I've made a new version of clamav available for installation,
including, libclamav6, libclamav-devel, clamav-db.
This is a feature release keeping the same dll version. Nice.
Run freshclam after the update.
Problems:
* Spurious "LibClamAV Warning: fmap_aging: kernel hates you" messages.
* Huge package size: cygclamav-6.dll went from 720KB to 10MB
stripped, because llvm is linked statically.
clamav-db went from 23.9MB to 24.1MB. There's a new
bytecode.cvd archive, which you will download with freshclam.
* Possible new false positives:
Due to the new llvm-based bytecode interpreter some false
positives with unstripped/hyphened SSN data were reported.
Also PS and PDF files have been reported as false positives on the
clamav-devel list.
Project description:
Clam AntiVirus is an anti-virus toolkit. It provides a number of
utilities, including a flexible and scalable multi-threaded daemon, a
commandline scanner, and a tool for automatic database updates. The
core of the package is an anti-virus engine available as a shared
library.
*** CYGWIN-ANNOUNCE UNSUBSCRIBE INFO ***
If you want to unsubscribe from the cygwin-announce mailing list, please
use the automated form at:
http://cygwin.com/lists.html#subscribe-unsubscribe
If this does not work, then look at the "List-Unsubscribe: " tag in the
email header of this message. Send email to the address specified
there. It will be in the format:
cygwin-announce-unsubscribe-you=yourdomain....@cygwin.com
If you need more information on unsubscribing, start reading here:
http://sourceware.org/lists.html#unsubscribe-simple
Please read *all* of the information on unsubscribing that is available
starting at this URL.
======================================================================
Cygwin changes:
----- version 0.96-1 -----
* lndirs ${B}/libclamav/c++/llvm
* DIRENT_MISSING_D_INO check is now ignored upstream.
Only cygwin-1.7 supported
* still libclamav6
* adapted libclamav6.hint dependencies
* cygport falsely reports a libtool check error on postinstall.
I changed this locally from error to warn.
New major upstream features:
1. The Bytecode Interpreter - The Bytecode Interpreter allows ClamAV
sig-makers to create very complex AV signatures for complex pieces of
malware. This is a pretty major addition to the detection technologies
inside of ClamAV.
2. Native Windows Support - ClamAV will now build natively under Visual
Studio. This will allow 3rd Party application developers on windows to
easily integrate LibClamAV into their applications.
3. UPX 3.0 unpacking support - Add support to decompressing UPX version
3.0 packed applications.
4. 7zip archive support - Add support for decompressing 7zip archives
and inspecting their contents.
5. OSX Mach-O support - Add support for parsing OSX Mach-O binaries
files and intelligently inspecting their contents
6. 64-bit ELF support - Add support for intelligently parsing and
detecting malware in 64-Bit ELF binaries.
7. InstallShield archives support - Add support for unpacking and
inspecting the contents of InstallShield archives.
8. CPIO archive support - Add support for unpacking and inspecting the
contents of CPIO archives.
9. Heuristic improvements - Improve the PE heuristics detection engine
by adding support of bogus icons and fake PE header information. In a
nutshell, ClamAV can now detect malware that tries to disguise itself as
a harmless application by using the most common Windows program icons.
10. Performance improvements - Overall performance improvements and
memory optimizations for a better overall resource utilization experience.
11. Signature Improvements - Logical signature improvements to allow
referencing groups of signatures. Additionally, improvements to
wildcard matching on word boundaries and newlines.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
