Developers Cisco made known through a nuncio the liberation la new corrective version of its free ClamAV 0.103.1 antivirus package, version that in addition to correcting errors, several important changes are proposed in relation to the analsis of various image formats.
For those unaware of ClamAV you should know that this is an open source antivirus and multiplatform (It has versions for Windows, GNU / Linux, BSD, Solaris, Mac OS X and other Unix-like operating systems).
ClamAV provides a number of antivirus tools specifically designed for email scanning. ClamAV's architecture is scalable and flexible thanks to a multi-threaded process.
It has a powerful monitor integrated with the command line and tools to update the databases automatically.
The primary goal of ClamAV is the achievement of a set of tools that identify and block malware from email. One of the fundamental points in this type of software is the fast location and inclusion in the tool of new viruses found and scanned.
This is achieved thanks to the collaboration of the thousands of users who use ClamAv and sites like Virustotal.com that provide the scanned viruses.
ClamAV 0.103.1 Main New Features
In this new version of ClamAV 0.103.1 a new scan option has been added, warning about transferring corrupted graphic files, through which you can potentially try to exploit vulnerabilities in graphics libraries.
Format validation is implemented for JPEG, TIFF, PNG and GIF files, and is enabled by the AlertBrokenMedia setting in clamd.conf or the command line option "–alert-broken-media" in clamscan.
New types CL_TYPE_TIFF and CL_TYPE_JPEG have been added to maintain consistency with the definition of GIF and PNG files. The BMP and JPEG 2000 types are still defined as CL_TYPE_GRAPHICS because they do not support format parsing.
Moreover, for PNG se corrected analyzer logic errors that caused an excess of analysis errors and fixed a battery drain issue which affected some systems when scanning PNG files.
PNG file type detection was disabled by updating the signature database for ClamAV version 0.103.0 to mitigate the effects of these errors.
For the format TIFF, support for dynamic configuration has been added (DCONF), which allows you to disable format verification through signature database. For JPEG, PNG and GIF, a similar option was added above.
In addition, it is highlighted that fixed an issue where FreshClam database validation was not working properly when running in daemon mode on Linux / Unix.
Finally if you are interested in knowing more about it of the release of this new version, you can check the details In the following link.
How to install ClamAV on Linux?
For those who are interested in being able to install this antivirus on their system, they can do it in a fairly simple way and that is ClamAV is found within the repositories of most Linux distributions.
In the case of Ubuntu and its derivatives, you can install it from the terminal or from the system software center.
To be able to install from the terminal they should only open one on their system (you can do it with the shortcut Ctrl + Alt + T) and in it they only have to type the following command:
sudo apt-get install clamav
For the case of those who are Arch Linux users and derivatives:
sudo pacman-S clamav
While for those who use Fedora and derivatives
sudo dnf install clamav
OpenSUSE
sudo zypper install clamav
And ready with it, they will have this antivirus installed on their system. Now as in all antivirus, ClamAV also has its database which downloads and takes to make comparisons in a "definitions" file. This file is a list that informs the scanner about questionable items.
Every so often it is important to be able to update this file, which we can update from the terminal, to do this simply execute:
sudo freshclam