On Fri, 26 Jan 2018, Matus UHLAR - fantomas wrote:
> On 26.01.18 13:09, Kees Theunissen wrote:
>> On Fri, 26 Jan 2018, Al Varnell wrote:
>>
>>> If you can't revert to daily 24255 then disable daily.cld until you know
>>> it's
>>> fixed.
>>>
>>> Has anybody updated to daily 24257 to see if that he
On 26.01.18 13:09, Kees Theunissen wrote:
On Fri, 26 Jan 2018, Al Varnell wrote:
If you can't revert to daily 24255 then disable daily.cld until you know it's
fixed.
Has anybody updated to daily 24257 to see if that helps? I doubt that it does
as no sigs are shown as dropped.
I'm running C
Am Freitag, den 26.01.2018, 09:22 +0100 schrieb Reindl Harald:
>
> Am 26.01.2018 um 09:19 schrieb Marco:
> > Il 26/01/2018 09:00, Reindl Harald ha scritto:
> > > freshclam and a custom script downloads anything to
> > > /var/lib/clamav-download and then for the two "/var/lib/clamav"
> > > and
>
26.01.2018 16:22, Manuel Mausz пишет:
On 26.01.2018 14:10, Manuel Mausz wrote:
Hello list,
the attached patch should fix the fd leak in cli_scanscript.
The list stripped my attachment. 2nd try:
https://gist.github.com/manuelm/dbc94001c77c07363cdcb5b390c2cb04
Thanks! Works fine.
___
On Friday 26 January 2018 08:10:51 Manuel Mausz wrote:
> Hello list,
>
> the attached patch should fix the fd leak in cli_scanscript.
>
> cheers,
> manuel
What patch? This list apparently does NOT pass attachments. So please
insert them in your text plz.
> __
On 26.01.2018 14:10, Manuel Mausz wrote:
> Hello list,
>
> the attached patch should fix the fd leak in cli_scanscript.
The list stripped my attachment. 2nd try:
https://gist.github.com/manuelm/dbc94001c77c07363cdcb5b390c2cb04
manuel
___
clamav-users m
On 2018-01-26 5:36 AM, Al Varnell wrote:
If you can't revert to daily 24255 then disable daily.cld until you know it's
fixed.
Has anybody updated to daily 24257 to see if that helps? I doubt that it does
as no sigs are shown as dropped.
[mailfw@mailfw clamav]# sigtool --info=daily.cld
File:
Hello list,
the attached patch should fix the fd leak in cli_scanscript.
cheers,
manuel
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guid
Do you mean this one ?
http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html
Am 26. Januar 2018 14:03:14 MEZ schrieb Andreas Schulze
:
>
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/lis
Am 26.01.2018 um 13:50 schrieb Ralf Hildebrandt:
> If I had to guess: they used the beta for testing, but the release
> versions (both 0.99.2 and 0.99.3!) fail to operate properly...
yes, it's the explanation the matches best to the observed fallout :-/
usually there is a "official" announcement a
Am 26.01.2018 um 13:50 schrieb Ralf Hildebrandt:
* Reindl Harald :
Am 26.01.2018 um 13:40 schrieb Ralf Hildebrandt:
* maxal :
nobody of clamav/cisco reading this list?
It's 7:45AM on the east coast
so what - i don't get how such updates slip through at all - it's not rocket
science loa
* Reindl Harald :
>
>
> Am 26.01.2018 um 13:40 schrieb Ralf Hildebrandt:
> > * maxal :
> > > nobody of clamav/cisco reading this list?
> >
> > It's 7:45AM on the east coast
>
> so what - i don't get how such updates slip through at all - it's not rocket
> science load them on a test-machine and
Am 26.01.2018 um 13:40 schrieb Ralf Hildebrandt:
* maxal :
nobody of clamav/cisco reading this list?
It's 7:45AM on the east coast
so what - i don't get how such updates slip through at all - it's not
rocket science load them on a test-machine and fire up a script that
pies a test-corups
* lukn :
> As ClamAV/Thalos is owned by Cisco I assume all ClamAV employees are
> located in Silicon Valley area and therefore still enjoying a good
> Californian night's sleep.
Or maybe in Philadelphia.
--
Ralf Hildebrandt Charite Universitätsmedizin Berlin
ralf.hildebra...@c
* maxal :
> nobody of clamav/cisco reading this list?
It's 7:45AM on the east coast.
--
Ralf Hildebrandt Charite Universitätsmedizin Berlin
ralf.hildebra...@charite.deCampus Benjamin Franklin
https://www.charite.de Hindenburgdamm 30, 12203 Berlin
Geschäftsb
As ClamAV/Thalos is owned by Cisco I assume all ClamAV employees are
located in Silicon Valley area and therefore still enjoying a good
Californian night's sleep.
On 26.01.2018 13:17, maxal wrote:
> nobody of clamav/cisco reading this list? as the impact is heavy and
> probably worldwide - anyone
Am 26.01.2018 um 13:17 schrieb maxal:
nobody of clamav/cisco reading this list? as the impact is heavy and
probably worldwide - anyone with personal contacts or any other channel
to reach someone there? contact info on clamav.net is only referring to
mailing lists and not very useful
the bett
nobody of clamav/cisco reading this list? as the impact is heavy and
probably worldwide - anyone with personal contacts or any other channel
to reach someone there? contact info on clamav.net is only referring to
mailing lists and not very useful
On Fri, 2018-01-26 at 12:07 +0100, Marco wrote:
>
On Fri, 26 Jan 2018, Al Varnell wrote:
>If you can't revert to daily 24255 then disable daily.cld until you know it's
>fixed.
>
>Has anybody updated to daily 24257 to see if that helps? I doubt that it does
>as no sigs are shown as dropped.
I'm running ClamAv 0.99.2 on two mail servers (debian
Il 26/01/2018 10:39, Ralf Hildebrandt ha scritto:
clamd is leaking filedescriptors for temporary files - ls /proc/`pidof
clamd`/fd shows a
lot of:
lrwx-- 1 root root 64 Jan 26 10:38 993 ->
/tmp/clamav-736a3d0d2a944a0a79d465671fb754d5.tmp (deleted)
lrwx-- 1 root root 64 Jan 26 10:38 99
Am 26.01.2018 um 11:48 schrieb Ralf Hildebrandt:
>> Arguably if a bug in the signatures can lead to such massive problems
>> then that is in itself a bug in the software, which might be (but
>> apparently so far isn't) fixed in a later version.
>
> Amen to that.
the former 0.99.3beta2 don't crash
> Arguably if a bug in the signatures can lead to such massive problems
> then that is in itself a bug in the software, which might be (but
> apparently so far isn't) fixed in a later version.
Amen to that.
--
Ralf Hildebrandt Charite Universitätsmedizin Berlin
ralf.hildebra...@
Am 26.01.2018 um 11:36 schrieb Reindl Harald:
> Am 26.01.2018 um 11:28 schrieb Andreas Schulze:
>>
>> just updated to 0.99.3 ( which is a 0.99.2 + Security fixes ) bit
>> still clamav don't work as expected.
>>
>> Fri Jan 26 11:23:10 2018 -> ERROR: accept() failed:
>> Fri Jan 26 11:23:10 2018 -> ER
Am 26.01.2018 um 11:28 schrieb Andreas Schulze:
Am 26.01.2018 um 10:01 schrieb Ralf Hildebrandt:
* Reindl Harald :
sounds like an issue with the official signatures given that you are not the
first reporter and that we don't use them and have no problems
Thought so. Must be a recent signat
If you can't revert to daily 24255 then disable daily.cld until you know it's
fixed.
Has anybody updated to daily 24257 to see if that helps? I doubt that it does
as no sigs are shown as dropped.
Sent from my iPad
-Al-
> On Jan 26, 2018, at 2:28 AM, Andreas Schulze wrote:
>
> looks like we
Am 26.01.2018 um 10:01 schrieb Ralf Hildebrandt:
> * Reindl Harald :
>
>> sounds like an issue with the official signatures given that you are not the
>> first reporter and that we don't use them and have no problems
>
> Thought so. Must be a recent signature in daily.cvd.
just updated to 0.99.3
* Dianne Skoll :
> Hi,
>
> Something went badly wrong with clamd recently; it's stuck with
> hundreds/thousands of open files per process and interrupting mail flow.
>
> When a scanning thread finishes, I see this in the strace output.
> (I ran clamdscan /etc/hosts as a test):
>
> [pid 3707] 02
* Reindl Harald :
> sounds like an issue with the official signatures given that you are not the
> first reporter and that we don't use them and have no problems
Thought so. Must be a recent signature in daily.cvd.
--
Ralf Hildebrandt Charite Universitätsmedizin Berlin
ralf.hi
yes all our servers are stuck
disabled official signatures
we have sanesecurity foxhole foxhole_all.cdb -- customized for our use which
blocks all bad attachments
it seems to work now.
rajesh
- Original Message -
From: Reindl Harald [mailto:h.rei...@thelounge.net]
To: clamav-users@l
Am 26.01.2018 um 09:19 schrieb Marco:
Il 26/01/2018 09:00, Reindl Harald ha scritto:
freshclam and a custom script downloads anything to
/var/lib/clamav-download and then for the two "/var/lib/clamav" and
"/var/lib/clamav-sa" basend on file-lists hardlinks are set - from the
official only "s
Il 26/01/2018 09:00, Reindl Harald ha scritto:
freshclam and a custom script downloads anything to
/var/lib/clamav-download and then for the two "/var/lib/clamav" and
"/var/lib/clamav-sa" basend on file-lists hardlinks are set - from the
official only "safebrowsing" is active
We have the same
Am 26.01.2018 um 08:32 schrieb Dianne Skoll:
Something went badly wrong with clamd recently; it's stuck with
hundreds/thousands of open files per process and interrupting mail flow.
When a scanning thread finishes, I see this in the strace output.
(I ran clamdscan /etc/hosts as a test):
[pid
Hi,
Something went badly wrong with clamd recently; it's stuck with
hundreds/thousands of open files per process and interrupting mail flow.
When a scanning thread finishes, I see this in the strace output.
(I ran clamdscan /etc/hosts as a test):
[pid 3707] 02:11:01 sendto(295, "/etc/hosts: OK\
33 matches
Mail list logo
