Cisco developers who are in charge of the development of ClamAV made known a few days ago the release of the new version of ClamAV 0.103.3 which comes with a couple of bug fixes and especially improvements for this popular multiplatform antivirus.
For those who do not know ClamAV you should know that this is an open source antivirus and multiplatform (It has versions for Windows, GNU / Linux, BSD, Solaris, Mac OS X and other Unix-like operating systems).
Main new features of ClamAV 0.103.3
In this new version that ClamAV 0.103.3 is presented as the main change it is mentioned that the file «mirrors.dat» has been renamed to «freshclam.dat», This is because ClamAV has been moved to use a content delivery network (CDN) instead of a mirror network and the specified dat file no longer contains mirror information.
It is mentioned that the file “Freshclam.dat” stores the UUID used by the ClamAV user agent. The need to change the name is due to the fact that some users’ scripts removed mirrors.dat in case of FreshClam failure, but now this file contains an identifier, the loss of which is unacceptable.
Another of the corrections that was made is that the HTTPUserAgent configuration option “DatabaseMirror” was disabled if clamav.net is used. This will prevent users from being inadvertently blocked and it will ensure that we can maintain better metrics on which versions of ClamAV are being used. This change effectively deprecates the HTTPUserAgent option for most users.
It is also mentioned that fixed issues with poor file scan performance when the ENGINE_OPTIONS_FORCE_TO_DISK option is enabled and the ClamDScan process hangs when using the “–fdpass –multiscan” options together with the ExcludePath setting in the clamd configuration file.
In addition, the developers also mention that in this new version to enable the detection of attempts to exploit the vulnerability CVE-2010-1205 (Heuristics.PNG.CVE-2010-1205), the ClamScan parameter «–alert-broken must now be explicitly enabled -media ‘or the’ AlertBrokenMedia ‘setting, as the vulnerability has been fixed everywhere for a long time.
Of the other changes that stand out from this new corrective version:
- Fixed ClamSubmit crashing after Cloudflare changed the cookie “__cfduid”.
- The problem of setting root as the owner of the mirrors.dat file instead of the user defined in the DatabaseOwner configuration when running clamav as root has been resolved.
Finally for those interested in knowing more about it About this new corrective version, you can check the details In the following link.
How to install ClamAV 0.103.3 in Ubuntu and derivatives?
For those who are interested in being able to install this antivirus on their system, they can do it in a fairly simple way and that is ClamAV is found within the repositories of most Linux distributions.
In the case of Ubuntu and its derivatives, users of these can install it from the terminal or from the system software center. If you choose to install with the Software Center, you just have to search for “ClamAV” and you should see the antivirus and the option to install it.
Now, for those who choose the option of being able to perform the installation from the terminal they should only open one on their system (you can do it with the shortcut Ctrl + Alt + T) and in it they only have to type the following command:
sudo apt-get install clamav
And ready with it, they will already have this antivirus installed on their system. Now as in all antivirus, ClamAV also has its database which downloads and takes to make comparisons in a “definitions” file. This file is a list that informs the scanner about questionable items.
Every so often it is important to be able to update this file, which we can update from the terminal, to do this simply execute:
If for any reason you want to remove this antivirus from your system, just type the following in a terminal:
sudo apt remove --purge clamav