diff --git a/clamav.changes b/clamav.changes index 32dbf00..2ea1101 100644 --- a/clamav.changes +++ b/clamav.changes @@ -68,69 +68,6 @@ Wed Nov 3 20:52:19 UTC 2021 - Arjen de Korte to uppercase if a UTF-8 unicode single-byte grapheme becomes a multi-byte grapheme. Patch courtesy of Andrea De Pasquale. -------------------------------------------------------------------- -Wed Nov 3 20:52:19 UTC 2021 - Arjen de Korte - -- Update to 0.103.4 - * FreshClam: - - Add a 24-hour cool-down for FreshClam clients that have received - an HTTP 403 (Forbidden) response from the CDN. This is to reduce - the volume of 403-response data served to blocked FreshClam - clients that are configured with a tight update-loop. - - Fixed a bug where FreshClam treats an empty CDIFF as an - incremental update failure instead of as an intentional request - to download the whole CVD. - * ClamDScan: Fix a scan error when broken symlinks are encountered on - macOS with "FollowDirectorySymlinks" and "FollowFileSymlinks" - options disabled. - * Overhauled the scan recursion / nested archive extraction logic and - added new limits on embedded file-type recognition performed during - the "raw" scan of each file. This limits embedded file-type - misidentification and prevents detecting embedded file content that - is found/extracted and scanned at other layers in the scanning - process. - * Fix an issue with the FMap module that failed to read from some - nested files. - * Fixed an issue where failing to load some rules from a Yara file - containing multiple rules may cause a crash. - * Fixed assorted compiler warnings. - * Fixed assorted Coverity static code analysis issues. - * Scan limits: - - Added virus-name suffixes to the alerts that trigger when a scan - limit has been exceeded. Rather than simply - Heuristics.Limits.Exceeded, you may now see limit-specific - virus-names, to include: - + Heuristics.Limits.Exceeded.MaxFileSize - + Heuristics.Limits.Exceeded.MaxScanSize - + Heuristics.Limits.Exceeded.MaxFiles - + Heuristics.Limits.Exceeded.MaxRecursion - + Heuristics.Limits.Exceeded.MaxScanTime - - Renamed the Heuristics.Email.ExceedsMax.* alerts to align with - the other limit alerts names. These alerts include: - + Heuristics.Limits.Exceeded.EmailLineFoldcnt - + Heuristics.Limits.Exceeded.EmailHeaderBytes - + Heuristics.Limits.Exceeded.EmailHeaders - + Heuristics.Limits.Exceeded.EmailMIMEPartsPerMessage - + Heuristics.Limits.Exceeded.EmailMIMEArguments - - Fixed an issue where the Email-related scan limits would alert - even when the "AlertExceedsMax" (--alert-exceeds-max) scan option - is not enabled. - - Fixes an issue in the Zip parser where exceeding the "MaxFiles" - limit or the "MaxFileSize" limit would abort the scan but would - fail to alert. The Zip scan limit issues were independently - identified and reported by Aaron Leliaert and Max Allan. - * Fixed a leak in the Email parser when using the --gen-json scan - option. - * Fixed an issue where a failure to record metadata in the Email - parser when using the --gen-json scan option could cause the Email - parser to abort the scan early and fail to extract and scan - additional content. - * Fixed a file name memory leak in the Zip parser. - * Fixed an issue where certain signature patterns may cause a crash or - cause unintended matches on some systems when converting characters - to uppercase if a UTF-8 unicode single-byte grapheme becomes a - multi-byte grapheme. Patch courtesy of Andrea De Pasquale. - ------------------------------------------------------------------- Mon Jun 21 18:44:32 UTC 2021 - Arjen de Korte