Re: Fwd: [Clamav-announce] ClamAV® blog: ClamAV 0.104.0 released

[Stefan Schantl <stefan.schantl@ipfire.org>]

[-- Attachment #1: Type: text/plain, Size: 10421 bytes --]

Hello Michael, Hello Matthias, Hello list,
> Hello everyone,
> 
> I just received this announcement that clamav 0.104.0 has been
> released.
> 
> The interesting things for us are the changes in the build system:
> 
> * It now requires cmake which isn’t a problem
> 
> * It now requires LLVM which we don’t have
> 
> LLVM is probably going to be large, but Stefan has already played
> around with it and we might be able to merge his patches. So, Stefan,
> could you please post them? I suppose Matthias is the de-facto
> maintainer of clamav. You will need to merge these patches locally to
> see if clamav is happy with what Stefan has built.

I've created and pushed a new LLVM git branch in my personal git
repository, which builds the LLVM compiler suite.

https://git.ipfire.org/?p=people/stevee/ipfire-2.x.git;a=shortlog;h=refs/heads/llvm

I hope this will do the trick with the new clamav version.

Best regards,

-Stefan

> 
> This will be an interesting project :)
> 
> -Michael
> 
> > Begin forwarded message:
> > 
> > From: "Joel Esler (jesler)" <jesler(a)cisco.com>
> > Subject: [Clamav-announce] ClamAV® blog: ClamAV 0.104.0 released
> > Date: 3 September 2021 at 16:51:29 BST
> > To: "ClamAV-announce(a)lists.clamav.net" <
> > ClamAV-announce(a)lists.clamav.net>, "clamav-users(a)lists.clamav.net"
> > <clamav-users(a)lists.clamav.net>
> > Reply-To: noreply(a)clamav.net
> > 
> > 
> > > 
> > > https://blog.clamav.net/2021/09/clamav-01040-released.html
> > > 
> > > ClamAV 0.104.0 releasedClamAV 0.104.0 is available as an official
> > > release as of today.
> > > We are also announcing a new Long Term Support (LTS) program
> > > today in an update to our End-of-Life (EOL) policy. The LTS will
> > > start retroactively with ClamAV 0.103, the previous feature
> > > release. This new LTS policy extends the life of 0.103 up through
> > > September 2023 and will facilitate the production of more
> > > frequent feature releases while enabling users to rely on a
> > > supported version for years to come if they cannot keep pace with
> > > the feature release cadence. For full details about the Long Term
> > > Support program, you can see the LTS announcement blog post and
> > > review the LTS policy in our online documentation.
> > > We're also introducing new install packages to make it easier for
> > > folks to upgrade without having to build ClamAV from source and
> > > without having to wait for a community volunteer to package the
> > > latest release. You can find the new install packages on the
> > > ClamAV.net Downloads Page.
> > > Today you can find:
> > >  * x86_64 and i686 RPM packages compatible with RPM-based Linux
> > > distributions running glibc version 2.17 or newer.
> > >  * x86_64 and i686 DEB packages compatible with Debian-based
> > > Linux distributions running glibc version 2.23 or newer.
> > >  * An x86_64/ARM64 macOS installer package is compatible with
> > > Intel and Apple M1 systems.
> > >  * x64 and win32 Windows packages are compatible with Windows 7
> > > and newer.
> > > In the future, we hope to supplement these with ARM64 Linux DEB
> > > and RPM packages and an x86_64 FreeBSD package.
> > > Please note that you may find installations in this release
> > > require more manual configuration than when using a preconfigured
> > > package provided by a Linux or Unix distribution. See our
> > > installation instructions on clamav.net for more information.
> > > ClamAV 0.104.0 includes the following improvements and changes.
> > > 
> > > New Requirements * As of ClamAV 0.104, CMake is required to build
> > > ClamAV.We have added comprehensive build instructions for using
> > > CMake to the new INSTALL.md file. The online documentation will
> > > also be updated to include CMake build instructions.The Autotools
> > > and the Visual Studio build systems have been removed.
> > > 
> > > Major changes * The built-in LLVM for the bytecode runtime has
> > > been removed.The bytecode interpreter is the default runtime for
> > > bytecode signatures just as it was in ClamAV 0.103.We hoped to
> > > add support for newer versions of LLVM, but ran out of time. If
> > > you're building ClamAV from source and you wish to use LLVM
> > > instead of the bytecode interpreter, you will need to supply the
> > > development libraries for LLVM version 3.6.2. See the "bytecode
> > > runtime" section in INSTALL.md to learn more.
> > >  * There are now official ClamAV images on Docker Hub.Docker Hub
> > > ClamAV tags:clamav/clamav:<version>: A release preloaded with
> > > signature databases.Using this container will save the ClamAV
> > > project some bandwidth. Use this if you will keep the image
> > > around so that you don't download the entire database set every
> > > time you start a new container. Updating with FreshClam from the
> > > existing databases set does not use much
> > > data.clamav/clamav:<version>_base: A release with no signature
> > > databases.Use this container only if you mount a volume in your
> > > container under /var/lib/clamav to persist your signature
> > > database databases. This method is the best option because it
> > > will reduce data costs for ClamAV and for the Docker registry,
> > > but it does require advanced familiarity with Linux and
> > > Docker.Caution: Using this image without mounting an existing
> > > database directory will cause FreshClam to download the entire
> > > database set each time you start a new container.You can use
> > > the unstable version
> > > (i.e. clamav/clamav:unstable or clamav/clamav:unstable_base) to
> > > try the latest from our development branch.Please, be kind when
> > > using 'free' bandwidth, both for the virus databases but also the
> > > Docker registry. Try not to download the entire database set or
> > > the larger ClamAV database images on a regular basis.For more
> > > details, see the ClamAV Docker documentation.Special thanks to
> > > Olliver Schinagl for his excellent work creating ClamAV's new
> > > Docker files, image database deployment tooling, and user
> > > documentation.
> > >  * clamd and freshclam are now available as Windows services. To
> > > install and run them, use the --install-service option and net
> > > start [name] command.Special thanks to Gianluigi Tiesi for his
> > > original work on this feature.
> > > 
> > > Notable changesThe following was added in 0.103.1 and is repeated
> > > here for awareness, as patch versions do not generally introduce
> > > new options:
> > >  * Added a new scan option to alert on broken media (graphics)
> > > file formats. This feature mitigates the risk of malformed media
> > > files intended to exploit vulnerabilities in other software. At
> > > present, media validation exists for JPEG, TIFF, PNG and GIF
> > > files. To enable this feature, set AlertBrokenMedia yes in
> > > clamd.conf, or use the --alert-broken-media option when
> > > using clamscan. These options are disabled by default in this
> > > patch release but may be enabled in a subsequent release.
> > > Application developers may enable this scan option by
> > > enabling CL_SCAN_HEURISTIC_BROKEN_MEDIA for the heuristic scan
> > > option bit field.
> > >  * Added CL_TYPE_TIFF, CL_TYPE_JPEG types to match GIF, PNG
> > > typing behavior. BMP and JPEG 2000 files will continue to detect
> > > as CL_TYPE_GRAPHICS because ClamAV does not yet have BMP or JPEG
> > > 2000 format checking capabilities.
> > >  * Added progress callbacks to libclamav for:database
> > > load: cl_engine_set_clcb_sigload_progress()engine
> > > compile: cl_engine_set_clcb_engine_compile_progress()engine
> > > free: cl_engine_set_clcb_engine_free_progress()These new
> > > callbacks enable an application to monitor and estimate load,
> > > compile, and unload progress. See clamav.h for API details.
> > >  * Added progress bars to ClamScan for the signature load and
> > > engine compile steps before a scan begins. The start-up progress
> > > bars won't be enabled if ClamScan isn't running in a terminal
> > > (i.e. stdout is not a TTY), or if any of these options are used:-
> > > -debug--quiet--infected--no-summary
> > > Other improvements * Added the %f format string option to the
> > > ClamD VirusEvent feature to insert the file path of the scan
> > > target when a virus-event occurs. This supplements the
> > > VirusEvent %v option which prints the signature (virus) name. The
> > > ClamD VirusEvent feature also provides two environment
> > > variables, $CLAM_VIRUSEVENT_FILENAME and $CLAM_VIRUSEVENT_VIRUSNA
> > > ME for a similar effect. Patch courtesy of Vasile Papp.
> > >  * Improvements to the AutoIt extraction module. Patch courtesy
> > > of cw2k.
> > >  * Added support for extracting images from Excel *.xls (OLE2)
> > > documents.
> > >  * Trusted SHA256-based Authenticode hashes can now be loaded in
> > > from *.cat files. For more information, visit our Authenticode
> > > documentation about using *.cat files with *.crb rules to trust
> > > signed Windows executables.
> > > 
> > > Bug fixes * Fixed a memory leak affecting logical signatures that
> > > use the "byte compare" feature. Patch courtesy of Andrea De
> > > Pasquale.
> > >  * Fixed bytecode match evaluation for PDF bytecode hooks in PDF
> > > file scans.
> > >  * Other minor bug fixes.
> > > 
> > > AcknowledgmentsThe ClamAV team thanks the following individuals
> > > for their code submissions:
> > >  * Alexander Golovach
> > >  * Andrea De Pasquale
> > >  * Andrew Williams
> > >  * Arjen de Korte
> > >  * Armin Kuster
> > >  * Brian Bergstrand
> > >  * cw2k
> > >  * Duane Waddle
> > >  * Gianluigi Tiesi
> > >  * Jonas Zaddach
> > >  * Kenneth Hau
> > >  * Mark Fortescue
> > >  * Markus Strehle
> > >  * Olliver Schinagl
> > >  * Orion Poplawski
> > >  * Sergey Valentey
> > >  * Sven Rueß
> > >  * Tom Briden
> > >  * Tuomo Soini
> > >  * Vasile Papp
> > >  * Yasuhiro Kimura
> > _______________________________________________
> > 
> > clamav-announce mailing list
> > clamav-announce(a)lists.clamav.net
> > https://lists.clamav.net/mailman/listinfo/clamav-announce
> > 
> > http://www.clamav.net/contact.html#ml
>