Browse code
NEWS.md: Add detail for Freshclam fixes
Also update Jenkinsfile default branch names.
Micah Snyder authored on 2021/03/31 11:46:20Showing 2 changed files
| ... | ... |
@@ -13,13 +13,13 @@ properties( |
| 13 | 13 |
defaultValue: 'build-0.103', |
| 14 | 14 |
description: 'test-pipelines branch for build acceptance'), |
| 15 | 15 |
string(name: 'FRAMEWORK_BRANCH', |
| 16 |
- defaultValue: 'dev/0.103', |
|
| 16 |
+ defaultValue: '0.103', |
|
| 17 | 17 |
description: 'test-framework branch'), |
| 18 | 18 |
string(name: 'TEST_BRANCH', |
| 19 |
- defaultValue: 'dev/0.103', |
|
| 19 |
+ defaultValue: '0.103', |
|
| 20 | 20 |
description: 'tests branch'), |
| 21 | 21 |
string(name: 'TEST_CUSTOM_BRANCH', |
| 22 |
- defaultValue: 'dev/0.103', |
|
| 22 |
+ defaultValue: '0.103', |
|
| 23 | 23 |
description: 'tests-custom branch'), |
| 24 | 24 |
string(name: 'REGULAR_PIPELINE', |
| 25 | 25 |
defaultValue: 'regular-0.103', |
| ... | ... |
@@ -34,7 +34,7 @@ properties( |
| 34 | 34 |
defaultValue: 'master', |
| 35 | 35 |
description: 'private-fuzz-corpus branch'), |
| 36 | 36 |
string(name: 'FUZZ_TEST_BRANCH', |
| 37 |
- defaultValue: 'dev/0.103', |
|
| 37 |
+ defaultValue: '0.103', |
|
| 38 | 38 |
description: 'tests-fuzz-regression branch'), |
| 39 | 39 |
string(name: 'SHARED_LIB_BRANCH', |
| 40 | 40 |
defaultValue: '0.103', |
| ... | ... |
@@ -28,6 +28,35 @@ ClamAV 0.103.2 is a security patch release with the following fixes: |
| 28 | 28 |
- Fix ClamOnAcc scan on file-creation race condition so files are scanned after |
| 29 | 29 |
their contents are written. |
| 30 | 30 |
|
| 31 |
+- FreshClam: Deprecate the `SafeBrowsing` config option. |
|
| 32 |
+ The `SafeBrowsing` option will no longer do anything. |
|
| 33 |
+ |
|
| 34 |
+ For more details, see: |
|
| 35 |
+ https://blog.clamav.net/2020/06/the-future-of-clamav-safebrowsing.html |
|
| 36 |
+ |
|
| 37 |
+ > _Tip_: If creating and hosting your own `safebrowing.gdb` database, you can |
|
| 38 |
+ > use the `DatabaseCustomURL` option in `freshclam.conf` to download it. |
|
| 39 |
+ |
|
| 40 |
+- FreshClam: Improved HTTP 304, 403, & 429 handling. |
|
| 41 |
+ |
|
| 42 |
+- FreshClam: Add back the `mirrors.dat` file to the database directory. |
|
| 43 |
+ This new `mirrors.dat` file will store: |
|
| 44 |
+ - A randomly generated UUID for the FreshClam User-Agent. |
|
| 45 |
+ - A retry-after timestamp that so FreshClam won't try to update after |
|
| 46 |
+ having received an HTTP 429 response until the Retry-After timeout has |
|
| 47 |
+ expired. |
|
| 48 |
+ |
|
| 49 |
+- FreshClam will now exit with a failure in daemon mode if an HTTP 403 |
|
| 50 |
+ (Forbidden) was received, because retrying later won't help any. |
|
| 51 |
+ The FreshClam user will have to take actions to get unblocked. |
|
| 52 |
+ |
|
| 53 |
+- Fix the FreshClam mirror-sync issue where a downloaded database is "older |
|
| 54 |
+ than the version advertised." |
|
| 55 |
+ |
|
| 56 |
+ If a new CVD download gets a version that is older than advertised, FreshClam |
|
| 57 |
+ will keep the older version and retry the update so that the incremental |
|
| 58 |
+ update process (CDIFF patch process) will update to the latest version. |
|
| 59 |
+ |
|
| 31 | 60 |
## 0.103.1 |
| 32 | 61 |
|
| 33 | 62 |
ClamAV 0.103.1 is a patch release with the following fixes and improvements. |