Discussion:
[clamav-users] ***UNCHECKED*** Re: Re: Malformed database issue
Jay Hart
2018-07-18 00:21:23 UTC
Permalink
Micah,

I installed zlib 1.2.4.5 (should I use an older version), replaced libz.so.1.2.3 with
libz.so.1.2.4.5 (and renamed it) and copied libz.a to /lib.

Running freshclam without rebooting box got this:
***@centos zlib-1.2.4.5]# freshclam -v
Current working dir is /var/lib/clamav
Max retries == 3
ClamAV update process started at Tue Jul 17 19:47:02 2018
Using IPv6 aware code
Querying current.cvd.clamav.net
TTL: 279
Software version from DNS: 0.100.1
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.100.0 Recommended version: 0.100.1
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav main.cvd version from DNS: 58
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr) daily.cvd
version from DNS: 24760
daily.cld is up to date (version: 24760, sigs: 2015700, f-level: 63, builder: neo) Retrieving
http://db.us.clamav.net/bytecode.cvd
Ignoring mirror 104.16.186.138 (due to previous errors)
Ignoring mirror 104.16.187.138 (due to previous errors)
Ignoring mirror 104.16.188.138 (due to previous errors)
Ignoring mirror 2400:cb00:2048:1::6810:ba8a (due to previous errors) Ignoring mirror
2400:cb00:2048:1::6810:bb8a (due to previous errors) Trying to download
http://db.us.clamav.net/bytecode.cvd (IP: 104.16.189.138) Downloading bytecode.cvd [100%]
LibClamAV debug: Initialized 0.100.0 engine
LibClamAV debug: in cli_cvdload()
LibClamAV debug: MD5(.tar.gz) = c85d81eb538b70e60ca59c5100526a26
LibClamAV debug: cli_versig: Decoded signature: c85d81eb538b70e60ca59c5100526a26 LibClamAV debug:
cli_versig: Digital signature is correct.
LibClamAV debug: in cli_tgzload()

Once box rebooted, Clamav failed to start, the error log is extension, is it worth posting?

Jay
Is zlib 1.2.4 really significantly more processor intensive than 1.2.3? It is rather trivial to
install from http://www.zlib.net/fossils/
Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
Micah said earlier that 1.2.3 cannot be used with ClamAV 100.x and I suspect your hardware won't
support using zlib 1.2.4 or above, so you will either need that new box or roll ClamAV back to an
earlier version.
-Al-
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
* base: ewr.edge.kernel.org<http://ewr.edge.kernel.org/>
mirror.cs.vt.edu<http://mirror.cs.vt.edu/>
* updates: mirror.umd.edu<http://mirror.umd.edu/>
Installed Packages
Name : zlib
Arch : i686
Version : 1.2.3
Release : 29.el6
Size : 136 k
Repo : installed
From repo : base
Summary : The zlib compression and decompression library
URL : http://www.gzip.org/zlib/
License : zlib and Boost
Description : Zlib is a general-purpose, patent-free, lossless data compression
: library which is used by many different programs.
/lib/libz.so.1
/lib/libz.so.1.2.3
/usr/share/doc/zlib-1.2.3
/usr/share/doc/zlib-1.2.3/ChangeLog
/usr/share/doc/zlib-1.2.3/FAQ
/usr/share/doc/zlib-1.2.3/README
Jay
Two things (each item is a bit long), with two questions/comments at the bottom: 1. I don't
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
epel/metalink | 15 kB 00:00 *
base: ewr.edge.kernel.org<http://ewr.edge.kernel.org/>
* epel: mirror.cogentco.com<http://mirror.cogentco.com/>
* extras: mirror.cs.vt.edu<http://mirror.cs.vt.edu/>
* updates: mirror.vcu.edu<http://mirror.vcu.edu/>
base | 3.7 kB 00:00
epel | 3.2 kB 00:00
extras | 3.3 kB 00:00
updates | 3.4 kB 00:00
Available Packages
Name : zlib-devel
Arch : i686
Version : 1.2.3
Release : 29.el6
Size : 44 k
Repo : base
Summary : Header files and libraries for Zlib development
URL : http://www.gzip.org/zlib/
License : zlib and Boost
Description : The zlib-devel package contains the header files and libraries needed
: to develop programs that use the zlib compression and decompression : library.
/usr/include/zlib.h: No such file or directory
package zlib-devel is not installed
CPU op-mode(s): 32-bit
Architecture: i686
CPU op-mode(s): 32-bit
Byte Order: Little Endian
CPU(s): 4
On-line CPU(s) list: 0-3
Thread(s) per core: 2
Core(s) per socket: 2
Socket(s): 1
Vendor ID: GenuineIntel
CPU family: 6
Model: 54
Stepping: 1
CPU MHz: 2128.240
BogoMIPS: 4256.48
L1d cache: 24K
L1i cache: 32K
L2 cache: 512K
Could the fact zlib-devel is NOT installed be my issue?
Also, it looks like my hardware will not support Centos 7 so I'm guessing need to procure a new
box.
I think this answers all the outstanding queries you asked for Micah. My thanks for the
support.
Jay
On CentOS you should be able to check with: `yum info zlib-devel` Alternatively, take a peek in
/usr/include/zlib.h for the line starting with: #define ZLIB_VERSION
Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
_______________________________________________
clamav-users mailing list
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
-Al-
--
Al Varnell
Mountain View, CA
_______________________________________________
clamav-users mailing list
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Micah Snyder (micasnyd)
2018-07-18 00:56:28 UTC
Permalink
Wait... so it worked ok after upgrading to 1.2.4.5 before you rebooted but then afterwards you're having the same error or a different error? I'm a little confused, sorry.

Micah


Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.


On Jul 17, 2018, at 8:21 PM, Jay Hart <***@kevla.org<mailto:***@kevla.org>> wrote:

Micah,

I installed zlib 1.2.4.5 (should I use an older version), replaced libz.so.1.2.3 with
libz.so.1.2.4.5 (and renamed it) and copied libz.a to /lib.

Running freshclam without rebooting box got this:
***@centos zlib-1.2.4.5]# freshclam -v
Current working dir is /var/lib/clamav
Max retries == 3
ClamAV update process started at Tue Jul 17 19:47:02 2018
Using IPv6 aware code
Querying current.cvd.clamav.net<http://current.cvd.clamav.net>
TTL: 279
Software version from DNS: 0.100.1
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.100.0 Recommended version: 0.100.1
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav main.cvd version from DNS: 58
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr) daily.cvd
version from DNS: 24760
daily.cld is up to date (version: 24760, sigs: 2015700, f-level: 63, builder: neo) Retrieving
http://db.us.clamav.net/bytecode.cvd
Ignoring mirror 104.16.186.138 (due to previous errors)
Ignoring mirror 104.16.187.138 (due to previous errors)
Ignoring mirror 104.16.188.138 (due to previous errors)
Ignoring mirror 2400:cb00:2048:1::6810:ba8a (due to previous errors) Ignoring mirror
2400:cb00:2048:1::6810:bb8a (due to previous errors) Trying to download
http://db.us.clamav.net/bytecode.cvd (IP: 104.16.189.138) Downloading bytecode.cvd [100%]
LibClamAV debug: Initialized 0.100.0 engine
LibClamAV debug: in cli_cvdload()
LibClamAV debug: MD5(.tar.gz) = c85d81eb538b70e60ca59c5100526a26
LibClamAV debug: cli_versig: Decoded signature: c85d81eb538b70e60ca59c5100526a26 LibClamAV debug:
cli_versig: Digital signature is correct.
LibClamAV debug: in cli_tgzload()

Once box rebooted, Clamav failed to start, the error log is extension, is it worth posting?

Jay



Is zlib 1.2.4 really significantly more processor intensive than 1.2.3? It is rather trivial to
install from http://www.zlib.net/fossils/
Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
On Jul 16, 2018, at 11:37 PM, Al Varnell <***@mac.com<mailto:***@mac.com>> wrote:
Micah said earlier that 1.2.3 cannot be used with ClamAV 100.x and I suspect your hardware won't
support using zlib 1.2.4 or above, so you will either need that new box or roll ClamAV back to an
earlier version.
-Al-
On Mon, Jul 16, 2018 at 07:19 PM, Jay Hart wrote:
I do have zlib installed:
***@centos include]# yum info zlib
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
* base: ewr.edge.kernel.org<http://ewr.edge.kernel.org/>
* epel: mirror.cs.princeton.edu<http://mirror.cs.princeton.edu/> * extras:
mirror.cs.vt.edu<http://mirror.cs.vt.edu/>
* updates: mirror.umd.edu<http://mirror.umd.edu/>
Installed Packages
Name : zlib
Arch : i686
Version : 1.2.3
Release : 29.el6
Size : 136 k
Repo : installed
From repo : base
Summary : The zlib compression and decompression library
URL : http://www.gzip.org/zlib/
License : zlib and Boost
Description : Zlib is a general-purpose, patent-free, lossless data compression
: library which is used by many different programs.
File location:
[***@centos include]# repoquery -l zlib
/lib/libz.so.1
/lib/libz.so.1.2.3
/usr/share/doc/zlib-1.2.3
/usr/share/doc/zlib-1.2.3/ChangeLog
/usr/share/doc/zlib-1.2.3/FAQ
/usr/share/doc/zlib-1.2.3/README
Jay
Two things (each item is a bit long), with two questions/comments at the bottom: 1. I don't
think zlib-devel is installed:
[***@centos tmp]# yum info zlib-devel
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
epel/metalink | 15 kB 00:00 *
base: ewr.edge.kernel.org<http://ewr.edge.kernel.org/>
* epel: mirror.cogentco.com<http://mirror.cogentco.com/>
* extras: mirror.cs.vt.edu<http://mirror.cs.vt.edu/>
* updates: mirror.vcu.edu<http://mirror.vcu.edu/>
base | 3.7 kB 00:00
epel | 3.2 kB 00:00
extras | 3.3 kB 00:00
updates | 3.4 kB 00:00
Available Packages
Name : zlib-devel
Arch : i686
Version : 1.2.3
Release : 29.el6
Size : 44 k
Repo : base
Summary : Header files and libraries for Zlib development
URL : http://www.gzip.org/zlib/
License : zlib and Boost
Description : The zlib-devel package contains the header files and libraries needed
: to develop programs that use the zlib compression and decompression : library.
[***@centos tmp]# more /usr/include/zlib.h |grep VERSION
/usr/include/zlib.h: No such file or directory
[***@centos include]# rpm -ql zlib-devel
package zlib-devel is not installed
2. 32-bit CPU data:
[***@centos include]# lscpu |grep "CPU op-mode"
CPU op-mode(s): 32-bit
[***@centos include]# lscpu
Architecture: i686
CPU op-mode(s): 32-bit
Byte Order: Little Endian
CPU(s): 4
On-line CPU(s) list: 0-3
Thread(s) per core: 2
Core(s) per socket: 2
Socket(s): 1
Vendor ID: GenuineIntel
CPU family: 6
Model: 54
Model name: Intel(R) Atom(TM) CPU D2700 @ 2.13GHz
Stepping: 1
CPU MHz: 2128.240
BogoMIPS: 4256.48
L1d cache: 24K
L1i cache: 32K
L2 cache: 512K
Could the fact zlib-devel is NOT installed be my issue?
Also, it looks like my hardware will not support Centos 7 so I'm guessing need to procure a new
box.
I think this answers all the outstanding queries you asked for Micah. My thanks for the
support.
Jay
On CentOS you should be able to check with: `yum info zlib-devel` Alternatively, take a peek in
/usr/include/zlib.h for the line starting with: #define ZLIB_VERSION
Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
-Al-
--
Al Varnell
Mountain View, CA
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml






_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Jay Hart
2018-07-18 02:45:14 UTC
Permalink
Micah,

It never worked...

The freshclam -v command output (previously posted) is what i got after I installed the 1.2.4.5
libs. The last line: LibClamAV debug: in cli_tgzload()

just sat there for 10-15 mins until I killed the process.

I had manually downloaded main.cvd and daily.cvd prior to testing freshclam, but not bytecode.cvd.

I posted the full boot.log on the reboot at the bottom of this reply. Its long. Bottom line,
malformed database... I have error logging turned on in clamav.

Should I delete all files in /var/lib/clamav PRIOR to a reboot and try again.

Jay
Post by Micah Snyder (micasnyd)
Wait... so it worked ok after upgrading to 1.2.4.5 before you rebooted but then afterwards you're
having the same error or a different error? I'm a little confused, sorry.
Micah
Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
Micah,
I installed zlib 1.2.4.5 (should I use an older version), replaced libz.so.1.2.3 with
libz.so.1.2.4.5 (and renamed it) and copied libz.a to /lib.
Current working dir is /var/lib/clamav
Max retries == 3
ClamAV update process started at Tue Jul 17 19:47:02 2018
Using IPv6 aware code
Querying current.cvd.clamav.net<http://current.cvd.clamav.net>
TTL: 279
Software version from DNS: 0.100.1
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.100.0 Recommended version: 0.100.1
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav main.cvd version from DNS: 58
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr) daily.cvd
version from DNS: 24760
daily.cld is up to date (version: 24760, sigs: 2015700, f-level: 63, builder: neo) Retrieving
http://db.us.clamav.net/bytecode.cvd
Ignoring mirror 104.16.186.138 (due to previous errors)
Ignoring mirror 104.16.187.138 (due to previous errors)
Ignoring mirror 104.16.188.138 (due to previous errors)
Ignoring mirror 2400:cb00:2048:1::6810:ba8a (due to previous errors) Ignoring mirror
2400:cb00:2048:1::6810:bb8a (due to previous errors) Trying to download
http://db.us.clamav.net/bytecode.cvd (IP: 104.16.189.138) Downloading bytecode.cvd [100%]
LibClamAV debug: Initialized 0.100.0 engine
LibClamAV debug: in cli_cvdload()
LibClamAV debug: MD5(.tar.gz) = c85d81eb538b70e60ca59c5100526a26
cli_versig: Digital signature is correct.
LibClamAV debug: in cli_tgzload()
After box was rebooted, this is boot.log:
[***@centos zlib-1.2.4.5]# more /var/log/boot.log
Welcome to CentOS
Starting udev: [ OK ]
Setting hostname centos.kevla.org: [ OK ]
Setting up Logical Volume Management: [ OK ]
Checking filesystems
/dev/sda1: clean, 22544/1281120 files, 416774/5120000 blocks
/dev/sda7: clean, 78/1921360 files, 183619/7680000 blocks
/dev/sdb1: clean, 73008/3203072 files, 2314462/12800000 blocks
/dev/sdb2: clean, 55/3203072 files, 371865/12800000 blocks
/dev/sda3: clean, 54/640848 files, 119449/2560000 blocks
/dev/sda2: clean, 103791/1602496 files, 794335/6400000 blocks
/dev/sda5: clean, 6599/640848 files, 356212/2560000 blocks
[ OK ]
Remounting root filesystem in read-write mode: [ OK ]
Mounting local filesystems: [ OK ]
Enabling local filesystem quotas: [ OK ]
Enabling /etc/fstab swaps: [ OK ]
Entering non-interactive startup
Calling the system activity data collector (sadc)...
ipset: Loaded with no configuration
iptables: Applying firewall rules: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: Determining if ip address 192.168.X.X is already in use for device
eth0... ** I modified this line to hide [actual] address
[ OK ]
Starting auditd: [ OK ]
Starting portreserve: [ OK ]
Starting system logger: [ OK ]
Starting irqbalance: [ OK ]
Starting rpcbind: [ OK ]
Starting NFS statd: [ OK ]
Starting system message bus: [ OK ]

Starting cups: [ OK ]
Mounting filesystems: [ OK ]
Starting acpi daemon: [ OK ]
Starting HAL daemon: [ OK ]
Retrigger failed udev events [ OK ]
Starting UPS driver controller: [ OK ]
Starting upsd: [ OK ]
Starting UPS monitor (master): [ OK ]
Loading autofs4: [ OK ]
Starting automount: [ OK ]
Starting kdump: [ OK ]
Starting sshd: [ OK ]
Starting ntpd: [ OK ]
Starting Clam AntiVirus Daemon: LibClamAV debug: Initialized 0.100.0 engine
LibClamAV debug: Initializing phishcheck module
LibClamAV debug: Phishcheck: Compiling regex: ^
*(http|https|ftp:(//)?)?[0-9]{1,3}(\.[0-9]{1,3}){3}[/?:]? *$

LibClamAV debug: Phishcheck module initialized
LibClamAV debug: Bytecode initialized in interpreter mode
LibClamAV debug: Loading databases from /var/lib/clamav
LibClamAV debug: in cli_cvdload()
LibClamAV debug: in cli_tgzload()
LibClamAV debug: daily.info loaded
LibClamAV debug: in cli_tgzload_cleanup()
LibClamAV debug: in cli_tgzload()
LibClamAV debug: daily.cfg loaded
LibClamAV debug: daily.cdb loaded
LibClamAV debug: hashtab.c:Growing hashtable 0xb74671e0, because it has exceeded maxfill, old size:64
LibClamAV debug: hashtab.c: new capacity: 128
LibClamAV debug: Table 0xb74671e0 size after grow:128
LibClamAV debug: hashtab.c:Growing hashtable 0xb74671e0, because it has exceeded maxfill, old
size:128
LibClamAV debug: hashtab.c: new capacity: 256
LibClamAV debug: Table 0xb74671e0 size after grow:256
LibClamAV debug: hashtab.c:Growing hashtable 0xb74671e0, because it has exceeded maxfill, old
size:256
LibClamAV debug: hashtab.c: new capacity: 512
LibClamAV debug: Table 0xb74671e0 size after grow:512
LibClamAV debug: hashtab.c:Growing hashtable 0xb74671e0, because it has exceeded maxfill, old
size:512
LibClamAV debug: hashtab.c: new capacity: 1024
LibClamAV debug: Table 0xb74671e0 size after grow:1024
LibClamAV debug: hashtab.c:Growing hashtable 0xb74671e0, because it has exceeded maxfill, old
size:1024
LibClamAV debug: hashtab.c: new capacity: 2048
LibClamAV debug: Table 0xb74671e0 size after grow:2048
LibClamAV debug: hashtab.c:Growing hashtable 0xb74671e0, because it has exceeded maxfill, old
size:2048
LibClamAV debug: hashtab.c: new capacity: 4096
LibClamAV debug: Table 0xb74671e0 size after grow:4096
LibClamAV debug: hashtab.c:Growing hashtable 0xb74671e0, because it has exceeded maxfill, old
size:4096
LibClamAV debug: hashtab.c: new capacity: 8192
LibClamAV debug: Table 0xb74671e0 size after grow:8192
LibClamAV debug: daily.mdb loaded
LibClamAV debug: Initializing engine->root[0]
LibClamAV debug: Initializing AC pattern matcher of root[0]
LibClamAV debug: cli_initroots: Initializing BM tables of root[0]
LibClamAV debug: Initializing engine->root[1]
LibClamAV debug: Initializing AC pattern matcher of root[1]
LibClamAV debug: cli_initroots: Initializing BM tables of root[1]
LibClamAV debug: Initializing engine->root[2]
LibClamAV debug: Initializing AC pattern matcher of root[2]
LibClamAV debug: Initializing engine->root[3]
LibClamAV debug: Initializing AC pattern matcher of root[3]
LibClamAV debug: Initializing engine->root[4]
LibClamAV debug: Initializing AC pattern matcher of root[4]
LibClamAV debug: Initializing engine->root[5]
LibClamAV debug: Initializing AC pattern matcher of root[5]
LibClamAV debug: Initializing engine->root[6]
LibClamAV debug: Initializing AC pattern matcher of root[6]
LibClamAV debug: Initializing engine->root[7]
LibClamAV debug: Initializing AC pattern matcher of root[7]
LibClamAV debug: Initializing engine->root[8]
LibClamAV debug: Initializing AC pattern matcher of root[8]
LibClamAV debug: Initializing engine->root[9]
LibClamAV debug: Initializing AC pattern matcher of root[9]
LibClamAV debug: Initializing engine->root[10]
LibClamAV debug: Initializing AC pattern matcher of root[10]
LibClamAV debug: Initializing engine->root[11]
LibClamAV debug: Initializing AC pattern matcher of root[11]
LibClamAV debug: Initializing engine->root[12]
LibClamAV debug: Initializing AC pattern matcher of root[12]
LibClamAV debug: Initializing engine->root[13]
LibClamAV debug: Initializing AC pattern matcher of root[13]
LibClamAV debug: Initializing engine->root[14]
LibClamAV debug: Initializing AC pattern matcher of root[14]
LibClamAV debug: daily.ndb loaded
LibClamAV debug: daily.ign loaded
LibClamAV debug: daily.ldb loaded
LibClamAV debug: daily.ign2 loaded
LibClamAV debug: daily.hsu skipped
LibClamAV debug: daily.hdu skipped
LibClamAV debug: daily.msb loaded
LibClamAV debug: cli_loadcrt: subject: 4a532974c46ae5048824c6da8cfb8e163705b693
LibClamAV debug: cli_loadcrt: public key:
ABCAC1194D5A2DDB91CD71AA7464BEE3EF5CFF333343EFFDA9A43DD193BEDEDD32
76FBEF27DD41E3C86D2A44670388D6DB3FDE36F3EE1F96DEA1304CEB49E7355CD0C2AB5A9DA2A599155AE9D3787B5413CB00C0CBBC02
AF8A0FF2EF8DE3CFF39F1CB6B001933A0D8FC9ED17C21BC27FFDD85BB0D7960BC7B863722B2503CCEDA1991ACF429908C3DA06DE4D59
E399616F7E71269C27041B0425B9209167E1471911222C501D9322646BCFB0DE921542A611476A2E0CB60AA356A7CBE23BC127B8B200
62996266539ACF4BD4042CF088E75E61BFFF2AB3FEA4BB5AF8B0D7198CEF14F60BA4F5FECB181D2566125E2854FD8DD65FD7AE665AF7
23077A5A5F8695
LibClamAV debug: cli_loadcrt: subject: 113bd86beddebcd4c5f10aa07ab2026b982f4b92
LibClamAV debug: cli_loadcrt: public key:
00f35dfa8067d45aa7a90c2c9020d035083c7584cdb707899c89dadecec360fa91
685a9e94712918767cc2e0c82576940e58fa043436e6dfaff780bae9580b2b93e59d05e3772291f734643c22911d5ee10990bc14fefc
755819e179b70792a3ae885908d89f07ca0358fc68296d32d7d2a8cb4bfce10b48324fe6ebb8ad4fe45c6f139499db95d575dba81ab7
9491b4775bf5480c8f6a797d1470047d6daf90f5da70d847b7bf9b2f6ce705b7e11160ac7991147cc5d6a6e4e17ed5c37ee592d23c00
b53682de79e16df3b56ef89f33c9cb527d739836db8ba16ba295979ba3dec24d26ff0696672506c8e7ace4ee1233953199c835084e34
ca7953d5b5be6332594036c0a54e044d3ddb5b0733e458bfef3f5364d842593557fd0f457c24044d9ed6387411972290ce684474926f
d54b6fb086e3c73642a0d0fcc1c05af9a361b9304771960a16b091c04295ef107f286ae32a1fb1e4cd033f777104c720fc490f1d4588
a4d7cb7e88ad8e2dec45dbc45104c92afcec869e9a11975bdece5388e6e2b7fdac95c22840dbef0490df813339d9b245a5238706a555
8931bb062d600e41187d1f2eb597cb11eb15d524a594ef151489fd4b73fa325bfcd13300f95962700732ea2eab402d7bcadd21671b30
998f16aa23a841d1b06e119b36c4de40749ce15865c1601e7a5b38c88fbb04267cd41640e5b66b6caa86fd00bfcec135
LibClamAV debug: cli_loadcrt: subject: 113bd86beddebcd4c5f10aa07ab2026b982f4b92
LibClamAV debug: cli_loadcrt: public key:
00f35dfa8067d45aa7a90c2c9020d035083c7584cdb707899c89dadecec360fa91
685a9e94712918767cc2e0c82576940e58fa043436e6dfaff780bae9580b2b93e59d05e3772291f734643c22911d5ee10990bc14fefc
755819e179b70792a3ae885908d89f07ca0358fc68296d32d7d2a8cb4bfce10b48324fe6ebb8ad4fe45c6f139499db95d575dba81ab7
9491b4775bf5480c8f6a797d1470047d6daf90f5da70d847b7bf9b2f6ce705b7e11160ac7991147cc5d6a6e4e17ed5c37ee592d23c00
b53682de79e16df3b56ef89f33c9cb527d739836db8ba16ba295979ba3dec24d26ff0696672506c8e7ace4ee1233953199c835084e34
ca7953d5b5be6332594036c0a54e044d3ddb5b0733e458bfef3f5364d842593557fd0f457c24044d9ed6387411972290ce684474926f
d54b6fb086e3c73642a0d0fcc1c05af9a361b9304771960a16b091c04295ef107f286ae32a1fb1e4cd033f777104c720fc490f1d4588
a4d7cb7e88ad8e2dec45dbc45104c92afcec869e9a11975bdece5388e6e2b7fdac95c22840dbef0490df813339d9b245a5238706a555
8931bb062d600e41187d1f2eb597cb11eb15d524a594ef151489fd4b73fa325bfcd13300f95962700732ea2eab402d7bcadd21671b30
998f16aa23a841d1b06e119b36c4de40749ce15865c1601e7a5b38c88fbb04267cd41640e5b66b6caa86fd00bfcec135
LibClamAV debug: cli_loadcrt: subject: 113bd86beddebcd4c5f10aa07ab2026b982f4b92
LibClamAV debug: cli_loadcrt: public key:
00f35dfa8067d45aa7a90c2c9020d035083c7584cdb707899c89dadecec360fa91
685a9e94712918767cc2e0c82576940e58fa043436e6dfaff780bae9580b2b93e59d05e3772291f734643c22911d5ee10990bc14fefc
755819e179b70792a3ae885908d89f07ca0358fc68296d32d7d2a8cb4bfce10b48324fe6ebb8ad4fe45c6f139499db95d575dba81ab7
9491b4775bf5480c8f6a797d1470047d6daf90f5da70d847b7bf9b2f6ce705b7e11160ac7991147cc5d6a6e4e17ed5c37ee592d23c00
b53682de79e16df3b56ef89f33c9cb527d739836db8ba16ba295979ba3dec24d26ff0696672506c8e7ace4ee1233953199c835084e34
ca7953d5b5be6332594036c0a54e044d3ddb5b0733e458bfef3f5364d842593557fd0f457c24044d9ed6387411972290ce684474926f
d54b6fb086e3c73642a0d0fcc1c05af9a361b9304771960a16b091c04295ef107f286ae32a1fb1e4cd033f777104c720fc490f1d4588
a4d7cb7e88ad8e2dec45dbc45104c92afcec869e9a11975bdece5388e6e2b7fdac95c22840dbef0490df813339d9b245a5238706a555
8931bb062d600e41187d1f2eb597cb11eb15d524a594ef151489fd4b73fa325bfcd13300f95962700732ea2eab402d7bcadd21671b30
998f16aa23a841d1b06e119b36c4de40749ce15865c1601e7a5b38c88fbb04267cd41640e5b66b6caa86fd00bfcec135
LibClamAV debug: cli_loadcrt: subject: 113bd86beddebcd4c5f10aa07ab2026b982f4b92
LibClamAV debug: cli_loadcrt: public key:
00f35dfa8067d45aa7a90c2c9020d035083c7584cdb707899c89dadecec360fa91
685a9e94712918767cc2e0c82576940e58fa043436e6dfaff780bae9580b2b93e59d05e3772291f734643c22911d5ee10990bc14fefc
755819e179b70792a3ae885908d89f07ca0358fc68296d32d7d2a8cb4bfce10b48324fe6ebb8ad4fe45c6f139499db95d575dba81ab7
9491b4775bf5480c8f6a797d1470047d6daf90f5da70d847b7bf9b2f6ce705b7e11160ac7991147cc5d6a6e4e17ed5c37ee592d23c00
b53682de79e16df3b56ef89f33c9cb527d739836db8ba16ba295979ba3dec24d26ff0696672506c8e7ace4ee1233953199c835084e34
ca7953d5b5be6332594036c0a54e044d3ddb5b0733e458bfef3f5364d842593557fd0f457c24044d9ed6387411972290ce684474926f
d54b6fb086e3c73642a0d0fcc1c05af9a361b9304771960a16b091c04295ef107f286ae32a1fb1e4cd033f777104c720fc490f1d4588
a4d7cb7e88ad8e2dec45dbc45104c92afcec869e9a11975bdece5388e6e2b7fdac95c22840dbef0490df813339d9b245a5238706a555
8931bb062d600e41187d1f2eb597cb11eb15d524a594ef151489fd4b73fa325bfcd13300f95962700732ea2eab402d7bcadd21671b30
998f16aa23a841d1b06e119b36c4de40749ce15865c1601e7a5b38c88fbb04267cd41640e5b66b6caa86fd00bfcec135
LibClamAV debug: cli_loadcrt: subject: 9a02278e9cb12876c47ab0bc75dd694e72d1b2bc
LibClamAV debug: cli_loadcrt: public key:
00d62b587861458653ea347b519cedb0e62e180efee05fa827d3b4c9e07c594e16
0e735460c17ff69f2ee93a8524153cdb470463c39ec4941a5adf4c7af3d9431d3c107a7925db90fef051e730d64100fd9f28df79be94
bb9db614e32385d7a941e04ca479b02b1a8bf2f83b8a3e45ac719200b4904198fb5fedfab72e8af88837
LibClamAV debug: cli_loadcrt: subject: adf79877065ef305eb95b56dbca9e63e9ab40d3b
LibClamAV debug: cli_loadcrt: public key:
00a902bdc170e63bf24e1b289f97785e30eaa2a98d255ff8fe954ca3b7fe9da220
3e7c51a29ba28f60326bd1426479eeac76c954daf2eb9c861c8f9f8466b3c56b7a6223d61d3cde0f0192e896c4bf2d669a9a682699d0
3a2cbf0cb55826c146e70a3e38962ca92839a8ec498342e3840fbb9a6c5561ac827ca1602d774ce999b4643b9a501c310824149fa9e7
912b18e63d986314605805659f1d375287f7a7ef9402c61bd3bf5545b38980bf3aec54944eaefda77a6d744eaf18cc96092821005790
606937bb4b12073c56ff5bfba4660a08a6d2815657efb63b5e16817704daf6beae8095feb0cd7fd6a71a725c3ccabcf008a32230b306
85c9b320771385df
LibClamAV debug: Number of certs: 4
LibClamAV debug: daily.crb loaded
LibClamAV debug: daily.msu skipped
LibClamAV debug: hashtab.c:Growing hashtable 0xb5f0e130, because it has exceeded maxfill, old size:64
LibClamAV debug: hashtab.c: new capacity: 128
LibClamAV debug: Table 0xb5f0e130 size after grow:128
LibClamAV debug: hashtab.c:Growing hashtable 0xb5f0e130, because it has exceeded maxfill, old
size:128
LibClamAV debug: hashtab.c: new capacity: 256
LibClamAV debug: Table 0xb5f0e130 size after grow:256
LibClamAV debug: hashtab.c:Growing hashtable 0xb5f0e130, because it has exceeded maxfill, old
size:256
LibClamAV debug: hashtab.c: new capacity: 512
LibClamAV debug: Table 0xb5f0e130 size after grow:512
LibClamAV debug: hashtab.c:Growing hashtable 0xb5f0e130, because it has exceeded maxfill, old
size:512
LibClamAV debug: hashtab.c: new capacity: 1024
LibClamAV debug: Table 0xb5f0e130 size after grow:1024
LibClamAV debug: hashtab.c:Growing hashtable 0xb5f0e130, because it has exceeded maxfill, old
size:1024
LibClamAV debug: hashtab.c: new capacity: 2048
LibClamAV debug: Table 0xb5f0e130 size after grow:2048
LibClamAV debug: hashtab.c:Growing hashtable 0xb5f0e130, because it has exceeded maxfill, old
size:2048
LibClamAV debug: hashtab.c: new capacity: 4096
LibClamAV debug: Table 0xb5f0e130 size after grow:4096
LibClamAV debug: hashtab.c:Growing hashtable 0xb5f0e130, because it has exceeded maxfill, old
size:4096
LibClamAV debug: hashtab.c: new capacity: 8192
LibClamAV debug: Table 0xb5f0e130 size after grow:8192
LibClamAV debug: hashtab.c:Growing hashtable 0xb5f0e130, because it has exceeded maxfill, old
size:8192
LibClamAV debug: hashtab.c: new capacity: 16384
LibClamAV debug: Table 0xb5f0e130 size after grow:16384
LibClamAV debug: hashtab.c:Growing hashtable 0xb5f0e130, because it has exceeded maxfill, old
size:16384
LibClamAV debug: hashtab.c: new capacity: 32768
LibClamAV debug: Table 0xb5f0e130 size after grow:32768
LibClamAV debug: hashtab.c:Growing hashtable 0xb5f0e130, because it has exceeded maxfill, old
size:32768
LibClamAV debug: hashtab.c: new capacity: 65536
LibClamAV debug: Table 0xb5f0e130 size after grow:65536
LibClamAV debug: hashtab.c:Growing hashtable 0xb5f0e130, because it has exceeded maxfill, old
size:65536
LibClamAV debug: hashtab.c: new capacity: 131072
LibClamAV debug: Table 0xb5f0e130 size after grow:131072
LibClamAV debug: hashtab.c:Growing hashtable 0xb5f0e130, because it has exceeded maxfill, old
size:131072
LibClamAV debug: hashtab.c: new capacity: 262144
LibClamAV debug: Table 0xb5f0e130 size after grow:262144
LibClamAV debug: daily.hdb loaded
LibClamAV debug: Loaded 149 filetype definitions
LibClamAV debug: daily.ftm loaded
LibClamAV debug: Loading regex_list
LibClamAV debug: daily.pdb loaded
LibClamAV debug: Loading regex_list
LibClamAV debug: daily.wdb loaded
LibClamAV debug: daily.idb loaded
LibClamAV debug: daily.ldu skipped
LibClamAV debug: hashtab.c:Growing hashtable 0xb5f0e130, because it has exceeded maxfill, old
size:262144
LibClamAV debug: hashtab.c: new capacity: 524288
LibClamAV debug: Table 0xb5f0e130 size after grow:524288
LibClamAV debug: hashtab.c:Growing hashtable 0xb5f0e130, because it has exceeded maxfill, old
size:524288
LibClamAV debug: hashtab.c: new capacity: 1048576
LibClamAV debug: Table 0xb5f0e130 size after grow:1048576
LibClamAV debug: hashtab.c:Growing hashtable 0xb5f0e150, because it has exceeded maxfill, old size:64
LibClamAV debug: hashtab.c: new capacity: 128
LibClamAV debug: Table 0xb5f0e150 size after grow:128
LibClamAV debug: hashtab.c:Growing hashtable 0xb5f0e150, because it has exceeded maxfill, old
size:128
LibClamAV debug: hashtab.c: new capacity: 256
LibClamAV debug: Table 0xb5f0e150 size after grow:256
LibClamAV debug: daily.hsb loaded
LibClamAV debug: daily.sfp loaded
LibClamAV debug: daily.mdu skipped
LibClamAV debug: hashtab.c:Growing hashtable 0xaa9e9b08, because it has exceeded maxfill, old size:64
LibClamAV debug: hashtab.c: new capacity: 128
LibClamAV debug: Table 0xaa9e9b08 size after grow:128
LibClamAV debug: hashtab.c:Growing hashtable 0xaa9e9b08, because it has exceeded maxfill, old
size:128
LibClamAV debug: hashtab.c: new capacity: 256
LibClamAV debug: Table 0xaa9e9b08 size after grow:256
LibClamAV debug: hashtab.c:Growing hashtable 0xaa9e9b08, because it has exceeded maxfill, old
size:256
LibClamAV debug: hashtab.c: new capacity: 512
LibClamAV debug: Table 0xaa9e9b08 size after grow:512
LibClamAV debug: hashtab.c:Growing hashtable 0xaa9e9b08, because it has exceeded maxfill, old
size:512
LibClamAV debug: hashtab.c: new capacity: 1024
LibClamAV debug: Table 0xaa9e9b08 size after grow:1024
LibClamAV debug: daily.fp loaded
LibClamAV debug: daily.ndu skipped
LibClamAV debug: in cli_tgzload_cleanup()
LibClamAV debug: /var/lib/clamav/daily.cld loaded
LibClamAV debug: in cli_cvdload()
LibClamAV debug: MD5(.tar.gz) = 57462fd73f1cfdb356b9dca66da2b732
LibClamAV debug: cli_versig: Decoded signature: 57462fd73f1cfdb356b9dca66da2b732
LibClamAV debug: cli_versig: Digital signature is correct.
LibClamAV debug: in cli_tgzload()
LibClamAV debug: in cli_tgzload_cleanup()
LibClamAV Error: cli_cvdload: Corrupted CVD header
LibClamAV Error: Can't load /var/lib/clamav/main.cvd: Malformed database
LibClamAV Error: cli_loaddbdir(): error loading database /var/lib/clamav/main.cvd
Tue Jul 17 20:13:01 2018 -> !Malformed database
Tue Jul 17 20:13:01 2018 -> *Closing the main socket.
[FAILED]
Starting Dovecot Imap: [ OK ]
Starting saslauthd: [ OK ]
Starting amavisd: [ OK ]

Starting postfix: [ OK ]
Starting abrt daemon: [ OK ]

Starting Qpid AMQP daemon: [ OK ]
Starting crond: [ OK ]
Starting fail2ban: ERROR No file(s) found for glob /opt/openhab/logs/request.log
ERROR Failed during configuration: Have not found any log file for openhab-auth jail
[FAILED]
Starting atd: [ OK ]
[***@centos zlib-1.2.4.5]#


_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Jay Hart
2018-07-18 23:43:15 UTC
Permalink
Micah,

Downloaded, complied and installed libz.so.1.2.4 to /lib. Renamed to libz.so.1.2.3. Removed
mirror.dat file.

Then ran freshclam -v without deleting the *.cvd files out of /var/lib/clamav

Freshclam gets to this point, and no further:

[***@centos zlib-1.2.4]# freshclam -v
Current working dir is /var/lib/clamav
Max retries == 3
ClamAV update process started at Wed Jul 18 19:39:16 2018
Using IPv6 aware code
Querying current.cvd.clamav.net
TTL: 596
Software version from DNS: 0.100.1
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.100.0 Recommended version: 0.100.1
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
Retrieving http://db.us.clamav.net/main.cvd
Trying to download http://db.us.clamav.net/main.cvd (IP: 104.16.186.138)
Downloading main.cvd [100%]
LibClamAV debug: Initialized 0.100.0 engine
LibClamAV debug: in cli_cvdload()
LibClamAV debug: MD5(.tar.gz) = 57462fd73f1cfdb356b9dca66da2b732
LibClamAV debug: cli_versig: Decoded signature: 57462fd73f1cfdb356b9dca66da2b732
LibClamAV debug: cli_versig: Digital signature is correct.
LibClamAV debug: in cli_tgzload()
^CUpdate process terminated *** I terminated the command after 10 minutes.

At this point I don't know what else to do other than maybe downgrading clamav if I can.

Based on my experience yesterday, removing the .cvd files won't improve freshclam execution.

Jay
Post by Micah Snyder (micasnyd)
Wait... so it worked ok after upgrading to 1.2.4.5 before you rebooted but then afterwards you're
having the same error or a different error? I'm a little confused, sorry.
Micah
Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
Micah,
I installed zlib 1.2.4.5 (should I use an older version), replaced libz.so.1.2.3 with
libz.so.1.2.4.5 (and renamed it) and copied libz.a to /lib.
Current working dir is /var/lib/clamav
Max retries == 3
ClamAV update process started at Tue Jul 17 19:47:02 2018
Using IPv6 aware code
Querying current.cvd.clamav.net<http://current.cvd.clamav.net>
TTL: 279
Software version from DNS: 0.100.1
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.100.0 Recommended version: 0.100.1
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav main.cvd version from DNS: 58
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr) daily.cvd
version from DNS: 24760
daily.cld is up to date (version: 24760, sigs: 2015700, f-level: 63, builder: neo) Retrieving
http://db.us.clamav.net/bytecode.cvd
Ignoring mirror 104.16.186.138 (due to previous errors)
Ignoring mirror 104.16.187.138 (due to previous errors)
Ignoring mirror 104.16.188.138 (due to previous errors)
Ignoring mirror 2400:cb00:2048:1::6810:ba8a (due to previous errors) Ignoring mirror
2400:cb00:2048:1::6810:bb8a (due to previous errors) Trying to download
http://db.us.clamav.net/bytecode.cvd (IP: 104.16.189.138) Downloading bytecode.cvd [100%]
LibClamAV debug: Initialized 0.100.0 engine
LibClamAV debug: in cli_cvdload()
LibClamAV debug: MD5(.tar.gz) = c85d81eb538b70e60ca59c5100526a26
cli_versig: Digital signature is correct.
LibClamAV debug: in cli_tgzload()
Once box rebooted, Clamav failed to start, the error log is extension, is it worth posting?
Jay
Is zlib 1.2.4 really significantly more processor intensive than 1.2.3? It is rather trivial to
install from http://www.zlib.net/fossils/
Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
Micah said earlier that 1.2.3 cannot be used with ClamAV 100.x and I suspect your hardware won't
support using zlib 1.2.4 or above, so you will either need that new box or roll ClamAV back to an
earlier version.
-Al-
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
* base: ewr.edge.kernel.org<http://ewr.edge.kernel.org/>
mirror.cs.vt.edu<http://mirror.cs.vt.edu/>
* updates: mirror.umd.edu<http://mirror.umd.edu/>
Installed Packages
Name : zlib
Arch : i686
Version : 1.2.3
Release : 29.el6
Size : 136 k
Repo : installed
From repo : base
Summary : The zlib compression and decompression library
URL : http://www.gzip.org/zlib/
License : zlib and Boost
Description : Zlib is a general-purpose, patent-free, lossless data compression
: library which is used by many different programs.
/lib/libz.so.1
/lib/libz.so.1.2.3
/usr/share/doc/zlib-1.2.3
/usr/share/doc/zlib-1.2.3/ChangeLog
/usr/share/doc/zlib-1.2.3/FAQ
/usr/share/doc/zlib-1.2.3/README
Jay
Two things (each item is a bit long), with two questions/comments at the bottom: 1. I don't
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
epel/metalink | 15 kB 00:00 *
base: ewr.edge.kernel.org<http://ewr.edge.kernel.org/>
* epel: mirror.cogentco.com<http://mirror.cogentco.com/>
* extras: mirror.cs.vt.edu<http://mirror.cs.vt.edu/>
* updates: mirror.vcu.edu<http://mirror.vcu.edu/>
base | 3.7 kB 00:00
epel | 3.2 kB 00:00
extras | 3.3 kB 00:00
updates | 3.4 kB 00:00
Available Packages
Name : zlib-devel
Arch : i686
Version : 1.2.3
Release : 29.el6
Size : 44 k
Repo : base
Summary : Header files and libraries for Zlib development
URL : http://www.gzip.org/zlib/
License : zlib and Boost
Description : The zlib-devel package contains the header files and libraries needed
: to develop programs that use the zlib compression and decompression : library.
/usr/include/zlib.h: No such file or directory
package zlib-devel is not installed
CPU op-mode(s): 32-bit
Architecture: i686
CPU op-mode(s): 32-bit
Byte Order: Little Endian
CPU(s): 4
On-line CPU(s) list: 0-3
Thread(s) per core: 2
Core(s) per socket: 2
Socket(s): 1
Vendor ID: GenuineIntel
CPU family: 6
Model: 54
Stepping: 1
CPU MHz: 2128.240
BogoMIPS: 4256.48
L1d cache: 24K
L1i cache: 32K
L2 cache: 512K
Could the fact zlib-devel is NOT installed be my issue?
Also, it looks like my hardware will not support Centos 7 so I'm guessing need to procure a new
box.
I think this answers all the outstanding queries you asked for Micah. My thanks for the
support.
Jay
On CentOS you should be able to check with: `yum info zlib-devel` Alternatively, take a peek in
/usr/include/zlib.h for the line starting with: #define ZLIB_VERSION
Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
_______________________________________________
clamav-users mailing list
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
-Al-
--
Al Varnell
Mountain View, CA
_______________________________________________
clamav-users mailing list
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Micah Snyder (micasnyd)
2018-07-19 19:32:56 UTC
Permalink
My apologies Jay,

I tend to think of dependencies from a development perspective because I basically never test with ClamAV provided by package managers. If your ClamAV installation came pre-compiled from a distro, I guess it would have been linked with the zlib they provide and replacing zlib with a newer version wouldn't be sufficient.

Please someone correct me if I'm wrong, but I think that you will need to build & install ClamAV from source with the newer version of zlib installed so it links with the new zlib.

-Micah


Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.


On Jul 18, 2018, at 7:43 PM, Jay Hart <***@kevla.org<mailto:***@kevla.org>> wrote:

Micah,

Downloaded, complied and installed libz.so.1.2.4 to /lib. Renamed to libz.so.1.2.3. Removed
mirror.dat file.

Then ran freshclam -v without deleting the *.cvd files out of /var/lib/clamav

Freshclam gets to this point, and no further:

[***@centos zlib-1.2.4]# freshclam -v
Current working dir is /var/lib/clamav
Max retries == 3
ClamAV update process started at Wed Jul 18 19:39:16 2018
Using IPv6 aware code
Querying current.cvd.clamav.net<http://current.cvd.clamav.net>
TTL: 596
Software version from DNS: 0.100.1
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.100.0 Recommended version: 0.100.1
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
Retrieving http://db.us.clamav.net/main.cvd
Trying to download http://db.us.clamav.net/main.cvd (IP: 104.16.186.138)
Downloading main.cvd [100%]
LibClamAV debug: Initialized 0.100.0 engine
LibClamAV debug: in cli_cvdload()
LibClamAV debug: MD5(.tar.gz) = 57462fd73f1cfdb356b9dca66da2b732
LibClamAV debug: cli_versig: Decoded signature: 57462fd73f1cfdb356b9dca66da2b732
LibClamAV debug: cli_versig: Digital signature is correct.
LibClamAV debug: in cli_tgzload()
^CUpdate process terminated *** I terminated the command after 10 minutes.

At this point I don't know what else to do other than maybe downgrading clamav if I can.

Based on my experience yesterday, removing the .cvd files won't improve freshclam execution.

Jay

Wait... so it worked ok after upgrading to 1.2.4.5 before you rebooted but then afterwards you're
having the same error or a different error? I'm a little confused, sorry.

Micah


Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.


On Jul 17, 2018, at 8:21 PM, Jay Hart <***@kevla.org<mailto:***@kevla.org><mailto:***@kevla.org>> wrote:

Micah,

I installed zlib 1.2.4.5 (should I use an older version), replaced libz.so.1.2.3 with
libz.so.1.2.4.5 (and renamed it) and copied libz.a to /lib.

Running freshclam without rebooting box got this:
***@centos zlib-1.2.4.5]# freshclam -v
Current working dir is /var/lib/clamav
Max retries == 3
ClamAV update process started at Tue Jul 17 19:47:02 2018
Using IPv6 aware code
Querying current.cvd.clamav.net<http://current.cvd.clamav.net><http://current.cvd.clamav.net>
TTL: 279
Software version from DNS: 0.100.1
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.100.0 Recommended version: 0.100.1
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav main.cvd version from DNS: 58
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr) daily.cvd
version from DNS: 24760
daily.cld is up to date (version: 24760, sigs: 2015700, f-level: 63, builder: neo) Retrieving
http://db.us.clamav.net/bytecode.cvd
Ignoring mirror 104.16.186.138 (due to previous errors)
Ignoring mirror 104.16.187.138 (due to previous errors)
Ignoring mirror 104.16.188.138 (due to previous errors)
Ignoring mirror 2400:cb00:2048:1::6810:ba8a (due to previous errors) Ignoring mirror
2400:cb00:2048:1::6810:bb8a (due to previous errors) Trying to download
http://db.us.clamav.net/bytecode.cvd (IP: 104.16.189.138) Downloading bytecode.cvd [100%]
LibClamAV debug: Initialized 0.100.0 engine
LibClamAV debug: in cli_cvdload()
LibClamAV debug: MD5(.tar.gz) = c85d81eb538b70e60ca59c5100526a26
LibClamAV debug: cli_versig: Decoded signature: c85d81eb538b70e60ca59c5100526a26 LibClamAV debug:
cli_versig: Digital signature is correct.
LibClamAV debug: in cli_tgzload()

Once box rebooted, Clamav failed to start, the error log is extension, is it worth posting?

Jay



Is zlib 1.2.4 really significantly more processor intensive than 1.2.3? It is rather trivial to
install from http://www.zlib.net/fossils/
Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
On Jul 16, 2018, at 11:37 PM, Al Varnell <***@mac.com<mailto:***@mac.com>> wrote:
Micah said earlier that 1.2.3 cannot be used with ClamAV 100.x and I suspect your hardware won't
support using zlib 1.2.4 or above, so you will either need that new box or roll ClamAV back to an
earlier version.
-Al-
On Mon, Jul 16, 2018 at 07:19 PM, Jay Hart wrote:
I do have zlib installed:
***@centos include]# yum info zlib
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
* base: ewr.edge.kernel.org<http://ewr.edge.kernel.org/>
* epel: mirror.cs.princeton.edu<http://mirror.cs.princeton.edu/> * extras:
mirror.cs.vt.edu<http://mirror.cs.vt.edu/>
* updates: mirror.umd.edu<http://mirror.umd.edu/>
Installed Packages
Name : zlib
Arch : i686
Version : 1.2.3
Release : 29.el6
Size : 136 k
Repo : installed
From repo : base
Summary : The zlib compression and decompression library
URL : http://www.gzip.org/zlib/
License : zlib and Boost
Description : Zlib is a general-purpose, patent-free, lossless data compression
: library which is used by many different programs.
File location:
[***@centos include]# repoquery -l zlib
/lib/libz.so.1
/lib/libz.so.1.2.3
/usr/share/doc/zlib-1.2.3
/usr/share/doc/zlib-1.2.3/ChangeLog
/usr/share/doc/zlib-1.2.3/FAQ
/usr/share/doc/zlib-1.2.3/README
Jay
Two things (each item is a bit long), with two questions/comments at the bottom: 1. I don't
think zlib-devel is installed:
[***@centos tmp]# yum info zlib-devel
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
epel/metalink | 15 kB 00:00 *
base: ewr.edge.kernel.org<http://ewr.edge.kernel.org/>
* epel: mirror.cogentco.com<http://mirror.cogentco.com/>
* extras: mirror.cs.vt.edu<http://mirror.cs.vt.edu/>
* updates: mirror.vcu.edu<http://mirror.vcu.edu/>
base | 3.7 kB 00:00
epel | 3.2 kB 00:00
extras | 3.3 kB 00:00
updates | 3.4 kB 00:00
Available Packages
Name : zlib-devel
Arch : i686
Version : 1.2.3
Release : 29.el6
Size : 44 k
Repo : base
Summary : Header files and libraries for Zlib development
URL : http://www.gzip.org/zlib/
License : zlib and Boost
Description : The zlib-devel package contains the header files and libraries needed
: to develop programs that use the zlib compression and decompression : library.
[***@centos tmp]# more /usr/include/zlib.h |grep VERSION
/usr/include/zlib.h: No such file or directory
[***@centos include]# rpm -ql zlib-devel
package zlib-devel is not installed
2. 32-bit CPU data:
[***@centos include]# lscpu |grep "CPU op-mode"
CPU op-mode(s): 32-bit
[***@centos include]# lscpu
Architecture: i686
CPU op-mode(s): 32-bit
Byte Order: Little Endian
CPU(s): 4
On-line CPU(s) list: 0-3
Thread(s) per core: 2
Core(s) per socket: 2
Socket(s): 1
Vendor ID: GenuineIntel
CPU family: 6
Model: 54
Model name: Intel(R) Atom(TM) CPU D2700 @ 2.13GHz
Stepping: 1
CPU MHz: 2128.240
BogoMIPS: 4256.48
L1d cache: 24K
L1i cache: 32K
L2 cache: 512K
Could the fact zlib-devel is NOT installed be my issue?
Also, it looks like my hardware will not support Centos 7 so I'm guessing need to procure a new
box.
I think this answers all the outstanding queries you asked for Micah. My thanks for the
support.
Jay
On CentOS you should be able to check with: `yum info zlib-devel` Alternatively, take a peek in
/usr/include/zlib.h for the line starting with: #define ZLIB_VERSION
Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
-Al-
--
Al Varnell
Mountain View, CA
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml






_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml



_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Jay Hart
2018-07-29 17:23:50 UTC
Permalink
Hey,

Just got notified that Clamav 0.100.1 is released for Centos 6.10. I'm wondering if I upgrade to
that release, will my malformed database issue get resolved?

Thanks,

Jay
Post by Micah Snyder (micasnyd)
My apologies Jay,
I tend to think of dependencies from a development perspective because I basically never test with
ClamAV provided by package managers. If your ClamAV installation came pre-compiled from a distro,
I guess it would have been linked with the zlib they provide and replacing zlib with a newer
version wouldn't be sufficient.
Please someone correct me if I'm wrong, but I think that you will need to build & install ClamAV
from source with the newer version of zlib installed so it links with the new zlib.
-Micah
Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
Micah,
Downloaded, complied and installed libz.so.1.2.4 to /lib. Renamed to libz.so.1.2.3. Removed
mirror.dat file.
Then ran freshclam -v without deleting the *.cvd files out of /var/lib/clamav
Current working dir is /var/lib/clamav
Max retries == 3
ClamAV update process started at Wed Jul 18 19:39:16 2018
Using IPv6 aware code
Querying current.cvd.clamav.net<http://current.cvd.clamav.net>
TTL: 596
Software version from DNS: 0.100.1
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.100.0 Recommended version: 0.100.1
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
Retrieving http://db.us.clamav.net/main.cvd
Trying to download http://db.us.clamav.net/main.cvd (IP: 104.16.186.138)
Downloading main.cvd [100%]
LibClamAV debug: Initialized 0.100.0 engine
LibClamAV debug: in cli_cvdload()
LibClamAV debug: MD5(.tar.gz) = 57462fd73f1cfdb356b9dca66da2b732
LibClamAV debug: cli_versig: Decoded signature: 57462fd73f1cfdb356b9dca66da2b732
LibClamAV debug: cli_versig: Digital signature is correct.
LibClamAV debug: in cli_tgzload()
^CUpdate process terminated *** I terminated the command after 10 minutes.
At this point I don't know what else to do other than maybe downgrading clamav if I can.
Based on my experience yesterday, removing the .cvd files won't improve freshclam execution.
Jay
Wait... so it worked ok after upgrading to 1.2.4.5 before you rebooted but then afterwards you're
having the same error or a different error? I'm a little confused, sorry.
Micah
Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
On Jul 17, 2018, at 8:21 PM, Jay Hart
Micah,
I installed zlib 1.2.4.5 (should I use an older version), replaced libz.so.1.2.3 with
libz.so.1.2.4.5 (and renamed it) and copied libz.a to /lib.
Current working dir is /var/lib/clamav
Max retries == 3
ClamAV update process started at Tue Jul 17 19:47:02 2018
Using IPv6 aware code
Querying current.cvd.clamav.net<http://current.cvd.clamav.net><http://current.cvd.clamav.net>
TTL: 279
Software version from DNS: 0.100.1
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.100.0 Recommended version: 0.100.1
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav main.cvd version from DNS: 58
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr) daily.cvd
version from DNS: 24760
daily.cld is up to date (version: 24760, sigs: 2015700, f-level: 63, builder: neo) Retrieving
http://db.us.clamav.net/bytecode.cvd
Ignoring mirror 104.16.186.138 (due to previous errors)
Ignoring mirror 104.16.187.138 (due to previous errors)
Ignoring mirror 104.16.188.138 (due to previous errors)
Ignoring mirror 2400:cb00:2048:1::6810:ba8a (due to previous errors) Ignoring mirror
2400:cb00:2048:1::6810:bb8a (due to previous errors) Trying to download
http://db.us.clamav.net/bytecode.cvd (IP: 104.16.189.138) Downloading bytecode.cvd [100%]
LibClamAV debug: Initialized 0.100.0 engine
LibClamAV debug: in cli_cvdload()
LibClamAV debug: MD5(.tar.gz) = c85d81eb538b70e60ca59c5100526a26
cli_versig: Digital signature is correct.
LibClamAV debug: in cli_tgzload()
Once box rebooted, Clamav failed to start, the error log is extension, is it worth posting?
Jay
Is zlib 1.2.4 really significantly more processor intensive than 1.2.3? It is rather trivial to
install from http://www.zlib.net/fossils/
Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
Micah said earlier that 1.2.3 cannot be used with ClamAV 100.x and I suspect your hardware won't
support using zlib 1.2.4 or above, so you will either need that new box or roll ClamAV back to an
earlier version.
-Al-
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
* base: ewr.edge.kernel.org<http://ewr.edge.kernel.org/>
mirror.cs.vt.edu<http://mirror.cs.vt.edu/>
* updates: mirror.umd.edu<http://mirror.umd.edu/>
Installed Packages
Name : zlib
Arch : i686
Version : 1.2.3
Release : 29.el6
Size : 136 k
Repo : installed
From repo : base
Summary : The zlib compression and decompression library
URL : http://www.gzip.org/zlib/
License : zlib and Boost
Description : Zlib is a general-purpose, patent-free, lossless data compression
: library which is used by many different programs.
/lib/libz.so.1
/lib/libz.so.1.2.3
/usr/share/doc/zlib-1.2.3
/usr/share/doc/zlib-1.2.3/ChangeLog
/usr/share/doc/zlib-1.2.3/FAQ
/usr/share/doc/zlib-1.2.3/README
Jay
Two things (each item is a bit long), with two questions/comments at the bottom: 1. I don't
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
epel/metalink | 15 kB 00:00 *
base: ewr.edge.kernel.org<http://ewr.edge.kernel.org/>
* epel: mirror.cogentco.com<http://mirror.cogentco.com/>
* extras: mirror.cs.vt.edu<http://mirror.cs.vt.edu/>
* updates: mirror.vcu.edu<http://mirror.vcu.edu/>
base | 3.7 kB 00:00
epel | 3.2 kB 00:00
extras | 3.3 kB 00:00
updates | 3.4 kB 00:00
Available Packages
Name : zlib-devel
Arch : i686
Version : 1.2.3
Release : 29.el6
Size : 44 k
Repo : base
Summary : Header files and libraries for Zlib development
URL : http://www.gzip.org/zlib/
License : zlib and Boost
Description : The zlib-devel package contains the header files and libraries needed
: to develop programs that use the zlib compression and decompression : library.
/usr/include/zlib.h: No such file or directory
package zlib-devel is not installed
CPU op-mode(s): 32-bit
Architecture: i686
CPU op-mode(s): 32-bit
Byte Order: Little Endian
CPU(s): 4
On-line CPU(s) list: 0-3
Thread(s) per core: 2
Core(s) per socket: 2
Socket(s): 1
Vendor ID: GenuineIntel
CPU family: 6
Model: 54
Stepping: 1
CPU MHz: 2128.240
BogoMIPS: 4256.48
L1d cache: 24K
L1i cache: 32K
L2 cache: 512K
Could the fact zlib-devel is NOT installed be my issue?
Also, it looks like my hardware will not support Centos 7 so I'm guessing need to procure a new
box.
I think this answers all the outstanding queries you asked for Micah. My thanks for the
support.
Jay
On CentOS you should be able to check with: `yum info zlib-devel` Alternatively, take a peek in
/usr/include/zlib.h for the line starting with: #define ZLIB_VERSION
Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
_______________________________________________
clamav-users mailing list
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
-Al-
--
Al Varnell
Mountain View, CA
_______________________________________________
clamav-users mailing list
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Micah Snyder (micasnyd)
2018-07-29 17:26:01 UTC
Permalink
Sorry, it will not.


Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.


On Jul 29, 2018, at 1:23 PM, Jay Hart <***@kevla.org<mailto:***@kevla.org>> wrote:

Hey,

Just got notified that Clamav 0.100.1 is released for Centos 6.10. I'm wondering if I upgrade to
that release, will my malformed database issue get resolved?

Thanks,

Jay

My apologies Jay,

I tend to think of dependencies from a development perspective because I basically never test with
ClamAV provided by package managers. If your ClamAV installation came pre-compiled from a distro,
I guess it would have been linked with the zlib they provide and replacing zlib with a newer
version wouldn't be sufficient.

Please someone correct me if I'm wrong, but I think that you will need to build & install ClamAV
from source with the newer version of zlib installed so it links with the new zlib.

-Micah


Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.


On Jul 18, 2018, at 7:43 PM, Jay Hart <***@kevla.org<mailto:***@kevla.org><mailto:***@kevla.org>> wrote:

Micah,

Downloaded, complied and installed libz.so.1.2.4 to /lib. Renamed to libz.so.1.2.3. Removed
mirror.dat file.

Then ran freshclam -v without deleting the *.cvd files out of /var/lib/clamav

Freshclam gets to this point, and no further:

[***@centos zlib-1.2.4]# freshclam -v
Current working dir is /var/lib/clamav
Max retries == 3
ClamAV update process started at Wed Jul 18 19:39:16 2018
Using IPv6 aware code
Querying current.cvd.clamav.net<http://current.cvd.clamav.net/><http://current.cvd.clamav.net<http://current.cvd.clamav.net/>>
TTL: 596
Software version from DNS: 0.100.1
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.100.0 Recommended version: 0.100.1
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
Retrieving http://db.us.clamav.net/main.cvd
Trying to download http://db.us.clamav.net/main.cvd (IP: 104.16.186.138)
Downloading main.cvd [100%]
LibClamAV debug: Initialized 0.100.0 engine
LibClamAV debug: in cli_cvdload()
LibClamAV debug: MD5(.tar.gz) = 57462fd73f1cfdb356b9dca66da2b732
LibClamAV debug: cli_versig: Decoded signature: 57462fd73f1cfdb356b9dca66da2b732
LibClamAV debug: cli_versig: Digital signature is correct.
LibClamAV debug: in cli_tgzload()
^CUpdate process terminated *** I terminated the command after 10 minutes.

At this point I don't know what else to do other than maybe downgrading clamav if I can.

Based on my experience yesterday, removing the .cvd files won't improve freshclam execution.

Jay

Wait... so it worked ok after upgrading to 1.2.4.5 before you rebooted but then afterwards you're
having the same error or a different error? I'm a little confused, sorry.

Micah


Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.


On Jul 17, 2018, at 8:21 PM, Jay Hart
<***@kevla.org<mailto:***@kevla.org><mailto:***@kevla.org><mailto:***@kevla.org>> wrote:

Micah,

I installed zlib 1.2.4.5 (should I use an older version), replaced libz.so.1.2.3 with
libz.so.1.2.4.5 (and renamed it) and copied libz.a to /lib.

Running freshclam without rebooting box got this:
***@centos zlib-1.2.4.5]# freshclam -v
Current working dir is /var/lib/clamav
Max retries == 3
ClamAV update process started at Tue Jul 17 19:47:02 2018
Using IPv6 aware code
Querying current.cvd.clamav.net<http://current.cvd.clamav.net/><http://current.cvd.clamav.net<http://current.cvd.clamav.net/>><http://current.cvd.clamav.net<http://current.cvd.clamav.net/>>
TTL: 279
Software version from DNS: 0.100.1
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.100.0 Recommended version: 0.100.1
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav main.cvd version from DNS: 58
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr) daily.cvd
version from DNS: 24760
daily.cld is up to date (version: 24760, sigs: 2015700, f-level: 63, builder: neo) Retrieving
http://db.us.clamav.net/bytecode.cvd
Ignoring mirror 104.16.186.138 (due to previous errors)
Ignoring mirror 104.16.187.138 (due to previous errors)
Ignoring mirror 104.16.188.138 (due to previous errors)
Ignoring mirror 2400:cb00:2048:1::6810:ba8a (due to previous errors) Ignoring mirror
2400:cb00:2048:1::6810:bb8a (due to previous errors) Trying to download
http://db.us.clamav.net/bytecode.cvd (IP: 104.16.189.138) Downloading bytecode.cvd [100%]
LibClamAV debug: Initialized 0.100.0 engine
LibClamAV debug: in cli_cvdload()
LibClamAV debug: MD5(.tar.gz) = c85d81eb538b70e60ca59c5100526a26
LibClamAV debug: cli_versig: Decoded signature: c85d81eb538b70e60ca59c5100526a26 LibClamAV debug:
cli_versig: Digital signature is correct.
LibClamAV debug: in cli_tgzload()

Once box rebooted, Clamav failed to start, the error log is extension, is it worth posting?

Jay



Is zlib 1.2.4 really significantly more processor intensive than 1.2.3? It is rather trivial to
install from http://www.zlib.net/fossils/
Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
On Jul 16, 2018, at 11:37 PM, Al Varnell <***@mac.com<mailto:***@mac.com>> wrote:
Micah said earlier that 1.2.3 cannot be used with ClamAV 100.x and I suspect your hardware won't
support using zlib 1.2.4 or above, so you will either need that new box or roll ClamAV back to an
earlier version.
-Al-
On Mon, Jul 16, 2018 at 07:19 PM, Jay Hart wrote:
I do have zlib installed:
***@centos include]# yum info zlib
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
* base: ewr.edge.kernel.org<http://ewr.edge.kernel.org/>
* epel: mirror.cs.princeton.edu<http://mirror.cs.princeton.edu/> * extras:
mirror.cs.vt.edu<http://mirror.cs.vt.edu/>
* updates: mirror.umd.edu<http://mirror.umd.edu/>
Installed Packages
Name : zlib
Arch : i686
Version : 1.2.3
Release : 29.el6
Size : 136 k
Repo : installed
From repo : base
Summary : The zlib compression and decompression library
URL : http://www.gzip.org/zlib/
License : zlib and Boost
Description : Zlib is a general-purpose, patent-free, lossless data compression
: library which is used by many different programs.
File location:
[***@centos include]# repoquery -l zlib
/lib/libz.so.1
/lib/libz.so.1.2.3
/usr/share/doc/zlib-1.2.3
/usr/share/doc/zlib-1.2.3/ChangeLog
/usr/share/doc/zlib-1.2.3/FAQ
/usr/share/doc/zlib-1.2.3/README
Jay
Two things (each item is a bit long), with two questions/comments at the bottom: 1. I don't
think zlib-devel is installed:
[***@centos tmp]# yum info zlib-devel
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
epel/metalink | 15 kB 00:00 *
base: ewr.edge.kernel.org<http://ewr.edge.kernel.org/>
* epel: mirror.cogentco.com<http://mirror.cogentco.com/>
* extras: mirror.cs.vt.edu<http://mirror.cs.vt.edu/>
* updates: mirror.vcu.edu<http://mirror.vcu.edu/>
base | 3.7 kB 00:00
epel | 3.2 kB 00:00
extras | 3.3 kB 00:00
updates | 3.4 kB 00:00
Available Packages
Name : zlib-devel
Arch : i686
Version : 1.2.3
Release : 29.el6
Size : 44 k
Repo : base
Summary : Header files and libraries for Zlib development
URL : http://www.gzip.org/zlib/
License : zlib and Boost
Description : The zlib-devel package contains the header files and libraries needed
: to develop programs that use the zlib compression and decompression : library.
[***@centos tmp]# more /usr/include/zlib.h |grep VERSION
/usr/include/zlib.h: No such file or directory
[***@centos include]# rpm -ql zlib-devel
package zlib-devel is not installed
2. 32-bit CPU data:
[***@centos include]# lscpu |grep "CPU op-mode"
CPU op-mode(s): 32-bit
[***@centos include]# lscpu
Architecture: i686
CPU op-mode(s): 32-bit
Byte Order: Little Endian
CPU(s): 4
On-line CPU(s) list: 0-3
Thread(s) per core: 2
Core(s) per socket: 2
Socket(s): 1
Vendor ID: GenuineIntel
CPU family: 6
Model: 54
Model name: Intel(R) Atom(TM) CPU D2700 @ 2.13GHz
Stepping: 1
CPU MHz: 2128.240
BogoMIPS: 4256.48
L1d cache: 24K
L1i cache: 32K
L2 cache: 512K
Could the fact zlib-devel is NOT installed be my issue?
Also, it looks like my hardware will not support Centos 7 so I'm guessing need to procure a new
box.
I think this answers all the outstanding queries you asked for Micah. My thanks for the
support.
Jay
On CentOS you should be able to check with: `yum info zlib-devel` Alternatively, take a peek in
/usr/include/zlib.h for the line starting with: #define ZLIB_VERSION
Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
-Al-
--
Al Varnell
Mountain View, CA
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml






_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml



_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net><mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml



_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Reindl Harald
2018-07-29 17:26:40 UTC
Permalink
Post by Jay Hart
Just got notified that Clamav 0.100.1 is released for Centos 6.10. I'm wondering if I upgrade to
that release, will my malformed database issue get resolved?
what about just update and report?
you need to update anyways for security reasons
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Loading...