Hi All,
I have found a bug that will cause issues for 32bit builds and maybe
some 64bit builds.
On all three of my OS (2 x x86_64 and one x86) tested, CMake is not
setting DEFINE_SF64_PREFIX used in clamav-types.h.in.
This breaks the build on one x86_64 OS and may cause issues on the x86
OS with 64bit numbers.
Any ideas on how to implement a quick fix ?
Regards
Mark.
On 28/07/21 01:14, Mark Fortescue wrote:
Hi again,
I needed to read all of the INSTALL.md file not just the top bit.
Got the cmake build to work and the binaries test OK.
Not as user friendly as configure scripts when you are doing something
different. The big advantage of the configure script is that it can be
tweaked when it gets something wrong or at least opened in an editor to
see what it is actually doing. Not sure where to start if cmake does not
do what it is meant to do.
Regards
Mark.
On 28/07/2021 00:14, Mark Fortescue via clamav-users wrote:
Hi all,
I have two curl installations. One is not suitable for clamav (the
system installed version).
How do I force cmake to pick up the correct library as it is always
picking up the system library not the one in /usr/local/clamav/lib.
In order to move to cmake it would be useful to have a conversion from
all the configure script options to there cmake equivalents. Is there
a way of getting cmake to display all the variables that can be set
(equivalent to ./configure --help) ?
Regards
Mark.
On 22/07/2021 17:18, Joel Esler (jesler) via clamav-users wrote:
https://blog.clamav.net/2021/07/clamav-01040-release-candidate-is-here.html
ClamAV 0.104.0 Release Candidate is here!
We are pleased to announce the ClamAV 0.104.0 release candidate
<https://www.clamav.net/downloads>.
Please help us validate this release. We need your feedback, so let
us know what you find and join us on the ClamAV mailing list
<https://lists.clamav.net/mailman/listinfo/clamav-users>, or on our
Discord <https://discord.gg/sGaxA5Q>, which is bridged with our IRC.
This release candidate phase is only expected to last about two to
four weeks before the 0.104.0 Stable version will be published. Take
this opportunity to verify that you 0.104.0 can build and run in
your environment.
Please submit bug reports to the ClamAV project GitHub Issues
<https://github.com/Cisco-Talos/clamav/issues>.
ClamAV 0.104.0 includes the following improvements and changes.
<https://github.com/Cisco-Talos/clamav/blob/dev/0.104/NEWS.md#new-requirements>
New Requirements
*
As of ClamAV 0.104, CMake is required to build ClamAV.
* We have added comprehensive build instructions for using CMake to
the new |INSTALL.md| file. The online documentation will also be
updated to include CMake build instructions.
* The Autotools and the Visual Studio build systems have been
removed.
<https://github.com/Cisco-Talos/clamav/blob/dev/0.104/NEWS.md#major-changes>
Major changes
*
The built-in LLVM for the bytecode runtime has been removed.
* The bytecode interpreter is the default runtime for bytecode
signatures just as it was in ClamAV 0.103.
* We wished to add support for newer versions of LLVM, but ran out
of time. If you're building ClamAV from source and you wish to use
LLVM instead of the bytecode interpreter, you will need to supply
the development libraries for LLVM version 3.6.2. See |INSTALL.md|
to learn more.
*
There are now official ClamAV images on Docker Hub.
o /Note/: Until ClamAV 0.104.0 is released, these images are
limited to "unstable" versions, which are updated daily with
the latest changes in the default branch on GitHub.
You can find the images on Docker Hub under |clamav|
<https://hub.docker.com/r/clamav/clamav>.
Docker Hub ClamAV tags:
*
|clamav/clamav:<version>|: A release preloaded with signature
databases.
Using this container will save the ClamAV project some bandwidth.
Use this if you will keep the image around so that you don't
download the entire database set every time you start a new
container. Updating with FreshClam from the existing databases set
does not use much data.
*
|clamav/clamav:<version>_base|: A release with no signature
databases.
Use this container *only* if you mount a volume in your container
under |/var/lib/clamav| to persist your signature database
databases. This method is the best option because it will reduce
data costs for ClamAV and for the Docker registry, but it does
require advanced familiarity with Linux and Docker.
/Caution/: Using this image without mounting an existing
database directory will cause FreshClam to download the entire
database set each time you start a new container.
You can use the |unstable| version (i.e. |clamav/clamav:unstable| or
|clamav/clamav:unstable_base|) to try the latest from our
development branch.
Please, be kind when using "free" bandwidth for the virus databases
and Docker registry. Try not to download the entire database set or
the larger ClamAV database images on a regular basis.
For more details, see the ClamAV Docker documentation
<https://docs.clamav.net/manual/Installing/Docker.html>.
Special thanks to Olliver Schinagl for his excellent work creating
ClamAV's new Docker files, image database deployment tooling, and
user documentation.
*
|clamd| and |freshclam| are now available as Windows services. To
install and run them, use the |--install-service| option and |net
start [name]| command.
Special thanks to Gianluigi Tiesi for his original work on this
feature.
<https://github.com/Cisco-Talos/clamav/blob/dev/0.104/NEWS.md#notable-changes>
Notable changes
We added these features in 0.103.1 but wanted to re-post them here,
as patch versions do not generally introduce new options:
*
Added a new scan option to alert on broken media (graphics) file
formats. This feature mitigates the risk of malformed media files
intended to exploit vulnerabilities in other software. Currently,
media validation exists for JPEG, TIFF, PNG, and GIF files. To
enable this feature, set |AlertBrokenMedia yes| in clamd.conf, or
use the |--alert-broken-media| option when using |clamscan|. These
options are disabled by default in this patch, but may be enabled
in a subsequent release. Application developers may enable this
scan option by enabling |CL_SCAN_HEURISTIC_BROKEN_MEDIA| for the
|heuristic| scan option bit field.
*
Added CL_TYPE_TIFF, CL_TYPE_JPEG types to match GIF and PNG typing
behavior. BMP and JPEG 2000 files will continue to detect as
CL_TYPE_GRAPHICS because ClamAV does not have BMP or JPEG 2000
format-checking capabilities.
*
Added progress callbacks to libclamav for:
o database load: |cl_engine_set_clcb_sigload_progress()|
o engine compile: |cl_engine_set_clcb_engine_compile_progress()|
o engine free: |cl_engine_set_clcb_engine_free_progress()|
These new callbacks enable an application to monitor and estimate
load, compile and unload progress. See |clamav.h| for API details.
*
Added progress bars to ClamScan for the signature load and engine
compile steps before a scan begins. The startup progress bars
won't be enabled if ClamScan isn't running in a terminal (i.e. if
stdout is not a TTY), or if any of these options are used:
o |--debug|
o |--quiet|
o |--infected|
o |--no-summary|
<https://github.com/Cisco-Talos/clamav/blob/dev/0.104/NEWS.md#other-improvements>
Other improvements
*
Added the |%f| format string option to the ClamD VirusEvent
feature to insert the file path of the scan target when a virus
event occurs. This supplements the VirusEvent |%v| option that
prints the signature (virus) name. The ClamD VirusEvent feature
also provides two environment variables,
|$CLAM_VIRUSEVENT_FILENAME| and |$CLAM_VIRUSEVENT_VIRUSNAME| for a
similar effect. This fix comes courtesy of Vasile Papp.
*
Improvements to the AutoIt extraction module. Patch courtesy of
cw2k.
*
Added support for extracting images from Excel *.xls (OLE2)
documents.
*
Trusted SHA256-based Authenticode hashes can now be loaded in from
*.cat files. See our Authenticode documentation
<https://docs.clamav.net/appendix/Authenticode.html> for more info
about using *.cat files with *.crb rules to trust signed Windows
executables.
<https://github.com/Cisco-Talos/clamav/blob/dev/0.104/NEWS.md#bug-fixes>
Bug fixes
*
Fixed a memory leak affecting logical signatures that use the
"byte compare" feature. Patch courtesy of Andrea De Pasquale.
*
Fixed bytecode match evaluation for PDF bytecode hooks in PDF file
scans.
*
Other minor bug fixes.
<https://github.com/Cisco-Talos/clamav/blob/dev/0.104/NEWS.md#acknowledgements>
Acknowledgments
The ClamAV team thanks the following individuals for their code
submissions:
* Alexander Golovach
* Andrea De Pasquale
* Andrew Williams
* Armin Kuster
* Brian Bergstrand
* cw2k
* Duane Waddle
* Gianluigi Tiesi
* Jonas Zaddach
* Kenneth Hau
* Markus Strehle
* Olliver Schinagl
* Orion Poplawski
* Sergey Valentey
* Sven Rueß
* Tom Briden
* Vasile Papp
* Yasuhiro Kimura
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
