Skip to content

Releases: darold/squidclamav

Version 7.3

08 Nov 16:53
@darold darold
v7.3
c273cb7
Compare
Choose a tag to compare
Version 7.3 Latest
Latest

2023-11-08 version 7.3

This version fixes some bugs reported by users since previous release.

Full list of changes:

  • Fix size for clmd_curr_ip that could be a hostname up to 253 characters. Thanks to Pavel Krustev for the report.
  • Add the gplv3 licence content to COPYING file. Thanks to Simone Caronni for the report.
  • Use getnameinfo instead of deprecated gethostbyaddr. Thanks to Frank Crawford for the report.
  • Fix regexp compilation failure when it contains a #.
  • Add reject_url configuration directive that allows to reject certain URL based on a regular expression. For example: reject_url ^.*\.(com|bat|exe)$
  • Fix some compilation warnings on call to strncpy.
  • Add a JP translation for clwarn.cgi. Thanks to Frank Crawford for the patch.
Assets 2
Loading

Version 7.2

06 Jul 16:32
@darold darold
v7.2
4c0f5a8
Compare
Choose a tag to compare
Version 7.2

2022-07-06 version 7.2

This version fixes some bugs reported by users since previous release
and especially a crash with call to deprecated gethostbyname() function.

Full list of changes:

  • Update copyright year
  • Fix compilation warning about strlen
  • Add .gitignore file
  • Merge some redundant code related to whitelist/abort and blacklist/scan. Thanks to rdpmc Oleg for the report.
  • Fix call to CGI::param without scalar context. Thanks to Frank Crawford for the report.
  • Replace deprecated gethostbyname() by getaddrinfo(). Thanks to Jean-noel Leclercq for the patch.
  • Create http response entity if not present in icap request. Thanks to Saurabh Ram Tripathi for the patch.
  • Re-work/Updated debian/*. Thanks to Louis van Belle for the patch.
Assets 2
Loading

Version 7.1

18 Mar 07:23
@darold darold
v7.1
ecc17ea
Compare
Choose a tag to compare
Version 7.1

2019-03-18 version 7.1

This version fixes some bugs reported by users since previous release
and add a new configure option to set the search path to libarchive
header file.

  * Add --with-libarchive configure option to specify where to find
    archive.h. It is searched in /usr/include and /usr/local/include
    by default, if the header file is not in these directory you must
    use this option. Example: ./configure --with-libarchive=/opt/csw.

Full list of changes:

  - Fix some compilation warnings.
  - Fix typos/translation error. Thanks to Yuri Voinov for the patch.
  - Allow base dir to --with-libarchive option, /opt/csw/ instead of
    /opt/csw/include. Thanks to Yuri Voinov for the report.
  - Fix formatting of configure usage output. Thanks to Yuri Voinov
    for the report.
  - Defined max() macro even if libarchive is not used. Thanks to Yuri
    Voinov for the report.
Assets 2
Loading

Version 7.0

16 Mar 12:41
@darold darold
v7.0
19e5b48
Compare
Choose a tag to compare
Version 7.0

2019-03-16 version 7.0

This major version adds some useful features, new configuration directives
and fix some bugs reported by users since previous release.

New features are:

  * New scan mode. By default squidclamav scan everything excepted the
    exclusions defined in 'abort', 'abortcontent', 'whitelist', 'trustuser'
    and 'trustclient' configuration directives. There is now a mode where
    squidclamav will scan nothing excepted the inclusions defined with
    directives 'scan', 'scancontent', 'blacklist', 'untrustuser' and
    'untrustclient'. The scan mode is controlled by a new configuration
    directive 'scan_mode'. Possible values are 'ScanAllExcept' (the default)
    and 'ScanNothingExcept'.

  * Add support to libarchive to be able to ban archive with some suspect
    files inside that are not detected by ClamAv. This feature is disabled
    by default and can be enable using 'enable_libarchive'. The ban archive
    can be stored to be recovered by the user through the redirect CGI script
    if directive 'recoverpath' is set.

  * An archive banned by libarchive can be recovered through the redirect
    CGI. See cgi-bin/clwarn.cgi and the redirect configuration directive.
    recoverpath must be set to use this feature.

Backward compatibility with version 6 of squidclamav and existing
configuration files is fully preserved except for the obsolete 'squidguard'
directive that has been removed. Chained program using this directive is
no longer supported, use the 'url_rewrite_program' squid.conf directive
instead to call squidGuard or any other Url checker.

  - Pass generated name of the file saved by libarchive mode to recover
    the file through a link in the redirect CGI.
  - Remove obsolete code related to debug and squidguard directives.
  - Remove obsolete squidguard configuration directive.
  - Print less messages at DebugLevel 1 to only display essential messages.
    Remove support to chained program like squidguard using the squidguard
    directive. Use the 'url_rewrite_program' squid.conf directive instead.
  - Add multipart configuration directive to documentation.
  - Add libarchive support (link to recover file) in all CGI scripts.
  - Update documentation and copyrights.
  - Update autoconf/automake files.
  - SquidClamav has a default "ScanAllExcepted" behavior, that mean that
    everything is scanned except the exclusion set in abort, abortcontent
    and whitelist directives. With new directive scan_mode it is now
    possible to reverse the default behavior with mode "ScanNothingExcepted"
    which will scan nothing excepted what is defined in directive scan,
    scancontent and blacklist. Backward compatibility is fully preserved.
    Thanks to Andres Ofner for the feature request.
  - Add new configuration directives scan_mode, scan, scancontent and
    blacklist.
  - Fix some compilation warning with libarchive support and improve multipart
    content-type code.
  - Add documentation about libarchive support.
  - Do not compile code for libarchive support if libarchive is not available
    to preserve backward compatibility.
  - Update autoconf and automake files.
  - Add support to libarchive to be able to exclude archives following their
    content. Thanks to Vieri Di Paola for the patch.
  - Send multipart content-type headers to clamav. Thanks to Paul Winkler for
    the patch.
  - Fix missing prefix for c-icap-config which affects systems where c-icap is
    not installed in the PATH. Thanks to Sebastian Weitzel for the patch.
  - Add debian folder. Thanks to Louis van Belle for the patch.
Assets 2
Loading

Version 6.16

30 Aug 21:01
@darold darold
v6.16
e7fe5d9
Compare
Choose a tag to compare
Version 6.16

This release fixes a major bug with debugs macro that can have
bad side effects like printing an error after configuration reload
an possibly some other wrong behaviors.

  • Change log level of configuration reloading message.
  • Show line in configuration file that can not be parsed
    by add_pattern().
  • Enclose debugs macro to avoid misusage. Thanks to Denis Volpato
    Martins for the patch.
  • Fix Apache complain "AH01215: CGI::param called in list context
    from package main line 14, this can lead to vulnerabilities."
    Thanks to thctlo for the report.

Please upgrade asap.

Assets 2
Loading

Version 6.15

18 Jan 08:38
@darold darold
v6.15
1552a0f
Compare
Choose a tag to compare
Version 6.15

2016-01-18 version 6.15

This release fix a major bug of a buffer overflow in squidclamav_safebrowsing()
and change the http response code in squidclamav redirection when a virus is
found.

  • Update copyrights
  • Fix buffer overflow in squidclamav_safebrowsing(). Thanks to Stuart
    Henderson for the patch.
  • Change http response code 301 (move permanently) to 307 (temporary
    redirect) in squidclamav redirection when a virus is found. Thanks to
    Alexander Koch for the report.
  • Fix null url, client ip and username in safebrowsing report. Thanks to
    Claus Regelmann for the patch.
Assets 2
Loading