ClamAV Vulnerabilities
-
- Posts: 6
- Joined: 29 Jan 2018 13:34
Re: ClamAV Vulnerabilities
I'm assuming this is an update that we'll have to perform on our own systems, as 3.0.2.6 is the last of version 3. Has any successfully upgraded?
- shawniverson
- Posts: 3649
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: ClamAV Vulnerabilities
eFa uses the clamav from epel, so hopefully it'll get updated soon and all you will need to do is run a yum update.
Re: ClamAV Vulnerabilities
how can I check if the update is available?
Re: ClamAV Vulnerabilities
from the efa command prompt:
Code: Select all
sudo yum update
Re: ClamAV Vulnerabilities
Thanks. But is that really only the check for updates? Or will there be updates installed via the command?
Re: ClamAV Vulnerabilities
That command will check for updates, and if there are any, will ask you to confirm before updating. If you say "n", then nothing further will happen.
Re: ClamAV Vulnerabilities
Still ClamAV 0.99.2
Re: ClamAV Vulnerabilities
Somebody an idea why there is still no update?
Re: ClamAV Vulnerabilities
updated
All good things come to those who wait.
Code: Select all
clamav x86_64 0.99.3-8.el6 epel 4.3 M
clamav-db x86_64 0.99.3-8.el6 epel 155 M
Re: ClamAV Vulnerabilities
Thanks!
Do I need to reboot the system after clamav-update?
Do I need to reboot the system after clamav-update?
Re: ClamAV Vulnerabilities
Run
Software version from DNS: 0.99.4
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.99.3 Recommended version: 0.99.4
Sometimes good things come to those who wait a bit longer....
Code: Select all
freshclam -v
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.99.3 Recommended version: 0.99.4
Sometimes good things come to those who wait a bit longer....
“We are stuck with technology when what we really want is just stuff that works.” -Douglas Adams
Re: ClamAV Vulnerabilities
dwmp: no. the necessary services will be restarted.
henk:
henk:
Re: ClamAV Vulnerabilities
Hmmm… my clamav is still on 0.99.2 but yum update won't server a newer one:
Trying to yum update, also doesn't work:
I tried without mirrors, clean yum's cache and DB, but to no avail. Any other idea, anyone?
Code: Select all
[root@efa yum.repos.d]# yum list clamav
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
* EFA: dl.efa-project.org
* base: ftp.rz.uni-frankfurt.de
* epel: mirror.de.leaseweb.net
* extras: ftp.rz.uni-frankfurt.de
* remi-php72: rpms.remirepo.net
* remi-safe: rpms.remirepo.net
* updates: mirror.checkdomain.de
Installed Packages
clamav.x86_64 0.99.2-3.el6 @epel
Code: Select all
[root@efa yum.repos.d]# yum update clamav clamav-db
Loaded plugins: fastestmirror, security
Setting up Update Process
Loading mirror speeds from cached hostfile
* EFA: dl.efa-project.org
* base: ftp.rz.uni-frankfurt.de
* epel: mirror.de.leaseweb.net
* extras: artfiles.org
* remi-php72: rpms.remirepo.net
* remi-safe: rpms.remirepo.net
* updates: centosmirror.netcup.net
No Packages marked for Update
Re: ClamAV Vulnerabilities
What is your EFA version?
on versions below 3.0.26 yum.conf will exclude several packages from updating.
If you are on the latest version, remove them and run: yum check-update
on versions below 3.0.26 yum.conf will exclude several packages from updating.
If you are on the latest version, remove them and run: yum check-update
“We are stuck with technology when what we really want is just stuff that works.” -Douglas Adams
Re: ClamAV Vulnerabilities
same problem here, clamav is 0.99.2 but "No Packages marked for Update" (EFA 3.0.2.6)
Re: ClamAV Vulnerabilities
Seems related to the epel repo used. Did you check /etc/yum.conf?
Otherwise just wait a bit longer till they update the repo. I don't know if switching the epel repo is a good idea.
[root@sansspam ~]# yum list clamav
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
* EFA: dl.efa-project.org
* base: mirror.widexs.nl
* epel: fedora.cu.be
* extras: centos.mirror1.spango.com
* mariadb: ftp.nluug.nl
* remi-php72: mirror.netweaver.uk
* remi-safe: mirror.netweaver.uk
* updates: mirror.yourwebhoster.eu
Installed Packages
clamav.x86_64 0.99.3-8.el6
Available Packages
clamav.i686 0.99.3-8.el6
Code: Select all
#exclude=kernel* postfix* mailscanner* MailScanner* clamav* clamd* open-vm-tools*
[root@sansspam ~]# yum list clamav
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
* EFA: dl.efa-project.org
* base: mirror.widexs.nl
* epel: fedora.cu.be
* extras: centos.mirror1.spango.com
* mariadb: ftp.nluug.nl
* remi-php72: mirror.netweaver.uk
* remi-safe: mirror.netweaver.uk
* updates: mirror.yourwebhoster.eu
Installed Packages
clamav.x86_64 0.99.3-8.el6
Available Packages
clamav.i686 0.99.3-8.el6
“We are stuck with technology when what we really want is just stuff that works.” -Douglas Adams
Re: ClamAV Vulnerabilities
Hi henk,
thanks, that solved it.
Thanks,
budy
thanks, that solved it.
Thanks,
budy
Re: ClamAV Vulnerabilities
Hi,
so that means, if we don't want to switch epel repo, we still have to wait?
Or is it necessary to delete "clamav*" and/or "clamd" entries from the yum.conf file?
BR
dwmp
so that means, if we don't want to switch epel repo, we still have to wait?
Or is it necessary to delete "clamav*" and/or "clamd" entries from the yum.conf file?
BR
dwmp
Re: ClamAV Vulnerabilities
Hi dwmp.
Forget the remark about switching repos.
If you are on the latest version, remove them and run:
Forget the remark about switching repos.
If you are on the latest version, remove them and run:
Code: Select all
yum check-update
“We are stuck with technology when what we really want is just stuff that works.” -Douglas Adams
Re: ClamAV Vulnerabilities
hi henk,
thanks for your reply! Sorry for asking silly questions, but by removing, you mean deleting the entries for clamav and clamd from the yum.conf file?
So that the config file looks like that:
thanks for your reply! Sorry for asking silly questions, but by removing, you mean deleting the entries for clamav and clamd from the yum.conf file?
So that the config file looks like that:
Code: Select all
#exclude=kernel* postfix* mailscanner* MailScanner* open-vm-tools*
Re: ClamAV Vulnerabilities
the # on the start of the line already means : this line is comment. The rest of the line is ignored.
Running yum check-update will show you the packages to be updated.
No result means: packages already up to date.
Do not change yum.conf if you are not on E.F.A. 3.0.2.6. And always make backups/snapshots before you update.....
Running yum check-update will show you the packages to be updated.
No result means: packages already up to date.
Do not change yum.conf if you are not on E.F.A. 3.0.2.6. And always make backups/snapshots before you update.....
“We are stuck with technology when what we really want is just stuff that works.” -Douglas Adams
Re: ClamAV Vulnerabilities
clamav-db.x86_64 0.99.4-1.el6 has landed
“We are stuck with technology when what we really want is just stuff that works.” -Douglas Adams
Re: ClamAV Vulnerabilities
Hi henk,
thank you!
Im running on EFA 3.0.2.6. When executing "yum check-update" I get no clamav-package.
Still version ClamAV 0.99.2 is installed.
What do I have to do?
BR
dwmp
thank you!
Im running on EFA 3.0.2.6. When executing "yum check-update" I get no clamav-package.
Still version ClamAV 0.99.2 is installed.
What do I have to do?
BR
dwmp