Hi, I'm using ClamAV 104.2 (for Windows) and am getting an update
problem which looks like one of the mirrors isn't updated properly. It's
been doing this all day.
It's seeing that the latest version is 26521, but the file it's
downloading is 26520 and then it's trying to download a patch and that
is failing
(The daily.cvd database downloaded from https://database.clamav.net is
older than the version advertised in the DNS TXT record.
Received an older daily CVD than was advertised. We'll keep it and try
updating to the latest version with CDIFFs.)
Here's the output of freshclam -v on a blank database
Current working dir is d:\clam\db\
Can't open freshclam.dat in d:\clam\db
It probably doesn't exist yet. That's ok.
Failed to load freshclam.dat; will create a new freshclam.dat
Creating new freshclam.dat
Saved freshclam.dat
ClamAV update process started at Sat Apr 23 17:08:04 2022
Current working dir is d:\clam\db\
Querying current.cvd.clamav.net
TTL: 747
fc_dns_query_update_info: Software version from DNS: 0.103.5
Current working dir is d:\clam\db\
check_for_new_database_version: No local copy of "daily" database.
query_remote_database_version: daily.cvd version from DNS: 26521
daily database available for download (remote version: 26521)
Retrieving https://database.clamav.net/daily.cvd
downloadFile: Download source: https://database.clamav.net/daily.cvd
downloadFile: Download destination:
d:\clam\db\tmp.b7b76a09b1\clamav-a9c4531a90e867ba4f628badafcd9650.tmp
* Trying 104.16.218.84:443...
* Connected to database.clamav.net (104.16.218.84) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
Certificate loaded from Windows certificate store: Microsoft Root
Certificate Authority
Certificate loaded from Windows certificate store: Thawte Timestamping CA
Certificate loaded from Windows certificate store: Microsoft Root Authority
Certificate loaded from Windows certificate store: Symantec Enterprise
Mobile Root for Microsoft
Certificate loaded from Windows certificate store: Microsoft Root
Certificate Authority 2011
Certificate loaded from Windows certificate store: Microsoft
Authenticode(tm) Root
Certificate loaded from Windows certificate store: Microsoft Root
Certificate Authority 2010
Certificate loaded from Windows certificate store: Microsoft Timestamp Root
Certificate loaded from Windows certificate store: VeriSign Time Stamping CA
Certificate loaded from Windows certificate store: Sectigo (UTN Object)
Certificate loaded from Windows certificate store: DigiCert Global Root G2
Certificate loaded from Windows certificate store: GeoTrust Global CA
Certificate loaded from Windows certificate store: DigiCert Trusted Root G4
Certificate loaded from Windows certificate store: DST Root CA X3
Certificate loaded from Windows certificate store: GlobalSign Root CA - R3
Certificate loaded from Windows certificate store: DigiCert Baltimore Root
Certificate loaded from Windows certificate store: GeoTrust
Certificate loaded from Windows certificate store: Sectigo (AAA)
Certificate loaded from Windows certificate store: GlobalSign Root CA - R1
Certificate loaded from Windows certificate store: Sectigo (formerly
Comodo CA)
Certificate loaded from Windows certificate store: Starfield Class 2
Certification Authority
Certificate loaded from Windows certificate store: DigiCert
Certificate loaded from Windows certificate store: thawte
Certificate loaded from Windows certificate store: Google Trust Services
- GlobalSign Root CA-R2
Certificate loaded from Windows certificate store: VeriSign Class 3
Public Primary CA
Certificate loaded from Windows certificate store: DigiCert
Certificate loaded from Windows certificate store: VeriSign
Certificate loaded from Windows certificate store: VeriSign Universal
Root Certification Authority
Certificate loaded from Windows certificate store: Sectigo
Certificate loaded from Windows certificate store: Go Daddy Class 2
Certification Authority
Certificate loaded from Windows certificate store: DigiCert
Certificate loaded from Windows certificate store: Sectigo (AddTrust)
Certificate loaded from Windows certificate store: pscs-PLUTO-CA
Certificate loaded from Windows certificate store: pscs-VMHOST1-CA
Certificate loaded from Windows certificate store: pscs-VMHOST1-CA
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: C=US; ST=California; L=San Francisco; O=Cloudflare, Inc.;
CN=sni.cloudflaressl.com
* start date: Jul 15 00:00:00 2021 GMT
* expire date: Jul 14 23:59:59 2022 GMT
* subjectAltName: host "database.clamav.net" matched cert's
"database.clamav.net"
* issuer: C=US; O=Cloudflare, Inc.; CN=Cloudflare Inc ECC CA-3
* SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after
upgrade: len=0
* Using Stream ID: 1 (easy handle 0xf8f928)
> GET /daily.cvd HTTP/2
Host: database.clamav.net
user-agent: ClamAV/0.104.2 (OS: Windows, ARCH: AMD64, CPU: AMD64, UUID:
4ec0d961-a67d-40ef-852e-817ebaf45c05)
accept: */*
connection: close
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 256)!
< HTTP/2 200
< date: Sat, 23 Apr 2022 16:08:04 GMT
< content-type: application/octet-stream
< content-length: 58361055
< last-modified: Fri, 22 Apr 2022 08:30:00 GMT
< etag: "62626788-37a84df"
< expires: Sun, 24 Apr 2022 04:08:04 GMT
< cache-control: public, max-age=43200
< cf-cache-status: HIT
< age: 27707
< accept-ranges: bytes
< expect-ct: max-age=604800,
report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct";
< strict-transport-security: max-age=15552000
< x-content-type-options: nosniff
< server: cloudflare
< cf-ray: 7007db130dd5770b-LHR
<
* Connection #0 to host database.clamav.net left intact
The daily.cvd database downloaded from https://database.clamav.net is
older than the version advertised in the DNS TXT record.
Received an older daily CVD than was advertised. We'll keep it and try
updating to the latest version with CDIFFs.
updatedb: Running g_cb_download_complete callback...
Testing database:
'd:\clam\db\tmp.b7b76a09b1\clamav-a9c4531a90e867ba4f628badafcd9650.tmp-daily.cvd'
...
Loading signatures from
d:\clam\db\tmp.b7b76a09b1\clamav-a9c4531a90e867ba4f628badafcd9650.tmp-daily.cvd
Properly loaded 1980741 signatures from
d:\clam\db\tmp.b7b76a09b1\clamav-a9c4531a90e867ba4f628badafcd9650.tmp-daily.cvd
Database test passed.
daily.cvd updated (version: 26520, sigs: 1980741, f-level: 90, builder:
raynman)
Received an older daily CVD than was advertised. We'll retry so the
incremental update will ensure we're up-to-date.
check_for_new_database_version: Local copy of daily found: daily.cvd.
query_remote_database_version: daily.cvd version from DNS: 26521
daily database available for update (local version: 26520, remote
version: 26521)
Current database is 1 version behind.
Downloading database patch # 26521...
Retrieving https://database.clamav.net/daily-26521.cdiff
downloadFile: Download source: https://database.clamav.net/daily-26521.cdiff
downloadFile: Download destination:
.\clamav-6e1f598f965bf1c38a7567ea4dbb5a57.tmp
* Trying 104.16.218.84:443...
* Connected to database.clamav.net (104.16.218.84) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: C=US; ST=California; L=San Francisco; O=Cloudflare, Inc.;
CN=sni.cloudflaressl.com
* start date: Jul 15 00:00:00 2021 GMT
* expire date: Jul 14 23:59:59 2022 GMT
* subjectAltName: host "database.clamav.net" matched cert's
"database.clamav.net"
* issuer: C=US; O=Cloudflare, Inc.; CN=Cloudflare Inc ECC CA-3
* SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after
upgrade: len=0
* Using Stream ID: 1 (easy handle 0x103dec0)
> GET /daily-26521.cdiff HTTP/2
Host: database.clamav.net
user-agent: ClamAV/0.104.2 (OS: Windows, ARCH: AMD64, CPU: AMD64, UUID:
4ec0d961-a67d-40ef-852e-817ebaf45c05)
accept: */*
connection: close
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 256)!
< HTTP/2 200
< date: Sat, 23 Apr 2022 16:08:25 GMT
< content-type: application/octet-stream
< content-length: 18762
< last-modified: Sat, 23 Apr 2022 08:22:00 GMT
< etag: "6263b728-494a"
< expires: Sun, 23 Apr 2023 16:03:59 GMT
< cache-control: public, max-age=31535734
< cf-cache-status: HIT
< age: 27688
< accept-ranges: bytes
< expect-ct: max-age=604800,
report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct";
< strict-transport-security: max-age=15552000
< x-content-type-options: nosniff
< server: cloudflare
< cf-ray: 7007db983eeb774d-LHR
<
Time: 0.1s, ETA: 0.1s [=============> ] 10.37KiB/18.32KiB
Time: 0.1s, ETA: 0.1s [=============> ] 10.37KiB/18.32KiB
Time: 0.1s, ETA: 0.0s [========================>] 18.32KiB/18.32KiB
* Connection #0 to host database.clamav.net left intact
cdiff_apply: Parsed 228 lines and executed 228 commands
ERROR: buildcld: Can't add daily.ldb to new daily.cld - please check if
there is enough disk space
available
ERROR: updatedb: Incremental update failed. Failed to build CLD.
ERROR: Unexpected error when attempting to update daily: Failed to
update database
ERROR: Database update process failed: Failed to update database
ERROR: Update failed.
--
Paul Smith Computer Services
Tel: 01484 855800
Vat No: GB 685 6987 53
Sign up for news & updates at http://www.pscs.co.uk/go/subscribe
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
