'[clamav-users] =?iso-8859-1?q?ClamAV=AE_blog=3A_ClamAV_0=2E103?= =?iso-8859-1?q?=2E3_patch_release?='

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       clamav-users
Subject:    [clamav-users] =?iso-8859-1?q?ClamAV=AE_blog=3A_ClamAV_0=2E103?= =?iso-8859-1?q?=2E3_patch_release?=
From:       "Joel Esler \(jesler\) via clamav-users" <clamav-users () lists ! clamav ! net>
Date:       2021-06-21 16:58:02
Message-ID: FF36F85C-8488-43F1-A812-D9B6E81AF70C () cisco ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


> 
> https://blog.clamav.net/2021/06/clamav-01033-patch-release.html \
> <https://blog.clamav.net/2021/06/clamav-01033-patch-release.html> 
> ClamAV 0.103.3 patch release
> 
> ClamAV 0.103.3 is out now. Users can head over to clamav.net/downloads \
> <https://www.clamav.net/downloads> to download the release materials. 
> 
> 0.103.3 includes the following fixes:
> 
> Fixed a scan performance issue when ENGINE_OPTIONS_FORCE_TO_DISK is enabled. This \
> issue did not impacted most users but for those affected it caused every scanned \
> file to be copied to the temp directory before the scan. 
> Fix ClamDScan crashes when using the --fdpass --multiscan command-line options in \
> combination with the ClamD ExcludePath config file options. 
> Fixed an issue where the mirrors.dat file is owned by root when starting as root \
> (or with sudo) and using daemon-mode. File ownership will be set to the \
> DatabaseOwner just before FreshClam switches to run as that user. 
> Renamed the mirrors.dat file to freshclam.dat.
> 
> We used to recommend deleting mirrors.dat if FreshClam failed to update. This is \
> because mirrors.dat used to keep track of offline mirrors and network interruptions \
> were known to cause FreshClam to think that all mirrors were offline. ClamAV now \
> uses a paid CDN instead of a mirror network, and the new FreshClam DAT file no \
> longer stores that kind of information. The UUID used in ClamAV's HTTP User-Agent \
> is stored in the FreshClam DAT file and we want the UUID to persist between runs, \
> even if there was a failure. 
> Unfortunately, some users have FreshClam configured to automatically delete \
> mirrors.dat if FreshClam failed. Renaming mirrors.dat to freshclam.dat should make \
> it so those scripts don't delete important FreshClam data. 
> Disabled the HTTPUserAgent config option if the DatabaseMirror uses clamav.net. \
> This will prevent users from being inadvertently blocked and will ensure that we \
> can keep better metrics on which ClamAV versions are being used. 
> This change effectively deprecates the HTTPUserAgent option for most users.
> 
> Moved the detection for Heuristics.PNG.CVE-2010-1205 behind the ClamScan \
> --alert-broken-media option (ClamD AlertBrokenMedia yes) option. This type of PNG \
> issue appears to be common enough to be an annoyance, and the CVE is old enough \
> that no one should be vulnerable at this point. 
> Fix ClamSubmit failures after changes to Cloudflare "__cfduid" cookies. See: \
> https://blog.cloudflare.com/deprecating-cfduid-cookie/ \
> <https://blog.cloudflare.com/deprecating-cfduid-cookie/> Special thanks to the \
> following for code contributions and bug reports: 
> Stephen Agate
> Tom Briden


[Attachment #5 (unknown)]

<html><head><meta http-equiv="Content-Type" content="text/html; \
charset=us-ascii"><base></head><body style="word-wrap: break-word; -webkit-nbsp-mode: \
space; line-break: after-white-space;" class=""><base class=""><div \
class="Apple-Mail-URLShareUserContentTopClass"><br class=""></div><div \
class="Apple-Mail-URLShareWrapperClass"><blockquote type="cite" \
style="border-left-style: none; color: inherit; padding: inherit; margin: inherit;" \
class=""><div class=""><div class="original-url"><br class=""><a \
href="https://blog.clamav.net/2021/06/clamav-01033-patch-release.html" \
class="">https://blog.clamav.net/2021/06/clamav-01033-patch-release.html</a><br \
class=""><br class=""></div><div id="article" role="article" style="text-rendering: \
optimizeLegibility; font-family: -apple-system-font; font-size: 1.2em; line-height: \
1.5em; margin: 0px; padding: 0px;" class="system exported">  <!-- This node will \
contain a number of div.page. -->  <div class="page" style="word-wrap: break-word; \
max-width: 100%;"><h1 class="title" style="font-size: 1.95552em; line-height: \
1.2141em; margin-top: 0px; margin-bottom: 0.5em; max-width: 100%;">ClamAV 0.103.3 \
patch release</h1><p style="max-width: 100%;" class="">ClamAV 0.103.3 is out now. \
Users can head over to <a href="https://www.clamav.net/downloads" target="_blank" \
style="color: rgb(73, 129, 254); max-width: 100%;" class="">clamav.net/downloads</a> \
to download the release materials.</p><div style="max-width: 100%;" \
class="">&nbsp;<br class="webkit-block-placeholder"></div><p style="max-width: 100%;" \
class="">0.103.3 includes the following fixes: </p><ul style="max-width: 100%;" \
class=""><li style="max-width: 100%;" class=""><p style="max-width: 100%;" \
class="">Fixed a scan performance issue when ENGINE_OPTIONS_FORCE_TO_DISK is enabled. \
This issue did not impacted most users but for those affected it caused every scanned \
file to be copied to the temp directory before the scan.</p> </li><li \
style="max-width: 100%;" class=""><p style="max-width: 100%;" class="">Fix ClamDScan \
crashes when using the <code style="max-width: 100%;" class="">--fdpass \
--multiscan</code> command-line options in combination with the ClamD <code \
style="max-width: 100%;" class="">ExcludePath</code> config file options.</p> \
</li><li style="max-width: 100%;" class=""><p style="max-width: 100%;" class="">Fixed \
an issue where the <code style="max-width: 100%;" class="">mirrors.dat</code> file is \
owned by root when starting as root (or with sudo) and using daemon-mode. File \
ownership will be set to the <code style="max-width: 100%;" \
class="">DatabaseOwner</code> just before FreshClam switches to run as that user.</p> \
</li><li style="max-width: 100%;" class=""><p style="max-width: 100%;" \
class="">Renamed the <code style="max-width: 100%;" class="">mirrors.dat</code> file \
to <code style="max-width: 100%;" class="">freshclam.dat</code>.</p><p \
style="max-width: 100%;" class="">We used to recommend deleting <code \
style="max-width: 100%;" class="">mirrors.dat</code> if FreshClam failed to update. \
This is because <code style="max-width: 100%;" class="">mirrors.dat</code> used to \
keep track of offline mirrors and network interruptions were known to cause FreshClam \
to think that all mirrors were offline. ClamAV now uses a paid CDN instead of a \
mirror network, and the new FreshClam DAT file no longer stores that kind of \
information. The UUID used in ClamAV's HTTP User-Agent is stored in the FreshClam DAT \
file and we want the UUID to persist between runs, even if there was a failure.</p><p \
style="max-width: 100%;" class="">Unfortunately, some users have FreshClam configured \
to automatically delete <code style="max-width: 100%;" class="">mirrors.dat</code> if \
FreshClam failed. Renaming <code style="max-width: 100%;" class="">mirrors.dat</code> \
to <code style="max-width: 100%;" class="">freshclam.dat</code> should make it so \
those scripts don't delete important FreshClam data.</p> </li><li style="max-width: \
100%;" class=""><p style="max-width: 100%;" class="">Disabled the <code \
style="max-width: 100%;" class="">HTTPUserAgent</code> config option if the <code \
style="max-width: 100%;" class="">DatabaseMirror</code> uses <a \
href="http://clamav.net" class="">clamav.net</a>. This will prevent users from being \
inadvertently blocked and will ensure that we can keep better metrics on which ClamAV \
versions are being used.</p><p style="max-width: 100%;" class="">This change \
effectively deprecates the <code style="max-width: 100%;" \
class="">HTTPUserAgent</code> option for most users.</p> </li><li style="max-width: \
100%;" class=""><p style="max-width: 100%;" class="">Moved the detection for \
Heuristics.PNG.CVE-2010-1205 behind the ClamScan <code style="max-width: 100%;" \
class="">--alert-broken-media</code> option (ClamD <code style="max-width: 100%;" \
class="">AlertBrokenMedia yes</code>) option. This type of PNG issue appears to be \
common enough to be an annoyance, and the CVE is old enough that no one should be \
vulnerable at this point.</p> </li><li style="max-width: 100%;" class=""><p \
style="max-width: 100%;" class="">Fix ClamSubmit failures after changes to Cloudflare \
                "__cfduid" cookies.
See: <a href="https://blog.cloudflare.com/deprecating-cfduid-cookie/" rel="nofollow" \
style="color: rgb(73, 129, 254); max-width: 100%;" \
class="">https://blog.cloudflare.com/deprecating-cfduid-cookie/</a></p> </li></ul><p \
style="max-width: 100%;" class="">Special thanks to the following for code \
contributions and bug reports:</p> <ul style="max-width: 100%;" class=""><li \
style="max-width: 100%;" class="">Stephen Agate</li><li style="max-width: 100%;" \
class="">Tom Briden</li></ul></div></div></div></blockquote></div></body></html>


["smime.p7s" (smime.p7s)]

0€	*†H†÷
 €0€10
	`†He0€	*†H†÷
 ‚	0‚n0‚V 
a€m0
	*†H†÷
0510U

Cisco Systems10UCisco Root CA 20480
140404202418Z
290514202542Z0,10U
Cisco10UCisco Employee CA0‚"0
	*†H†÷
‚0‚
‚Êß~LSû#VÍÆ¹e
•åÞLEgŒÇà«m_7*{çí£€Èó‚ëîŸPÙÉ¿=¡/»<5ï¸¥ÙQNÙ°÷S ”€,,’eo¡†k_@
™¥PDMÏæLûFHã×ác×Õè'¿n²C»e/}öY]›Å,}½ëD°Rá \
üíY÷“§«1¦BB9'ÓbÆT,&ŒÛ=Ð¨Žê(¤þ½¬<žMÖÕL¯ŒËÿKŸlq2$aí«¾êq´hŒ»Èôä‹?wS¢~žsãWt^ƒ \
Òè“ÆÌ4‘—×“uT´_ƒ,¨°ewÙRäî"w£‚‡0‚ƒ0	+‚70UŸ•6´Ž]ÕKÃ \
Á§)“CQý‰Q0	+‚7 \
SubCA0U†0Uÿ0ÿ0U#0€'óÈnš	+ \
‰`_Ú{/ª0CU<0:08 6 \
4†2http://www.cisco.com/security/pki/crl/crca2048.crl0P+D0B0@+0†4http://www.cisco.com/security/pki/certs/crca2048.cer0\U \
U0S0Q +	0C0A+5http://www.cisco.com/security/pki/policies/index.html0
 	*†H†÷
‚>N¾#F^kÛŠ4c›å<&]Œp²$ë`^ìŠ„d.Y£gáãýàM}Dš#(Òí¶÷¢çDÍímê†!T(¬la¼ûÈeP@Š*‹üŸnžõÅ>¥¢©®q¦»I2KJX“L6é÷/
 è€ë8]TyÊ…R¤¤âVwÓ
!Nœ$2â¾¥Ãq-Nˆ7Ôð/VhFGEk]Pˆ%÷:)¤ñˆAS~W1†*Öàg‡ØS«£uw¾Û!È:G´i'Õîß÷ôÖqºzÑs/}ÝÍ¦x”(eÃ‰w^Bêè \
1yv:Av ‘ AP‚	)² oëâ?"Öú?¸F«¶°0‚ 0‚ˆ 
†»8Nò•‘0
	*†H†÷
0,10U
Cisco10UCisco Employee CA0
200908204003Z
220908205003Z0•10UJoel Esler (jesler)10UCisco \
Users10U	Employees10  ’&‰“ò,dcom10
	’&‰“ò,dcisco10	*†H†÷
	jesler@cisco.com0‚"0
	*†H†÷
‚0‚
‚¶XÜôJ\f ÜnbH„ghè¢>qæ„TÉW¾î6¥);óÝ¿z¥_Øû,µCM¥ùõñÞOâOËgü+|B’ý_‡@/	ðf\_‚"ù° \
[t/FØè²#ŠU¾jD[–r¢!£\@™âÔ„ÛbêH×=Ýp«—Ì0q—@>ß»ž•ª¿/.Q8w–bw¬e¢µàƒ…ËÞU»TB \
}G[/‹ŠànÝ_uÀŠJ@©â×º0)+ÚwVëûY=ÎXƒ6dípu•~8$-‘1¸Ò·o! Ú¥Á"¢LkŠæ‹£ÓùSzPª§‡mw’¬ý \
z8+·¿Ÿ o£‚X0‚T0Uÿð0Uÿ00z+n0l0<+0†0http://www.cisco.com/security/pki/certs/ceca.cer0,+0† \
http://pkicvs.cisco.com/pki/ocsp0U#0€Ÿ•6´Ž]ÕKÃ Á§)“CQý‰Q0:U3010/ - \
+†)http://ciscocerts.cisco.com/file/ceca.crl0U0jesler@cisco.com0Uìé!¸‹sâr¯š\„õ`½ƒe0U%0
 +‚7
+0
	*†H†÷
‚0eF)Ð&õA{!6y„.d¿‹µ~íËŽ6/ì‚Ž°ùk^õ¼PËµ OBr \
ü8Kq7ý•jª·r}ÇtŽJhêð©1hƒÕ,ábé \
}¡Ÿ£æAo*®X.Òòi"Çd#bßs_RÙSò7ŠœëïóW™Ô4‰ü7?›nYŸL©_ü—Õ ”xÇ^^A$ \
º9ñüËA0ÊŒ%XôŒéÉ£&†n§u-z\¥ŒÏL¾îêç tñYˆºUz‘ƒJ²z<³zIÇ[÷öVóý<F§ \
c“àªmy²ò\žºæŽàô8Y^¾ßÇù#O¦Ò1‚j0‚f0:0,10U Cisco10UCisco \
Employee CA †»8Nò•‘0
	`†He ‚0	*†H†÷
	1	*†H†÷
0	*†H†÷
	1
210621165802Z0/	*†H†÷
	1" 3:EÐfýÑsôôÙO#ÖOA(ÑbÿËB$ÚRÖ0I	+‚71<0:0,10U
Cisco10UCisco Employee CA
†»8Nò•‘0K*†H†÷
	1< :0,10U
Cisco10UCisco Employee CA
†»8Nò•‘0
	*†H†÷
‚2eU†I.áÓ(¥wyÄý¥DT†´µÓ+œCÖ•ìj=Í¨´—IÄ
å˜g9µ³¬VÎ¥çëY‡Ò#JƒÉ%/©¬V1vŸyñ$ìAôì¬)ðÊ–¯Îló;¬©eÀŠÏÄ7 ¨C/í&ý¬@·Ý4#•43&úúôœW
Ç¬quw¨VÒFëÎ-c.ƒ7g:,–´ßóîjâ¬-SGEzš'Ž²±;)<:ö~ÊÓ‚½˜àkž/aÊJSi¶é¨s¤&ml¶X_ƒ.ÞPc¤·Dœ˜…S~fŸ‰¨ÿIÏ@I}v”kÄîãÚþ™ò3©4žãm \
X×á_


_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

--===============6502340388765124388==--

[prev in list] [next in list] [prev in thread] [next in thread]