ClamAV 1.4.0 Release Candidate includes the following improvements and changes:
Major changes
-
Added support for extracting ALZ archives.
The new ClamAV file type for ALZ archives isCL_TYPE_ALZ
.
Added a DCONF option to enable or disable ALZ archive support.Tip: DCONF (Dynamic CONFiguration) is a feature that allows for some configuration changes to be made via ClamAV
.cfg
"signatures". -
Added support for extracting LHA/LZH archives.
The new ClamAV file type for ALZ archives isCL_TYPE_LHA_LZH
.
Added a DCONF option to enable or disable LHA/LZH archive support. -
Added the ability to disable image fuzzy hashing, if needed. For context, image fuzzy hashing is a detection mechanism useful for identifying malware by matching images included with the malware or phishing email/document.
New ClamScan options:
--scan-image[=yes(*)/no] --scan-image-fuzzy-hash[=yes(*)/no]
New ClamD config options:
ScanImage yes(*)/no ScanImageFuzzyHash yes(*)/no
New libclamav scan options:
options.parse &= ~CL_SCAN_PARSE_IMAGE; options.parse &= ~CL_SCAN_PARSE_IMAGE_FUZZY_HASH;
Added a DCONF option to enable or disable image fuzzy hashing support.
Other improvements
-
Added cross-compiling instructions for targeting ARM64/aarch64 processors for Windows and Linux.
-
Improved the Freshclam warning messages when being blocked or rate limited so as to include the Cloudflare Ray ID, which helps with issue triage.
-
Removed unnecessary memory allocation checks when the size to be allocated is fixed or comes from a trusted source.
We also renamed internal memory allocation functions and macros, so it is more obvious what each function does. -
Improved the Freshclam documentation to make it clear that the
--datadir
option must be an absolute path to a directory that already exists, is writable by Freshclam, and is readable by ClamScan and ClamD. -
Added an optimization to avoid calculating the file hash if the clean file cache has been disabled. The file hash may still be calculated as needed to perform hash-based signature matching if any hash-based signatures exist that target a file of the same size, or if any hash-based signatures exist that target "any" file size.
-
Added an improvement to the SystemD service file for ClamOnAcc so that the service will shut down faster on some systems.
Bug fixes
-
Silenced confusing warning message when scanning some HTML files.
-
Fixed minor compiler warnings.
-
Since the build system changed from Autotools to CMake, ClamAV no longer supports building with configurations where bzip2, libxml2, libz, libjson-c, or libpcre2 are not available. Libpcre is no longer supported in favor of libpcre2. In this release, we removed all the dead code associated with those unsupported build configurations.
-
Fixed assorted typos. Patch courtesy of RainRat.
-
Added missing documentation for the ClamScan
--force-to-disk
option. -
Fixed an issue where ClamAV unit tests would prefer an older libclamunrar_iface library from the install path, if present, rather than
the recently compiled library in the build path.
Acknowledgments
Special thanks to the following people for code contributions and bug reports:
- RainRat