Bug 579370 - Update to newest version 0.96
Summary: Update to newest version 0.96
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: clamav
Version: el5
Hardware: All
OS: Linux
low
high
Target Milestone: ---
Assignee: Steven Pritchard
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
: 461845 532695 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-04-04 17:43 UTC by Michael Arnold
Modified: 2011-04-06 22:52 UTC (History)
12 users (show)

Fixed In Version: clamav-0.97-12.el5
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-03-26 18:58:08 UTC


Attachments (Terms of Use)

Description Michael Arnold 2010-04-04 17:43:52 UTC
Please update to version 0.96.

http://lurker.clamav.net/message/20100331.203901.0d247020.en.html

FreshClam complains:

ClamAV update process started at Sun Apr  4 09:44:19 2010
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.95.3 Recommended version: 0.96
DON'T PANIC! Read http://www.clamav.net/support/faq

Comment 1 James Ralston 2010-05-07 15:46:39 UTC
This morning, the ClamAV team released an update (daily.cvd 10938) that caused a segmentation fault in all ClamAV versions older than 0.96 on 32 bit systems:

http://lurker.clamav.net/message/20100507.110656.573e90d7.en.html

Reading between the lines, the reason why this happened is because all ClamAV versions older than 0.96 are (unofficially) deprecated in the eyes of the ClamAV team, to the point where they weren't even bothering to test if signature updates caused 0.95.* versions to crash.

Regardless of whether the ClamAV team is now testing whether signature updates break pre-0.96 versions of ClamAV, we should fully expect that they will (unintentionally) find other ways to break pre-0.96 versions of ClamAV, because all pre-0.96 versions are clearly deprecated in their eyes, even if "officially" they aren't. That means that upgrading to 0.96 is critically important.

Mike, as the reporter, please change the Priority/Severity of this bug to high/high. Thanks.

Comment 2 Michael Arnold 2010-05-09 19:21:30 UTC
Updated Severity to high (priority appears unchangeable by me).

I have also packaged 0.96 for EL5 in the RazorsEdge testing repository.  Feel free to take it for a spin.
http://rpm.razorsedge.org/centos-5/RE-test/repodata/repoview/clamav-0-0.96-1.el5.re.html

Comment 3 Mark Chappell 2010-09-15 07:45:50 UTC
*** Bug 461845 has been marked as a duplicate of this bug. ***

Comment 4 Mark Chappell 2010-09-15 07:45:51 UTC
*** Bug 532695 has been marked as a duplicate of this bug. ***

Comment 5 Jan-Frode Myklebust 2011-02-12 13:37:11 UTC
Again the clamav virus definitionas was updated with signatures incompatible with the 0.95.1 version in EPEL, causing clamd to die. Ref:

http://thread.gmane.org/gmane.comp.security.virus.clamav.user/36072

The clamav team claims to only be testing updates against the two latest releases, so 0.95.x has a very real risk of running into this problem again.

Comment 6 Fedora Update System 2011-03-04 01:10:11 UTC
Package clamav-0.97-3.el6:
* should fix your issue,
* was pushed to the Fedora EPEL 6 updates-testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing clamav-0.97-3.el6'
as soon as you are able to, then reboot.
Please go to the following url:
https://admin.fedoraproject.org/updates/clamav-0.97-3.el6
then log in and leave karma (feedback).

Comment 7 Fedora Update System 2011-03-04 01:53:12 UTC
Package clamav-0.97-3.el4:
* should fix your issue,
* was pushed to the Fedora EPEL 4 updates-testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing clamav-0.97-3.el4'
as soon as you are able to, then reboot.
Please go to the following url:
https://admin.fedoraproject.org/updates/clamav-0.97-3.el4
then log in and leave karma (feedback).

Comment 8 Fedora Update System 2011-03-04 05:54:30 UTC
clamav-0.97-3.el4 has been pushed to the Fedora EPEL 4 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update clamav'.  You can provide feedback for this update here: https://admin.fedoraproject.org/updates/clamav-0.97-3.el4

Comment 9 Jan-Frode Myklebust 2011-03-04 08:25:24 UTC
Looks like it was mistakingly pushed twice to EPEL4, and EPEL5 was forgotten. Could you please also push it to EPEL5 repo?

Comment 10 Nick Bebout 2011-03-04 22:33:01 UTC
We're working on it.  The new update breaks amavisd-new in EPEL5.  The update was pushed to EPEL4 and EPEL6

If you want, you can try the builds from http://kojipkgs.fedoraproject.org/packages/clamav/0.97/3.el5/

Please note these will require either using the freshclam.conf.rpmnew and clamd.conf.rpmnew or modifying a few lines in your existing confs

Comment 11 Fedora Update System 2011-03-10 16:30:54 UTC
clamav-0.97-3.el6 has been submitted as an update for Fedora EPEL 6.
https://admin.fedoraproject.org/updates/clamav-0.97-3.el6

Comment 12 Fedora Update System 2011-03-13 21:27:14 UTC
clamav-0.97-4.el4 has been submitted as an update for Fedora EPEL 4.
https://admin.fedoraproject.org/updates/clamav-0.97-4.el4

Comment 13 Orion Poplawski 2011-03-14 16:24:48 UTC
It appears that /etc/sysconfig/clamav-milter is not correct.  It specifies a bunch of options that are no longer recognized:

Starting Clamav Milter Daemon: clamav-milter: unrecognized option `--force-scan'
Starting Clamav Milter Daemon: clamav-milter: unrecognized option `--local'
Starting Clamav Milter Daemon: clamav-milter: unrecognized option `--max-children=4'

etc.  According to the help and man page, only takes --config-file, and that points to /etc/clamd.conf.  The SOCKET_ADDRESS option is bogus too.

Also, I think you want to change the clamav-milter.conf file to run as user clam.

Comment 14 Fedora Update System 2011-03-15 14:36:25 UTC
clamav-0.97-9.el6 has been submitted as an update for Fedora EPEL 6.
https://admin.fedoraproject.org/updates/clamav-0.97-9.el6

Comment 15 Fedora Update System 2011-03-15 14:37:30 UTC
clamav-0.97-9.el4 has been submitted as an update for Fedora EPEL 4.
https://admin.fedoraproject.org/updates/clamav-0.97-9.el4

Comment 16 Fedora Update System 2011-03-15 14:38:01 UTC
clamav-0.97-9.el5 has been submitted as an update for Fedora EPEL 5.
https://admin.fedoraproject.org/updates/clamav-0.97-9.el5

Comment 17 Jan-Frode Myklebust 2011-03-16 08:15:14 UTC
Orion Poplawski: fyi the new testing release has removed all but the --config-file option and SOCKET_ADDRESS from /etc/sysconfig/clamav-milter. 

I did not change your already installed clamav-milter.conf to run as user clam.. think that will have to be a manual fix when upgrading.

Would appreciate if you can test, and maybe comment on if it works for you or not on the admin.fedoraproject.org links above.

Comment 18 Orion Poplawski 2011-03-17 15:02:22 UTC
- Why have:

CLAMAV_FLAGS="
        --config-file=/etc/clamd.conf

in /etc/sysconfig/clamav-milter?  The config file for clamav-milter is /etc/clamav-milter.conf, which is the default.  I would just have an empty CLAMAV_FLAGS.

- You don't need SOCKET_ADDRESS in /etc/init.d/clamav-milter, as you can't specify one on the command line.

- You really should change the default user in /etc/clamav-milter.conf to clam.  It's just going to confuse people.

- Change the example unix ClamdSocket to /var/run/clamav/clamd.sock

Comment 19 Jan-Frode Myklebust 2011-03-17 22:02:20 UTC
Thanks for the feedback. I´ll get this fixed tomorrow and push out a new release.

Comment 20 Fedora Update System 2011-03-18 09:11:20 UTC
clamav-0.97-11.el6 has been submitted as an update for Fedora EPEL 6.
https://admin.fedoraproject.org/updates/clamav-0.97-11.el6

Comment 21 Fedora Update System 2011-03-18 09:12:10 UTC
clamav-0.97-11.el5 has been submitted as an update for Fedora EPEL 5.
https://admin.fedoraproject.org/updates/clamav-0.97-11.el5

Comment 22 Fedora Update System 2011-03-18 09:12:53 UTC
clamav-0.97-11.el4 has been submitted as an update for Fedora EPEL 4.
https://admin.fedoraproject.org/updates/clamav-0.97-11.el4

Comment 23 Fedora Update System 2011-03-26 18:57:00 UTC
clamav-0.97-11.el5 has been pushed to the Fedora EPEL 5 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 24 Fedora Update System 2011-03-26 18:59:26 UTC
clamav-0.97-11.el6 has been pushed to the Fedora EPEL 6 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 25 Fedora Update System 2011-03-30 10:46:49 UTC
clamav-0.97-12.el6 has been submitted as an update for Fedora EPEL 6.
https://admin.fedoraproject.org/updates/clamav-0.97-12.el6

Comment 26 Fedora Update System 2011-03-30 10:47:43 UTC
clamav-0.97-12.el4 has been submitted as an update for Fedora EPEL 4.
https://admin.fedoraproject.org/updates/clamav-0.97-12.el4

Comment 27 Fedora Update System 2011-03-30 10:48:30 UTC
clamav-0.97-12.el5 has been submitted as an update for Fedora EPEL 5.
https://admin.fedoraproject.org/updates/clamav-0.97-12.el5

Comment 28 Fedora Update System 2011-04-06 22:52:03 UTC
clamav-0.97-12.el5 has been pushed to the Fedora EPEL 5 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.