Clam AntiVirus 0.99.3

ClamAV is an anti-virus engine, which is commonly used for email and web scanning, or gateway and fileserver securing. It provides a command-line scanner, a sendmail milter, automatic signature database updates, built-in support for many archiving and container or mail encoding formats, scanning standard ELF and compressed executables, as well as common office document formats.

Tags c virus-scanner mail-filter security administrators
License GNU GPL
State stable

Recent Releases

0.99.320 Jul 2017 05:45 minor feature: Interfaces to Prelude open source SIEM. Visual Studio 2015 for building Microsoft Windows binaries. Support libmspack code internally or as a shared object library. Linking with openssl 1.1.0. Numerous code patches, typos, and compiler warnings. Deprecating internal LLVM code support. The configure script has changed, to search the system for an installed instance of the LLVM development, libraries, and to otherwise use the bytecode interpreter for ClamAV, bytecode signatures. Using the deprecated internal LLVM code is possible, with the command: './configure --with-system-llvm=no', Compute and check PE import table hash (a.k.a. "imphash") signatures. Support file property collection and analysis for MHTML files. Raw scanning of PostScript files. clamsubmit to use the new virus and false positive submission web, interface. Optionally, flag files with the virus "Heuristic.Limits.Exceeded" when, size limitations are exceeded. Improve decoders for PDF files.
0.99.211 May 2016 17:05 minor feature: ups improving the reliability of several ClamAV file parsers. sigtool now decodes file type signatures (e.g. daily.ftm CVD file). now supporting libpcre2 in addition to libpcre. systemd support for clamd and freshclam. Patch provided by, Andreas Cadhalpun. builds on Mac OS X 10.10 10.11. improved deinfo for certificate metadata. improved freshclam messaging when using a proxy. some freshclam functionality when using private mirrors. clamd refinements of open file limitations on Solaris. Patch by, Jim Morris, clamav-milter signal handling for improved clean up during, termination.
0.99.104 Feb 2016 03:15 minor feature:
0.99-rc205 Nov 2015 11:05 minor feature: Processing of YARA rules(some limitations- see signatures.pdf). Support in ClamAV logical signatures for many of the features, added for YARA, such as Perl Compatible Regular Expressions, alternate strings, and YARA string attributes. See signatures.pdf, for full details. New and improved on-access scanning for Linux. See the recent blog, post and clamdoc.pdf for details on the new on-access capabilities. A new ClamAV API callback function that is invoked when a virus, is found. This is intended primarily for applications running in, all-match mode. Any applications using all-match mode must use, the new callback function to record and report detected viruses. Configurable default password list to attempt zip file decryption. TIFF file support. Upgrade Windows pthread library to 2.9.1. A new signature target type for designating signatures to run, against files with unknown file types. Improved fidelity of the "data loss prevention" heuristic, algorithm. Code supplied by Bill Parker. Support for LZMA decompression within Adobe Flash files. Support for MSO attachments within Microsoft Office 2003 XML files. A new sigtool option(--ascii-normalize) allowing signature authors, to more easily generate normalized versions of ascii files. Windows installation directories changed from Program Files Sourcefire , ClamAV to Program Files ClamAV or Program Files ClamAV-x64.
0.99-rc108 Oct 2015 03:15 minor feature: Processing of YARA rules(some limitations- see signatures.pdf). Support in ClamAV logical signatures for many of the features, added for YARA, such as Perl Compatible Regular Expressions, alternate strings, and YARA string attributes. See signatures.pdf, for full details. New and improved on-access scanning for Linux. See the recent blog, post and clamdoc.pdf for details on the new on-access capabilities. A new ClamAV API callback function that is invoked when a virus, is found. This is intended primarily for applications running in, all-match mode. Any applications using all-match mode must use, the new callback function to record and report detected viruses. Configurable default password list to attempt zip file decryption. TIFF file support. Upgrade Windows pthread library to 2.9.1. A new signature target type for designating signatures to run, against files with unknown file types. Improved fidelity of the "data loss prevention" heuristic, algorithm. Code supplied by Bill Parker. Support for LZMA decompression within Adobe Flash files. Support for MSO attachments within Microsoft Office 2003 XML files. A new sigtool option(--ascii-normalize) allowing signature authors, to more easily generate normalized versions of ascii files.
0.99-beta202 Sep 2015 03:15 minor feature: New and improved on-access scanning for Linux. See the recent, blog post for more details on the new on-access capabilities. Improved support for YARA rules including private rules, referencing other rules, and YARA "include" files. Configurable default password list to attempt zip file, decryption. TIFF support../configure options for YARA. upgrade Windows pthread library to 2.9.1. a new signature target type for uncategorized files. Improved fidelity of the "data loss prevention" heuristic, algorithm. Code supplied by Bill Parker.
0.99-beta110 Jun 2015 05:25 minor feature: Process YARA rules(with limitations) as ClamAV signatures. Support in ClamAV logical signatures many of the features, added for YARA, such as Perl Compatible Regular Expressions.
0.98.701 May 2015 03:45 minor feature: Improvements to PDF processing: decryption, escape sequence, handling, and file property collection. Scanning/analysis of additional Microsoft Office 2003 XML format. Fix infinite loop condition on crafted y0da cryptor file. Identified, and patch suggested by Sebastian Andrzej Siewior. CVE-2015-2221. Fix crash on crafted petite packed file. Reported and patch, supplied by Sebastian Andrzej Siewior. CVE-2015-2222. Fix false negatives on files within iso9660 containers. This issue, was reported by Minzhuan Gong. Fix a couple crashes on crafted upack packed file. Identified and, patches supplied by Sebastian Andrzej Siewior. Fix a crash during algorithmic detection on crafted PE file. Identified and patch supplied by Sebastian Andrzej Siewior. Fix an infinite loop condition on a crafted "xz" archive file. This was reported by Dimitri Kirchner and Goulven Guiheux. CVE-2015-2668. Fix compilation error after ./configure --disable-pthreads. Reported and fix suggested by John E. Krokes. Apply upstream patch for possible heap overflow in Henry Spencer's , regex library. CVE-2015-2305. Fix crash in upx decoder with crafted file. Discovered and patch, supplied by Sebastian Andrzej Siewior. CVE-2015-2170. Fix segfault scanning certain HTML files. Reported with sample by, Kai Risku. Improve detections within xar/pkg files.
0.98.518 Nov 2014 20:20 minor feature: ClamAV 0.98.5 (final) includes important new features for collecting and analyzing file properties. Support for the XDP file format and extracting, decoding, and scanning PDF files within XDP files. Addition of shared library support for LLVM verions 3.1 - 3.4 for the purpose of just-in-time(JIT) compilation of ClamAV bytecode signatures. Andreas Cadhalpun submitted the patch implementing this support. Enhancements to the clambc command line utility to assist ClamAV bytecode signature authors by providing introspection into compiled bytecode programs. Resolution of many of the warning messages from ClamAV compilation. Bug fixes and other feature enhancements.
0.98.5-rc114 Oct 2014 12:25 minor feature: ClamAV 0.98.5 includes important new features for collecting and analyzing file properties. Support for the XDP file format and extracting, decoding, and scanning PDF files within XDP files. Addition of shared library support for LLVM verions 3.1 - 3.4 for the purpose of just-in-time(JIT) compilation of ClamAV bytecode signatures. Andreas Cadhalpun submitted the patch implementing this support. Enhancements to the clambc command line utility to assist ClamAV bytecode signature authors by providing introspection into compiled bytecode programs. Resolution of many of the warning messages from ClamAV compilation. Bug fixes and other feature enhancements.
0.98.403 Jul 2014 18:52 minor feature: This release addressed build problems on Solaris, OpenBSD, and AIX. Additional issues on Windows, Mac OS X, and Solaris 10 have been resolved.