Bug 44807 – dansguardian linked against older libclamav6 version (but still supported)

Bug 44807 - dansguardian linked against older libclamav6 version (but still supported)


Summary:	dansguardian linked against older libclamav6 version (but still supported)

Status:	RESOLVED WONTFIX

Product:	UCS
Classification:	Unclassified
Component:	Dansguardian
Version:	UCS 4.1
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	UCS 4.1-4-errata
Assigned To:	Jürn Brodersen
QA Contact:	UCS maintainers

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2017-06-16 13:46 CEST by Jens Thorp-Hansen
Modified:	2018-11-27 15:43 CET (History)
CC List:	4 users (show)

See Also:
What kind of report is it?:	Bug Report
What type of bug is this?:	5: Major Usability: Impairs usability in key scenarios
Who will be affected by this bug?:	2: Will only affect a few installed domains
How will those affected feel about the bug?:	5: Blocking further progress on the daily work
User Pain:	0.286
Enterprise Customer affected?:	Yes
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:	2017061521000391
Bug group (optional):	External feedback
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jens Thorp-Hansen

2017-06-16 13:46:56 CEST

Reference: http://www.clamav.net/documents/end-of-life-policy-eol

Only in 4.1-x:
dansguardian runs against clamav 0.8x. This version is EOL which results in a broken dansguardian (following a broken squid). Dansguardian has to be rebuild to work with the newest version.

May affect every environment with squid/dansguardian and 4.1-4

Comment 1 Jens Thorp-Hansen

2017-06-16 13:48:31 CEST

Workaround: currently the only workaround would be to update to 4.s since here the newest clamav version would be used.

Comment 2 Michael Grandjean

2017-06-16 13:59:25 CEST

(In reply to Jens Thorp-Hansen from comment #1)
> Workaround: currently the only workaround would be to update to 4.s 

4.2

Comment 3 Sönke Schwardt-Krummrich

2017-06-19 21:27:17 CEST

(In reply to Jens Thorp-Hansen from comment #0)
> Reference: http://www.clamav.net/documents/end-of-life-policy-eol

The two major versions 0.98 and 0.99 are currently supported by camav (and all minor versions of 0.98 and 0.99)
 
> Only in 4.1-x:
> dansguardian runs against clamav 0.8x. This version is EOL which results in
> a broken dansguardian (following a broken squid). Dansguardian has to be
> rebuild to work with the newest version.

Correction: dansgardian of UCS 4.1-x is linked against libclamav6 that is shipped in version 0.98.4. According to the EOL policy of clamav this is a supported version. So no direct problem here.
Btw: clamav in UCS 4.1-x uses libclam7 in version 0.99.2 

This bug has been opened because last week freshclam fetched a new set of clamav signatures and afterwards dansguardian was unable to start:

# dansguardian restart
LibClamAV Error: cli_ac_addsig: Signature for Win.Worm.Fadok-6328944-0 is too short
LibClamAV Error: cli_parse_add(): Problem adding signature (3).
LibClamAV Error: Problem parsing database at line 2793
LibClamAV Error: Can't load daily.ldb: Malformed database
LibClamAV Error: cli_tgzload: Can't load daily.ldb
LibClamAV Error: Can't load /var/lib/clamav/daily.cvd: Malformed database
Error loading clamav db: Malformed database
Content scanner plugin init returned error value: -1
Error loading CS plugins
Error parsing the dansguardian.conf file or other DansGuardian configuration files
#

clamav directly (e.g. clamscan) showed no problem with the new signature, so currently it looks like the signature is compatible with 0.99 but not with 0.98.

With UCS 4.2 clamav and dansguardian use the (currently) latest version 0.99.2 and showed therefore no error message.

Comment 4 Jürn Brodersen

2018-11-27 15:43:26 CET

4.1 is out of maintenance -> wont fix

Please clone this bug if this problem occurs again.