October 26, 2018 | ||
---|---|---|
View 759ea8d
Removed sdl check from mspack so it possibly-(but not actually)-uninitialized-local-variables will not be treated as an error. Added matcher-byte-comp.c to libclamav.vcxproj.Micah Snyder authored on 2018/10/26 10:05:09 |
October 25, 2018 | ||
---|---|---|
View 97d5c0e
Autojunk'dMicah Snyder authored on 2018/10/25 08:55:22 |
||
View ce345ee
Incrementing the libclamav version numbers to 9.0.0 and setting the version strings to 0.101.0-beta.Micah Snyder authored on 2018/10/25 08:50:44 |
||
View 83c3979
bb12151: Added --foreground to clamd help output and man page. Also correcting the default bytecode timeout in the clamscan man page.Micah Snyder authored on 2018/10/25 07:52:29 |
October 10, 2018 | ||
---|---|---|
View d26a6fd
Allow the NULL to be missing on all AlgorithmIdsAndrew authored on 2018/10/10 03:00:28 |
September 15, 2018 | ||
---|---|---|
View b9c3525
Fix support for authenticode signatures from external .cat files This commit adds back in support for whitelisting files based on signatures from .cat files loaded in via a '-d' flag to clamscan. This also makes it so that a .crb blacklist rule match can't be overruled by a signature in a .cat fileAndrew authored on 2018/09/15 03:39:47 |
September 14, 2018 | ||
---|---|---|
View 7cf44f3
Update tbshash to have enough space for SHA512 hashesAndrew authored on 2018/09/14 04:00:34 |
||
View 39f735b
Make --dumpcerts be more consistent, improve cert processing This commit makes the following changes: - --dumpcerts will print certificates even if they already exist in any .crb files loaded - --dumpcerts will print certificates only once - Having a whitelist CRB rule on a leaf certificate should no longer prevent signature verification from happening. NOTE, this doesn't mean that you can have whitelist rules for leaf certificates and have that result in a trusted signature - that doesn't work yet - Determining whether a certificate is blacklisted now includes comparing the public key data (modulus and exponent) in addition to the subject and serial hashes - If a blacklisted certificate is detected, the code will return immediately instead of continuing on to parse the rest of the signatureAndrew authored on 2018/09/14 01:04:17 |
September 12, 2018 | ||
---|---|---|
View a493156
Add debug message in the case where a seemingly useless cert is detectedAndrew authored on 2018/09/12 23:41:59 |
||
View 7c55d4f
Set the certSign flag for certificates without a KeyUsage The MS MD5 root cert doesn't have the KeyUsage set and appears to validate just fineAndrew authored on 2018/09/12 23:04:35 |
||
View 181fee0
Fix a memory leak that occurs when a PE is whitelisted due to a valid signatureAndrew authored on 2018/09/12 03:17:33 |
September 11, 2018 | ||
---|---|---|
View c6c71ef
Allow x509 certs with v1 TBSCertificate sections in the timestamp chain There are some Windows binaries that have certificates with version 1 TBSCertificate sections. This technically isn't allowed by the spec, but the Windows API still seems to report these are being OKAndrew authored on 2018/09/11 05:27:21 |
September 10, 2018 | ||
---|---|---|
View a26ed93
Fix a bug causing nested signatures to trigger the no-countersignature case In an earlier commit, I mistakenly check for whether a nested signature has been seen when determining whether a countersignature is present instead of checking that the countersignature has been seenAndrew authored on 2018/09/10 23:43:08 |
||
View 5f11b08
Allow for the timestampToken OID in place of pkcs7-data OID in the countersignatureAndrew authored on 2018/09/10 23:41:56 |
September 9, 2018 | ||
---|---|---|
View 72771d9
Allow '0' as a counterSignature versionAndrew authored on 2018/09/09 04:16:18 |