git-svn: trunk@909
Tomasz Kojm authored on 2004/09/20 22:37:45... | ... |
@@ -1,3 +1,7 @@ |
1 |
+Mon Sep 20 15:31:21 CEST 2004 (tk) |
|
2 |
+---------------------------------- |
|
3 |
+ V 0.80rc |
|
4 |
+ |
|
1 | 5 |
Mon Sep 20 13:46:15 BST 2004 (njh) |
2 | 6 |
---------------------------------- |
3 | 7 |
* libclamav/mbox.c: Fix parsing problem |
... | ... |
@@ -10,7 +14,7 @@ Mon Sep 20 12:12:09 CEST 2004 (tk) |
10 | 10 |
|
11 | 11 |
Mon Sep 20 10:44:35 BST 2004 (trog) |
12 | 12 |
----------------------------------- |
13 |
-* libclamav/htmlnorm.c: Simplify handling of NL chars, treat as a space. |
|
13 |
+ * libclamav/htmlnorm.c: Simplify handling of NL chars, treat as a space. |
|
14 | 14 |
|
15 | 15 |
Mon Sep 20 10:09:55 BST 2004 (njh) |
16 | 16 |
---------------------------------- |
... | ... |
@@ -2,6 +2,125 @@ Note: This README/NEWS file refers to the source tarball. Some things described |
2 | 2 |
here may not be available in binary packages. |
3 | 3 |
-- |
4 | 4 |
|
5 |
+0.80rc |
|
6 |
+------ |
|
7 |
+ |
|
8 |
+The development version of ClamAV is ready for general testing! New mechanisms |
|
9 |
+have already proved very nasty to Internet worms successfully protecting |
|
10 |
+against the new versions R, S, T, U, V and W of the infamous Mydoom worm |
|
11 |
+and detecting them as Worm.Mydoom.Gen before they were analysed and specific |
|
12 |
+signatures added by the ClamAV database maintainers. That means servers running |
|
13 |
+the new version of ClamAV have detected and blocked 100% of Mydoom attacks! |
|
14 |
+ |
|
15 |
+New features in this release include: |
|
16 |
+ |
|
17 |
+-) libclamav |
|
18 |
+ + Portable Executable analyser (CL_SCAN_PE) featuring: |
|
19 |
+ o UPX decompression (all versions) |
|
20 |
+ o Petite decompression (2.x) |
|
21 |
+ o FSG decompression (1.3, 1.31, 1.33) |
|
22 |
+ o detection of broken executables (CL_SCAN_BLOCKBROKEN) |
|
23 |
+ + new, memory efficient, pattern matching algorithm (multipattern variant |
|
24 |
+ of Boyer-Moore) - it's now primary matcher and Aho-Corasick is only used |
|
25 |
+ for regular expression extended signatures |
|
26 |
+ + new signature format with advanced target type and offset specification |
|
27 |
+ + support for MD5 based signatures |
|
28 |
+ + extended regular expression scanner |
|
29 |
+ + added support for MS cabinet files |
|
30 |
+ + added support for CHM files |
|
31 |
+ + added support for POSIX tar archives |
|
32 |
+ + scanning inside PowerPoint documents |
|
33 |
+ + HTML normaliser with support for decoding of MS Script Encoder code |
|
34 |
+ + great improvements in e-mail scanner (now handles even more worm tricks) |
|
35 |
+ + new method of mail files detection |
|
36 |
+ + all e-mail attachments are now scanned (previously only the first ten |
|
37 |
+ attachments were scanned) |
|
38 |
+ + added support for scanning URLs in e-mails (CL_SCAN_MAILURL) |
|
39 |
+ + detection of Worm.Mydoom.M.log |
|
40 |
+ + updated API (still backward compatible but please consult clamdoc.pdf |
|
41 |
+ (Section 6) and adapt your software) |
|
42 |
+ |
|
43 |
+-) clamd |
|
44 |
+ + new directive ScanHTML (enables HTML normalisator and ScrEnc decoder) |
|
45 |
+ + new directive ScanPE (win32 executable analyser and decompressor) |
|
46 |
+ + new directive DetectBrokenExecutables (try to detect broken executables |
|
47 |
+ and mark them as Broken.Executable) |
|
48 |
+ + new directive MailFollowURLs (try to download and scan files from URLs |
|
49 |
+ in mails. BE CAREFUL! DO NOT ENABLE IT ON LOADED MAIL SERVERS) |
|
50 |
+ + new directive ArchiveBlockMax (archives that exceed limits will be |
|
51 |
+ marked as viruses) |
|
52 |
+ + clamav.conf was renamed clamd.conf |
|
53 |
+ |
|
54 |
+-) clamscan |
|
55 |
+ + mail files are scanned by default, use --no-mail to disable it |
|
56 |
+ + new option --no-html (disables HTML normalisator) |
|
57 |
+ + new option --no-pe (disables PE analyser) |
|
58 |
+ + new option --detect-broken |
|
59 |
+ + new option --block-max |
|
60 |
+ + new option --mail-follow-urls (download and scan files from URLs in mails) |
|
61 |
+ |
|
62 |
+-) clamdscan |
|
63 |
+ + now prints warnings if some activated command line options are only |
|
64 |
+ supported by clamscan |
|
65 |
+ + added support for archive scanning in stdin mode |
|
66 |
+ |
|
67 |
+-) clamav-milter |
|
68 |
+ + improved template file format |
|
69 |
+ + quarantined file names now contain virus names |
|
70 |
+ + initial support for SESSION mode of clamd |
|
71 |
+ |
|
72 |
+-) freshclam: |
|
73 |
+ + new directive DNSDatabaseInfo that enables ultra lightweight version |
|
74 |
+ verification method through DNS (using TXT records). Based on idea by |
|
75 |
+ Christopher X. Candreva and enabled by default. |
|
76 |
+ (see http://www.gossamer-threads.com/lists/clamav/users/11102) |
|
77 |
+ + new option --no-dns (quick option to disable DNS method without editing |
|
78 |
+ freshclam.conf) |
|
79 |
+ |
|
80 |
+-) sigtool |
|
81 |
+ + removed ability of automatic signature generation (use MD5 sums to |
|
82 |
+ create your own signatures, see signatures.pdf for details) |
|
83 |
+ + new option --md5 |
|
84 |
+ + new option --html-normalise (saves HTML normalisation and decryption |
|
85 |
+ results in three html files in current directory) |
|
86 |
+ |
|
87 |
+-) configure: |
|
88 |
+ + new option --disable-gethostbyname_r (try enabling it if clamav-milter |
|
89 |
+ compilation fails) |
|
90 |
+ + new option --disable-dns (try enabling it if freshclam compilation fails) |
|
91 |
+ + extended regular expression scanner |
|
92 |
+ |
|
93 |
+-) documentation |
|
94 |
+ + included new Mac OS X installation instructions |
|
95 |
+ + official documentation rewritten and outdated docs removed |
|
96 |
+ |
|
97 |
+-) new 3rd party software with support for ClamAV: |
|
98 |
+ + OdeiaVir - an e-mail filter for qmail and Exim |
|
99 |
+ + ClamSMTP - a lightweight (written in C) and simple filter for Postfix |
|
100 |
+ + Protea AntiVirus Tools - a virus filter for Lotus Domino |
|
101 |
+ + PTSMail Utilities - an e-mail filter for Sendmail |
|
102 |
+ + mxGuard for IMail - a mail filter for Ipswitch IMail (W32) |
|
103 |
+ + Zabit - a content and attachment filter for qmail |
|
104 |
+ + BeClam - ClamAV port for BeOS |
|
105 |
+ + clamXav - a virus scanner with GUI for Mac OS X |
|
106 |
+ |
|
107 |
+Special thanks to aCaB for his work on UPX, FSG and Petite decompressors. |
|
108 |
+ |
|
109 |
+Thanks to good reaction times on new threats ClamAV was awarded as best |
|
110 |
+security tool for 2004 by Linux Journal: "...With this year's outbreak of |
|
111 |
+e-mail worms for non-Linux platforms, ClamAV has been getting quite a workout, |
|
112 |
+and Linux admins on mailing lists report that database update times are keeping |
|
113 |
+up with or beating the proprietary alternatives." Thanks! |
|
114 |
+ |
|
115 |
+SourceWear.com is selling some very nice t-shirts and polo shirts powered by |
|
116 |
+ClamAV. Wear them and virus writers will stay away from you :-) A quarter out |
|
117 |
+of every dollar profited from the sale of these shirts will go to the ClamAV |
|
118 |
+project. Visit http://www.sourcewear.com and click on ClamAV logo! |
|
119 |
+ |
|
120 |
+ |
|
121 |
+-- |
|
122 |
+The ClamAV team (http://www.clamav.net/team.html) |
|
123 |
+ |
|
5 | 124 |
0.75 |
6 | 125 |
---- |
7 | 126 |
|
... | ... |
@@ -2,6 +2,125 @@ Note: This README/NEWS file refers to the source tarball. Some things described |
2 | 2 |
here may not be available in binary packages. |
3 | 3 |
-- |
4 | 4 |
|
5 |
+0.80rc |
|
6 |
+------ |
|
7 |
+ |
|
8 |
+The development version of ClamAV is ready for general testing! New mechanisms |
|
9 |
+have already proved very nasty to Internet worms successfully protecting |
|
10 |
+against the new versions R, S, T, U, V and W of the infamous Mydoom worm |
|
11 |
+and detecting them as Worm.Mydoom.Gen before they were analysed and specific |
|
12 |
+signatures added by the ClamAV database maintainers. That means servers running |
|
13 |
+the new version of ClamAV have detected and blocked 100% of Mydoom attacks! |
|
14 |
+ |
|
15 |
+New features in this release include: |
|
16 |
+ |
|
17 |
+-) libclamav |
|
18 |
+ + Portable Executable analyser (CL_SCAN_PE) featuring: |
|
19 |
+ o UPX decompression (all versions) |
|
20 |
+ o Petite decompression (2.x) |
|
21 |
+ o FSG decompression (1.3, 1.31, 1.33) |
|
22 |
+ o detection of broken executables (CL_SCAN_BLOCKBROKEN) |
|
23 |
+ + new, memory efficient, pattern matching algorithm (multipattern variant |
|
24 |
+ of Boyer-Moore) - it's now primary matcher and Aho-Corasick is only used |
|
25 |
+ for regular expression extended signatures |
|
26 |
+ + new signature format with advanced target type and offset specification |
|
27 |
+ + support for MD5 based signatures |
|
28 |
+ + extended regular expression scanner |
|
29 |
+ + added support for MS cabinet files |
|
30 |
+ + added support for CHM files |
|
31 |
+ + added support for POSIX tar archives |
|
32 |
+ + scanning inside PowerPoint documents |
|
33 |
+ + HTML normaliser with support for decoding of MS Script Encoder code |
|
34 |
+ + great improvements in e-mail scanner (now handles even more worm tricks) |
|
35 |
+ + new method of mail files detection |
|
36 |
+ + all e-mail attachments are now scanned (previously only the first ten |
|
37 |
+ attachments were scanned) |
|
38 |
+ + added support for scanning URLs in e-mails (CL_SCAN_MAILURL) |
|
39 |
+ + detection of Worm.Mydoom.M.log |
|
40 |
+ + updated API (still backward compatible but please consult clamdoc.pdf |
|
41 |
+ (Section 6) and adapt your software) |
|
42 |
+ |
|
43 |
+-) clamd |
|
44 |
+ + new directive ScanHTML (enables HTML normalisator and ScrEnc decoder) |
|
45 |
+ + new directive ScanPE (win32 executable analyser and decompressor) |
|
46 |
+ + new directive DetectBrokenExecutables (try to detect broken executables |
|
47 |
+ and mark them as Broken.Executable) |
|
48 |
+ + new directive MailFollowURLs (try to download and scan files from URLs |
|
49 |
+ in mails. BE CAREFUL! DO NOT ENABLE IT ON LOADED MAIL SERVERS) |
|
50 |
+ + new directive ArchiveBlockMax (archives that exceed limits will be |
|
51 |
+ marked as viruses) |
|
52 |
+ + clamav.conf was renamed clamd.conf |
|
53 |
+ |
|
54 |
+-) clamscan |
|
55 |
+ + mail files are scanned by default, use --no-mail to disable it |
|
56 |
+ + new option --no-html (disables HTML normalisator) |
|
57 |
+ + new option --no-pe (disables PE analyser) |
|
58 |
+ + new option --detect-broken |
|
59 |
+ + new option --block-max |
|
60 |
+ + new option --mail-follow-urls (download and scan files from URLs in mails) |
|
61 |
+ |
|
62 |
+-) clamdscan |
|
63 |
+ + now prints warnings if some activated command line options are only |
|
64 |
+ supported by clamscan |
|
65 |
+ + added support for archive scanning in stdin mode |
|
66 |
+ |
|
67 |
+-) clamav-milter |
|
68 |
+ + improved template file format |
|
69 |
+ + quarantined file names now contain virus names |
|
70 |
+ + initial support for SESSION mode of clamd |
|
71 |
+ |
|
72 |
+-) freshclam: |
|
73 |
+ + new directive DNSDatabaseInfo that enables ultra lightweight version |
|
74 |
+ verification method through DNS (using TXT records). Based on idea by |
|
75 |
+ Christopher X. Candreva and enabled by default. |
|
76 |
+ (see http://www.gossamer-threads.com/lists/clamav/users/11102) |
|
77 |
+ + new option --no-dns (quick option to disable DNS method without editing |
|
78 |
+ freshclam.conf) |
|
79 |
+ |
|
80 |
+-) sigtool |
|
81 |
+ + removed ability of automatic signature generation (use MD5 sums to |
|
82 |
+ create your own signatures, see signatures.pdf for details) |
|
83 |
+ + new option --md5 |
|
84 |
+ + new option --html-normalise (saves HTML normalisation and decryption |
|
85 |
+ results in three html files in current directory) |
|
86 |
+ |
|
87 |
+-) configure: |
|
88 |
+ + new option --disable-gethostbyname_r (try enabling it if clamav-milter |
|
89 |
+ compilation fails) |
|
90 |
+ + new option --disable-dns (try enabling it if freshclam compilation fails) |
|
91 |
+ + extended regular expression scanner |
|
92 |
+ |
|
93 |
+-) documentation |
|
94 |
+ + included new Mac OS X installation instructions |
|
95 |
+ + official documentation rewritten and outdated docs removed |
|
96 |
+ |
|
97 |
+-) new 3rd party software with support for ClamAV: |
|
98 |
+ + OdeiaVir - an e-mail filter for qmail and Exim |
|
99 |
+ + ClamSMTP - a lightweight (written in C) and simple filter for Postfix |
|
100 |
+ + Protea AntiVirus Tools - a virus filter for Lotus Domino |
|
101 |
+ + PTSMail Utilities - an e-mail filter for Sendmail |
|
102 |
+ + mxGuard for IMail - a mail filter for Ipswitch IMail (W32) |
|
103 |
+ + Zabit - a content and attachment filter for qmail |
|
104 |
+ + BeClam - ClamAV port for BeOS |
|
105 |
+ + clamXav - a virus scanner with GUI for Mac OS X |
|
106 |
+ |
|
107 |
+Special thanks to aCaB for his work on UPX, FSG and Petite decompressors. |
|
108 |
+ |
|
109 |
+Thanks to good reaction times on new threats ClamAV was awarded as best |
|
110 |
+security tool for 2004 by Linux Journal: "...With this year's outbreak of |
|
111 |
+e-mail worms for non-Linux platforms, ClamAV has been getting quite a workout, |
|
112 |
+and Linux admins on mailing lists report that database update times are keeping |
|
113 |
+up with or beating the proprietary alternatives." Thanks! |
|
114 |
+ |
|
115 |
+SourceWear.com is selling some very nice t-shirts and polo shirts powered by |
|
116 |
+ClamAV. Wear them and virus writers will stay away from you :-) A quarter out |
|
117 |
+of every dollar profited from the sale of these shirts will go to the ClamAV |
|
118 |
+project. Visit http://www.sourcewear.com and click on ClamAV logo! |
|
119 |
+ |
|
120 |
+ |
|
121 |
+-- |
|
122 |
+The ClamAV team (http://www.clamav.net/team.html) |
|
123 |
+ |
|
5 | 124 |
0.75 |
6 | 125 |
---- |
7 | 126 |
|
... | ... |
@@ -15,5 +15,5 @@ |
15 | 15 |
# along with this program; if not, write to the Free Software |
16 | 16 |
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
17 | 17 |
|
18 |
-EXTRA_DIST = clamdoc.pdf html man clamav-mirror-howto.pdf signatures.pdf Polish |
|
18 |
+EXTRA_DIST = clamdoc.pdf html man clamav-mirror-howto.pdf signatures.pdf MacOSX |
|
19 | 19 |
man_MANS = man/clamscan.1 man/freshclam.1 man/sigtool.1 man/clamd.8 man/clamd.conf.5 man/clamdscan.1 man/clamav-milter.8 man/freshclam.conf.5 |
... | ... |
@@ -179,7 +179,7 @@ target_alias = @target_alias@ |
179 | 179 |
target_cpu = @target_cpu@ |
180 | 180 |
target_os = @target_os@ |
181 | 181 |
target_vendor = @target_vendor@ |
182 |
-EXTRA_DIST = clamdoc.pdf html man clamav-mirror-howto.pdf signatures.pdf Polish |
|
182 |
+EXTRA_DIST = clamdoc.pdf html man clamav-mirror-howto.pdf signatures.pdf MacOSX |
|
183 | 183 |
man_MANS = man/clamscan.1 man/freshclam.1 man/sigtool.1 man/clamd.8 man/clamd.conf.5 man/clamdscan.1 man/clamav-milter.8 man/freshclam.conf.5 |
184 | 184 |
all: all-am |
185 | 185 |
|
... | ... |
@@ -20,6 +20,9 @@ |
20 | 20 |
* |
21 | 21 |
* Change History: |
22 | 22 |
* $Log: untar.c,v $ |
23 |
+ * Revision 1.10 2004/09/20 13:37:44 kojm |
|
24 |
+ * 0.80rc |
|
25 |
+ * |
|
23 | 26 |
* Revision 1.9 2004/09/14 10:29:31 nigelhorne |
24 | 27 |
* Fix compilation error on AIX and OSF |
25 | 28 |
* |
... | ... |
@@ -48,7 +51,7 @@ |
48 | 48 |
* First draft |
49 | 49 |
* |
50 | 50 |
*/ |
51 |
-static char const rcsid[] = "$Id: untar.c,v 1.9 2004/09/14 10:29:31 nigelhorne Exp $"; |
|
51 |
+static char const rcsid[] = "$Id: untar.c,v 1.10 2004/09/20 13:37:44 kojm Exp $"; |
|
52 | 52 |
|
53 | 53 |
#include <stdio.h> |
54 | 54 |
#include <errno.h> |
... | ... |
@@ -141,7 +144,7 @@ cli_untar(const char *dir, int desc) |
141 | 141 |
strncpy(magic, block+257, 6); |
142 | 142 |
magic[6] = '\0'; |
143 | 143 |
if(strcmp(magic, "ustar ") != 0) { |
144 |
- cli_errmsg("Incorrect magic number in tar header\n"); |
|
144 |
+ cli_dbgmsg("Incorrect magic number in tar header\n"); |
|
145 | 145 |
return CL_EFORMAT; |
146 | 146 |
} |
147 | 147 |
|
... | ... |
@@ -1,6 +1,6 @@ |
1 | 1 |
clam.exe is an extremely small (544 bytes!) MZ+PE executable that prints |
2 |
-a nice message :-) You can use it to test if your mail scanner using ClamAV |
|
3 |
-properly scans the attachments. |
|
2 |
+a nice message :-) You can use it to test attachment scanning in your ClamAV |
|
3 |
+based mail scanner. |
|
4 | 4 |
|
5 | 5 |
Due to license issues libclamav does not support RAR 3.0 archives (only 2.0 |
6 | 6 |
are supported). Currently only clamscan is able to scan the clam-error.rar |