Re: [Clamav-announce] ClamAV® blog: ClamAV 0.104.0 released

[Michael Tremer <michael.tremer@ipfire.org>]

[-- Attachment #1: Type: text/plain, Size: 10587 bytes --]

Hello,

> On 3 Sep 2021, at 17:36, Stefan Schantl <stefan.schantl(a)ipfire.org> wrote:
> 
> Hello Michael, Hello Matthias, Hello list,
>> Hello everyone,
>> 
>> I just received this announcement that clamav 0.104.0 has been
>> released.
>> 
>> The interesting things for us are the changes in the build system:
>> 
>> * It now requires cmake which isn’t a problem
>> 
>> * It now requires LLVM which we don’t have
>> 
>> LLVM is probably going to be large, but Stefan has already played
>> around with it and we might be able to merge his patches. So, Stefan,
>> could you please post them? I suppose Matthias is the de-facto
>> maintainer of clamav. You will need to merge these patches locally to
>> see if clamav is happy with what Stefan has built.
> 
> I've created and pushed a new LLVM git branch in my personal git
> repository, which builds the LLVM compiler suite.
> 
> https://git.ipfire.org/?p=people/stevee/ipfire-2.x.git;a=shortlog;h=refs/heads/llvm

Thank you. Just for reference, could you please post this as an —-rfc to the list?

> I hope this will do the trick with the new clamav version.

I hope so, too, but we might need to ship some runtime libraries. I just don’t know which ones they might be. Ideally I want to ship as little as possible.

-Michael

> 
> Best regards,
> 
> -Stefan
> 
>> 
>> This will be an interesting project :)
>> 
>> -Michael
>> 
>>> Begin forwarded message:
>>> 
>>> From: "Joel Esler (jesler)" <jesler(a)cisco.com>
>>> Subject: [Clamav-announce] ClamAV® blog: ClamAV 0.104.0 released
>>> Date: 3 September 2021 at 16:51:29 BST
>>> To: "ClamAV-announce(a)lists.clamav.net" <
>>> ClamAV-announce(a)lists.clamav.net>, "clamav-users(a)lists.clamav.net"
>>> <clamav-users(a)lists.clamav.net>
>>> Reply-To: noreply(a)clamav.net
>>> 
>>> 
>>>> 
>>>> https://blog.clamav.net/2021/09/clamav-01040-released.html
>>>> 
>>>> ClamAV 0.104.0 releasedClamAV 0.104.0 is available as an official
>>>> release as of today.
>>>> We are also announcing a new Long Term Support (LTS) program
>>>> today in an update to our End-of-Life (EOL) policy. The LTS will
>>>> start retroactively with ClamAV 0.103, the previous feature
>>>> release. This new LTS policy extends the life of 0.103 up through
>>>> September 2023 and will facilitate the production of more
>>>> frequent feature releases while enabling users to rely on a
>>>> supported version for years to come if they cannot keep pace with
>>>> the feature release cadence. For full details about the Long Term
>>>> Support program, you can see the LTS announcement blog post and
>>>> review the LTS policy in our online documentation.
>>>> We're also introducing new install packages to make it easier for
>>>> folks to upgrade without having to build ClamAV from source and
>>>> without having to wait for a community volunteer to package the
>>>> latest release. You can find the new install packages on the
>>>> ClamAV.net Downloads Page.
>>>> Today you can find:
>>>>  * x86_64 and i686 RPM packages compatible with RPM-based Linux
>>>> distributions running glibc version 2.17 or newer.
>>>>  * x86_64 and i686 DEB packages compatible with Debian-based
>>>> Linux distributions running glibc version 2.23 or newer.
>>>>  * An x86_64/ARM64 macOS installer package is compatible with
>>>> Intel and Apple M1 systems.
>>>>  * x64 and win32 Windows packages are compatible with Windows 7
>>>> and newer.
>>>> In the future, we hope to supplement these with ARM64 Linux DEB
>>>> and RPM packages and an x86_64 FreeBSD package.
>>>> Please note that you may find installations in this release
>>>> require more manual configuration than when using a preconfigured
>>>> package provided by a Linux or Unix distribution. See our
>>>> installation instructions on clamav.net for more information.
>>>> ClamAV 0.104.0 includes the following improvements and changes.
>>>> 
>>>> New Requirements * As of ClamAV 0.104, CMake is required to build
>>>> ClamAV.We have added comprehensive build instructions for using
>>>> CMake to the new INSTALL.md file. The online documentation will
>>>> also be updated to include CMake build instructions.The Autotools
>>>> and the Visual Studio build systems have been removed.
>>>> 
>>>> Major changes * The built-in LLVM for the bytecode runtime has
>>>> been removed.The bytecode interpreter is the default runtime for
>>>> bytecode signatures just as it was in ClamAV 0.103.We hoped to
>>>> add support for newer versions of LLVM, but ran out of time. If
>>>> you're building ClamAV from source and you wish to use LLVM
>>>> instead of the bytecode interpreter, you will need to supply the
>>>> development libraries for LLVM version 3.6.2. See the "bytecode
>>>> runtime" section in INSTALL.md to learn more.
>>>>  * There are now official ClamAV images on Docker Hub.Docker Hub
>>>> ClamAV tags:clamav/clamav:<version>: A release preloaded with
>>>> signature databases.Using this container will save the ClamAV
>>>> project some bandwidth. Use this if you will keep the image
>>>> around so that you don't download the entire database set every
>>>> time you start a new container. Updating with FreshClam from the
>>>> existing databases set does not use much
>>>> data.clamav/clamav:<version>_base: A release with no signature
>>>> databases.Use this container only if you mount a volume in your
>>>> container under /var/lib/clamav to persist your signature
>>>> database databases. This method is the best option because it
>>>> will reduce data costs for ClamAV and for the Docker registry,
>>>> but it does require advanced familiarity with Linux and
>>>> Docker.Caution: Using this image without mounting an existing
>>>> database directory will cause FreshClam to download the entire
>>>> database set each time you start a new container.You can use
>>>> the unstable version
>>>> (i.e. clamav/clamav:unstable or clamav/clamav:unstable_base) to
>>>> try the latest from our development branch.Please, be kind when
>>>> using 'free' bandwidth, both for the virus databases but also the
>>>> Docker registry. Try not to download the entire database set or
>>>> the larger ClamAV database images on a regular basis.For more
>>>> details, see the ClamAV Docker documentation.Special thanks to
>>>> Olliver Schinagl for his excellent work creating ClamAV's new
>>>> Docker files, image database deployment tooling, and user
>>>> documentation.
>>>>  * clamd and freshclam are now available as Windows services. To
>>>> install and run them, use the --install-service option and net
>>>> start [name] command.Special thanks to Gianluigi Tiesi for his
>>>> original work on this feature.
>>>> 
>>>> Notable changesThe following was added in 0.103.1 and is repeated
>>>> here for awareness, as patch versions do not generally introduce
>>>> new options:
>>>>  * Added a new scan option to alert on broken media (graphics)
>>>> file formats. This feature mitigates the risk of malformed media
>>>> files intended to exploit vulnerabilities in other software. At
>>>> present, media validation exists for JPEG, TIFF, PNG and GIF
>>>> files. To enable this feature, set AlertBrokenMedia yes in
>>>> clamd.conf, or use the --alert-broken-media option when
>>>> using clamscan. These options are disabled by default in this
>>>> patch release but may be enabled in a subsequent release.
>>>> Application developers may enable this scan option by
>>>> enabling CL_SCAN_HEURISTIC_BROKEN_MEDIA for the heuristic scan
>>>> option bit field.
>>>>  * Added CL_TYPE_TIFF, CL_TYPE_JPEG types to match GIF, PNG
>>>> typing behavior. BMP and JPEG 2000 files will continue to detect
>>>> as CL_TYPE_GRAPHICS because ClamAV does not yet have BMP or JPEG
>>>> 2000 format checking capabilities.
>>>>  * Added progress callbacks to libclamav for:database
>>>> load: cl_engine_set_clcb_sigload_progress()engine
>>>> compile: cl_engine_set_clcb_engine_compile_progress()engine
>>>> free: cl_engine_set_clcb_engine_free_progress()These new
>>>> callbacks enable an application to monitor and estimate load,
>>>> compile, and unload progress. See clamav.h for API details.
>>>>  * Added progress bars to ClamScan for the signature load and
>>>> engine compile steps before a scan begins. The start-up progress
>>>> bars won't be enabled if ClamScan isn't running in a terminal
>>>> (i.e. stdout is not a TTY), or if any of these options are used:-
>>>> -debug--quiet--infected--no-summary
>>>> Other improvements * Added the %f format string option to the
>>>> ClamD VirusEvent feature to insert the file path of the scan
>>>> target when a virus-event occurs. This supplements the
>>>> VirusEvent %v option which prints the signature (virus) name. The
>>>> ClamD VirusEvent feature also provides two environment
>>>> variables, $CLAM_VIRUSEVENT_FILENAME and $CLAM_VIRUSEVENT_VIRUSNA
>>>> ME for a similar effect. Patch courtesy of Vasile Papp.
>>>>  * Improvements to the AutoIt extraction module. Patch courtesy
>>>> of cw2k.
>>>>  * Added support for extracting images from Excel *.xls (OLE2)
>>>> documents.
>>>>  * Trusted SHA256-based Authenticode hashes can now be loaded in
>>>> from *.cat files. For more information, visit our Authenticode
>>>> documentation about using *.cat files with *.crb rules to trust
>>>> signed Windows executables.
>>>> 
>>>> Bug fixes * Fixed a memory leak affecting logical signatures that
>>>> use the "byte compare" feature. Patch courtesy of Andrea De
>>>> Pasquale.
>>>>  * Fixed bytecode match evaluation for PDF bytecode hooks in PDF
>>>> file scans.
>>>>  * Other minor bug fixes.
>>>> 
>>>> AcknowledgmentsThe ClamAV team thanks the following individuals
>>>> for their code submissions:
>>>>  * Alexander Golovach
>>>>  * Andrea De Pasquale
>>>>  * Andrew Williams
>>>>  * Arjen de Korte
>>>>  * Armin Kuster
>>>>  * Brian Bergstrand
>>>>  * cw2k
>>>>  * Duane Waddle
>>>>  * Gianluigi Tiesi
>>>>  * Jonas Zaddach
>>>>  * Kenneth Hau
>>>>  * Mark Fortescue
>>>>  * Markus Strehle
>>>>  * Olliver Schinagl
>>>>  * Orion Poplawski
>>>>  * Sergey Valentey
>>>>  * Sven Rueß
>>>>  * Tom Briden
>>>>  * Tuomo Soini
>>>>  * Vasile Papp
>>>>  * Yasuhiro Kimura
>>> _______________________________________________
>>> 
>>> clamav-announce mailing list
>>> clamav-announce(a)lists.clamav.net
>>> https://lists.clamav.net/mailman/listinfo/clamav-announce
>>> 
>>> http://www.clamav.net/contact.html#ml
>> 
> 
>