ClamAV 1.4.0 includes the following improvements and changes:
Major changes
-
Added support for extracting ALZ archives.
The new ClamAV file type for ALZ archives isCL_TYPE_ALZ.
Added a DCONF
option to enable or disable ALZ archive support.Tip: DCONF (Dynamic CONFiguration) is a feature that allows for some
configuration changes to be made via ClamAV.cfg"signatures". -
Added support for extracting LHA/LZH archives.
The new ClamAV file type for LHA/LZH archives isCL_TYPE_LHA_LZH.
Added a DCONF
option to enable or disable LHA/LZH archive support. -
Added the ability to disable image fuzzy hashing, if needed. For context,
image fuzzy hashing is a detection mechanism useful for identifying malware
by matching images included with the malware or phishing email/document.New ClamScan options:
--scan-image[=yes(*)/no] --scan-image-fuzzy-hash[=yes(*)/no]New ClamD config options:
ScanImage yes(*)/no ScanImageFuzzyHash yes(*)/noNew libclamav scan options:
options.parse &= ~CL_SCAN_PARSE_IMAGE; options.parse &= ~CL_SCAN_PARSE_IMAGE_FUZZY_HASH;
Added a DCONF
option to enable or disable image fuzzy hashing support.
Other improvements
-
Added cross-compiling instructions for targeting ARM64/aarch64 processors for
Windows
and
Linux. -
Improved the Freshclam warning messages when being blocked or rate limited
so as to include the Cloudflare Ray ID, which helps with issue triage. -
Removed unnecessary memory allocation checks when the size to be allocated
is fixed or comes from a trusted source.
We also renamed internal memory allocation functions and macros, so it is
more obvious what each function does. -
Improved the Freshclam documentation to make it clear that the
--datadir
option must be an absolute path to a directory that already exists, is
writable by Freshclam, and is readable by ClamScan and ClamD. -
Added an optimization to avoid calculating the file hash if the clean file
cache has been disabled. The file hash may still be calculated as needed to
perform hash-based signature matching if any hash-based signatures exist that
target a file of the same size, or if any hash-based signatures exist that
target "any" file size. -
Added an improvement to the SystemD service file for ClamOnAcc so that the
service will shut down faster on some systems. -
Added a CMake build dependency on the version map files so that the build
will re-run if changes are made to the version map files.
Work courtesy of Sebastian Andrzej Siewior. -
Added an improvement to the CMake build so that the RUSTFLAGS settings
are inherited from the environment.
Work courtesy of liushuyu.
Bug fixes
-
Silenced confusing warning message when scanning some HTML files.
-
Fixed minor compiler warnings.
-
Since the build system changed from Autotools to CMake, ClamAV no longer
supports building with configurations where bzip2, libxml2, libz, libjson-c,
or libpcre2 are not available. Libpcre is no longer supported in favor of
libpcre2. In this release, we removed all the dead code associated with those
unsupported build configurations. -
Fixed assorted typos. Patch courtesy of RainRat.
-
Added missing documentation for the ClamScan
--force-to-diskoption. -
Fixed an issue where ClamAV unit tests would prefer an older
libclamunrar_iface library from the install path, if present, rather than
the recently compiled library in the build path. -
Fixed a build issue on Windows with newer versions of Rust.
Also upgraded GitHub Actions imports to fix CI failures.
Fixes courtesy of liushuyu. -
Fixed an unaligned pointer dereference issue on select architectures.
Fix courtesy of Sebastian Andrzej Siewior. -
Fixed a bug that prevented loading plaintext (non-CVD) signature files
when using the--fail-if-cvd-older-than=DAYS/FailIfCvdOlderThanoption.
Fix courtesy of Bark.
Acknowledgments
Special thanks to the following people for code contributions and bug reports:
- Bark
- liushuyu
- Sebastian Andrzej Siewior
- RainRat