Recent Clamav Security Update for 9.1 & 9.2
I have a 9.2 system at home and a 9.1 at work, both were updated this week with a YOU update that referenced a security update for Clamav. From the description in YOU, I was left with the distinct impression that Clamav was going to be updated to the latest release, yet, my logs indicate that Clamav is still complaining about be out of date... ClamAV update process started at Mon Jan 31 18:48:19 2005 WARNING: Your ClamAV installation is OUTDATED - please update immediately! WARNING: Local version: 0.80 Recommended version: 0.81 main.cvd is up to date (version: 29, sigs: 29086, f-level: 3, builder: tomek) daily.cvd is up to date (version: 694, sigs: 979, f-level: 4, builder: ccordes) WARNING: Your ClamAV installation is OUTDATED - please update immediately! WARNING: Current functionality level = 3, required = 4 So, if the recent YOU update didn't bring it up to version 0.81, what _did_ it do? Scott -- POPFile, the OpenSource EMail Classifier http://popfile.sourceforge.net/ Linux 2.6.8-24.11-default x86_64
Hi Scott, On Mon, 31 Jan 2005, Scott Leighton wrote:
From the description in YOU, I was left with the distinct impression that Clamav was going to be updated to the latest release, yet, my logs indicate that Clamav is still complaining about be out of date...
So, if the recent YOU update didn't bring it up to version 0.81, what _did_ it do?
--> You can check the changelog with rpm -q --changelog <packagename> to see the recent changes of a specific package. Bye, Armin -- Am Hasenberg 26 office: Institut für Atmosphärenphysik D-18209 Bad Doberan Schloss-Straße 6 Tel. ++49-(0)38203/42137 D-18225 Kühlungsborn / GERMANY Email: schoech@iap-kborn.de Tel. +49-(0)38293-68-102 WWW: http://armins.cjb.net/ Fax. +49-(0)38293-68-50
On Monday 31 January 2005 11:43 pm, Armin Schoech wrote:
Hi Scott,
--> You can check the changelog with
rpm -q --changelog <packagename>
to see the recent changes of a specific package.
Bye, Armin
Armin, Great tip! Thanks! Scott -- POPFile, the OpenSource EMail Classifier http://popfile.sourceforge.net/ Linux 2.6.8-24.11-default x86_64
adsl ---> switch ---> win98 (172.16.1.3) + winxp (172.16.1.2) suse (172.16.1.1 - apache+ssh) with samba network I recently scanned my network with nessus and the results were awfull. I scanned one of my vhosts and it look like samba ports are accessible from internet. Is this because I'm running nessusd -D and scanning ??? I don't care about win boxes but I do care about suse box. From internet I only want to allow http and ssh and samba from internal. FW_QUICKMODE="no" FW_DEV_EXT="dsl0" FW_DEV_INT="eth0" FW_DEV_DMZ="" FW_ROUTE="no" FW_MASQUERADE="no" FW_MASQ_DEV="$FW_DEV_EXT" FW_MASQ_NETS="0/0" FW_PROTECT_FROM_INTERNAL="yes" FW_AUTOPROTECT_SERVICES="yes" FW_SERVICES_EXT_TCP="http ssh" FW_SERVICES_EXT_UDP="" FW_SERVICES_EXT_IP="" FW_SERVICES_EXT_RPC="" FW_SERVICES_DMZ_TCP="" FW_SERVICES_DMZ_UDP="" FW_SERVICES_DMZ_IP="" FW_SERVICES_DMZ_RPC="" FW_SERVICES_INT_TCP="137:139 445 901" FW_SERVICES_INT_UDP="137:139 445 901" FW_SERVICES_INT_IP="" FW_SERVICES_INT_RPC="" FW_SERVICES_DROP_EXT="" FW_SERVICES_REJECT_EXT="0/0,tcp,113" FW_SERVICES_QUICK_TCP="" FW_SERVICES_QUICK_UDP="" FW_SERVICES_QUICK_IP="" FW_TRUSTED_NETS="" #tried adding here instead FW_SERVICES_INT_* -- Bojan Hribernik http://hribb.homelinux.com/
Scott Leighton wrote:
I have a 9.2 system at home and a 9.1 at work, both were updated this week with a YOU update that referenced a security update for Clamav. [...] So, if the recent YOU update didn't bring it up to version 0.81, what _did_ it do?
It's a quick fix against the zip file DoS that can crash your clamd. A version update is in the works. cu Ludwig -- (o_ Ludwig Nussel //\ SUSE LINUX Products GmbH, Development V_/_ http://www.suse.de/
participants (4)
-
Armin Schoech -
Bojan Hribernik -
Ludwig Nussel -
Scott Leighton