[Pkg-clamav-devel] Bug#818346: Bug#818346: clamav-freshclam: freshclam no longer able to update virus definitions
Scott Kitterman
debian at kitterman.com
Wed Mar 16 09:36:52 UTC 2016
On March 16, 2016 4:19:31 AM EDT, Paul Osborne <paul.osborne at canterbury.ac.uk> wrote:
>Package: clamav-freshclam
>Version: 0.99+dfsg-0+deb7u2
>Severity: important
>
>Dear Maintainer,
>*** Please consider answering these questions, where appropriate ***
>
> * What led up to the situation?
>
>ClamAV have released 0.99.1 - which no longer provides definition
>updates for
>clamav 0.98 or 0.99 as provided in oldstable, stable or backports.
There's a new definition update infrastructure coming online that was supposed to be in production as of Monday that still isn't working yet. The lack of recent updates is unrelated to the new version.
We do expect to make 0.99.1 available for stable/oldstable soon, but 0.99 should continue to work until we do.
Scott K
> * What exactly did you do (or not do) that was effective (or
> ineffective)?o
>
>Nothing, the package is out of sync with the vendor definitions.
>
> * What was the outcome of this action?
>
>n/a
> * What outcome did you expect instead?
>
>n/a
>
>
>Output from Freshclam logs:
>
>Wed Mar 16 05:52:35 2016 -> --------------------------------------
>Wed Mar 16 06:52:35 2016 -> Received signal: wake up
>Wed Mar 16 06:52:35 2016 -> Max retries == 5
>Wed Mar 16 06:52:35 2016 -> ClamAV update process started at Wed Mar 16
>06:52:35 2016
>Wed Mar 16 06:52:35 2016 -> Using IPv6 aware code
>Wed Mar 16 06:52:35 2016 -> Querying current.cvd.clamav.net
>Wed Mar 16 06:52:35 2016 -> TTL: 1800
>Wed Mar 16 06:52:35 2016 -> Software version from DNS: 0.99.1
>Wed Mar 16 06:52:35 2016 -> WARNING: Your ClamAV installation is
>OUTDATED!
>Wed Mar 16 06:52:35 2016 -> WARNING: Local version: 0.99 Recommended
>version: 0.99.1
>Wed Mar 16 06:52:35 2016 -> DON'T PANIC! Read
>http://www.clamav.net/support/faq
>Wed Mar 16 06:52:35 2016 -> main.cvd version from DNS: 55
>Wed Mar 16 06:52:35 2016 -> Connecting via wproxy.canterbury.ac.uk
>Wed Mar 16 06:52:35 2016 -> main.cld is up to date (version: 55, sigs:
>2424225, f-level: 60, builder: neo)
>Wed Mar 16 06:52:35 2016 -> daily.cvd version from DNS: 21464
>Wed Mar 16 06:52:35 2016 -> Connecting via wproxy.canterbury.ac.uk
>Wed Mar 16 06:52:35 2016 -> daily.cvd is up to date (version: 21464,
>sigs: 1878899, f-level: 63, builder: neo)
>Wed Mar 16 06:52:35 2016 -> bytecode.cvd version from DNS: 274
>Wed Mar 16 06:52:35 2016 -> Connecting via wproxy.canterbury.ac.uk
>Wed Mar 16 06:52:35 2016 -> bytecode.cld is up to date (version: 274,
>sigs: 49, f-level: 63, builder: anvilleg)
>
>
>
>
>-- Package-specific info:
>--- configuration ---
>Checking configuration files in /etc/clamav
>
>Config file: clamd.conf
>-----------------------
>LogFile = "/var/log/clamav/clamav.log"
>StatsHostID disabled
>StatsEnabled disabled
>StatsPEDisabled disabled
>StatsTimeout disabled
>LogFileUnlock disabled
>LogFileMaxSize = "4294967295"
>LogTime = "yes"
>LogClean disabled
>LogSyslog disabled
>LogFacility = "LOG_LOCAL6"
>LogVerbose = "yes"
>LogRotate = "yes"
>ExtendedDetectionInfo = "yes"
>PidFile = "/var/run/clamav/clamd.pid"
>TemporaryDirectory disabled
>DatabaseDirectory = "/var/lib/clamav"
>OfficialDatabaseOnly disabled
>LocalSocket = "/var/run/clamav/clamd.ctl"
>LocalSocketGroup = "clamav"
>LocalSocketMode = "666"
>FixStaleSocket = "yes"
>TCPSocket disabled
>TCPAddr disabled
>MaxConnectionQueueLength = "15"
>StreamMaxLength = "26214400"
>StreamMinPort = "1024"
>StreamMaxPort = "2048"
>MaxThreads = "12"
>ReadTimeout = "180"
>CommandReadTimeout = "5"
>SendBufTimeout = "200"
>MaxQueue = "100"
>IdleTimeout = "30"
>ExcludePath disabled
>MaxDirectoryRecursion = "15"
>FollowDirectorySymlinks disabled
>FollowFileSymlinks disabled
>CrossFilesystems = "yes"
>SelfCheck = "3600"
>DisableCache disabled
>VirusEvent disabled
>ExitOnOOM disabled
>AllowAllMatchScan = "yes"
>Foreground disabled
>Debug disabled
>LeaveTemporaryFiles disabled
>User = "clamav"
>AllowSupplementaryGroups = "yes"
>Bytecode = "yes"
>BytecodeSecurity = "TrustSigned"
>BytecodeTimeout = "60000"
>BytecodeUnsigned disabled
>BytecodeMode = "Auto"
>DetectPUA disabled
>ExcludePUA disabled
>IncludePUA disabled
>AlgorithmicDetection = "yes"
>ScanPE = "yes"
>ScanELF = "yes"
>DetectBrokenExecutables disabled
>ScanMail = "yes"
>ScanPartialMessages disabled
>PhishingSignatures = "yes"
>PhishingScanURLs = "yes"
>PhishingAlwaysBlockCloak disabled
>PhishingAlwaysBlockSSLMismatch disabled
>PartitionIntersection disabled
>HeuristicScanPrecedence disabled
>StructuredDataDetection disabled
>StructuredMinCreditCardCount = "3"
>StructuredMinSSNCount = "3"
>StructuredSSNFormatNormal = "yes"
>StructuredSSNFormatStripped disabled
>ScanHTML = "yes"
>ScanOLE2 = "yes"
>OLE2BlockMacros disabled
>ScanPDF = "yes"
>ScanSWF = "yes"
>ScanArchive = "yes"
>ArchiveBlockEncrypted disabled
>ForceToDisk disabled
>MaxScanSize = "104857600"
>MaxFileSize = "26214400"
>MaxRecursion = "16"
>MaxFiles = "10000"
>MaxEmbeddedPE = "10485760"
>MaxHTMLNormalize = "10485760"
>MaxHTMLNoTags = "2097152"
>MaxScriptNormalize = "5242880"
>MaxZipTypeRcg = "1048576"
>MaxPartitions = "50"
>MaxIconsPE = "100"
>PCREMatchLimit = "10000"
>PCRERecMatchLimit = "5000"
>PCREMaxFileSize = "26214400"
>ScanOnAccess disabled
>OnAccessMountPath disabled
>OnAccessIncludePath disabled
>OnAccessExcludePath disabled
>OnAccessExcludeUID disabled
>OnAccessMaxFileSize = "5242880"
>OnAccessDisableDDD disabled
>OnAccessPrevention disabled
>OnAccessExtraScanning disabled
>DevACOnly disabled
>DevACDepth disabled
>DevPerformance disabled
>DevLiblog disabled
>DisableCertCheck disabled
>
>Config file: freshclam.conf
>---------------------------
>StatsHostID disabled
>StatsEnabled disabled
>StatsTimeout disabled
>LogFileMaxSize = "4294967295"
>LogTime = "yes"
>LogSyslog disabled
>LogFacility = "LOG_LOCAL6"
>LogVerbose disabled
>LogRotate = "yes"
>PidFile = "/var/run/clamav/freshclam.pid"
>DatabaseDirectory = "/var/lib/clamav"
>Foreground disabled
>Debug disabled
>AllowSupplementaryGroups disabled
>UpdateLogFile = "/var/log/clamav/freshclam.log"
>DatabaseOwner = "clamav"
>Checks = "24"
>DNSDatabaseInfo = "current.cvd.clamav.net"
>DatabaseMirror = "db.local.clamav.net", "database.clamav.net"
>PrivateMirror disabled
>MaxAttempts = "5"
>ScriptedUpdates = "yes"
>TestDatabases = "yes"
>CompressLocalDatabase disabled
>ExtraDatabase disabled
>DatabaseCustomURL disabled
>HTTPProxyServer = "wproxy.canterbury.ac.uk"
>HTTPProxyPort = "3128"
>HTTPProxyUsername disabled
>HTTPProxyPassword disabled
>HTTPUserAgent disabled
>NotifyClamd = "/etc/clamav/clamd.conf"
>OnUpdateExecute disabled
>OnErrorExecute disabled
>OnOutdatedExecute disabled
>LocalIPAddress disabled
>ConnectTimeout = "30"
>ReceiveTimeout = "30"
>SubmitDetectionStats disabled
>DetectionStatsCountry disabled
>DetectionStatsHostID disabled
>SafeBrowsing disabled
>Bytecode = "yes"
>
>clamav-milter.conf not found
>
>Software settings
>-----------------
>Version: 0.99
>Optional features supported: MEMPOOL IPv6 FRESHCLAM_DNS_FIX AUTOIT_EA06
>BZIP2 LIBXML2 PCRE ICONV JSON JIT
>
>Database information
>--------------------
>Database directory: /var/lib/clamav
>[3rd Party] foxhole_generic.cdb: 191 sigs
>[3rd Party] winnow_bad_cw.hdb: 1 sig
>[3rd Party] rogue.hdb: 10271 sigs
>[3rd Party] spamattach.hdb: 1 sig
>[3rd Party] crdfam.clamav.hdb: 4999 sigs
>[3rd Party] phish.ndb: 26033 sigs
>[3rd Party] junk.ndb: 52669 sigs
>bytecode.cld: version 274, sigs: 49, built on Tue Mar 8 16:57:12 2016
>[3rd Party] bofhland_cracked_URL.ndb: 114 sigs
>daily.cld: version 21464, sigs: 1878899, built on Fri Mar 11 17:31:38
>2016
>[3rd Party] bofhland_malware_attach.hdb: 1717 sigs
>[3rd Party] sanesecurity.ftm: 170 sigs
>[3rd Party] spamimg.hdb: 6 sigs
>[3rd Party] scamnailer.ndb: 49134 sigs
>[3rd Party] bofhland_phishing_URL.ndb: 198 sigs
>[3rd Party] winnow_extended_malware.hdb: 1486 sigs
>[3rd Party] winnow.attachments.hdb: 5894 sigs
>[3rd Party] bofhland_malware_URL.ndb: 36 sigs
>[3rd Party] phishtank.ndb: 27859 sigs
>[3rd Party] winnow_malware_links.ndb: 3920 sigs
>[3rd Party] blurl.ndb: 1479 sigs
>[3rd Party] foxhole_filename.cdb: 187 sigs
>[3rd Party] winnow_malware.hdb: 1575 sigs
>[3rd Party] porcupine.ndb: 2525 sigs
>[3rd Party] jurlbl.ndb: 11135 sigs
>[3rd Party] scam.ndb: 12381 sigs
>main.cld: version 55, sigs: 2424225, built on Tue Sep 17 15:57:28 2013
>Total number of signatures: 4517154
>
>Platform information
>--------------------
>uname: Linux 3.2.0-4-amd64 #1 SMP Debian 3.2.73-2+deb7u3 x86_64
>OS: linux-gnu, ARCH: x86_64, CPU: x86_64
>Full OS version: Debian GNU/Linux 7.9 (wheezy)
>zlib version: 1.2.7 (1.2.7), compile flags: a9
>Triple: x86_64-pc-linux-gnu
>CPU: core2, Little-endian
>platform id: 0x0a2151510804070201040702
>
>Build information
>-----------------
>GNU C: 4.7.2 (4.7.2)
>GNU C++: 4.7.2 (4.7.2)
>CPPFLAGS: -D_FORTIFY_SOURCE=2
>CFLAGS: -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat
>-Werror=format-security -Wall -D_FILE_OFFSET_BITS=64
>-D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE
>CXXFLAGS:
>LDFLAGS: -Wl,-z,relro -Wl,--as-needed -L/usr/lib/x86_64-linux-gnu
>-lpcre
>Configure: '--build=x86_64-linux-gnu' '--prefix=/usr'
>'--includedir=/usr/include' '--mandir=/usr/share/man'
>'--infodir=/usr/share/info' '--sysconfdir=/etc' '--localstatedir=/var'
>'--libexecdir=/usr/lib/clamav' '--disable-maintainer-mode'
>'--disable-dependency-tracking' 'CFLAGS=-g -O2 -fstack-protector
>--param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wall
>-D_FILE_OFFSET_BITS=64' 'CPPFLAGS=-D_FORTIFY_SOURCE=2' 'CXXFLAGS=-g -O2
>-fstack-protector --param=ssp-buffer-size=4 -Wformat
>-Werror=format-security -Wall -D_FILE_OFFSET_BITS=64'
>'LDFLAGS=-Wl,-z,relro -Wl,--as-needed' '--with-dbdir=/var/lib/clamav'
>'--sysconfdir=/etc/clamav' '--disable-clamav' '--disable-unrar'
>'--enable-milter' '--enable-dns-fix' '--with-libjson' '--with-gnu-ld'
>'-with-system-llvm=/usr/bin/llvm-config' '--with-llvm-linking=dynamic'
>'build_alias=x86_64-linux-gnu'
>sizeof(void*) = 8
>Engine flevel: 81, dconf: 81
>
>--- data dir ---
>total 311672
>-rw-r--r-- 1 clamav clamav 187538 Mar 16 03:55 blurl.ndb
>-rw-r--r-- 1 clamav clamav 14190 Mar 11 22:47
>bofhland_cracked_URL.ndb
>-rw-r--r-- 1 clamav clamav 4372 Mar 15 08:48
>bofhland_malware_URL.ndb
>-rw-r--r-- 1 clamav clamav 99124 Mar 11 02:48
>bofhland_malware_attach.hdb
>-rw-r--r-- 1 clamav clamav 25064 Mar 16 00:48
>bofhland_phishing_URL.ndb
>-rw-r--r-- 1 clamav clamav 411648 Mar 8 17:42 bytecode.cld
>-rw-r--r-- 1 clamav clamav 417225 Mar 16 03:48 crdfam.clamav.hdb
>-rw-r--r-- 1 clamav clamav 120297984 Mar 11 18:17 daily.cld
>-rw-r--r-- 1 clamav clamav 16090 Mar 15 08:57 foxhole_filename.cdb
>-rw-r--r-- 1 clamav clamav 44049 Mar 15 11:53 foxhole_generic.cdb
>-rw-r--r-- 1 clamav clamav 6565485 Mar 8 11:55 junk.ndb
>-rw-r--r-- 1 clamav clamav 1315569 Mar 16 05:54 jurlbl.ndb
>-rw-r--r-- 1 clamav clamav 163468288 Sep 17 2013 main.cld
>-rw-r--r-- 1 clamav clamav 3828507 Mar 15 11:53 phish.ndb
>-rw-r--r-- 1 clamav clamav 3931086 Mar 16 06:46 phishtank.ndb
>-rw-r--r-- 1 clamav clamav 289039 Mar 16 05:46 porcupine.ndb
>-rw-r--r-- 1 clamav clamav 1103845 Mar 16 06:54 rogue.hdb
>-rw-r--r-- 1 clamav clamav 11102 Mar 9 08:56 sanesecurity.ftm
>-rw-r--r-- 1 clamav clamav 1879785 Mar 15 16:00 scam.ndb
>-rw-r--r-- 1 clamav clamav 13658703 Mar 16 06:45 scamnailer.ndb
>-rw-r--r-- 1 clamav clamav 6652 Mar 14 11:52 sigwhitelist.ign2
>-rw-r--r-- 1 clamav clamav 99 Jan 15 10:58 spamattach.hdb
>-rw-r--r-- 1 clamav clamav 576 Dec 24 16:50 spamimg.hdb
>-rw-r--r-- 1 clamav clamav 526635 Mar 9 06:45
>winnow.attachments.hdb
>-rw-r--r-- 1 clamav clamav 66 Mar 9 06:45 winnow_bad_cw.hdb
>-rw-r--r-- 1 clamav clamav 92951 Mar 15 23:45
>winnow_extended_malware.hdb
>-rw-r--r-- 1 clamav clamav 96460 Mar 15 23:45 winnow_malware.hdb
>-rw-r--r-- 1 clamav clamav 428812 Mar 15 23:45
>winnow_malware_links.ndb
>
>-- System Information:
>Debian Release: 7.9
> APT prefers oldstable-updates
> APT policy: (500, 'oldstable-updates'), (500, 'oldstable')
>Architecture: amd64 (x86_64)
>
>Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
>Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
>Shell: /bin/sh linked to /bin/dash
>
>Versions of packages clamav-freshclam depends on:
>ii clamav-base 0.99+dfsg-0+deb7u2
>ii debconf [debconf-2.0] 1.5.49
>ii dpkg 1.16.17
>ii libc6 2.13-38+deb7u10
>ii libclamav7 0.99+dfsg-0+deb7u2
>ii libssl1.0.0 1.0.1e-2+deb7u20
>ii logrotate 3.8.1-4
>ii lsb-base 4.1+Debian8+deb7u1
>ii procps 1:3.3.3-3
>ii ucf 3.0025+nmu3
>ii zlib1g 1:1.2.7.dfsg-13
>
>clamav-freshclam recommends no packages.
>
>Versions of packages clamav-freshclam suggests:
>pn apparmor <none>
>pn clamav-docs <none>
>
>-- debconf information:
> clamav-freshclam/autoupdate_freshclam: daemon
> clamav-freshclam/proxy_user:
> clamav-freshclam/NotifyClamd: false
> clamav-freshclam/local_mirror: db.local.clamav.net
> clamav-freshclam/http_proxy: http://wproxy.canterbury.ac.uk:3128/
> clamav-freshclam/LogRotate: true
> clamav-freshclam/Bytecode: true
> clamav-freshclam/update_interval: 24
> clamav-freshclam/SafeBrowsing: false
> clamav-freshclam/PrivateMirror:
> clamav-freshclam/internet_interface:
>
>_______________________________________________
>Pkg-clamav-devel mailing list
>Pkg-clamav-devel at lists.alioth.debian.org
>http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-clamav-devel
More information about the Pkg-clamav-devel
mailing list