Cisco released in a blog post a significant new version of the antivirus suite Clam AV 0.104.1 in which several important changes and above all a large number of corrections have been made.
For those unaware of ClamAV you should know that this is an open source antivirus and multiplatform (It has versions for Windows, GNU / Linux, BSD, Solaris, Mac OS X and other Unix-like operating systems).
ClamAV 0.104.1 Main New Features
In this new version of the antivirus the FreshClam utility has implemented an activity suspension for 24 hours después receiving a response with a 403 code from the server. The change is intended to reduce the load on the content delivery network of clients blocked due to too frequent update requests.
It is also highlighted that Reworked logic for recursive verification and data extraction from nested filesIn addition, new restrictions were added in the definition of attachments when scanning each file.
On the other hand, it is noted that a mention of the base name of the virus was added to the text of the warnings about exceeding the limits during the scan, such as Heuristics.Limits.Exceeded.MaxFileSize, to determine the correlation between the virus and the crash.
The 'Heuristics.Email.ExceedsMax. * »Have been renamed to« Heuristics.Limits.Exceeded. * »To unify the names.
Fixed issues that caused memory leaks and crashes.
Also fixed an issue where email related scan limits alerted even when the –alert-exceeds-max parsing option "AlertExceedsMax" () was not enabled and fixes an issue in the Zip parser where exceeding the "MaxFiles" limit or the "MaxFileSize" limit would abort the scan but not alert . Aaron Leliaert and Max Allan independently identified and reported Zip scan limit issues.
Of the other changes that stand out:
- Fixed a leak in the email scanner when using the scan option. –Gen-json
- Fixed an issue where failure to log metadata to the email scanner when using the scan option could cause the email scanner to cancel the scan early and be unable to extract and scan additional content. –Gen-json
- Fixed a filename memory leak in the Zip parser.
- Addresses an issue where certain signature patterns can cause a crash or cause unwanted matches on some systems when converting characters to uppercase if a UTF-8 unicode single-byte grapheme is converted to a multi-byte grapheme.
Finally for those interested in knowing more about it About this new corrective version, you can check the details In the following link.
How to install ClamAV 0.104.0 in Ubuntu and derivatives?
For those who are interested in being able to install this antivirus on their system, they can do it in a fairly simple way and that is ClamAV is found within the repositories of most Linux distributions.
In the case of Ubuntu and its derivatives, users of these can install it from the terminal or from the system software center. If you choose to install with the Software Center, you just have to search for "ClamAV" and you should see the antivirus and the option to install it.
Now, for those who choose the option to install from the terminal they should only open one on their system (you can do it with the shortcut Ctrl + Alt + T) and in it they only have to type the following command:
sudo apt-get install clamav
And ready with it, they will have this antivirus installed on their system. Now as in all antivirus, ClamAV also has its database which downloads and takes to make comparisons in a "definitions" file. This file is a list that informs the scanner about questionable items.
Every so often it is important to be able to update this file, which we can update from the terminal, to do this simply execute:
sudo freshclam
Uninstall ClamAV
If for any reason you want to remove this antivirus from your system, just type the following in a terminal:
sudo apt remove --purge clamav