Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
Be careful with ClamAV
« previous
next »
Print
Pages: [
1
]
Author
Topic: Be careful with ClamAV (Read 7501 times)
fabian
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Be careful with ClamAV
«
on:
January 26, 2018, 05:45:40 pm »
There are several vulnerabilities:
http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html
Heise (german) has an article about it:
https://www.heise.de/security/meldung/Jetzt-patchen-Angriffe-auf-Viren-Scanner-ClamAV-3951801.html
«
Last Edit: January 26, 2018, 07:58:17 pm by fabian
»
Logged
PCServices
Newbie
Posts: 18
Karma: 2
Re: Be careful with ClamAV
«
Reply #1 on:
January 26, 2018, 08:02:06 pm »
I'm not seeing an update available through the 'Check for Updates'
Logged
franco
Administrator
Hero Member
Posts: 17665
Karma: 1611
Re: Be careful with ClamAV
«
Reply #2 on:
January 26, 2018, 08:10:48 pm »
There won't be an update this week. Impossible timing. At work the secondary ClamAV signature fail caused worldwide issues so there was no time do deal with any of the actual updates yet...
http://lists.clamav.net/pipermail/clamav-users/2018-January/005722.html
Also note that ClamAV is not part of our core distribution.
The update hit the ports tree now:
https://github.com/opnsense/ports/commit/46134d255
If anyone cares to upgrade *if* they use the os-clamav plugin:
# opnsense-code tools ports
# cd /usr/ports/security/clamav
# make
# make deinstall
# make install
Cheers,
Franco
Logged
PCServices
Newbie
Posts: 18
Karma: 2
Re: Be careful with ClamAV
«
Reply #3 on:
January 27, 2018, 12:28:34 am »
Thanks Franco.
It required gmake to be installed but, once done, it installed.
Logged
lattera
Full Member
Posts: 207
Karma: 82
Re: Be careful with ClamAV
«
Reply #4 on:
January 27, 2018, 03:20:39 pm »
Keep in mind that because the OPNsense Core Team has intelligently put security first by incorporating ASLR and SafeStack from HardenedBSD that attackers will likely have an extremely difficult time exploiting these vulnerabilities. Patching is still important (I'd say critical), but HardenedBSD's enhancements drive up the economic cost for attackers and help prevent successful exploitation.
Logged
fabian
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: Be careful with ClamAV
«
Reply #5 on:
January 27, 2018, 03:48:31 pm »
@lattera: sure but DoS is still an issue...
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
Be careful with ClamAV