Skip to content

ClamAV 1.4.0

Compare
Choose a tag to compare
@micahsnyder micahsnyder released this 15 Aug 16:02
· 23 commits to main since this release
cad552d

ClamAV 1.4.0 includes the following improvements and changes:

Major changes

  • Added support for extracting ALZ archives.
    The new ClamAV file type for ALZ archives is CL_TYPE_ALZ.
    Added a DCONF
    option to enable or disable ALZ archive support.

    Tip: DCONF (Dynamic CONFiguration) is a feature that allows for some
    configuration changes to be made via ClamAV .cfg "signatures".

  • Added support for extracting LHA/LZH archives.
    The new ClamAV file type for LHA/LZH archives is CL_TYPE_LHA_LZH.
    Added a DCONF
    option to enable or disable LHA/LZH archive support.

  • Added the ability to disable image fuzzy hashing, if needed. For context,
    image fuzzy hashing is a detection mechanism useful for identifying malware
    by matching images included with the malware or phishing email/document.

    New ClamScan options:

    --scan-image[=yes(*)/no]
    --scan-image-fuzzy-hash[=yes(*)/no]
    

    New ClamD config options:

    ScanImage yes(*)/no
    ScanImageFuzzyHash yes(*)/no
    

    New libclamav scan options:

    options.parse &= ~CL_SCAN_PARSE_IMAGE;
    options.parse &= ~CL_SCAN_PARSE_IMAGE_FUZZY_HASH;

    Added a DCONF
    option to enable or disable image fuzzy hashing support.

Other improvements

  • Added cross-compiling instructions for targeting ARM64/aarch64 processors for
    Windows
    and
    Linux.

  • Improved the Freshclam warning messages when being blocked or rate limited
    so as to include the Cloudflare Ray ID, which helps with issue triage.

  • Removed unnecessary memory allocation checks when the size to be allocated
    is fixed or comes from a trusted source.
    We also renamed internal memory allocation functions and macros, so it is
    more obvious what each function does.

  • Improved the Freshclam documentation to make it clear that the --datadir
    option must be an absolute path to a directory that already exists, is
    writable by Freshclam, and is readable by ClamScan and ClamD.

  • Added an optimization to avoid calculating the file hash if the clean file
    cache has been disabled. The file hash may still be calculated as needed to
    perform hash-based signature matching if any hash-based signatures exist that
    target a file of the same size, or if any hash-based signatures exist that
    target "any" file size.

  • Added an improvement to the SystemD service file for ClamOnAcc so that the
    service will shut down faster on some systems.

  • Added a CMake build dependency on the version map files so that the build
    will re-run if changes are made to the version map files.
    Work courtesy of Sebastian Andrzej Siewior.

  • Added an improvement to the CMake build so that the RUSTFLAGS settings
    are inherited from the environment.
    Work courtesy of liushuyu.

Bug fixes

  • Silenced confusing warning message when scanning some HTML files.

  • Fixed minor compiler warnings.

  • Since the build system changed from Autotools to CMake, ClamAV no longer
    supports building with configurations where bzip2, libxml2, libz, libjson-c,
    or libpcre2 are not available. Libpcre is no longer supported in favor of
    libpcre2. In this release, we removed all the dead code associated with those
    unsupported build configurations.

  • Fixed assorted typos. Patch courtesy of RainRat.

  • Added missing documentation for the ClamScan --force-to-disk option.

  • Fixed an issue where ClamAV unit tests would prefer an older
    libclamunrar_iface library from the install path, if present, rather than
    the recently compiled library in the build path.

  • Fixed a build issue on Windows with newer versions of Rust.
    Also upgraded GitHub Actions imports to fix CI failures.
    Fixes courtesy of liushuyu.

  • Fixed an unaligned pointer dereference issue on select architectures.
    Fix courtesy of Sebastian Andrzej Siewior.

  • Fixed a bug that prevented loading plaintext (non-CVD) signature files
    when using the --fail-if-cvd-older-than=DAYS / FailIfCvdOlderThan option.
    Fix courtesy of Bark.

Acknowledgments

Special thanks to the following people for code contributions and bug reports:

  • Bark
  • liushuyu
  • Sebastian Andrzej Siewior
  • RainRat