...
|
...
|
@@ -1,3 +1,384 @@
|
|
1
|
+
|
|
2
|
+Mon, 5 Oct 2015 14:24:58 -0400 (Mickey Sola)
|
|
3
|
+------------------------------------------
|
|
4
|
+ * Configuration patch by Bernd Kuhls to allow for building statically
|
|
5
|
+ linked libraries.
|
|
6
|
+
|
|
7
|
+Fri, 2 Oct 2015 12:24:58 -0400 (Steven Morgan)
|
|
8
|
+------------------------------------------
|
|
9
|
+ * bb11209: fix for static-only build for uClibc - patch supplied by
|
|
10
|
+ Yann E. Morin.
|
|
11
|
+
|
|
12
|
+Thu, 1 Oct 2015 17:47:37 -0400 (Steven Morgan)
|
|
13
|
+------------------------------------------
|
|
14
|
+ * Add 'virus found' callback. Refactor scan-all API.
|
|
15
|
+
|
|
16
|
+Thu, 1 Oct 2015 17:23:35 -0400 (Steven Morgan)
|
|
17
|
+------------------------------------------
|
|
18
|
+ * Improve freshclam performance - patch posted to clamav-users list by
|
|
19
|
+ Andreas Schulze.
|
|
20
|
+
|
|
21
|
+Tue, 29 Sep 2015 11:10:14 -0400 (Mickey Sola)
|
|
22
|
+------------------------------------------
|
|
23
|
+ * onas: preventing use of ddd system to watch '/'
|
|
24
|
+
|
|
25
|
+Mon, 21 Sep 2015 15:05:19 -0400 (Steven Morgan)
|
|
26
|
+------------------------------------------
|
|
27
|
+ * Change ClamAV Windows icon.
|
|
28
|
+
|
|
29
|
+Mon, 21 Sep 2015 14:41:19 -0400 (Mickey Sola)
|
|
30
|
+------------------------------------------
|
|
31
|
+ * Sanity check update patches submitted by Bill Parker
|
|
32
|
+
|
|
33
|
+Fri, 18 Sep 2015 17:43:06 -0400 (Steven Morgan)
|
|
34
|
+------------------------------------------
|
|
35
|
+ * Change windows install directory, change windows Sourcefire artifacts
|
|
36
|
+ to Cisco.
|
|
37
|
+
|
|
38
|
+Thu, 17 Sep 2015 16:49:42 -0400 (Mickey Sola)
|
|
39
|
+------------------------------------------
|
|
40
|
+ * onas: changing clamd NotifyOnly option to Prevention and disabling
|
|
41
|
+ Prevention option by default.
|
|
42
|
+
|
|
43
|
+Wed, 16 Sep 2015 13:40:19 -0400 (Mickey Sola)
|
|
44
|
+------------------------------------------
|
|
45
|
+ * bb11250 - Removing deprecated function gethostbyname
|
|
46
|
+
|
|
47
|
+Mon, 14 Sep 2015 12:11:47 -0400 (Mickey Sola)
|
|
48
|
+------------------------------------------
|
|
49
|
+ * fanotify: consolidating prevention options into a single NotifyOnly option.
|
|
50
|
+
|
|
51
|
+Mon, 14 Sep 2015 11:46:35 -0400 (Mickey Sola)
|
|
52
|
+------------------------------------------
|
|
53
|
+ * fanotify: adding option to watch and notify on mountpoints.
|
|
54
|
+
|
|
55
|
+Fri, 11 Sep 2015 14:17:35 -0400 (Mickey Sola)
|
|
56
|
+------------------------------------------
|
|
57
|
+ * fanotify: adding clamd configuration toggle options to prevent read and
|
|
58
|
+ access attempts
|
|
59
|
+
|
|
60
|
+Thu, 10 Sep 2015 16:43:45 -0400 (Mickey Sola)
|
|
61
|
+------------------------------------------
|
|
62
|
+ * fanotify: adding clamd option to disable ddd
|
|
63
|
+
|
|
64
|
+Wed, 9 Sep 2015 17:58:04 -0400 (Steven Morgan)
|
|
65
|
+------------------------------------------
|
|
66
|
+ * Improve pkgconfig. Patch supplied by Andreas Cadhalpun.
|
|
67
|
+
|
|
68
|
+Wed, 9 Sep 2015 11:19:11 -0400 (Mickey Sola)
|
|
69
|
+------------------------------------------
|
|
70
|
+ * fanotify: blocking fanotify during database reload.
|
|
71
|
+
|
|
72
|
+Tue, 8 Sep 2015 16:15:52 -0400 (Mickey Sola)
|
|
73
|
+------------------------------------------
|
|
74
|
+ * onas: improving handling of thread exit cleanup and db reload.
|
|
75
|
+
|
|
76
|
+Tue, 1 Sep 2015 18:53:45 -0400 (Steven Morgan)
|
|
77
|
+------------------------------------------
|
|
78
|
+ * DLP: refactor inline code CC range checks to table based. Check IIN
|
|
79
|
+ range before applying Luhn algorithm.
|
|
80
|
+
|
|
81
|
+Tue, 1 Sep 2015 16:13:00 -0400 (Kevin Lin)
|
|
82
|
+------------------------------------------
|
|
83
|
+ * ac-alt: check last altstr for fixed property in expr analysis
|
|
84
|
+
|
|
85
|
+Fri, 28 Aug 2015 17:10:00 -0400 (Mickey Sola)
|
|
86
|
+------------------------------------------
|
|
87
|
+ * Adding FANOTIFY checks to ddd and onas hash files.
|
|
88
|
+
|
|
89
|
+Fri, 28 Aug 2015 16:03:29 -0400 (Mickey Sola)
|
|
90
|
+------------------------------------------
|
|
91
|
+ * Overhauling clamd onaccess scanning to support dynamic directory
|
|
92
|
+ determination.
|
|
93
|
+
|
|
94
|
+Tue, 25 Aug 2015 15:12:03 -0400 (Steven Morgan)
|
|
95
|
+------------------------------------------
|
|
96
|
+ * bb11352 - fix HP-UX 11.11 compile warnings. Patch sent by
|
|
97
|
+ Michael Pelletier.
|
|
98
|
+
|
|
99
|
+Tue, 25 Aug 2015 10:53:23 -0400 (Steven Morgan)
|
|
100
|
+------------------------------------------
|
|
101
|
+ * bb11351 - add missing sys/un.h header. Patch by Dmitry Marakasov.
|
|
102
|
+
|
|
103
|
+Mon, 24 Aug 2015 15:17:02 -0400 (Steven Morgan)
|
|
104
|
+------------------------------------------
|
|
105
|
+ * make retcode passed to post-scan callback to be CL_VIRUS when an
|
|
106
|
+ heuristic virus was detected.
|
|
107
|
+
|
|
108
|
+Fri, 21 Aug 2015 12:43:26 -0400 (Kevin Lin)
|
|
109
|
+------------------------------------------
|
|
110
|
+ * bb#11377 - stub pcre functions for dynamic library mapping
|
|
111
|
+
|
|
112
|
+Thu, 20 Aug 2015 18:46:30 -0400 (Kevin Lin)
|
|
113
|
+------------------------------------------
|
|
114
|
+ * bb#11377 - search for pcre/pcre.h if pcre.h not found
|
|
115
|
+
|
|
116
|
+Fri, 14 Aug 2015 15:28:02 -0400 (Steven Morgan)
|
|
117
|
+------------------------------------------
|
|
118
|
+ * bb11371 - fix integer underflow. Issue identified by Felix Groebert
|
|
119
|
+ and the Google Security Team.
|
|
120
|
+
|
|
121
|
+Fri, 14 Aug 2015 12:22:49 -0400 (Kevin Lin)
|
|
122
|
+------------------------------------------
|
|
123
|
+ * bb#11372 - finalize encrypted hex strings correctly
|
|
124
|
+
|
|
125
|
+Thu, 13 Aug 2015 15:59:27 -0400 (Kevin Lin)
|
|
126
|
+------------------------------------------
|
|
127
|
+ * bb#11370 - do not update mirrors on custom database urls
|
|
128
|
+
|
|
129
|
+Tue, 11 Aug 2015 17:12:15 -0400 (Kevin Lin)
|
|
130
|
+------------------------------------------
|
|
131
|
+ * dconf: disable swizzor heuristic by default
|
|
132
|
+
|
|
133
|
+Mon, 3 Aug 2015 17:18:31 -0400 (Kevin Lin)
|
|
134
|
+------------------------------------------
|
|
135
|
+ * bb#11366 - add 7z heuristic for encrypted header
|
|
136
|
+
|
|
137
|
+Thu, 30 Jul 2015 18:05:09 -0400 (Kevin Lin)
|
|
138
|
+------------------------------------------
|
|
139
|
+ * win32: update 3rdparty pcre to 8.37; clean up pcre sources
|
|
140
|
+
|
|
141
|
+Thu, 30 Jul 2015 17:37:05 -0400 (Kevin Lin)
|
|
142
|
+------------------------------------------
|
|
143
|
+ * tiff: added heuristic check for invalid tiff IFD fields
|
|
144
|
+
|
|
145
|
+Wed, 29 Jul 2015 12:51:19 -0400 (Steven Morgan)
|
|
146
|
+------------------------------------------
|
|
147
|
+ * bb11361 - add file magics for TIFF files.
|
|
148
|
+
|
|
149
|
+Wed, 29 Jul 2015 12:05:44 -0400 (Steven Morgan)
|
|
150
|
+------------------------------------------
|
|
151
|
+ * bb11359 - correct clamdscan handling of the --infected flag for files
|
|
152
|
+ excluded with ExcludePath clamd parameter. Patch provided by
|
|
153
|
+ devel at rinx dot com.
|
|
154
|
+
|
|
155
|
+Tue, 28 Jul 2015 13:44:41 -0400 (Kevin Lin)
|
|
156
|
+------------------------------------------
|
|
157
|
+ * bb#11196 - autoit script file misclassified as HTML
|
|
158
|
+
|
|
159
|
+Fri, 24 Jul 2015 13:24:11 -0400 (Mickey Sola)
|
|
160
|
+------------------------------------------
|
|
161
|
+ * bb11343: Automatically appennding YARA. to all yara rule sigs.
|
|
162
|
+
|
|
163
|
+Thu, 23 Jul 2015 15:36:16 -0400 (Mickey Sola)
|
|
164
|
+------------------------------------------
|
|
165
|
+ * bb11343: Adding yara-rules (yes|no|only) runtime option for clamscan.
|
|
166
|
+
|
|
167
|
+Thu, 23 Jul 2015 16:37:15 -0400 (Kevin Lin)
|
|
168
|
+------------------------------------------
|
|
169
|
+ * bb#9858 - added target 14 for binary (unidentified) files
|
|
170
|
+
|
|
171
|
+Wed, 22 Jul 2015 18:09:50 -0400 (Kevin Lin)
|
|
172
|
+------------------------------------------
|
|
173
|
+ * sigtool: added nested string alternative handling
|
|
174
|
+
|
|
175
|
+Tue, 21 Jul 2015 16:35:48 -0400 (Mickey Sola)
|
|
176
|
+------------------------------------------
|
|
177
|
+ * bb11343: Adding configure option to remove yara at compile-time.
|
|
178
|
+
|
|
179
|
+Tue, 21 Jul 2015 17:30:14 -0400 (Kevin Lin)
|
|
180
|
+------------------------------------------
|
|
181
|
+ * sigtool: added usage of cli_ldbtokenize to sigtool sigtool: handles
|
|
182
|
+ signature modifiers
|
|
183
|
+
|
|
184
|
+Tue, 21 Jul 2015 14:16:14 -0400 (Kevin Lin)
|
|
185
|
+------------------------------------------
|
|
186
|
+ * PCREMaxFileSize now correctly parses sizes (K,M,G suffixes)
|
|
187
|
+
|
|
188
|
+Thu, 16 Jul 2015 12:35:38 -0400 (Kevin Lin)
|
|
189
|
+------------------------------------------
|
|
190
|
+ * dconf: added passwd dconf for archives, applied to unzip
|
|
191
|
+
|
|
192
|
+Tue, 14 Jul 2015 18:26:22 -0400 (Kevin Lin)
|
|
193
|
+------------------------------------------
|
|
194
|
+ * unzip: added scanning of decrypted files
|
|
195
|
+
|
|
196
|
+Tue, 14 Jul 2015 17:25:01 -0400 (Kevin Lin)
|
|
197
|
+------------------------------------------
|
|
198
|
+ * unzip: added traditional PKWARE decryption password verification
|
|
199
|
+
|
|
200
|
+Tue, 14 Jul 2015 17:23:43 -0400 (Kevin Lin)
|
|
201
|
+------------------------------------------
|
|
202
|
+ * pwdb: added name tracking the pwdb entry
|
|
203
|
+
|
|
204
|
+Thu, 9 Jul 2015 17:30:47 -0400 (Kevin Lin)
|
|
205
|
+------------------------------------------
|
|
206
|
+ * engine: added .pwdb handler and storage
|
|
207
|
+
|
|
208
|
+Wed, 15 Jul 2015 17:08:17 -0400 (Mickey Sola)
|
|
209
|
+------------------------------------------
|
|
210
|
+ * bb11253: Upgrading win32 pthreads to version 2.9.1
|
|
211
|
+
|
|
212
|
+Thu, 9 Jul 2015 15:35:49 -0400 (Mickey Sola)
|
|
213
|
+------------------------------------------
|
|
214
|
+ * bb11219: Fixing scanscript to scan on a normalized map when using
|
|
215
|
+ relative offsets with type 7 signatures.
|
|
216
|
+
|
|
217
|
+Wed, 8 Jul 2015 12:16:03 -0400 (Kevin Lin)
|
|
218
|
+------------------------------------------
|
|
219
|
+ * bb#11356 - fixed an issue regarding yara_exec OP_OF
|
|
220
|
+
|
|
221
|
+Tue, 7 Jul 2015 16:46:19 -0400 (Mickey Sola)
|
|
222
|
+------------------------------------------
|
|
223
|
+ * Adding ascii file normalization option to sigtool.
|
|
224
|
+
|
|
225
|
+Tue, 7 Jul 2015 14:02:57 -0400 (Kevin Lin)
|
|
226
|
+------------------------------------------
|
|
227
|
+ * check-matcher: added prefix altstr test cases
|
|
228
|
+
|
|
229
|
+Thu, 2 Jul 2015 15:06:04 -0400 (Kevin Lin)
|
|
230
|
+------------------------------------------
|
|
231
|
+ * matcher-ac: added calc and storage for min/max lengths
|
|
232
|
+
|
|
233
|
+Wed, 1 Jul 2015 16:53:07 -0400 (Kevin Lin)
|
|
234
|
+------------------------------------------
|
|
235
|
+ * ac_special: tracks both the min and max lengths
|
|
236
|
+
|
|
237
|
+Wed, 1 Jul 2015 16:14:14 -0400 (Steven Morgan)
|
|
238
|
+------------------------------------------
|
|
239
|
+ * bb11348 - Patch for HPUX sent by Michael Pelletier.
|
|
240
|
+
|
|
241
|
+Fri, 19 Jun 2015 16:33:59 -0400 (Steven Morgan)
|
|
242
|
+------------------------------------------
|
|
243
|
+ * Add support for YARA private rules and referencing other rules in a
|
|
244
|
+ YARA condition.
|
|
245
|
+
|
|
246
|
+Sat, 22 Nov 2014 15:26:02 +0100 (Andreas Cadhalpun)
|
|
247
|
+------------------------------------------
|
|
248
|
+ * Avoid emitting incremental progress messages when not outputting to a
|
|
249
|
+ terminal.
|
|
250
|
+
|
|
251
|
+Tue, 16 Jun 2015 14:56:32 -0400 (Mickey Sola)
|
|
252
|
+------------------------------------------
|
|
253
|
+ * bb-11305: Initialized dbstat entries after clamd first loads.
|
|
254
|
+
|
|
255
|
+Wed, 10 Jun 2015 17:39:50 -0400 (Steven Morgan)
|
|
256
|
+------------------------------------------
|
|
257
|
+ * add unit tests for offset matching yara rules using 'at' and 'in' keywords.
|
|
258
|
+
|
|
259
|
+Tue, 9 Jun 2015 11:12:20 -0400 (Kevin Lin)
|
|
260
|
+------------------------------------------
|
|
261
|
+ * unit_test: pcre and sigopt test cases added to check_matchers
|
|
262
|
+
|
|
263
|
+Fri, 5 Jun 2015 11:28:50 -0400 (Kevin Lin)
|
|
264
|
+------------------------------------------
|
|
265
|
+ * unit_tests: added a few pcre test cases
|
|
266
|
+
|
|
267
|
+Fri, 5 Jun 2015 11:11:35 -0400 (Kevin Lin)
|
|
268
|
+------------------------------------------
|
|
269
|
+ * pcre: added warnings in regard to CVE-2015-3210
|
|
270
|
+
|
|
271
|
+Thu, 4 Jun 2015 17:14:26 -0400 (Mickey Sola)
|
|
272
|
+------------------------------------------
|
|
273
|
+ * bb-11149: Fixing bzip2 scan to cease scanning after reaching max filesize.
|
|
274
|
+
|
|
275
|
+Wed, 3 Jun 2015 15:28:39 -0400 (Kevin Lin)
|
|
276
|
+------------------------------------------
|
|
277
|
+ * unit_test: basis for pcre subsig testing
|
|
278
|
+
|
|
279
|
+Mon, 1 Jun 2015 17:48:39 -0400 (Kevin Lin)
|
|
280
|
+------------------------------------------
|
|
281
|
+ * removed offset 0 limitation on cli_scanraw (revert change from 0.95.2)
|
|
282
|
+
|
|
283
|
+Mon, 1 Jun 2015 17:45:14 -0400 (Kevin Lin)
|
|
284
|
+------------------------------------------
|
|
285
|
+ * updated internal msxml 2003 file magics
|
|
286
|
+
|
|
287
|
+Mon, 1 Jun 2015 16:33:03 -0400 (Kevin Lin)
|
|
288
|
+------------------------------------------
|
|
289
|
+ * added 'PCRE_STATIC' to preprocessor macros for 3rdparty pcre linking
|
|
290
|
+
|
|
291
|
+Fri, 29 May 2015 16:08:35 -0400 (Kevin Lin)
|
|
292
|
+------------------------------------------
|
|
293
|
+ * added pcre source for windows build; needs trimming
|
|
294
|
+
|
|
295
|
+Thu, 28 May 2015 18:10:54 -0400 (Kevin Lin)
|
|
296
|
+------------------------------------------
|
|
297
|
+ * win32: added yara compiler source to build
|
|
298
|
+
|
|
299
|
+Thu, 28 May 2015 18:00:16 -0400 (Steven Morgan)
|
|
300
|
+------------------------------------------
|
|
301
|
+ * Add the YARA compiler files.
|
|
302
|
+
|
|
303
|
+Thu, 28 May 2015 17:50:20 -0400 (Kevin Lin)
|
|
304
|
+------------------------------------------
|
|
305
|
+ * win32: updated sources to include new yara sources
|
|
306
|
+
|
|
307
|
+Wed, 27 May 2015 18:27:48 -0400 (Steven Morgan)
|
|
308
|
+------------------------------------------
|
|
309
|
+ * Enable YARA include directives, import YARA compiler struct and
|
|
310
|
+ functions, improve YARA parse/lex error messages.
|
|
311
|
+
|
|
312
|
+Thu, 21 May 2015 15:04:22 -0400 (Kevin Lin)
|
|
313
|
+------------------------------------------
|
|
314
|
+ * altstr: optimized fixed length alternate runtime
|
|
315
|
+
|
|
316
|
+Thu, 21 May 2015 15:03:46 -0400 (Kevin Lin)
|
|
317
|
+------------------------------------------
|
|
318
|
+ * added implementation of cli_qsort_r (qsort with cb arg)
|
|
319
|
+
|
|
320
|
+Tue, 19 May 2015 12:21:36 -0400 (Kevin Lin)
|
|
321
|
+------------------------------------------
|
|
322
|
+ * yara: added support for PUA, IGN, and sigload_cb
|
|
323
|
+
|
|
324
|
+Tue, 19 May 2015 12:04:59 -0400 (Kevin Lin)
|
|
325
|
+------------------------------------------
|
|
326
|
+ * ac_special_altstr: sigopt support
|
|
327
|
+
|
|
328
|
+Mon, 18 May 2015 09:59:04 -0400 (Kevin Lin)
|
|
329
|
+------------------------------------------
|
|
330
|
+ * matcher-ac: wildcard support for variable alternates (needs optimization)
|
|
331
|
+
|
|
332
|
+Thu, 14 May 2015 13:03:21 -0400 (Steven Morgan)
|
|
333
|
+------------------------------------------
|
|
334
|
+ * bb6934 - Incorporate Bill Parker's DLP functions for Canadian RTN/EFT
|
|
335
|
+ and U.S. MICR codes. TBD - options for invoking those functions.
|
|
336
|
+
|
|
337
|
+Thu, 14 May 2015 12:47:54 -0400 (Kevin Lin)
|
|
338
|
+------------------------------------------
|
|
339
|
+ * ac: verifier alternative to handling nocase
|
|
340
|
+
|
|
341
|
+Wed, 13 May 2015 17:48:22 -0400 (Kevin Lin)
|
|
342
|
+------------------------------------------
|
|
343
|
+ * matcher-ac: expansion of nested alternates within alternate expr
|
|
344
|
+ matcher-ac: three types of alternates: byte, fixed, and generic
|
|
345
|
+
|
|
346
|
+Wed, 13 May 2015 17:27:44 -0400 (Steven Morgan)
|
|
347
|
+------------------------------------------
|
|
348
|
+ * bb6230 - additional credit/debit card checks for dlp.c. Function by
|
|
349
|
+ Bill Parker.
|
|
350
|
+
|
|
351
|
+Mon, 11 May 2015 11:55:43 -0400 (Kevin Lin)
|
|
352
|
+------------------------------------------
|
|
353
|
+ * matcher-ac: basic framework+debug for processing nested alternates
|
|
354
|
+
|
|
355
|
+Fri, 8 May 2015 15:52:30 -0400 (Steven Morgan)
|
|
356
|
+------------------------------------------
|
|
357
|
+ * bb10731 specify group for socket of which user is not a member - patch by
|
|
358
|
+ Sebastian Andrzej Siewior.
|
|
359
|
+
|
|
360
|
+Fri, 1 May 2015 17:15:55 -0400 (Steven Morgan)
|
|
361
|
+------------------------------------------
|
|
362
|
+ * Improve fidelity of reporting error conditions from YARA strings and
|
|
363
|
+ to continue processing additional YARA rules within files where previous
|
|
364
|
+ string errors are found.
|
|
365
|
+
|
|
366
|
+Wed, 29 Apr 2015 17:17:31 -0400 (Kevin Lin)
|
|
367
|
+------------------------------------------
|
|
368
|
+ * msxml: virus detection and allmatch fixes
|
|
369
|
+
|
|
370
|
+Tue, 28 Apr 2015 17:28:23 -0400 (Kevin Lin)
|
|
371
|
+------------------------------------------
|
|
372
|
+ * bb#11306 - LZMA decompression support for flash files
|
|
373
|
+
|
|
374
|
+Tue, 28 Apr 2015 14:56:14 -0400 (Kevin Lin)
|
|
375
|
+------------------------------------------
|
|
376
|
+ * added default filetype magic for LZMA compressed SWF
|
|
377
|
+
|
|
378
|
+Wed, 22 Apr 2015 04:34:02 -0400 (Kevin Lin)
|
|
379
|
+------------------------------------------
|
|
380
|
+ * ole2: added MSO inflation and scanning (detached)
|
|
381
|
+
|
1
|
382
|
Mon, 27 Apr 12:00:00 EDT
|
2
|
383
|
-----------------------------------
|
3
|
384
|
* 0.98.7 Release.
|