From mboxrd@z Thu Jan  1 00:00:00 1970
From: Matthias Fischer <matthias.fischer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: Fwd: [Clamav-announce] =?utf-8?q?ClamAV=C2=AE?= blog: ClamAV
 0.104.0 released
Date: Fri, 03 Sep 2021 19:59:58 +0200
Message-ID: <23aa018a-11cf-bbe8-869e-a2bc6fe88f4f@ipfire.org>
In-Reply-To: <e875a3ea3bc586be32557691620a25c5ecdede9a.camel@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============2062752995761465681=="
List-Id: <development.lists.ipfire.org>

--===============2062752995761465681==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Hi,

On 03.09.2021 18:36, Stefan Schantl wrote:
> Hello Michael, Hello Matthias, Hello list,
>> Hello everyone,
>>=20
>> I just received this announcement that clamav 0.104.0 has been
>> released.
>>=20
>> The interesting things for us are the changes in the build system:
>>=20
>> * It now requires cmake which isn=E2=80=99t a problem
>>=20
>> * It now requires LLVM which we don=E2=80=99t have
>>=20
>> LLVM is probably going to be large, but Stefan has already played
>> around with it and we might be able to merge his patches. So, Stefan,
>> could you please post them? I suppose Matthias is the de-facto
>> maintainer of clamav. You will need to merge these patches locally to
>> see if clamav is happy with what Stefan has built.
>=20
> I've created and pushed a new LLVM git branch in my personal git
> repository, which builds the LLVM compiler suite.
>=20
> https://git.ipfire.org/?p=3Dpeople/stevee/ipfire-2.x.git;a=3Dshortlog;h=3Dr=
efs/heads/llvm
>=20
> I hope this will do the trick with the new clamav version.

Thanks Stefan,

I'll take a look...

Best,
Matthias

> Best regards,
>=20
> -Stefan
>=20
>>=20
>> This will be an interesting project :)
>>=20
>> -Michael
>>=20
>> > Begin forwarded message:
>> >=20
>> > From: "Joel Esler (jesler)" <jesler(a)cisco.com>
>> > Subject: [Clamav-announce] ClamAV=C2=AE blog: ClamAV 0.104.0 released
>> > Date: 3 September 2021 at 16:51:29 BST
>> > To: "ClamAV-announce(a)lists.clamav.net" <
>> > ClamAV-announce(a)lists.clamav.net>, "clamav-users(a)lists.clamav.net"
>> > <clamav-users(a)lists.clamav.net>
>> > Reply-To: noreply(a)clamav.net
>> >=20
>> >=20
>> > >=20
>> > > https://blog.clamav.net/2021/09/clamav-01040-released.html
>> > >=20
>> > > ClamAV 0.104.0 releasedClamAV 0.104.0 is available as an official
>> > > release as of today.
>> > > We are also announcing a new Long Term Support (LTS) program
>> > > today in an update to our End-of-Life (EOL) policy. The LTS will
>> > > start retroactively with ClamAV 0.103, the previous feature
>> > > release. This new LTS policy extends the life of 0.103 up through
>> > > September 2023 and will facilitate the production of more
>> > > frequent feature releases while enabling users to rely on a
>> > > supported version for years to come if they cannot keep pace with
>> > > the feature release cadence. For full details about the Long Term
>> > > Support program, you can see the LTS announcement blog post and
>> > > review=C2=A0the LTS policy in our online documentation.
>> > > We're also introducing new install packages to make it easier for
>> > > folks to upgrade without having to build ClamAV from source and
>> > > without having to wait for a community volunteer to package the
>> > > latest release. You can find the new install packages on=C2=A0the
>> > > ClamAV.net Downloads Page.
>> > > Today you can find:
>> > > =C2=A0* x86_64 and i686 RPM packages compatible with RPM-based Linux
>> > > distributions running glibc version 2.17 or newer.
>> > > =C2=A0* x86_64 and i686 DEB packages compatible with Debian-based
>> > > Linux distributions running glibc version 2.23 or newer.
>> > > =C2=A0* An x86_64/ARM64 macOS installer package is compatible with
>> > > Intel and Apple M1 systems.
>> > > =C2=A0* x64 and win32 Windows packages are compatible with Windows 7
>> > > and newer.
>> > > In the future, we hope to supplement these with ARM64 Linux DEB
>> > > and RPM packages and an x86_64 FreeBSD package.
>> > > Please note that you may find installations in this release
>> > > require more manual configuration than when using a preconfigured
>> > > package provided by a Linux or Unix distribution. See=C2=A0our
>> > > installation instructions on clamav.net=C2=A0for more information.
>> > > ClamAV 0.104.0 includes the following improvements and changes.
>> > >=20
>> > > New Requirements * As of ClamAV 0.104, CMake is required to build
>> > > ClamAV.We have added comprehensive build instructions for using
>> > > CMake to the new=C2=A0INSTALL.md=C2=A0file. The online documentation w=
ill
>> > > also be updated to include CMake build instructions.The Autotools
>> > > and the Visual Studio build systems have been removed.
>> > >=20
>> > > Major changes * The built-in LLVM for the bytecode runtime has
>> > > been removed.The bytecode interpreter is the default runtime for
>> > > bytecode signatures just as it was in ClamAV 0.103.We hoped to
>> > > add support for newer versions of LLVM, but ran out of time. If
>> > > you're building ClamAV from source and you wish to use LLVM
>> > > instead of the bytecode interpreter, you will need to supply the
>> > > development libraries for LLVM version 3.6.2. See=C2=A0the "bytecode
>> > > runtime" section in=C2=A0INSTALL.md=C2=A0to learn more.
>> > > =C2=A0* There are now official ClamAV images on Docker Hub.Docker Hub
>> > > ClamAV tags:clamav/clamav:<version>: A release preloaded with
>> > > signature databases.Using this container will save the ClamAV
>> > > project some bandwidth. Use this if you will keep the image
>> > > around so that you don't download the entire database set every
>> > > time you start a new container. Updating with FreshClam from the
>> > > existing databases set does not use much
>> > > data.clamav/clamav:<version>_base: A release with no signature
>> > > databases.Use this container=C2=A0only=C2=A0if you mount a volume in y=
our
>> > > container under=C2=A0/var/lib/clamav=C2=A0to persist your signature
>> > > database databases. This method is the best option because it
>> > > will reduce data costs for ClamAV and for the Docker registry,
>> > > but it does require advanced familiarity with Linux and
>> > > Docker.Caution: Using this image without mounting an existing
>> > > database directory will cause FreshClam to download the entire
>> > > database set each time you start a new container.You can use
>> > > the=C2=A0unstable=C2=A0version
>> > > (i.e.=C2=A0clamav/clamav:unstable=C2=A0or=C2=A0clamav/clamav:unstable_=
base) to
>> > > try the latest from our development branch.Please, be kind when
>> > > using 'free' bandwidth, both for the virus databases but also the
>> > > Docker registry. Try not to download the entire database set or
>> > > the larger ClamAV database images on a regular basis.For more
>> > > details, see=C2=A0the ClamAV Docker documentation.Special thanks to
>> > > Olliver Schinagl for his excellent work creating ClamAV's new
>> > > Docker files, image database deployment tooling, and user
>> > > documentation.
>> > > =C2=A0* clamd=C2=A0and=C2=A0freshclam=C2=A0are now available as Window=
s services. To
>> > > install and run them, use the=C2=A0--install-service=C2=A0option and=
=C2=A0net
>> > > start [name]=C2=A0command.Special thanks to Gianluigi Tiesi for his
>> > > original work on this feature.
>> > >=20
>> > > Notable changesThe following was added in 0.103.1 and is repeated
>> > > here for awareness, as patch versions do not generally introduce
>> > > new options:
>> > > =C2=A0* Added a new scan option to alert on broken media (graphics)
>> > > file formats. This feature mitigates the risk of malformed media
>> > > files intended to exploit vulnerabilities in other software. At
>> > > present, media validation exists for JPEG, TIFF, PNG and GIF
>> > > files. To enable this feature, set=C2=A0AlertBrokenMedia yes=C2=A0in
>> > > clamd.conf, or use the=C2=A0--alert-broken-media=C2=A0option when
>> > > using=C2=A0clamscan. These options are disabled by default in this
>> > > patch release but may be enabled in a subsequent release.
>> > > Application developers may enable this scan option by
>> > > enabling=C2=A0CL_SCAN_HEURISTIC_BROKEN_MEDIA=C2=A0for the=C2=A0heurist=
ic=C2=A0scan
>> > > option bit field.
>> > > =C2=A0* Added CL_TYPE_TIFF, CL_TYPE_JPEG types to match GIF, PNG
>> > > typing behavior. BMP and JPEG 2000 files will continue to detect
>> > > as CL_TYPE_GRAPHICS because ClamAV does not yet have BMP or JPEG
>> > > 2000 format checking capabilities.
>> > > =C2=A0* Added progress callbacks to libclamav for:database
>> > > load:=C2=A0cl_engine_set_clcb_sigload_progress()engine
>> > > compile:=C2=A0cl_engine_set_clcb_engine_compile_progress()engine
>> > > free:=C2=A0cl_engine_set_clcb_engine_free_progress()These new
>> > > callbacks enable an application to monitor and estimate load,
>> > > compile, and unload progress. See=C2=A0clamav.h=C2=A0for API details.
>> > > =C2=A0* Added progress bars to ClamScan for the signature load and
>> > > engine compile steps before a scan begins. The start-up progress
>> > > bars won't be enabled if ClamScan isn't running in a terminal
>> > > (i.e. stdout is not a TTY), or if any of these options are used:-
>> > > -debug--quiet--infected--no-summary
>> > > Other improvements * Added the=C2=A0%f=C2=A0format string option to the
>> > > ClamD VirusEvent feature to insert the file path of the scan
>> > > target when a virus-event occurs. This supplements the
>> > > VirusEvent=C2=A0%v=C2=A0option which prints the signature (virus) name=
. The
>> > > ClamD VirusEvent feature also provides two environment
>> > > variables,=C2=A0$CLAM_VIRUSEVENT_FILENAME=C2=A0and=C2=A0$CLAM_VIRUSEVE=
NT_VIRUSNA
>> > > ME=C2=A0for a similar effect. Patch courtesy of Vasile Papp.
>> > > =C2=A0* Improvements to the AutoIt extraction module. Patch courtesy
>> > > of cw2k.
>> > > =C2=A0* Added support for extracting images from Excel *.xls (OLE2)
>> > > documents.
>> > > =C2=A0* Trusted SHA256-based Authenticode hashes can now be loaded in
>> > > from *.cat files. For more information, visit our=C2=A0Authenticode
>> > > documentation=C2=A0about using *.cat files with *.crb rules to trust
>> > > signed Windows executables.
>> > >=20
>> > > Bug fixes * Fixed a memory leak affecting logical signatures that
>> > > use the "byte compare" feature. Patch courtesy of Andrea De
>> > > Pasquale.
>> > > =C2=A0* Fixed bytecode match evaluation for PDF bytecode hooks in PDF
>> > > file scans.
>> > > =C2=A0* Other minor bug fixes.
>> > >=20
>> > > AcknowledgmentsThe ClamAV team thanks the following individuals
>> > > for their code submissions:
>> > > =C2=A0* Alexander Golovach
>> > > =C2=A0* Andrea De Pasquale
>> > > =C2=A0* Andrew Williams
>> > > =C2=A0* Arjen de Korte
>> > > =C2=A0* Armin Kuster
>> > > =C2=A0* Brian Bergstrand
>> > > =C2=A0* cw2k
>> > > =C2=A0* Duane Waddle
>> > > =C2=A0* Gianluigi Tiesi
>> > > =C2=A0* Jonas Zaddach
>> > > =C2=A0* Kenneth Hau
>> > > =C2=A0* Mark Fortescue
>> > > =C2=A0* Markus Strehle
>> > > =C2=A0* Olliver Schinagl
>> > > =C2=A0* Orion Poplawski
>> > > =C2=A0* Sergey Valentey
>> > > =C2=A0* Sven Rue=C3=9F
>> > > =C2=A0* Tom Briden
>> > > =C2=A0* Tuomo Soini
>> > > =C2=A0* Vasile Papp
>> > > =C2=A0* Yasuhiro Kimura
>> > _______________________________________________
>> >=20
>> > clamav-announce mailing list
>> > clamav-announce(a)lists.clamav.net
>> > https://lists.clamav.net/mailman/listinfo/clamav-announce
>> >=20
>> > http://www.clamav.net/contact.html#ml
>>=20
>=20
>=20


--===============2062752995761465681==--