Bug 2171869 - daily.cvd in clamav-0.103.8-1 fails md5sum by clamscan
Summary: daily.cvd in clamav-0.103.8-1 fails md5sum by clamscan
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: clamav
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Sergio Basto
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-02-20 16:54 UTC by Neil Hanlon
Modified: 2023-03-01 02:55 UTC (History)
12 users (show)

Fixed In Version: clamav-0.103.8-3.fc36 clamav-0.103.8-3.fc37 clamav-0.103.8-3.el7 clamav-0.103.8-3.el8 clamav-0.103.8-3.el9
Clone Of:
Environment:
Last Closed: 2023-02-21 01:54:11 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 2170297 0 unspecified CLOSED clamav-1.4.1 is available 2024-10-25 05:37:10 UTC

Description Neil Hanlon 2023-02-20 16:54:49 UTC 
Description of problem:

clamav-0.103.8-1 in Fedora & EPEL from [1] has a daily.cvd database which displays an error to the user when running clamscan due to failed signature verification of daily.cvd:

```
LibClamAV Error: Can't load /var/lib/clamav/daily.cvd: Can't verify database integrity
LibClamAV Error: cli_loaddbdir(): error loading database /var/lib/clamav/daily.cvd
ERROR: Can't verify database integrity
```

(trimmed for brevity)

With debug on, the following is printed:

```
LibClamAV debug: Loading databases from /var/lib/clamav
LibClamAV debug: in cli_cvdload()
LibClamAV debug: MD5(.tar.gz) = 9a3223dfc90446e2384856212b2a446f
LibClamAV debug: cli_cvdverify: MD5 verification error
```

Version-Release number of selected component (if applicable): clamav-0.103.8-1


How reproducible: Always


Steps to Reproduce:
1. Install release 0.103.8-1 of clamav-data
2. Run a clamscan command e.g. `clamscan --infected --recursive .`

Actual results:

The scan results in error messages like the above.

Expected results:

Scan completes without an error message regarding the database integrity

Additional info:

This can be mitigated by using `freshclam` provided by `clamav-update` to upgrade to a newer CVD manually.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=2170297
Comment 1 Fedora Update System 2023-02-20 17:09:32 UTC 
FEDORA-EPEL-2023-d1e7c4387e has been submitted as an update to Fedora EPEL 9. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-d1e7c4387e
Comment 2 Fedora Update System 2023-02-20 17:09:33 UTC 
FEDORA-2023-e272374534 has been submitted as an update to Fedora 37. https://bodhi.fedoraproject.org/updates/FEDORA-2023-e272374534
Comment 3 Fedora Update System 2023-02-20 17:09:34 UTC 
FEDORA-EPEL-2023-466d8ae059 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-466d8ae059
Comment 4 Fedora Update System 2023-02-20 17:09:34 UTC 
FEDORA-2023-3ba365d538 has been submitted as an update to Fedora 36. https://bodhi.fedoraproject.org/updates/FEDORA-2023-3ba365d538
Comment 5 Fedora Update System 2023-02-20 17:09:35 UTC 
FEDORA-EPEL-2023-5cb6798308 has been submitted as an update to Fedora EPEL 8. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-5cb6798308
Comment 6 Fedora Update System 2023-02-21 01:23:25 UTC 
FEDORA-2023-e272374534 has been pushed to the Fedora 37 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-e272374534`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-e272374534

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 7 Fedora Update System 2023-02-21 01:53:32 UTC 
FEDORA-EPEL-2023-d1e7c4387e has been pushed to the Fedora EPEL 9 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-d1e7c4387e

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 8 Fedora Update System 2023-02-21 01:54:11 UTC 
FEDORA-2023-3ba365d538 has been pushed to the Fedora 36 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 9 Fedora Update System 2023-02-21 02:06:49 UTC 
FEDORA-EPEL-2023-466d8ae059 has been pushed to the Fedora EPEL 7 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-466d8ae059

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 10 Fedora Update System 2023-02-21 02:23:26 UTC 
FEDORA-EPEL-2023-5cb6798308 has been pushed to the Fedora EPEL 8 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-5cb6798308

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 11 Fedora Update System 2023-02-22 10:11:50 UTC 
FEDORA-2023-e272374534 has been pushed to the Fedora 37 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 12 Fedora Update System 2023-02-22 10:39:45 UTC 
FEDORA-EPEL-2023-466d8ae059 has been pushed to the Fedora EPEL 7 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 13 Fedora Update System 2023-03-01 00:35:05 UTC 
FEDORA-EPEL-2023-5cb6798308 has been pushed to the Fedora EPEL 8 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 14 Fedora Update System 2023-03-01 02:55:41 UTC 
FEDORA-EPEL-2023-d1e7c4387e has been pushed to the Fedora EPEL 9 stable repository.
If problem still persists, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.