>From this daily.cvd:
# sigtool --info=./daily.cvd File: ../daily.cvd Build time: 07 Sep 2010 13:23 -0400 Version: 11838 Signatures: 120892 Functionality level: 53 Builder: arnaud MD5: d50688ae71627b1f6c738fa805cb3403 Digital signature: NRZLLtE3y3tlXy1HIJytbvXs1N/Xq/QnEfcnvp2xPYt/jIgp/Lg/h7nse1p92ZTuOM4t09tpdjg0H+KSd716uoCIIuXxDx125k65DgikFakPfSQnX6/smvm+cgOpU4wxtBPUNPNSNBIW2g9i9yrciPFB9KMhvyvR1FYX8Eqceki Verification OK. I find: # sigtool --unpack daily.cvd [r...@c1-delltest2 temp]# egrep ':54$' daily.* daily.ftm:1:*:255044462d??2e*737461727478726566*2525454f46:PDF:CL_TYPE_ANY:CL_TYPE_PDF:54:54 daily.ftm:1:*:257064662d??2e*737461727478726566*2525454f46:PDF:CL_TYPE_ANY:CL_TYPE_PDF:54:54 daily.ftm:1:0:255044462d*737461727478726566*2525454f46:PDF document:CL_TYPE_ANY:CL_TYPE_PDF:54:54 [r...@c1-delltest2 temp]# egrep ':55$' daily.* daily.ftm:0:0:255044462d:PDF document:CL_TYPE_ANY:CL_TYPE_PDF:55 daily.ftm:1:*:255044462d??2e:PDF:CL_TYPE_ANY:CL_TYPE_PDF:55 daily.ftm:1:*:257064662d??2e:PDF:CL_TYPE_ANY:CL_TYPE_PDF:55 I believe this is causing PDF files to not be parsed by clamav: LibClamAV debug: cli_loadftm: File type signature for PDF document not loaded (required f-level: 55) LibClamAV debug: cli_loadftm: File type signature for PDF not loaded (required f-level: 55) LibClamAV debug: cli_loadftm: File type signature for PDF not loaded (required f-level: 55) Specifically, I'm finding that on a clean installation of clamav, updated with the latest freshclam, I'm not able to catch clam.pdf, where old versions do catch it: /tmp/clam.pdf: ClamAV-Test-File FOUND Am I out of date somewhere that I'm missing? Thank you. - Jason Parsons _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
