New ClamAV out
John Rudd
jrudd at ucsc.edu
Sat Dec 16 22:18:41 CET 2006
Actually, I kind of wish there was something like MajorSophos.sh that
worked for ClamAV.
Randal, Phil wrote:
> Perhaps Julian can amend install-Clam-SA to force a build and reinstall
> of Mail::ClamAV every time.
>
>
>
> Little overhead, but worth it if this is going to cause us problems
> again.
>
>
>
> Cheers,
>
>
>
> Phil
>
>
>
> _____
>
> From: mailscanner-bounces at lists.mailscanner.info
> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Way to
> the Web
> Sent: Saturday, December 16, 2006 3:49 PM
> To: MailScanner discussion
> Subject: Re: New ClamAV out
>
>
>
> On 12/12/06, Denis Beauchemin <Denis.Beauchemin at usherbrooke.ca
> <mailto:Denis.Beauchemin at usherbrooke.ca> > wrote:
>
> Denis Beauchemin a écrit :
>> Release Name: 0.88.7
>>
>> Hello all,
>>
>> Our security guy pointed the following advisory for Clam 0.88.6 and
>> prior versions: http://www.frsirt.com/english/advisories/2006/4948
> <http://www.frsirt.com/english/advisories/2006/4948>
>> Clam AntiVirus MIME Attachments Handling Remote Denial of Service
>> Vulnerability
>>
>> This comes from Clam 0.88.7:
>> This version improves scanning of mail and tar files.
>>
>> Changes:
>> Mon Dec 11 02:47:03 CET 2006
>> ----------------------------
>> * Bugfixes:
>> - libclamav/message.c: handle consecutive errors in base64 decoding
>> - libclamav/mbox.c: honour recursion limit when scanning email
>> messages
>> - clamscan: new option --mail-max-recursion
>> - clamd/clamav-milter: new option MailMaxRecursion
>> - libclamav/untar.c: honour archive limits
>>
>> Denis
>>
> Just wanted to let you know that there seems to be a problem with the
> new ClamAV and ZIP files: I get a lot of:
> Dec 12 12:37:52 <http://132.210.244.93> MailScanner warning: numerical
> links are often malicious: 132.210.244.93 MailScanner[31880]:
> ClamAVModule::INFECTED:: Oversized.Zip::
> ./kBCHaqdS004063/BIOMETISS_BIOREACTEUR_07-12-2006.zip
>
> I had none yesterday and I have 20 since upgrading Clam this morning.
>
> Denis
>
> --
> _
> °v° Denis Beauchemin, analyste
> /(_)\ Université de Sherbrooke, S.T.I.
> ^ ^ T: 819.821.8000x62252 F: 819.821.8045
>
>
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> <mailto:mailscanner at lists.mailscanner.info>
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
> <http://lists.mailscanner.info/mailman/listinfo/mailscanner>
>
> Before posting, read http://wiki.mailscanner.info/posting
> <http://wiki.mailscanner.info/posting>
>
> Support MailScanner development - buy the book off the website!
>
>
>
>
>
> If anyone is still seeing this problem, we found that it's fixed by
> force reinstalling the clamav perl module. According to the clamav
> developers:
>
> Due to the changes in libclamav, 0.88.7 is not binary compatible with
> previous
> versions. To solve the issues you have to recompile all the software
> which is
> linked against libclamav.
>
>
>
More information about the MailScanner
mailing list