Bug 42348 – Outdated ClamAV AntiVirus databases

Bug 42348 - Outdated ClamAV AntiVirus databases


Summary:	Outdated ClamAV AntiVirus databases

Status:	REOPENED

Product:	UCS
Classification:	Unclassified
Component:	Mail
Version:	UCS 5.0
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	---
Assigned To:	Mail maintainers
QA Contact:

URL:
Keywords:

Depends on:
Blocks:	48356
	Show dependency tree / graph

Reported:	2016-09-12 09:15 CEST by Philipp Hahn
Modified:	2020-07-04 09:07 CEST (History)
CC List:	4 users (show)

See Also:	43371
What kind of report is it?:	Bug Report
What type of bug is this?:	3: Simply Wrong: The implementation doesn't match the docu
Who will be affected by this bug?:	2: Will only affect a few installed domains
How will those affected feel about the bug?:	2: A Pain – users won’t like this once they notice it
User Pain:	0.069
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Philipp Hahn

2016-09-12 09:15:20 CEST

$ file ./mail/univention-antivir-mail/*.cvd
./mail/univention-antivir-mail/daily.cvd: Clam AntiVirus database 15 Jul 2012 18-46 -0400, version 1513, gzipped
./mail/univention-antivir-mail/main.cvd:  Clam AntiVirus database 11 Oct 2011 10-34 -0400, version 54, gzipped

Comment 1 Sönke Schwardt-Krummrich

2016-09-19 10:12:31 CEST

(In reply to Philipp Hahn from comment #0)
> $ file ./mail/univention-antivir-mail/*.cvd
> ./mail/univention-antivir-mail/daily.cvd: Clam AntiVirus database 15 Jul
> 2012 18-46 -0400, version 1513, gzipped
> ./mail/univention-antivir-mail/main.cvd:  Clam AntiVirus database 11 Oct
> 2011 10-34 -0400, version 54, gzipped

Is it a real problem? freshclam should immediately download and update the signature files.

Comment 2 Stefan Gohmann

2016-12-13 08:10:39 CET

The Enterprise Customer affected flag is set but neither a Ticket number is referenced nor a Customer ID is set. Please set a Ticket number or a Customer ID. Otherwise the Enterprise Customer affected flag will be reset.

Comment 3 The Preacher 2017-01-26 16:47:33 CET

Please look at this blogpost to see why this actually IS a problem: http://lutz.donnerhacke.de/Blog/ClamAV-aktualisiert-sich-nicht-mehr

Comment 4 Sönke Schwardt-Krummrich

2017-01-30 13:47:49 CET

(In reply to The Preacher from comment #3)
> Please look at this blogpost to see why this actually IS a problem:
> http://lutz.donnerhacke.de/Blog/ClamAV-aktualisiert-sich-nicht-mehr

But Philipp listed files from our internal SVN. And these files are by design outdated. That's why freshclam is there.

It's another problem, if freshclam locks itself up. I'm aware of this problem.

Comment 5 Ingo Steuwer

2020-07-03 20:52:27 CEST

This issue has been filed against UCS 4.2.

UCS 4.2 is out of maintenance and many UCS components have changed in later releases. Thus, this issue is now being closed.

If this issue still occurs in newer UCS versions, please use "Clone this bug" or reopen it and update the UCS version. In this case please provide detailed information on how this issue is affecting you.

Comment 6 Philipp Hahn

2020-07-04 09:07:10 CEST

So we should either update those files at least with each UCS release, or replace them with an empty file as upstream ClamAV does. But shipping 10 years old signature database is bad.

Please also note Bug #48356: Shipping those *.cvd files is incompatible with AGPL as far as I know.