Mail Archives: cygwin/2010/04/26/19:30:50
| X-Recipient: | archive-cygwin AT delorie DOT com
|
| X-SWARE-Spam-Status: | No, hits=-0.0 required=5.0 tests=ALL_TRUSTED,BAYES_50,TW_LV,TW_YG
|
| X-Spam-Check-By: | sourceware.org
|
| X-SWARE-Spam-Status: | No, hits=1.0 required=5.0 tests=BAYES_50,RCVD_IN_DNSWL_NONE,TW_LV,TW_YG
|
| Message-Id: | <announce.4BD60B62.2000502@x-ray.at>
|
| Date: | Mon, 26 Apr 2010 23:53:38 +0200
|
| From: | Reini Urban <rurban AT x-ray DOT at>
|
| User-Agent: | Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.1.9) Gecko/20100317 SeaMonkey/2.0.4
|
| MIME-Version: | 1.0
|
| To: | cygwin AT cygwin DOT com
|
| Subject: | [ANNOUNCEMENT] Updated: clamav-0.96-1
|
| Reply-To: | cygwin AT cygwin DOT com
|
| X-IsSubscribed: | yes
|
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm
|
| List-Id: | <cygwin.cygwin.com>
|
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com>
|
| List-Archive: | <http://sourceware.org/ml/cygwin/>
|
| List-Post: | <mailto:cygwin AT cygwin DOT com>
|
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
|
| Sender: | cygwin-owner AT cygwin DOT com
|
| Mail-Followup-To: | cygwin AT cygwin DOT com
|
| Delivered-To: | mailing list cygwin AT cygwin DOT com
|
I've made a new version of clamav available for installation,
including, libclamav6, libclamav-devel, clamav-db.
This is a feature release keeping the same dll version. Nice.
Run freshclam after the update.
Problems:
* Spurious "LibClamAV Warning: fmap_aging: kernel hates you" messages.
* Huge package size: cygclamav-6.dll went from 720KB to 10MB
stripped, because llvm is linked statically.
clamav-db went from 23.9MB to 24.1MB. There's a new
bytecode.cvd archive, which you will download with freshclam.
* Possible new false positives:
Due to the new llvm-based bytecode interpreter some false
positives with unstripped/hyphened SSN data were reported.
Also PS and PDF files have been reported as false positives on the
clamav-devel list.
Project description:
Clam AntiVirus is an anti-virus toolkit. It provides a number of
utilities, including a flexible and scalable multi-threaded daemon, a
commandline scanner, and a tool for automatic database updates. The
core of the package is an anti-virus engine available as a shared
library.
*** CYGWIN-ANNOUNCE UNSUBSCRIBE INFO ***
If you want to unsubscribe from the cygwin-announce mailing list, please
use the automated form at:
http://cygwin.com/lists.html#subscribe-unsubscribe
If this does not work, then look at the "List-Unsubscribe: " tag in the
email header of this message. Send email to the address specified
there. It will be in the format:
cygwin-announce-unsubscribe-you=yourdomain DOT com AT cygwin DOT com
If you need more information on unsubscribing, start reading here:
http://sourceware.org/lists.html#unsubscribe-simple
Please read *all* of the information on unsubscribing that is available
starting at this URL.
======================================================================
Cygwin changes:
----- version 0.96-1 -----
* lndirs ${B}/libclamav/c++/llvm
* DIRENT_MISSING_D_INO check is now ignored upstream.
Only cygwin-1.7 supported
* still libclamav6
* adapted libclamav6.hint dependencies
* cygport falsely reports a libtool check error on postinstall.
I changed this locally from error to warn.
New major upstream features:
1. The Bytecode Interpreter - The Bytecode Interpreter allows ClamAV
sig-makers to create very complex AV signatures for complex pieces of
malware. This is a pretty major addition to the detection technologies
inside of ClamAV.
2. Native Windows Support - ClamAV will now build natively under Visual
Studio. This will allow 3rd Party application developers on windows to
easily integrate LibClamAV into their applications.
3. UPX 3.0 unpacking support - Add support to decompressing UPX version
3.0 packed applications.
4. 7zip archive support - Add support for decompressing 7zip archives
and inspecting their contents.
5. OSX Mach-O support - Add support for parsing OSX Mach-O binaries
files and intelligently inspecting their contents
6. 64-bit ELF support - Add support for intelligently parsing and
detecting malware in 64-Bit ELF binaries.
7. InstallShield archives support - Add support for unpacking and
inspecting the contents of InstallShield archives.
8. CPIO archive support - Add support for unpacking and inspecting the
contents of CPIO archives.
9. Heuristic improvements - Improve the PE heuristics detection engine
by adding support of bogus icons and fake PE header information. In a
nutshell, ClamAV can now detect malware that tries to disguise itself as
a harmless application by using the most common Windows program icons.
10. Performance improvements - Overall performance improvements and
memory optimizations for a better overall resource utilization experience.
11. Signature Improvements - Logical signature improvements to allow
referencing groups of signatures. Additionally, improvements to
wildcard matching on word boundaries and newlines.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
- Raw text -