Hello, > On 3 Sep 2021, at 17:36, Stefan Schantl wrote: > > Hello Michael, Hello Matthias, Hello list, >> Hello everyone, >> >> I just received this announcement that clamav 0.104.0 has been >> released. >> >> The interesting things for us are the changes in the build system: >> >> * It now requires cmake which isn’t a problem >> >> * It now requires LLVM which we don’t have >> >> LLVM is probably going to be large, but Stefan has already played >> around with it and we might be able to merge his patches. So, Stefan, >> could you please post them? I suppose Matthias is the de-facto >> maintainer of clamav. You will need to merge these patches locally to >> see if clamav is happy with what Stefan has built. > > I've created and pushed a new LLVM git branch in my personal git > repository, which builds the LLVM compiler suite. > > https://git.ipfire.org/?p=people/stevee/ipfire-2.x.git;a=shortlog;h=refs/heads/llvm Thank you. Just for reference, could you please post this as an —-rfc to the list? > I hope this will do the trick with the new clamav version. I hope so, too, but we might need to ship some runtime libraries. I just don’t know which ones they might be. Ideally I want to ship as little as possible. -Michael > > Best regards, > > -Stefan > >> >> This will be an interesting project :) >> >> -Michael >> >>> Begin forwarded message: >>> >>> From: "Joel Esler (jesler)" >>> Subject: [Clamav-announce] ClamAV® blog: ClamAV 0.104.0 released >>> Date: 3 September 2021 at 16:51:29 BST >>> To: "ClamAV-announce(a)lists.clamav.net" < >>> ClamAV-announce(a)lists.clamav.net>, "clamav-users(a)lists.clamav.net" >>> >>> Reply-To: noreply(a)clamav.net >>> >>> >>>> >>>> https://blog.clamav.net/2021/09/clamav-01040-released.html >>>> >>>> ClamAV 0.104.0 releasedClamAV 0.104.0 is available as an official >>>> release as of today. >>>> We are also announcing a new Long Term Support (LTS) program >>>> today in an update to our End-of-Life (EOL) policy. The LTS will >>>> start retroactively with ClamAV 0.103, the previous feature >>>> release. This new LTS policy extends the life of 0.103 up through >>>> September 2023 and will facilitate the production of more >>>> frequent feature releases while enabling users to rely on a >>>> supported version for years to come if they cannot keep pace with >>>> the feature release cadence. For full details about the Long Term >>>> Support program, you can see the LTS announcement blog post and >>>> review the LTS policy in our online documentation. >>>> We're also introducing new install packages to make it easier for >>>> folks to upgrade without having to build ClamAV from source and >>>> without having to wait for a community volunteer to package the >>>> latest release. You can find the new install packages on the >>>> ClamAV.net Downloads Page. >>>> Today you can find: >>>> * x86_64 and i686 RPM packages compatible with RPM-based Linux >>>> distributions running glibc version 2.17 or newer. >>>> * x86_64 and i686 DEB packages compatible with Debian-based >>>> Linux distributions running glibc version 2.23 or newer. >>>> * An x86_64/ARM64 macOS installer package is compatible with >>>> Intel and Apple M1 systems. >>>> * x64 and win32 Windows packages are compatible with Windows 7 >>>> and newer. >>>> In the future, we hope to supplement these with ARM64 Linux DEB >>>> and RPM packages and an x86_64 FreeBSD package. >>>> Please note that you may find installations in this release >>>> require more manual configuration than when using a preconfigured >>>> package provided by a Linux or Unix distribution. See our >>>> installation instructions on clamav.net for more information. >>>> ClamAV 0.104.0 includes the following improvements and changes. >>>> >>>> New Requirements * As of ClamAV 0.104, CMake is required to build >>>> ClamAV.We have added comprehensive build instructions for using >>>> CMake to the new INSTALL.md file. The online documentation will >>>> also be updated to include CMake build instructions.The Autotools >>>> and the Visual Studio build systems have been removed. >>>> >>>> Major changes * The built-in LLVM for the bytecode runtime has >>>> been removed.The bytecode interpreter is the default runtime for >>>> bytecode signatures just as it was in ClamAV 0.103.We hoped to >>>> add support for newer versions of LLVM, but ran out of time. If >>>> you're building ClamAV from source and you wish to use LLVM >>>> instead of the bytecode interpreter, you will need to supply the >>>> development libraries for LLVM version 3.6.2. See the "bytecode >>>> runtime" section in INSTALL.md to learn more. >>>> * There are now official ClamAV images on Docker Hub.Docker Hub >>>> ClamAV tags:clamav/clamav:: A release preloaded with >>>> signature databases.Using this container will save the ClamAV >>>> project some bandwidth. Use this if you will keep the image >>>> around so that you don't download the entire database set every >>>> time you start a new container. Updating with FreshClam from the >>>> existing databases set does not use much >>>> data.clamav/clamav:_base: A release with no signature >>>> databases.Use this container only if you mount a volume in your >>>> container under /var/lib/clamav to persist your signature >>>> database databases. This method is the best option because it >>>> will reduce data costs for ClamAV and for the Docker registry, >>>> but it does require advanced familiarity with Linux and >>>> Docker.Caution: Using this image without mounting an existing >>>> database directory will cause FreshClam to download the entire >>>> database set each time you start a new container.You can use >>>> the unstable version >>>> (i.e. clamav/clamav:unstable or clamav/clamav:unstable_base) to >>>> try the latest from our development branch.Please, be kind when >>>> using 'free' bandwidth, both for the virus databases but also the >>>> Docker registry. Try not to download the entire database set or >>>> the larger ClamAV database images on a regular basis.For more >>>> details, see the ClamAV Docker documentation.Special thanks to >>>> Olliver Schinagl for his excellent work creating ClamAV's new >>>> Docker files, image database deployment tooling, and user >>>> documentation. >>>> * clamd and freshclam are now available as Windows services. To >>>> install and run them, use the --install-service option and net >>>> start [name] command.Special thanks to Gianluigi Tiesi for his >>>> original work on this feature. >>>> >>>> Notable changesThe following was added in 0.103.1 and is repeated >>>> here for awareness, as patch versions do not generally introduce >>>> new options: >>>> * Added a new scan option to alert on broken media (graphics) >>>> file formats. This feature mitigates the risk of malformed media >>>> files intended to exploit vulnerabilities in other software. At >>>> present, media validation exists for JPEG, TIFF, PNG and GIF >>>> files. To enable this feature, set AlertBrokenMedia yes in >>>> clamd.conf, or use the --alert-broken-media option when >>>> using clamscan. These options are disabled by default in this >>>> patch release but may be enabled in a subsequent release. >>>> Application developers may enable this scan option by >>>> enabling CL_SCAN_HEURISTIC_BROKEN_MEDIA for the heuristic scan >>>> option bit field. >>>> * Added CL_TYPE_TIFF, CL_TYPE_JPEG types to match GIF, PNG >>>> typing behavior. BMP and JPEG 2000 files will continue to detect >>>> as CL_TYPE_GRAPHICS because ClamAV does not yet have BMP or JPEG >>>> 2000 format checking capabilities. >>>> * Added progress callbacks to libclamav for:database >>>> load: cl_engine_set_clcb_sigload_progress()engine >>>> compile: cl_engine_set_clcb_engine_compile_progress()engine >>>> free: cl_engine_set_clcb_engine_free_progress()These new >>>> callbacks enable an application to monitor and estimate load, >>>> compile, and unload progress. See clamav.h for API details. >>>> * Added progress bars to ClamScan for the signature load and >>>> engine compile steps before a scan begins. The start-up progress >>>> bars won't be enabled if ClamScan isn't running in a terminal >>>> (i.e. stdout is not a TTY), or if any of these options are used:- >>>> -debug--quiet--infected--no-summary >>>> Other improvements * Added the %f format string option to the >>>> ClamD VirusEvent feature to insert the file path of the scan >>>> target when a virus-event occurs. This supplements the >>>> VirusEvent %v option which prints the signature (virus) name. The >>>> ClamD VirusEvent feature also provides two environment >>>> variables, $CLAM_VIRUSEVENT_FILENAME and $CLAM_VIRUSEVENT_VIRUSNA >>>> ME for a similar effect. Patch courtesy of Vasile Papp. >>>> * Improvements to the AutoIt extraction module. Patch courtesy >>>> of cw2k. >>>> * Added support for extracting images from Excel *.xls (OLE2) >>>> documents. >>>> * Trusted SHA256-based Authenticode hashes can now be loaded in >>>> from *.cat files. For more information, visit our Authenticode >>>> documentation about using *.cat files with *.crb rules to trust >>>> signed Windows executables. >>>> >>>> Bug fixes * Fixed a memory leak affecting logical signatures that >>>> use the "byte compare" feature. Patch courtesy of Andrea De >>>> Pasquale. >>>> * Fixed bytecode match evaluation for PDF bytecode hooks in PDF >>>> file scans. >>>> * Other minor bug fixes. >>>> >>>> AcknowledgmentsThe ClamAV team thanks the following individuals >>>> for their code submissions: >>>> * Alexander Golovach >>>> * Andrea De Pasquale >>>> * Andrew Williams >>>> * Arjen de Korte >>>> * Armin Kuster >>>> * Brian Bergstrand >>>> * cw2k >>>> * Duane Waddle >>>> * Gianluigi Tiesi >>>> * Jonas Zaddach >>>> * Kenneth Hau >>>> * Mark Fortescue >>>> * Markus Strehle >>>> * Olliver Schinagl >>>> * Orion Poplawski >>>> * Sergey Valentey >>>> * Sven Rueß >>>> * Tom Briden >>>> * Tuomo Soini >>>> * Vasile Papp >>>> * Yasuhiro Kimura >>> _______________________________________________ >>> >>> clamav-announce mailing list >>> clamav-announce(a)lists.clamav.net >>> https://lists.clamav.net/mailman/listinfo/clamav-announce >>> >>> http://www.clamav.net/contact.html#ml >> > >