Cisco has released a new version of the free antivirus package, Clamav 1.1.0, after five months of development. The project, which was acquired by Cisco in 2013 along with Sourcefire, has been licensed under GPLV2. The new version is categorized as ordinary and updates will be published at least four months after the next branch’s release. The signature base for non-LTS branches can also be loaded after the next branch’s release in the same timeline.
Clamav 1.1.0 has introduced several key improvements. The CSS-style block now has the ability to extract images, while the Sigtool utility has added the “–vba” option for VBA code extraction. The ClaMScan and Clamd option has added “-Fail-CVD-ROLDER-THAN = NUBLICA” and the FAILIFCVDolderthan configuration parameter to prevent the error if the viral base is older than the set number of days. Additionally, new functions have been added to the API such as CL_CVDGETAGE () to determine the latest update of the CVD/CLD and CL_ENGINE_SET_CLCB_VBA () Files for setting the callback-cutter of the VBA code extracted from the document.
The capabilities of Openssl have replaced the separate library tomsfastmath for mathematical operations with large numbers. The DO_NOT_SET_RPATH option to disable RPATH in Unix-like systems has been added to the assembly scripts CMAKE. Rustflags variable allows the transfer of Rust to the Rust of its own flags, while support for choosing a certain version of Python is now available.
Moreover, the comparison of domains for signatures PDB, WDB and CDB has been optimized, and the Clamonacc process log has been improved for easier error diagnosis. On the Windows platform in the MSI-installer, the possibility of updating the ClaMav versions installed in the catalog has been added, and in the Sigtool “–tempdir” and “–leave-tamps” options to select the directory for temporary files are available.
Those interested in the project can access the code for Clamav 1.1.0 at Github.