[ANNOUNCEMENT] Updated: clamav-0.96-1

public inbox for cygwin@cygwin.com
 help / color / mirror / Atom feed

* [ANNOUNCEMENT] Updated: clamav-0.96-1
@ 2010-04-26 23:30 Reini Urban
  2010-04-26 23:44 ` Yaakov (Cygwin/X)
  0 siblings, 1 reply; 3+ messages in thread
From: Reini Urban @ 2010-04-26 23:30 UTC (permalink / raw)
  To: cygwin

I've made a new version of clamav available for installation,
including, libclamav6, libclamav-devel, clamav-db.
This is a feature release keeping the same dll version. Nice.
Run freshclam after the update.

Problems:
* Spurious "LibClamAV Warning: fmap_aging: kernel hates you" messages.
* Huge package size: cygclamav-6.dll went from 720KB to 10MB
   stripped, because llvm is linked statically.
   clamav-db went from 23.9MB to 24.1MB. There's a new
   bytecode.cvd archive, which you will download with freshclam.
* Possible new false positives:
   Due to the new llvm-based bytecode interpreter some false
   positives with unstripped/hyphened SSN data were reported.
   Also PS and PDF files have been reported as false positives on the
   clamav-devel list.

Project description:
Clam AntiVirus is an anti-virus toolkit. It provides a number of
utilities, including a flexible and scalable multi-threaded daemon, a
commandline scanner, and a tool for automatic database updates. The
core of the package is an anti-virus engine available as a shared
library.

               *** CYGWIN-ANNOUNCE UNSUBSCRIBE INFO ***

If you want to unsubscribe from the cygwin-announce mailing list, please
use the automated form at:

http://cygwin.com/lists.html#subscribe-unsubscribe

If this does not work, then look at the "List-Unsubscribe: " tag in the
email header of this message.  Send email to the address specified
there.  It will be in the format:

cygwin-announce-unsubscribe-you=yourdomain.com@cygwin.com

If you need more information on unsubscribing, start reading here:

http://sourceware.org/lists.html#unsubscribe-simple

Please read *all* of the information on unsubscribing that is available
starting at this URL.

======================================================================

Cygwin changes:
----- version 0.96-1 -----
* lndirs ${B}/libclamav/c++/llvm
* DIRENT_MISSING_D_INO check is now ignored upstream.
   Only cygwin-1.7 supported
* still libclamav6
* adapted libclamav6.hint dependencies
* cygport falsely reports a libtool check error on postinstall.
   I changed this locally from error to warn.

New major upstream features:

1. The Bytecode Interpreter - The Bytecode Interpreter allows ClamAV 
sig-makers to create very complex AV signatures for complex pieces of 
malware.  This is a pretty major addition to the detection technologies 
inside of ClamAV.

2. Native Windows Support - ClamAV will now build natively under Visual 
Studio. This will allow 3rd Party application developers on windows to 
easily integrate LibClamAV into their applications.

3. UPX 3.0 unpacking support - Add support to decompressing UPX version 
3.0 packed applications.

4. 7zip archive support - Add support for decompressing 7zip archives 
and inspecting their contents.

5. OSX Mach-O support - Add support for parsing OSX Mach-O binaries 
files and intelligently inspecting their contents

6. 64-bit ELF support - Add support for intelligently parsing and 
detecting malware in 64-Bit ELF binaries.

7. InstallShield archives support - Add support for unpacking and 
inspecting the contents of InstallShield archives.

8. CPIO archive support - Add support for unpacking and inspecting the 
contents of CPIO archives.

9. Heuristic improvements - Improve the PE heuristics detection engine 
by adding support of bogus icons and fake PE header information. In a 
nutshell, ClamAV can now detect malware that tries to disguise itself as 
a harmless application by using the most common Windows program icons.

10. Performance improvements - Overall performance improvements and 
memory optimizations for a better overall resource utilization experience.

11. Signature Improvements - Logical signature improvements to allow 
referencing groups of signatures.  Additionally, improvements to 
wildcard matching on word boundaries and newlines.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [ANNOUNCEMENT] Updated: clamav-0.96-1
  2010-04-26 23:30 [ANNOUNCEMENT] Updated: clamav-0.96-1 Reini Urban
@ 2010-04-26 23:44 ` Yaakov (Cygwin/X)
  2010-04-27 18:57   ` Reini Urban
  0 siblings, 1 reply; 3+ messages in thread
From: Yaakov (Cygwin/X) @ 2010-04-26 23:44 UTC (permalink / raw)
  To: cygwin

On 2010-04-26 16:53, Reini Urban wrote:
> * Huge package size: cygclamav-6.dll went from 720KB to 10MB
> stripped, because llvm is linked statically.

clamav includes its own copy of llvm or you built it with your own llvm 
package?

> * cygport falsely reports a libtool check error on postinstall.
> I changed this locally from error to warn.

Those checks are there for a reason, and changing your copy of cygport 
won't help other people building your package from source.  What error 
are you seeing and why do you think it is incorrect?


Yaakov

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: Updated: clamav-0.96-1
  2010-04-26 23:44 ` Yaakov (Cygwin/X)
@ 2010-04-27 18:57   ` Reini Urban
  0 siblings, 0 replies; 3+ messages in thread
From: Reini Urban @ 2010-04-27 18:57 UTC (permalink / raw)
  To: cygwin

Yaakov (Cygwin/X) schrieb:
> On 2010-04-26 16:53, Reini Urban wrote:
>> * Huge package size: cygclamav-6.dll went from 720KB to 10MB
>> stripped, because llvm is linked statically.
>
> clamav includes its own copy of llvm or you built it with your own llvm
> package?

The former of course. If my llvm package would be ready it would be much 
smaller because then I would have linked it dynamically.

>> * cygport falsely reports a libtool check error on postinstall.
>> I changed this locally from error to warn.
>
> Those checks are there for a reason, and changing your copy of cygport
> won't help other people building your package from source.
 > What error are you seeing and why do you think it is incorrect?

You are right, my mistake. All the import libs .dll.a are missing.
I'll fix that soon, but not today.

It was at:
/usr/lib/cygport/src_postinst.cygpart: line 569
#check that all library members were installed
-- 
Reini Urban
http://phpwiki.org/  http://murbreak.at/

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2010-04-27 18:57 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2010-04-26 23:30 [ANNOUNCEMENT] Updated: clamav-0.96-1 Reini Urban
2010-04-26 23:44 ` Yaakov (Cygwin/X)
2010-04-27 18:57   ` Reini Urban

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).