ClamAv: is anyone paying attention?
mario.vukelic at dantian.org
Thu Nov 23 05:53:32 UTC 2006
On Wed, 2006-11-22 at 23:20 +0000, Gabriel Dragffy wrote:
> This thread turned in to some huge rant about linux viruses, but the
> original question hasn't been resolved.
It was, within the first few postings:
"> Though in the defence of whoever the maintainer is, he is only 2
> releases behind. (and 3 months)
Actually 1 month, 0.88.5 was released Oct 15 according to the ClamAv
website. And the release notes for 0.88.5 and 0.88.6 on the ClamAv
website contain only minor bugfixes.
Anyway, the more important thing with a virus scanner is that the virus
database is up to date, and this seems to be done via internet anyway:
aptitude show clamav-freshclam
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
Description: downloads clamav virus databases from the Internet
Clam AntiVirus is an anti-virus toolkit for Unix. (...)
This package contains the program freshclam and scripts to automate
virus database updating. Depends on an internet
connection to function, but can be run in a variety of ways to
compensate for intermittent connections."
And in https://lists.ubuntu.com/archives/ubuntu-users/2006-November/100319.html
"> So the fact the engine is outdated doesn't cause a problem? oddly the
> clamAV FAQ suggests that you shouldn't use outdated engines
Certainly it is always a good idea to be fully up-to-date, but read the
changelogs, there really seems little reason to get upset:
Release Name: 0.88.5
Notes: This version fixes a crash in the CHM unpacker and a heap
overflow in the function rebuilding PE files after unpacking.
- libclamav/rebuildpe.c: fix possible heap overflow [IDEF1597]
- libclamav/chmunpack.c: fix possible crash [IDEF1736]
- freshclam/manager.c: "Cache-Control: no-cache" is now disabled by
default. If you're behind a broken proxy you can recompile freshclam
Release Name: 0.88.6
Notes: Changes in this release include better handling of network
problems in freshclam and other minor bugfixes.
- freshclam: apply timeout patch from Everton da Silva Marques
<everton*lab.ipaccess.diveo.net.br> (new options: ConnectTimeout and
- clamd: change stack size at the right place (closes bug#103)
Patch from Jonathan Chen <jon+clamav*spock.org>
- libclamav/petite.c: sanity check the number of rebuilt sections (speeds
up handling of malformed files)"
More information about the ubuntu-users