Bug 1539030
Summary: | CVE-2017-12374 CVE-2017-12375 CVE-2017-12376 CVE-2017-12377 CVE-2017-12378 CVE-2017-12379 CVE-2017-12380 | ||
---|---|---|---|
Product: | [Fedora] Fedora EPEL | Reporter: | Ruben Püttmann <ruben> |
Component: | clamav | Assignee: | Robert Scheck <redhat-bugzilla> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | urgent | Docs Contact: | |
Priority: | unspecified | ||
Version: | epel7 | CC: | andreas.moog, bennie.joubert, customercare, gbcox, janfrode, j, ondrejj, orion, redhat-bugzilla, rh-bugzilla, sergio, steve |
Target Milestone: | --- | Keywords: | Reopened |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | clamav-0.99.3-1.el7 clamav-0.99.3-8.el6 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2018-03-02 16:02:51 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Ruben Püttmann
2018-01-26 13:02:25 UTC
Info: 0.99.3. Build is ready. We installed it on serveral servers, no problems yet. Architecture used: X86_64 + i686 packages. clamav-0.99.3-1.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-685990fa70 clamav-0.99.3-1.el6 has been submitted as an update to Fedora EPEL 6. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-369a48191f First Bugreport from Fedora 26 X86_64 Server was not able to start clamd after a reboot (4:34 am) Jan 27 04:05:29 s113 clamd[29825]: SelfCheck: Database status OK. Jan 27 04:15:30 s113 clamd[29825]: SelfCheck: Database status OK. Jan 27 04:25:30 s113 clamd[29825]: SelfCheck: Database status OK. Jan 27 04:31:22 s113 systemd[1]: Stopping Clamd Exim An Interface Between MTA And Content Checkers... Jan 27 04:31:23 s113 clamd[29825]: Pid file removed. Jan 27 04:31:23 s113 clamd[29825]: --- Stopped at Sat Jan 27 04:31:23 2018 Jan 27 04:31:23 s113 clamd[29825]: Socket file removed. Jan 27 04:31:23 s113 systemd[1]: Stopped Clamd Exim An Interface Between MTA And Content Checkers. Jan 27 04:34:06 s113 systemd[1]: Starting Clamd Exim An Interface Between MTA And Content Checkers... Jan 27 04:34:08 s113 clamd[739]: Received 0 file descriptor(s) from systemd. Jan 27 04:34:08 s113 clamd[739]: clamd daemon 0.99.3 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64) Jan 27 04:34:08 s113 clamd[739]: Running as user exim (UID 93, GID 93) Jan 27 04:34:08 s113 clamd[739]: Log file size limited to 1048576 bytes. Jan 27 04:34:08 s113 clamd[739]: Reading databases from /var/lib/clamav Jan 27 04:34:08 s113 clamd[739]: Not loading PUA signatures. Jan 27 04:34:08 s113 clamd[739]: Bytecode: Security mode set to "TrustSigned". Jan 27 04:35:36 s113 systemd[1]: clamd.exim.service: Start operation timed out. Terminating. Jan 27 04:35:36 s113 systemd[1]: Failed to start Clamd Exim An Interface Between MTA And Content Checkers. Jan 27 04:35:36 s113 systemd[1]: clamd.exim.service: Unit entered failed state. Jan 27 04:35:36 s113 systemd[1]: clamd.exim.service: Failed with result 'timeout'. After i started it by hand, it complained about a duplicate database : Jan 27 10:14:40 s113 systemd[1]: Starting Clamd Exim An Interface Between MTA And Content Checkers... Jan 27 10:14:41 s113 clamd[7710]: Received 0 file descriptor(s) from systemd. Jan 27 10:14:41 s113 clamd[7710]: clamd daemon 0.99.3 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64) Jan 27 10:14:41 s113 clamd[7710]: Running as user exim (UID 93, GID 93) Jan 27 10:14:41 s113 clamd[7710]: Log file size limited to 1048576 bytes. Jan 27 10:14:41 s113 clamd[7710]: Reading databases from /var/lib/clamav Jan 27 10:14:41 s113 clamd[7710]: Not loading PUA signatures. Jan 27 10:14:41 s113 clamd[7710]: Bytecode: Security mode set to "TrustSigned". Jan 27 10:14:55 s113 clamd[7710]: LibClamAV Warning: Detected duplicate databases /var/lib/clamav/main.cvd and /var/lib/clamav/main.cld, please manually remove one of them Jan 27 10:14:56 s113 clamd[7710]: LibClamAV Warning: Detected duplicate databases /var/lib/clamav/bytecode.cvd and /var/lib/clamav/bytecode.cld, please manually remove one of them Jan 27 10:14:56 s113 clamd[7710]: Loaded 6397212 signatures. Jan 27 10:14:58 s113 clamd[7710]: LOCAL: Unix socket file /var/run/clamd.exim/clamd.sock Jan 27 10:14:58 s113 clamd[7710]: LOCAL: Setting connection queue length to 200 Jan 27 10:14:58 s113 clamd[7715]: Limits: Global size limit set to 104857600 bytes. Jan 27 10:14:58 s113 clamd[7715]: Limits: File size limit set to 26214400 bytes. Jan 27 10:14:58 s113 clamd[7715]: Limits: Recursion level limit set to 16. Jan 27 10:14:58 s113 clamd[7715]: Limits: Files limit set to 10000. Jan 27 10:14:58 s113 clamd[7715]: Limits: MaxEmbeddedPE limit set to 10485760 bytes. Jan 27 10:14:58 s113 clamd[7715]: Limits: MaxHTMLNormalize limit set to 10485760 bytes. Jan 27 10:14:58 s113 clamd[7715]: Limits: MaxHTMLNoTags limit set to 2097152 bytes. Jan 27 10:14:58 s113 clamd[7715]: Limits: MaxScriptNormalize limit set to 5242880 bytes. Jan 27 10:14:58 s113 clamd[7715]: Limits: MaxZipTypeRcg limit set to 1048576 bytes. Jan 27 10:14:58 s113 clamd[7715]: Limits: MaxPartitions limit set to 50. Jan 27 10:14:58 s113 clamd[7715]: Limits: MaxIconsPE limit set to 100. Jan 27 10:14:58 s113 clamd[7715]: Limits: MaxRecHWP3 limit set to 16. Jan 27 10:14:58 s113 clamd[7715]: Limits: PCREMatchLimit limit set to 10000. Jan 27 10:14:58 s113 clamd[7715]: Limits: PCRERecMatchLimit limit set to 5000. Jan 27 10:14:58 s113 clamd[7715]: Limits: PCREMaxFileSize limit set to 26214400. Jan 27 10:14:58 s113 clamd[7715]: Archive support enabled. Jan 27 10:14:58 s113 clamd[7715]: Algorithmic detection enabled. Jan 27 10:14:58 s113 clamd[7715]: Portable Executable support enabled. Jan 27 10:14:58 s113 clamd[7715]: ELF support enabled. Jan 27 10:14:58 s113 clamd[7715]: Mail files support enabled. Jan 27 10:14:58 s113 clamd[7715]: OLE2 support enabled. Jan 27 10:14:58 s113 clamd[7715]: PDF support enabled. Jan 27 10:14:58 s113 clamd[7715]: SWF support enabled. Jan 27 10:14:58 s113 clamd[7715]: HTML support enabled. Jan 27 10:14:58 s113 clamd[7715]: XMLDOCS support enabled. Jan 27 10:14:58 s113 clamd[7715]: HWP3 support enabled. Jan 27 10:14:58 s113 clamd[7715]: Self checking every 600 seconds. Jan 27 10:15:00 s113 systemd[1]: Started Clamd Exim An Interface Between MTA And Content Checkers. -rw-r--r-- 1 clamupdate clamupdate 766976 10. Dez 04:25 bytecode.cld -rw-r--r-- 1 clamupdate clamupdate 153228 9. Jan 01:24 bytecode.cvd -rw-r--r-- 1 clamupdate clamupdate 131275264 27. Jan 03:01 daily.cld -rw-r--r-- 1 clamupdate clamupdate 307499008 10. Dez 04:24 main.cld -rw-r--r-- 1 clamupdate clamupdate 117892267 9. Jan 01:28 main.cvd -rw------- 1 clamupdate clamupdate 2236 27. Jan 10:24 mirrors.dat i removed the .cld files, they don't look right in my eyes. For moments tough that was a bad update of .cvd files and I unpush epel7 0.99.2-18 build. But "Detected duplicate databases" is usual and not a problem, .cvd and .cld files are supposed to be identical, so yes you would use one or the other. cvd is a compressed file and cld is not. daily.cvd is from clamav-data and daily.cld is downloaded with clamav-update and they are marked as ghostfiles in clamav.spec (for package clamav-update) i.e. file is empty in package , so must be downloaded . In short if you update databases you should remove .cvd (rm *cvd) you may also do: dnf install clamav-data-empty --allowerasing 2nd thing you mention that you started the service manually, but now start , stop and restart works well ? maybe it is just because service changed the type ... . clamav-0.99.3-1.el6 has been pushed to the Fedora EPEL 6 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-369a48191f clamav-0.99.3-1.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-685990fa70 clamav-0.99.3-1.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report. clamav-0.99.3-8.el6 has been submitted as an update to Fedora EPEL 6. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-be69c94866 clamav-0.99.3-8.el6 has been pushed to the Fedora EPEL 6 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-be69c94866 clamav-0.99.3-8.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report. |