Re: [clamav-users] Is a +28 hr old daily.cvd normal?

The daily has updated so it appears that all is well. Thanks for the reassurance Al. Thanks Micah for attention to the version logging issue. -- Brian On 6 Aug 2019 at 9:41, Al Varnell wrote: > > For the last 20 days, updates have been released every 24 hours, plus > or minus 7 minutes. I

Re: [clamav-users] Distinction between x64 and x32 windows installers

Wow! That’s really a very good information and helps us simplify things. I will definitely try to raise a PR for the documentation for this. Thanks again Micah. Regards, Sent from my iPhone On 6 Aug 2019, at 21:43, Micah Snyder (micasnyd) mailto:micas...@cisco.com>> wrote: Hi Manna, The ins

Re: [clamav-users] Distinction between x64 and x32 windows installers

Hi Manna, The installer in the 32-bit section will install either the 64bit or 32bit edition. Unfortunately the layout of our downloads page is poorly structured and doesn’t convey this. Micah From: "Manna, Mohammed" Date: Tuesday, August 6, 2019 at 2:59 PM To: "Micah Snyder (micasnyd)" Cc

Re: [clamav-users] Freshclam seems locked and can not be unlocked.

fuser /var/log/clamav/freshclam.log From: clamav-users On Behalf Of Jari Kosonen via clamav-users Sent: Saturday, August 03, 2019 8:09 PM To: clamav-users@lists.clamav.net Cc: Jari Kosonen Subject: [External] [clamav-users] Freshclam seems locked and can not be unlocked. jari@jari-PC:~$ sud

Re: [clamav-users] Distinction between x64 and x32 windows installers

Appreciate the response Micah. Just one last question for this thread. Are we expecting a stand-alone x64 installer (same as 32-bit) anytime soon? Or, will it always be a portable package as today ? Thanks, Sent from my iPhone On 6 Aug 2019, at 19:42, Micah Snyder (micasnyd) mailto:micas...

Re: [clamav-users] Distinction between x64 and x32 windows installers

Hello! Sorry about the confusion. We don’t have any instructions at this time for how to run ClamAV as service on Windows. It would be really great to add that to our documentation and if you have any insights from your usage it would be most welcome. The portable installer is just a zip of

Re: [clamav-users] [Clamav-devel] ClamAV® blog: ClamAV 0.101.3 security patch release and 0.102.0-beta have been published

Yeah, we have to update that bit. Sent from my  iPad > On Aug 5, 2019, at 23:44, Gary R. Schmidt wrote: > > On 06/08/2019 05:32, Joel Esler (jesler) wrote: >>> >>> https://blog.clamav.net/2019/08/clamav-01013-security-patch-release-and.html >>> >>>

Re: [clamav-users] Is a +28 hr old daily.cvd normal?

For the last 20 days, updates have been released every 24 hours, plus or minus 7 minutes. I suppose the .cvd could be a few hours old by the time it gets posted, so doesn't seem like there's any reason to be concerned. -Al- > On Aug 6, 2019, at 07:42, Brian Fluet via clamav-users > wrote: >

Re: [clamav-users] Is a +28 hr old daily.cvd normal?

Don't worry about the recommended version warning. We failed to disable the update flag before publishing the new version. Later this week the new version will be set and the warning will go away. My apologies for the confusion. I'll check in with the web and ops team to get an ETA for when t

[clamav-users] pipermail signature lists

Just a quick one. Sometimes it's useful to check on signature updates eg... https://lists.clamav.net/pipermail/clamav-virusdb/ https://lists.clamav.net/pipermail/clamav-virusdb/2019-August/date.html But when you want to get to the detail: https://lists.clamav.net/pipermail/clamav-virusdb

[clamav-users] Is a +28 hr old daily.cvd normal?

I upgraded to v0.101.3 yesterday afternoon. This morning I notice the daily.cld is over 28 hrs old. The freshclam log reports that it's up to date but it's age has me curious about that age at which to become concerned. Also, after upgrading to v0.101.3 I'm seeing these entries in the freshc

Re: [clamav-users] Vulnerability Reporting?

Well, that can take a little figuring out since the package is maintained by SUSE. A package can receive "backports" to fix vulnerabilities (and new features) so they don't have to update to a new version and re-certify everything still works and won't break other packages. SUSE does publish info

[clamav-users] Distinction between x64 and x32 windows installers

Hello, This is my first question to ClamAV user list. I have a question regarding the installers (Portable and MSI) for windows. I am trying to understand what's the best way to install an x64 portable on windows, since there is no step-wise guideline on the website. Am I supposed to stop my w

Re: [clamav-users] Vulnerability Reporting?

Running on SUSE sles 12 sp2 servers. rpm -qa | grep clamav clamav-0.100.3-33.21.1.x86_64 This is what i call the engine. The actual version af clamav proccess active on my server. I just want to know how to figure out if this build has known vulnerabillities. Like "can it be forced to cra

Re: [clamav-users] Vulnerability Reporting?

Regarding the zip bomb vulnerability/fix, we don’t have a CVE assigned – yet. Will have one soon. Regards, Micah From: clamav-users on behalf of "Fajar A. Nugraha via clamav-users" Reply-To: ClamAV users ML Date: Tuesday, August 6, 2019 at 5:48 AM To: ClamAV users ML Cc: "Fajar A. Nugraha"

Re: [clamav-users] Vulnerability Reporting?

OP is probably looking for http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=clamav ... and something equivalent of xen-announce (the 'security advisories' part) from https://xenproject.org/help/mailing-list/ (which doesn't exist for clamav?) -- Fajar On Tue, Aug 6, 2019 at 4:42 PM Al Varnell via

Re: [clamav-users] Vulnerability Reporting?

I'm also confused by what you mean by "firmware engine" and "compliance"? ClamAV doesn't reside in firmware, so are you referring to firmware vulnerabilities that impact ClamAV performance? If there are any, I have not heard about them. Is there a particular platform that you are referring to?

Re: [clamav-users] Vulnerability Reporting?

The bug reporter is at < https://bugzilla.clamav.net/>, but vulnerability reports may not be publically accessible for security reasons. The developer list may contain some of what you are looking for, but there are no forums that I’m Aware of. Sent from my iPad -Al- On Aug 6, 2019, at 02:08

[clamav-users] Vulnerability Reporting?

Does CLAMAV have a forum where Vulnerabillity findings in the firmware engine can be tracked for Compliance. ? And where fixes and recomendations can be found. --- Henrik Høg Thomsen Seni