Re: [clamav-users] Update on rate limits and downloading

2021-05-07 Thread clamav . mbourne
Hi Micah, Thanks for the info. It looks like the timeout is an Ubuntu packaging issue. The post-install scripts for the Ubuntu 16.04 and 18.04 clamav-freshclam 0.103.2 packages create a freshclam.conf with "ReceiveTimeout=30", while the Ubuntu 20.04 package sets "ReceiveTimeout=0". I hadn'

Re: [clamav-users] State of false-positive message evaluation for Img.Exploit.CVE_2017_3049-6268090-0

2021-05-07 Thread Andreas Rulle
Hello Micah, thank you for your clarification before the weekend! With best regards, Andreas/ / ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV g

Re: [clamav-users] State of false-positive message evaluation for Img.Exploit.CVE_2017_3049-6268090-0

2021-05-07 Thread Andreas Rulle
Hello Al, thank you for your quick and profound reply. Yes, of course as the subject indicates a false positive report has been issued on the clamav.net website. And a screenshot of the clamav.net/reports/success page with the message "Report Submitted / Thank you for your submission. Your sub

Re: [clamav-users] State of false-positive message evaluation for Img.Exploit.CVE_2017_3049-6268090-0

2021-05-07 Thread Micah Snyder (micasnyd) via clamav-users
Andreas is probably correct. This signature does appear to be problematic. Detections only recently started to appear because of changes in 0.103.1 to properly handle TIFF files. The signature wasn’t working in prior clamav versions because TIFF file type detection was missing from the daily d

Re: [clamav-users] State of false-positive message evaluation for Img.Exploit.CVE_2017_3049-6268090-0

2021-05-07 Thread Al Varnell via clamav-users
One additional note. That signature has been in the ClamAV.ldb database since 19 Apr 2017 back when first defined, making it relatively unlikely to be a false positive at this point in time. Also note from the CVE-2017-3049 detail that it was at

Re: [clamav-users] Help about Clamava on QNAP

2021-05-07 Thread G.W. Haywood via clamav-users
Hi there, On Fri, 7 May 2021, Matus UHLAR - fantomas wrote: easies would be to say: Do not expose QNAP devices to the internet. It's easy for us. It's not easy for most people - who for example don't know that even if their their firewall claims to block access from the Internet to the NAS d

Re: [clamav-users] State of false-positive message evaluation for Img.Exploit.CVE_2017_3049-6268090-0

2021-05-07 Thread Al Varnell via clamav-users
Prof Rulle, I believe you mean a false positive, don't you? A false negative would be a failure to report, but clearly ClamAV does detect this. The proper way to report this would be to file a False Positive Report here: . If you can also provide a hash value

Re: [clamav-users] Help about Clamava on QNAP

2021-05-07 Thread Matus UHLAR - fantomas
On 06.05.21 12:19, Chellini Stefano via clamav-users wrote: My QNAP NAS It is EOL , it is TS419-PII Is it available an option to upgrade the antivirus on it ? On Thu, 6 May 2021, Matus UHLAR - fantomas wrote: it should be installable through entware package, but as it only has 512MB of RAM,