Ged, Augh indeed! It looks like the clamav-0.105.1.tar.gz (and sig file) were the only files not correctly hidden. The -2 variant is available right next to it though. The old one is hidden, now.
As for 0.103.7, the tarball has not changed at all. Only 0.105.1's source tarball was updated, because of bug fixes in Rust vendored dependencies in that tarball. For 0.103.7, only the installer packages (RPM, DEB, PKG, ZIP, MSI) have been updated. So, there is no need to rebuild the 0.103.7 source tarball unless you also built ClamAV with using static library dependencies. If you're using distro-provided shared libraries in your build, they would be updated separately from ClamAV, and you just want to make sure those are up-to-date with with their latest package revisions. > FWIW the problem went away when I used autotools instead of CMake: Oh! Yes, CMake for 0.103 was experimental. Honestly, I had forgotten it even existed for 0.103 until you said something. I am not surprised that there is an issue there. It is much more stable in 0.104 and later. I'm glad you have everything working again. Regards, Micah Micah Snyder ClamAV Development Talos Cisco Systems, Inc. ________________________________ From: clamav-users <clamav-users-boun...@lists.clamav.net> on behalf of G.W. Haywood via clamav-users <clamav-users@lists.clamav.net> Sent: Tuesday, November 1, 2022 4:32 PM To: Micah Snyder (micasnyd) via clamav-users <clamav-users@lists.clamav.net> Cc: G.W. Haywood <cla...@jubileegroup.co.uk> Subject: Re: [clamav-users] [Clamav-announce] New packages for ClamAV 0.103.7, 0.104.4, 0.105.1 to resolve CVE's Hi Micah, On Tue, 1 Nov 2022, Micah Snyder (micasnyd) via clamav-users wrote: > On Tue, 1 Nov 2022, G.W. Haywood via clamav-users wrote: > > On Mon, 31 Oct 2022, Micah Snyder (micasnyd) wrote: > > > > > Today we are publishing updated packages for ClamAV 0.103.7 ... > > > > Maybe I've done something stupid... > > > > Nov 1 17:16:48 mail6 x3[3078]: 2A1HGPGJ007261: xm_clamav_scan( 2425): > > [74.121.52.251], [AS19795], Response from ClamAV daemon [ENGINE VERSION > > MISMATCH: devel-11aaa24dd != 0.103.7. ERROR] > > It seems that your libclamav is from a different build than your clamd. Yeah. :) I don't know how, though. > The number on the right is the version number for clamd. The > 0.103.7 version is what I would expect. Ack. > The number on the left is the version number for libclamav. The > short-hash represents this git commit: > https://github.com/cisco-Talos/clamav/commit/11aaa24dd. This is a > different version string, and even different commit hash, than I > would expect. Agh. > The release materials for 0.103.7-2 were generated from our > rel/0.103 branch > https://github.com/Cisco-Talos/clamav/commits/rel/0.103 so I would > at least think that hash would be 416cd0b78. Am I using the right tarball? $ ls -l clamav-0.103.7.tar.gz -rw-r--r-- 1 ged ged 16501741 Jul 26 22:54 clamav-0.103.7.tar.gz $ md5sum clamav-0.103.7.tar.gz 9138e4678fabfb39bbe1844001ff4815 clamav-0.103.7.tar.gz I grabbed it from the download page. Your mail said the old versions were hidden, but the date there looks wrong and it doesn't have the suffix -2. It's still the same on the download page as I write. > Of course, I would actually expect the version to be 0.103.7 for > both, and not have the hash. The code in .../clamd/session.c is if (strcmp(engine_ver, clamd_ver)) { mdprintf(desc, "ENGINE VERSION MISMATCH: %s != %s. ERROR%c", engine_ver, clamd_ver, term); return; } so it's going to die anyway for *any* commit hash for engine_ver. :( > If I remember correctly, the version string showing a commit hash > means that clamav was built from within a Git clone directory, > rather than building from an un-tarred source tarball. By chance > did you build and install libclamav from a git clone? No, all from source. I don't remember using git to build ClamAV at any time. There isn't even a git executable on the machine which is running this clamd. I think last time I built 0.103.x it was with autotools. This time I tried CMake which seemed to work and then it all went pear-shaped at runtime. Maybe that's another problem? Or maybe the main one? It's an arm7 box, Raspberry Pi 4B. I did try to build 0.105 on there a few days earlier. That failed, I posted the error at the time. When I've got more time I'll dig into this but if you can confirm that the tarball on the download page is wrong that will be a good place to start. -- 73, Ged. _______________________________________________ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
_______________________________________________ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
