@@ -1,3 +1,9 @@

+Sun Mar 14 21:48:25 CET 2004 (tk)

+---------------------------------

+  * etc/clamav.conf: ScanOLE2 enabled by default

+  * doc: manuals updated

+  * fixed gcc warnings

+

 Sat Mar 13 23:14:44 CET 2004 (tk)

 ---------------------------------

   * doc: clamdoc.pdf - updated (for 0.70) and slightly reorganized

@@ -2,6 +2,73 @@ Note: This README/NEWS file refers to the source tarball. Some things described

 here may not be available in binary packages.

 --

+

+0.70

+----

+

+The two major changes in this version are new thread manager in clamd

+and support for decoding MS Office VBA macros. Both of them have been

+implemented by Trog. Besides, there are many improvements and bugfixes

+(all listed in ChangeLog), a short summary:

+

+-) clamd

+    + new thread manager (with better SMP support)

+    + on-access scanning now also available on FreeBSD (with Dazuko 2.0)

+    + new directive: ArchiveDetectEncrypted

+    + handle SIGHUP (re-open logfile), SIGUSR2 (reload database)

+

+-) clamav-milter:

+    + TCPWrappers support

+

+-) libclamav:

+    + support for MS Office documents (OLE2) and VBA macros decompression

+    + support for encrypted archive detection

+    + new flags: CL_OLE2, CL_ENCRYPTED (see clamdoc.pdf, Section 6.1)

+    + improved support for mail files (especially bounces)

+    + improved RAR support

+

+-) clamscan:

+    + new option: --detect-encrypted

+

+-) freshclam

+    + new option: --pid, -p (write pid file if run as daemon)

+    + handle SIGHUP (re-open logfile), SIGTERM (terminate with log message),

+      SIGALRM and SIGUSR1 (wake up and check mirror)

+    + fixed bug with -u and -c handling

+

+-) documentation:

+    + new Polish documentation on ClamAV and Samba integration

+    + official documentation updated

+

+

+Special thanks to Dirk Mueller <mueller*kde.org> for the code review and

+many bugfixes and cleanups.

+

+

+We are happy to announce new programs that support ClamAV (all of them

+have been reviewed by our team):

+    + j-chkmail - a powerful filter for sendmail

+    + qscanq - Virus Scanning for Qmail

+    + clamavr - Ruby binding for ClamAV

+    + DansGuardian Anti-Virus Plugin

+    + ClamAssassin - a filter for procmail

+    + Gadoyanvirus - a filter for Qmail

+    + OpenProtect - a complete e-mail protection solution

+    + POP3 Virus Scanner Daemon

+    + mailman-clamav - a virus filter for Mailman

+    + wbmclamav - a webmin module to manage ClamAV

+    + Scan Log Analyzer

+    + mailgraph - a RRDtool frontend for Postfix Statistics

+    + INSERT - a security toolkit on a credit card size CD

+    + Local Area Security - a Live CD Linux distribution

+

+

+--

+The ClamAV team (http://www.clamav.net/team.html)

+March 14, 2004

+

+

+

 0.67

 ----

 This release fixes a memory management problem (platform dependent; can lead

@@ -6,9 +6,47 @@ here may not be available in binary packages.

 0.70

 ----

+The two major changes in this version are new thread manager in clamd

+and support for decoding MS Office VBA macros. Both of them have been

+implemented by Trog. Besides, there are many improvements and bugfixes

+(all listed in ChangeLog), a short summary:

+

+-) clamd

+    + new thread manager (with better SMP support)

+    + on-access scanning now also available on FreeBSD (with Dazuko 2.0)

+    + new directive: ArchiveDetectEncrypted

+    + handle SIGHUP (re-open logfile), SIGUSR2 (reload database)

+

+-) clamav-milter:

+    + TCPWrappers support

+

+-) libclamav:

+    + support for MS Office documents (OLE2) and VBA macros decompression

+    + support for encrypted archive detection

+    + new flags: CL_OLE2, CL_ENCRYPTED (see clamdoc.pdf, Section 6.1)

+    + improved support for mail files (especially bounces)

+    + improved RAR support

+

+-) clamscan:

+    + new option: --detect-encrypted

+

+-) freshclam

+    + new option: --pid, -p (write pid file if run as daemon)

+    + handle SIGHUP (re-open logfile), SIGTERM (terminate with log message),

+      SIGALRM and SIGUSR1 (wake up and check mirror)

+    + fixed bug with -u and -c handling

+

+-) documentation:

+    + new Polish documentation on ClamAV and Samba integration

+    + official documentation updated

+

+

+Special thanks to Dirk Mueller <mueller*kde.org> for the code review and

+many bugfixes and cleanups.

+

 We are happy to announce new programs that support ClamAV (all of them

-have been reviewed by us):

+have been reviewed by our team):

     + j-chkmail - a powerful filter for sendmail

     + qscanq - Virus Scanning for Qmail

     + clamavr - Ruby binding for ClamAV

@@ -25,6 +63,9 @@ have been reviewed by us):

     + Local Area Security - a Live CD Linux distribution

+--

+The ClamAV team (http://www.clamav.net/team.html)

+March 14, 2004

@@ -61,7 +61,7 @@ void *clamukoth(void *arg)

 {

 	struct thrarg *tharg = (struct thrarg *) arg;

 	sigset_t sigset;

-	char *virname;

+	const char *virname;

         struct sigaction act;

 	unsigned long mask = 0;

 	const struct cfgstruct *pt;

@@ -19,6 +19,10 @@

 #ifndef __CLAMD_OTHERS_H

 #define __CLAMD_OTHERS_H

+#if HAVE_CONFIG_H

+#include "clamav-config.h"

+#endif

+

 #include <stdlib.h>

 #include "cfgfile.h"

@@ -57,7 +57,7 @@ int checksymlink(const char *path)

 }

 /* :set nowrap, if you don't like this style ;)) */

-int dirscan(const char *dirname, char **virname, unsigned long int *scanned, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt, int odesc, unsigned int *reclev, short contscan)

+int dirscan(const char *dirname, const char **virname, unsigned long int *scanned, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt, int odesc, unsigned int *reclev, short contscan)

 {

 	DIR *dd;

 	struct dirent *dent;

@@ -132,7 +132,7 @@ int scan(const char *filename, unsigned long int *scanned, const struct cl_node

 {

 	struct stat sb;

 	int ret = 0, reclev = 0;

-	char *virname;

+	const char *virname;

     /* check permissions  */

@@ -189,7 +189,8 @@ int scanstream(int odesc, unsigned long int *scanned, const struct cl_node *root

 	int ret, portscan = CL_DEFAULT_MAXPORTSCAN, sockfd, port, acceptd, tmpd, bread, retval;

 	long int size = 0, maxsize = 0;

 	short bound = 0;

-	char *virname, buff[32768];

+	const char *virname;

+	char buff[32768];

 	struct sockaddr_in server;

 	struct cfgstruct *cpt;

 	FILE *tmp = NULL;

@@ -22,7 +22,7 @@

 #include <clamav.h>

 #include "cfgfile.h"

-int dirscan(const char *dirname, char **virname, unsigned long int *scanned, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt, int odesc, unsigned int *reclev, short contscan);

+int dirscan(const char *dirname, const char **virname, unsigned long int *scanned, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt, int odesc, unsigned int *reclev, short contscan);

 int scan(const char *filename, unsigned long int *scanned, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt, int odesc, short contscan);

@@ -118,7 +118,7 @@ void sighandler_th(int sig)

 static struct cl_node *reload_db(struct cl_node *root, const struct cfgstruct *copt, int do_check)

 {

-	char *dbdir;

+	const char *dbdir;

 	int virnum=0, retval;

 	struct cfgstruct *cpt;

 	static struct cl_stat *dbstat=NULL;

@@ -763,7 +763,7 @@ int scandirs(const char *dirname, struct cl_node *root, const struct passwd *use

 int checkfile(const char *filename, const struct cl_node *root, const struct cl_limits *limits, int options)

 {

 	int fd, ret;

-	char *virname;

+	const char *virname;

     if((fd = open(filename, O_RDONLY)) == -1) {

 	mprintf("@Can't open file %s\n", filename);

@@ -794,7 +794,7 @@ int checkfile(const char *filename, const struct cl_node *root, const struct cl_

 int checkstdin(const struct cl_node *root, const struct cl_limits *limits)

 {

 	int ret;

-	char *virname;

+	const char *virname;

     claminfo.files++;

@@ -1,5 +1,5 @@

 .\" Manual page created by Tomasz Kojm, 20021001.

-.TH "clamav.conf" "5" "November 11, 2003" "Tomasz Kojm" "Clam AntiVirus"

+.TH "clamav.conf" "5" "March 14, 2004" "Tomasz Kojm" "Clam AntiVirus"

 .SH "NAME"

 .LP 

 \fBclamav.conf\fR \- a configuration file for Clam AntiVirus Daemon

@@ -44,17 +44,27 @@ Log time with each message.

 .br 

 Default: disabled.

 .TP 

+\fBLogClean\fR

+Log clean files.

+.br 

+Default: disabled.

+.TP 

 \fBLogSyslog\fR

 Use system logger (can work together with LogFile).

 .br 

 Default: disabled.

 .TP 

+\fBLogVerbose\fR

+Enable verbose logging.

+.br 

+Default: disabled.

+.TP 

 \fBPidFile STRING\fR

 Save a process identifier of a listening daemon (main thread) to a specified file.

 .br 

 Default: disabled.

 .TP 

-\fBDataDirectory STRING\fR

+\fBDatabaseDirectory STRING\fR

 Path to a directory containing database files.

 .br 

 Default: hardcoded directory.

@@ -149,6 +159,11 @@ Close the connection when this limit is exceeded.

 .br 

 Default: disabled.

 .TP 

+\fBScanOLE2\fR

+Enables scanning of Microsoft Office document macros.

+.br 

+Default: enabled.

+.TP 

 \fBScanMail\fR

 Enable scanning of Mbox, Maildir and raw mail files.

 .br 

@@ -179,11 +194,21 @@ Number of files to be scanned within archive. Value of 0 disables the limit.

 .br 

 Default: 1000

 .TP 

+\fBArchiveMaxCompressionRatio NUMBER\fR

+Analyze compression ratio and mark potential archive bombs as viruses (0 disables the limit).

+.br 

+Default: 200

+.TP 

 \fBArchiveLimitMemoryUsage\fR

 Use slower decompression algorithm which uses less memory. This option affects bzip2 decompressor only.

 .br 

 Default: disabled

 .TP 

+\fBArchiveDetectEncrypted\fR

+Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).

+.br 

+Default: disabled

+.TP 

 \fBClamukoScanOnLine\fR

 Enable Clamuko \- on\-access scanner for Linux. Dazuko must be already running.

 .br 

@@ -1,5 +1,5 @@

 .\" Manual page created by Tomasz Kojm, 14/15 IV 2002

-.TH "clamscan" "1" "February 20, 2004" "Tomasz Kojm" "Clam AntiVirus"

+.TH "clamscan" "1" "March 14, 2004" "Tomasz Kojm" "Clam AntiVirus"

 .SH "NAME"

 .LP 

 clamscan \- scan files and directories against viruses

@@ -69,9 +69,15 @@ Move infected files into DIRECTORY. Directory must be writeable for the 'clamav'

 .TP 

 EXTRACTION OPTIONS:

 .TP 

+\fB\-\-no\-ole2\fR

+Disable support for Microsoft Office document files.

+.TP 

 \fB\-\-no\-archive\fR

 Disable archive support built in libclamav.

 .TP 

+\fB\-\-detect\-encrypted\fR

+Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).

+.TP 

 \fB\-\-max\-files=#n\fR

 Extract first #n files from each archive. This option protects your system against DoS attacks (default: 500)

 .TP 

@@ -1,5 +1,5 @@

 .\" Manual page created by Tomasz Kojm, 20020415

-.TH "freshclam" "1" "February 20, 2004" "Tomasz Kojm" "Clam AntiVirus"

+.TH "freshclam" "1" "March 14, 2004" "Tomasz Kojm" "Clam AntiVirus"

 .SH "NAME"

 .LP 

 freshclam \- update virus databases

@@ -11,7 +11,7 @@ freshclam [options]

 freshclam updates the virus database. It's a part of the Clam AntiVirus package. It requires an Internet connection.

 .SH "OPTIONS"

 .LP 

-Freshclam reads its configuration from freshclam.conf. The settings will be overwritten with command line options.

+Freshclam reads its configuration from freshclam.conf. The settings can be overwritten with command line options.

 .TP 

 \fB\-h, \-\-help\fR

 Output help information and exit.

@@ -40,6 +40,9 @@ Run as USER. By default (when started by root) freshclam drops privileges and wo

 \fB\-d, \-\-daemon\fR

 Run in a daemon mode. This option requires \-\-checks.

 .TP 

+\fB\-p FILE, \-\-pid=FILE\fR

+Save daemon's pid in FILE.

+.TP 

 \fB\-c #n, \-\-checks=#n\fR

 Check #n times day for new database. #n must be between 1 and 50.

 .TP 

@@ -136,7 +136,7 @@ MaxDirectoryRecursion 15

 ##

 # This option enables scanning of Microsoft Office document macros.

-#ScanOLE2

+ScanOLE2

 ##

 ## Mail support

@@ -186,7 +186,7 @@ ArchiveMaxCompressionRatio 200

 # affects bzip2 decompressor only.

 #ArchiveLimitMemoryUsage

-# Mark encrypted archives as viruses (currently only works with Zip archives)

+# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).

 #ArchiveDetectEncrypted

@@ -35,9 +35,14 @@

 #include <pwd.h>

 #include <grp.h>

+#if defined(CLAMD_USE_SYSLOG) && !defined(C_AIX)

+#include <syslog.h>

+#endif

+

 #include "options.h"

 #include "shared.h"

 #include "others.h"

+#include "clamd/others.h"

 #include "manager.h"

 #include "defaults.h"

 #include "freshclam.h"

@@ -167,9 +172,13 @@ int freshclam(struct optstruct *opt)

 	mexit(0);

     }

-

     /* initialize logger */

+    if(cfgopt(copt, "LogVerbose"))

+	logverbose = 1;

+    else

+	logverbose = 0;

+

     if(optc(opt, 'l')) {

 	logfile = getargc(opt, 'l');

 	if(logg("--------------------------------------\n")) {

@@ -185,6 +194,15 @@ int freshclam(struct optstruct *opt)

     } else

 	logfile = NULL;

+#if defined(CLAMD_USE_SYSLOG) && !defined(C_AIX)

+    if((cpt = cfgopt(copt, "LogSyslog"))) {

+	openlog("freshclam", LOG_PID, LOG_LOCAL6);

+	use_syslog = 1;

+	syslog(LOG_INFO, "Freshclam started.\n");

+    } else

+	use_syslog = 0;

+#endif

+

     /* change the current working directory */

     if(optl(opt, "datadir")) {

 	newdir = getargl(opt, "datadir");

@@ -375,7 +393,7 @@ void help(void)

     mprintf("    --config-file=FILE                   read configuration from FILE.\n");

     mprintf("    --log=FILE           -l FILE         log into FILE\n");

     mprintf("    --daemon             -d              run in daemon mode\n");

-    mprintf("    --pid                -p FILE         save daemon's pid in FILE\n");

+    mprintf("    --pid=FILE           -p FILE         save daemon's pid in FILE\n");

     mprintf("    --user=USER          -u USER         run as USER\n");

     mprintf("    --checks=#n          -c #n           number of checks per day, 1 <= n <= 50\n");

     mprintf("    --datadir=DIRECTORY                  download new databases into DIRECTORY\n");