, 10 Sep 2008 11:27:15 +0200) : » * Nigel Horne ([EMAIL PROTECTED]) [080908 13:56] wrote: » Folks, » » Edwin's Webinar given last week on the topic of 0.94 is now available » for download » from » https://sourcefire.webex.com/sourcefire/lsr.php?AT=pbSP=ECrID=12075182rKey=51C99713B66EECED » » The Webinar covers both the new and improved features of 0.94 and » includes a demonstration » of what's new in the signature format. » » What do I need to buy to watch it? ;-) It seems this a ARF video file (unknown to me before this). I found somewhere that windows and macosx players can be downloaded from this URL : http://www.intercall.com/services/web-conferencing/meeting-center-resources_recplay.php The windows player here is ok to read the file. Best regards. Thierry Besançon ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
[Clamav-users] Clamd does not work
Hi. FreeBSD 5.4-RELEASE-patched-p8 ClamAV 0.94 from ports Clamd does not work. When starting, i get this in logs: +++ Started at Wed Sep 17 12:49:05 2008 clamd daemon 0.94 (OS: freebsd5.4, ARCH: i386, CPU: i386) Running as user vscan (UID 110, GID 110) Log file size limited to 1048576 bytes. Reading databases from /var/db/clamav Not loading PUA signatures. Loaded 427481 signatures. LOCAL: Removing stale socket file /var/run/clamav/clamd LOCAL: Unix socket file /var/run/clamav/clamd LOCAL: Setting connection queue length to 15 Listening daemon: PID: 96479 Limits: Global size limit set to 104857600 bytes. Limits: File size limit set to 26214400 bytes. Limits: Recursion level limit set to 16. Limits: Files limit set to 1. Archive support enabled. Algorithmic detection enabled. Portable Executable support enabled. ELF support enabled. Mail files support enabled. OLE2 support enabled. PDF support disabled. HTML support enabled. Self checking every 1800 seconds. However, clamd is not running and is not in processes list (ps ax | grep clamd shows nothing). There are no errors and warnings of any kind. How can i find out what is wrong? -- Regards, Vladimir mailto:[EMAIL PROTECTED] ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Cannot compile clamav 0.94 on i386 openbsd 4.0
That works! Are there any negative consequences by using this trick? On Wed, 2008-09-17 at 10:58 +0300, Török Edwin wrote: On 2008-09-17 10:50, S.Madge wrote: Is it an idea to try to enable the alternate implementation str.c instead of strcasestr? Or are there negative consequences in doing that? You can edit clamav-config.h, and change the #define HAVE_STRCASESTR to #undef HAVE_STRCASESTR. Best regards, --Edwin ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Cannot compile clamav 0.94 on i386 openbsd 4.0
On 2008-09-17 17:12, S.Madge wrote: That works! Are there any negative consequences by using this trick? Nope. The strcasestr implementation in libc is usually faster, but I don't think that is the case for openbsd 4.0. Still, I don't know why this happened, because configure detected that you have strcasestr, and compiling a testprogram showed that you have it. It is strange that the linker couldn't find it. Best regards, --Edwin ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Cannot compile clamav 0.94 on i386 openbsd 4.0
S.Madge wrote: That works! Are there any negative consequences by using this trick? Only down side is you will have to do it every time you rebuild samba; until you or someone else finds out why it isn't working. James signature.asc Description: OpenPGP digital signature ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Cannot compile clamav 0.94 on i386 openbsd 4.0
On 2008-09-17 17:28, James Kosin wrote: S.Madge wrote: That works! Are there any negative consequences by using this trick? Only down side is you will have to do it every time you rebuild samba; I don't see anybody talking about samba in this thread ;) --Edwin ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] bzip2 1.0.5 for CentOS
Roberto Ullfig wrote: Paul Bijnens wrote: On 2008-09-05 17:11, SM wrote: At 01:11 05-09-2008, Tilman Schmidt wrote: But even a manual yum update finds nothing to update. I cannot imagine Redhat/CentOS neglecting to provide a patch for that Why not? :-) The response was that this issue can only result in a crash of the bunzip2 process, which we do not consider to have any security impact. vulnerability, so I am probably doing something wrong. But what? You are not doing anything wrong. Get a newer version of bzip2. I believe the situation is this: Apparently Redhat believes it is not a security bug: https://bugzilla.redhat.com/show_bug.cgi?id=438118#c6 The crashing of bzip2 itself is not a security bug. But clamav (which is NOT included in the package list by RedHat) uses bzip2 to unpack an archive and assert no harmful content is inside. Clamav cannot verify such an archive in this case. This could be used by a virusmaker to bypass the virusscanner on the mailserver. There exist updated bzip2 packages for FC7 and FC8. When some Real Paying Customer for Redhat Enterprise logs a bug, and convinces them it *is* a security bug, then the machinery for backporting the fix will be started, I guess, resulting in a fixed bzip2 for the RHEL series (or is this wishful thinking?). Rhetorical question: Why does it have to be a _security_ bug in order for redhat to fix it? I wanted to ask for those of you using CentOS and ClamAv-0.94 if you've had any issues with bunzip2 process crashing or experiencing any issues with ClamAV on these systems running the earlier version of bunzip2? ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] bzip2 1.0.5 for CentOS
-Original Message- From: [EMAIL PROTECTED] [mailto:clamav-users- [EMAIL PROTECTED] On Behalf Of Clayton Keller Sent: Wednesday, September 17, 2008 10:34 AM To: ClamAV users ML Subject: Re: [Clamav-users] bzip2 1.0.5 for CentOS I wanted to ask for those of you using CentOS and ClamAv-0.94 if you've had any issues with bunzip2 process crashing or experiencing any issues with ClamAV on these systems running the earlier version of bunzip2? I've not had any bzip related problems on my CentOS 5.2 64-bit servers. Jason A. Bertoch Network Administrator [EMAIL PROTECTED] Electronet Broadband Communications 3411 Capital Medical Blvd. Tallahassee, FL 32308 (V) 850.222.0229 (F) 850.222.8771 ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] bzip2 1.0.5 for CentOS
On 2008-09-17 16:34, Clayton Keller wrote: Roberto Ullfig wrote: Paul Bijnens wrote: On 2008-09-05 17:11, SM wrote: At 01:11 05-09-2008, Tilman Schmidt wrote: But even a manual yum update finds nothing to update. I cannot imagine Redhat/CentOS neglecting to provide a patch for that Why not? :-) The response was that this issue can only result in a crash of the bunzip2 process, which we do not consider to have any security impact. vulnerability, so I am probably doing something wrong. But what? You are not doing anything wrong. Get a newer version of bzip2. I believe the situation is this: Apparently Redhat believes it is not a security bug: https://bugzilla.redhat.com/show_bug.cgi?id=438118#c6 The crashing of bzip2 itself is not a security bug. But clamav (which is NOT included in the package list by RedHat) uses bzip2 to unpack an archive and assert no harmful content is inside. Clamav cannot verify such an archive in this case. This could be used by a virusmaker to bypass the virusscanner on the mailserver. There exist updated bzip2 packages for FC7 and FC8. When some Real Paying Customer for Redhat Enterprise logs a bug, and convinces them it *is* a security bug, then the machinery for backporting the fix will be started, I guess, resulting in a fixed bzip2 for the RHEL series (or is this wishful thinking?). Rhetorical question: Why does it have to be a _security_ bug in order for redhat to fix it? I wanted to ask for those of you using CentOS and ClamAv-0.94 if you've had any issues with bunzip2 process crashing or experiencing any issues with ClamAV on these systems running the earlier version of bunzip2? A fixed bzip2 package was released on sep 16: See comment nr 10: https://bugzilla.redhat.com/show_bug.cgi?id=438118#c10 https://rhn.redhat.com/errata/RHSA-2008-0893.html -- Paul Bijnens, xplanation Technology ServicesTel +32 16 397.511 Technologielaan 21 bus 2, B-3001 Leuven, BELGIUMFax +32 16 397.512 http://www.xplanation.com/ email: [EMAIL PROTECTED] *** * I think I've got the hang of it now: exit, ^D, ^C, ^\, ^Z, ^Q, ^^, * * F6, quit, ZZ, :q, :q!, M-Z, ^X^C, logoff, logout, close, bye, /bye, * * stop, end, F3, ~., ^]c, +++ ATH, disconnect, halt, abort, hangup, * * PF4, F20, ^X^X, :D::D, KJOB, F14-f-e, F8-e, kill -1 $$, shutdown, * * init 0, kill -9 1, Alt-F4, Ctrl-Alt-Del, AltGr-NumLock, Stop-A, ... * * ... Are you sure? ... YES ... Phew ... I'm out * *** ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] bzip2 1.0.5 for CentOS
Jason Bertoch wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:clamav-users- [EMAIL PROTECTED] On Behalf Of Clayton Keller Sent: Wednesday, September 17, 2008 10:34 AM To: ClamAV users ML Subject: Re: [Clamav-users] bzip2 1.0.5 for CentOS I wanted to ask for those of you using CentOS and ClamAv-0.94 if you've had any issues with bunzip2 process crashing or experiencing any issues with ClamAV on these systems running the earlier version of bunzip2? I've not had any bzip related problems on my CentOS 5.2 64-bit servers. Thanks Jason. What version of bzip2 is running on your CentOS install? ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] bzip2 1.0.5 for CentOS
-Original Message- From: [EMAIL PROTECTED] [mailto:clamav-users- [EMAIL PROTECTED] On Behalf Of Clayton Keller Sent: Wednesday, September 17, 2008 10:57 AM To: ClamAV users ML Subject: Re: [Clamav-users] bzip2 1.0.5 for CentOS Thanks Jason. What version of bzip2 is running on your CentOS install? bzip2-1.0.3-3 Jason A. Bertoch Network Administrator [EMAIL PROTECTED] Electronet Broadband Communications 3411 Capital Medical Blvd. Tallahassee, FL 32308 (V) 850.222.0229 (F) 850.222.8771 ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Cannot compile clamav 0.94 on i386 openbsd 4.0
Török Edwin wrote: On 2008-09-17 17:28, James Kosin wrote: S.Madge wrote: That works! Are there any negative consequences by using this trick? Only down side is you will have to do it every time you rebuild samba; I don't see anybody talking about samba in this thread ;) Sorry, my head is in the clouds today. But, same applies for clamav. James signature.asc Description: OpenPGP digital signature ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml