Re: [Clamav-users] Please help with this error...

Thu, 01 Dec 2005 14:08:40 -0800 

On Thu, 1 Dec 2005 21:48:21 +0000
Stephen Gran <[EMAIL PROTECTED]> wrote:

> On Thu, Dec 01, 2005 at 02:00:14PM -0600, John Tebbe said:
> > Okay, I'm going about this a little backwards. In reading the
> > archives, it appears there is a problem with AES128 and AES256
> > encryption. If I unzip the file and rezip it up using using standard
> > Zip 2 encryption, the file goes through. Does anyone know if this has
> > been fixed? 
> 
> clamav uses the zlib library for handling zip files, and it has had no
> enhancements (nor is it likely to, last I heard) in this direction.
> 
> I have been pondering how hard it would be to port clamav to use the
> infozip routines instead, but it looks like a fair amount of work, and I
> am not sure how portable the infozip stuff is, or how well packaged
> (Debian doesn't ship the shared libraries at present, not sure about
> other distros).  The advantage of infozip is that it seems to support a
> wider variety of zip file formats, but there are obvious disadvantages
> as well.

The zip unpacker in libclamav contains a lot of enhancements that help
to handle malicious and handcrafted archives which infozip fails to
unpack. Porting them back into infozip is out of our scope.

> Comments from others in the community about this idea would be
> appreciated.  Sorry I can't be more helpful to you, John, but there it
> is.

It's a problem of the OP and not ClamAV that he is running an outdated
version. The problem with AES encrypted zip archives was fixed more
than five months ago in 0.86:

Sun Jun 19 21:37:07 CEST 2005
-----------------------------
  V 0.86
  * Fixes backported from CVS:
[...]
    - libclamav/zziplib/zzip-file.c: add method id for AES encrypted
      archives (thanks to David Majorel <dm*lagoon.nc>) (tk)

-- 
   oo    .....         Tomasz Kojm <[EMAIL PROTECTED]>
  (\/)\.........         http://www.ClamAV.net/gpg/tkojm.gpg
     \..........._         0DCA5A08407D5288279DB43454822DC8985A444B
       //\   /\              Thu Dec  1 23:07:06 CET 2005

Attachment: signature.asc
Description: PGP signature

_______________________________________________
http://lurker.clamav.net/list/clamav-users.html

Reply via email to