Web lists-archives.com

Re: clamav, major screwup, need 99.3 from fresh build soonest for wheezy




On Friday 26 January 2018 13:50:58 Roberto C. Sánchez wrote:

> On Fri, Jan 26, 2018 at 01:40:45PM -0500, Gene Heskett wrote:
> > --
> > Cheers, Gene Heskett
> > --
> > "There are four boxes to be used in defense of liberty:
> >  soap, ballot, jury, and ammo. Please use in that order."
> > -Ed Howdershelt (Author)
> > Genes Web page <http://geneslinuxbox.net:6309/gene>
>
> Did you hit "send" by accident before typing the body of your message?
> The subject is not especially clear with regards to the nature of your
> problem or how you may want to solve it.
>
> Regards,
>
> -Roberto

The subject line pretty much says it. A bug has existed, un-noticed since 
2016 in the clamav daemon, and a new signature added yesterday triggers 
a loop, using up all the *nix file descriptors, effectively bricking the 
machine in a few minutes.

Clamav has now released a version 99.3 that fixes both problems, and all 
distributions running an older version need an updated, built from 
sources today or tomorrow, before we can re-enable our system or 
incoming viri scans.  IOW, its turned into a major screwup. Otherwise 
we'll all have to pull the fixed version and build it ourselves.

That triggering signature has been found and deleted from daily.cvd, but 
there are a million+ vulnerable versions of clamav out there, just 
waiting to bite us again. There are build instructions here:

<http://www.clamav.net/downloads>

If some of this urgency could be relayed to the packagers, I am sure it 
will be appreciated.

Thank you.
-- 
Cheers, Gene Heskett
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page <http://geneslinuxbox.net:6309/gene>