Hi,
It looks like this issue might be related to
https://bugzilla.clamav.net/show_bug.cgi?id=12217. The problem is a bug in the
clamav reporting code where the archive itself is whitelisted, but the contents
are not. This causes the archive to be reported, even though it has been
whitelisted
Hi Micah,
Curiously it only seems to affect clamd/clamdscan. The standalone clamscan
doesn't appear to be affected, which means it took quite a while to track down
the file which causes the crash.
The signature in question is Email.Exploit.Efail-6641027-1
The file triggering the crash for me i
Public
Hi,
Hopefully this is clearer, it depicts the steps I took:
The file I try to whitelist is the following:
/usr/sap/XA1/DVEBMGS20/j2ee/cluster/apps/sap.com/theme~designer/servlet_jsp/themedesigner/themedesigner.war
The method I use is:
# sigtool --md5
/usr/sap/XA1/DVEBMGS20/j2ee/cluster
Hi there,
On Thu, 7 May 2020, Pascal De Meerleer via clamav-users wrote:
...
whitelisting a file themedesigner.war
Creating an md5 signature and writing it to a file with extension .fp
# sigtool --md5 themedesigner.war
a264955211fd1fb5dc952430c4ee6674:14824637:themedesigner
(omitting the last
Public
Hi,
whitelisting a file themedesigner.war
Creating an md5 signature and writing it to a file with extension .fp
# sigtool --md5 themedesigner.war
a264955211fd1fb5dc952430c4ee6674:14824637:themedesigner
(omitting the last extension, in this case .war)
Restarting the clamd scan service
Ch
