Re: [clamav-users] Signatures in md5sum not in sha256sum

[Mark Allan]

> On 11 Sep 2017, at 1:01 pm, Joel Esler (jesler)  wrote:
> 
> Reported them to bugzilla?

Nope - in your announcement email (copied & abbreviated below) you asked us to 
provide feedback via the list:

> On 4 Aug 2017, at 12:04 am, Joel Esler (jesler)  wrote:
> 
> ClamAV 0.99.3 beta has been released!
> 
> We ask that feedback be provided via the ClamAV mailing 
> lists.

Mark

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Signatures in md5sum not in sha256sum

[Joel Esler (jesler)]

Reported them to bugzilla?

Sent from my iPhone

On Sep 11, 2017, at 5:35 AM, Mark Allan 
mailto:markjal...@gmail.com>> wrote:


On 8 Sep 2017, at 5:32 pm, Joel Esler (jesler) 
mailto:jes...@cisco.com>> wrote:

We don't have a slated date yet.  We've had about 6000 downloads of the beta 
package and no reported bugs so far.


So far, so good.

That's not entirely true; I reported at least three bugs.

Mark
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Signatures in md5sum not in sha256sum

[Mark Allan]

> On 8 Sep 2017, at 5:32 pm, Joel Esler (jesler)  wrote:
> 
> We don’t have a slated date yet.  We’ve had about 6000 downloads of the beta 
> package and no reported bugs so far.
> 
> 
> So far, so good.

That's not entirely true; I reported at least three bugs.

Mark
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Signatures in md5sum not in sha256sum

[Al Varnell]

I also tracked down a problem with False Positives that I personally reported 
to ClamXAV support that was passed on and received this response from Steve 
Morgan:
> Thanks, we are also observing these same FP's in our testing. They are on the 
> roadmap for 0.99.3.


-Al-

On Fri, Sep 08, 2017 at 02:55 PM, Al Varnell wrote:
> I'm aware of at least one bug was reported on the developer-list in 
> mid-August and last I knew the patch was still not working.
> 
> On Fri, Sep 08, 2017 at 09:32 AM, Joel Esler (jesler) wrote:
>> We don’t have a slated date yet.  We’ve had about 6000 downloads of the beta 
>> package and no reported bugs so far.
>> 
>> So far, so good.
> 
> -Al-


smime.p7s
Description: S/MIME cryptographic signature
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Signatures in md5sum not in sha256sum

[Al Varnell]

I'm aware of at least one bug was reported on the developer-list in mid-August 
and last I knew the patch was still not working.

On Fri, Sep 08, 2017 at 09:32 AM, Joel Esler (jesler) wrote:
> We don’t have a slated date yet.  We’ve had about 6000 downloads of the beta 
> package and no reported bugs so far.
> 
> So far, so good.

-Al-
-- 
Al Varnell
ClamXAV User






smime.p7s
Description: S/MIME cryptographic signature
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Signatures in md5sum not in sha256sum

[Joel Esler (jesler)]

We don’t have a slated date yet.  We’ve had about 6000 downloads of the beta 
package and no reported bugs so far.


So far, so good.

--
Joel Esler | Talos: Manager | jes...@cisco.com






On Sep 8, 2017, at 8:20 AM, Vijayakumar U 
mailto:vj1...@gmail.com>> wrote:



When can we expect the 99.3 stable release ?


___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Signatures in md5sum not in sha256sum

[Paul Kosinski]

MD5 has been discredited (found insecure) a long time ago. Putting out
*new* signatures with SHA256 shouldn't be all that hard. And just like
some new sigs needing a recent version of ClamAV because of their
content, SHA-signed sigs could demand a new ClamAV version.

As far as a being a security issue, forged sigs could cause denial of
service via false positives. (And I imagine there could even be
actively malicious bytecode.)

P.S. Mozilla is even providing SHA512 sigs for Firefox (ESR, at least).


On Fri, 08 Sep 2017 04:27:42 -0700
Al Varnell  wrote:

> I'm struggling to understand how that would improve the DB? It's not
> a security issue and it would seemingly involve a ton of work to run
> all those samples again just to get a larger number which would
> require additional time to download and space to store the DB as well
> as in RAM.
> 
> -Al-
> 
> On Fri, Sep 08, 2017 at 04:12 AM, Vijayakumar U wrote:
> > Dear Team,
> > 
> > Do we have any plans to maintain/update the signature DB with
> > sha256sum?
> > 
> > Is there any specific reason to maintain the signatures in md5sum
> > format?
> > 
> > Please clarify.
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Signatures in md5sum not in sha256sum

[Vijayakumar U]

This is what I was expecting. Thanks for the reply.

When can we expect the 99.3 stable release ?


On Fri, Sep 8, 2017 at 5:01 PM, Alain Zidouemba 
wrote:

> We are shipping sha256 signatures now. See contents of daily.hsb. We
> are no longer shipping new hdb (md5) signatures.
>
> -Alain
>
> > On Sep 8, 2017, at 7:28 AM, Al Varnell  wrote:
> >
> > I'm struggling to understand how that would improve the DB? It's not a
> security issue and it would seemingly involve a ton of work to run all
> those samples again just to get a larger number which would require
> additional time to download and space to store the DB as well as in RAM.
> >
> > -Al-
> >
> >> On Fri, Sep 08, 2017 at 04:12 AM, Vijayakumar U wrote:
> >> Dear Team,
> >>
> >> Do we have any plans to maintain/update the signature DB with sha256sum?
> >>
> >> Is there any specific reason to maintain the signatures in md5sum
> format?
> >>
> >> Please clarify.
> > ___
> > clamav-users mailing list
> > clamav-users@lists.clamav.net
> > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> >
> >
> > Help us build a comprehensive ClamAV guide:
> > https://github.com/vrtadmin/clamav-faq
> >
> > http://www.clamav.net/contact.html#ml
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>



-- 
Cheers,
Vijay.
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Signatures in md5sum not in sha256sum

[Vijayakumar U]

I'm not asking to update previously collected signatures. At-least from now
on while adding new ones lets have it as sha256sum.

On Fri, Sep 8, 2017 at 4:57 PM, Al Varnell  wrote:

> I'm struggling to understand how that would improve the DB? It's not a
> security issue and it would seemingly involve a ton of work to run all
> those samples again just to get a larger number which would require
> additional time to download and space to store the DB as well as in RAM.
>
> -Al-
>
> On Fri, Sep 08, 2017 at 04:12 AM, Vijayakumar U wrote:
> > Dear Team,
> >
> > Do we have any plans to maintain/update the signature DB with sha256sum?
> >
> > Is there any specific reason to maintain the signatures in md5sum format?
> >
> > Please clarify.
>
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>



-- 
Cheers,
Vijay.
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Signatures in md5sum not in sha256sum

[Alain Zidouemba]

We are shipping sha256 signatures now. See contents of daily.hsb. We
are no longer shipping new hdb (md5) signatures.

-Alain

> On Sep 8, 2017, at 7:28 AM, Al Varnell  wrote:
>
> I'm struggling to understand how that would improve the DB? It's not a 
> security issue and it would seemingly involve a ton of work to run all those 
> samples again just to get a larger number which would require additional time 
> to download and space to store the DB as well as in RAM.
>
> -Al-
>
>> On Fri, Sep 08, 2017 at 04:12 AM, Vijayakumar U wrote:
>> Dear Team,
>>
>> Do we have any plans to maintain/update the signature DB with sha256sum?
>>
>> Is there any specific reason to maintain the signatures in md5sum format?
>>
>> Please clarify.
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Signatures in md5sum not in sha256sum

[Al Varnell]

I'm struggling to understand how that would improve the DB? It's not a security 
issue and it would seemingly involve a ton of work to run all those samples 
again just to get a larger number which would require additional time to 
download and space to store the DB as well as in RAM.

-Al-

On Fri, Sep 08, 2017 at 04:12 AM, Vijayakumar U wrote:
> Dear Team,
> 
> Do we have any plans to maintain/update the signature DB with sha256sum?
> 
> Is there any specific reason to maintain the signatures in md5sum format?
> 
> Please clarify.


smime.p7s
Description: S/MIME cryptographic signature
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] Signatures in md5sum not in sha256sum

[Vijayakumar U]

Dear Team,

Do we have any plans to maintain/update the signature DB with sha256sum?

Is there any specific reason to maintain the signatures in md5sum format?

Please clarify.

-- 
Cheers,
Vijay.
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml