New ClamAV out

Randal, Phil prandal at
Sat Dec 16 20:11:22 CET 2006

Perhaps Julian can amend install-Clam-SA to force a build and reinstall
of Mail::ClamAV every time.


Little overhead, but worth it if this is going to cause us problems







From: mailscanner-bounces at
[mailto:mailscanner-bounces at] On Behalf Of Way to
the Web
Sent: Saturday, December 16, 2006 3:49 PM
To: MailScanner discussion
Subject: Re: New ClamAV out


On 12/12/06, Denis Beauchemin <Denis.Beauchemin at
<mailto:Denis.Beauchemin at> > wrote:

Denis Beauchemin a écrit :
> Release Name: 0.88.7
> Hello all,
> Our security guy pointed the following advisory for Clam 0.88.6 and
> prior versions:
> Clam AntiVirus MIME Attachments Handling Remote Denial of Service
> Vulnerability
> This comes from Clam 0.88.7:
> This version improves scanning of mail and tar files. 
> Changes:
> Mon Dec 11 02:47:03 CET 2006
> ----------------------------
>  * Bugfixes:
>    - libclamav/message.c: handle consecutive errors in base64 decoding
>    - libclamav/mbox.c: honour recursion limit when scanning email 
> messages
>    - clamscan: new option --mail-max-recursion
>    - clamd/clamav-milter: new option MailMaxRecursion
>    - libclamav/untar.c: honour archive limits
> Denis
Just wanted to let you know that there seems to be a problem with the
new ClamAV and ZIP files: I get a lot of:
Dec 12 12:37:52  <> MailScanner warning: numerical
links are often malicious: MailScanner[31880]:
ClamAVModule::INFECTED:: Oversized.Zip::

I had none yesterday and I have 20 since upgrading Clam this morning.


  °v°   Denis Beauchemin, analyste
/(_)\  Université de Sherbrooke, S.T.I.
  ^ ^   T: 819.821.8000x62252 F: 819.821.8045

MailScanner mailing list
mailscanner at
<mailto:mailscanner at>

Before posting, read

Support MailScanner development - buy the book off the website!

If anyone is still seeing this problem, we found that it's fixed by
force reinstalling the clamav perl module. According to the clamav

Due to the changes in libclamav, 0.88.7 is not binary compatible with
versions. To solve the issues you have to recompile all the software
which is 
linked against libclamav. 

Sarah Trayser

-------------- next part --------------
An HTML attachment was scrubbed...

More information about the MailScanner mailing list