Subscribe: SourceForge.net: SF.net Project News: Clam AntiVirus
http://sourceforge.net/export/rss2_projnews.php?group_id=86638
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
bug  clamav net  clamav  code  experimental code  experimental  new wiki  new  project  release candidate  release  security  time  wiki 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: SourceForge.net: SF.net Project News: Clam AntiVirus

Recent changes to news



Recent changes to news



Last Build Date: Thu, 01 Feb 2007 15:25:26 -0000

 



ClamAV 0.90rc3 released

Thu, 01 Feb 2007 15:25:26 -0000

This is the last release candidate for 0.90 .
Please report any problems through our bugzilla: http://bugs.clamav.net . If you are running ClamAV 0.90RC1.1 or 0.90rc2, you are strongly encouraged to upgrade to the latest RC. Remember to try the experimental code by using "./configure --enable-experimental" at compile time.




New Wiki online!

Tue, 21 Nov 2006 16:58:29 -0000

Our new Wiki site is now in production. Visit http://wiki.clamav.net and register yourself! You are welcome to document all the steps you did to integrate ClamAV with your favourite content scanner. Also feel free to post your success stories about ClamAV on http://wiki.clamav.net/Main/SuccessStories . Let's share your know-how on ClamAV with the rest of our user community!
We really hope that this new Wiki will serve for this purpose better than the previous one. We learned the lesson the hard way: the new wiki features a more user friendly interface, a WYSIWYG editor and some very important antispam protections.




Fast reaction on new threats in Wikipedia

Wed, 08 Nov 2006 23:11:54 -0000

Heise Security reports that ClamAV was among the first virus scanners to detect a trojan distributed by a forged version of Wikipedia. You can read the full article at http://www.heise-security.co.uk/news/80729




ClamAV 0.90rc2 released

Mon, 30 Oct 2006 21:27:43 -0000

The second release candidate of the long awaited
ClamAV 0.90 is ready for general testing! If you are running ClamAV 0.90RC1.1, you are strongly encouraged to upgrade to the latest RC. Remember to try the experimental code by using "./configure --enable-experimental" at compile time. Please note that we do not accept bug reports against 0.90RC1.1 anymore.




Now accepting paypal donations

Mon, 30 Oct 2006 00:48:53 -0000

Our donate page now features a PayPal button. Keeping the virus database up to date is a time consuming task: we need to process a lot of malware every day and generate new signatures for it. The ClamAV team provides you with timely updates and continuosly implement new features to make your favourite antivirus (and its derivative products) more effective.
Visit http://www.clamav.net/donate.html#pagestart and contribute to our project.




ClamAV 0.90rc1.1 released

Mon, 16 Oct 2006 01:29:01 -0000

The first release candidate of the long awaited
ClamAV 0.90 is ready for general testing!

The 0.9x series introduces lots of improvements
in terms of detection rate and performance, like
support for many new packers and decryptors, RAR3
and SIS archives, and a new phishing signatures
format that proves to be very effective.

The email decoding has been improved to reduce
both the memory requirements and the time taken
to process attachments.
We have been working hard also on the ClamAV
Virus Database: we now have more than 73.000
signatures and we keep on reviewing hundreds of
samples everyday.

To cope with the increasing size of the database
and with the high frequency of new CVD releases,
freshclam now supports scripted updates: only the
differences between two releases of the CVD are
downloaded. This dramatically reduces traffic on
our mirrors and will allow us to release even
more updates in the future.

Download the latest release candidate and test
the new experimental code (use
./configure --enable-experimental at compile
time). We need your feedback!




bugzilla online

Mon, 16 Oct 2006 00:27:45 -0000

In the hope to get more detailed bug reports and coordinate the work of people testing our experimental code, we decided to open a bug tracker.
After checking many different bug tracker, we decided to stick to the well known Bugzilla.
Please use it wisely: http://bugs.clamav.net




ClamAV joins Google Summer of Code

Sun, 30 Apr 2006 23:45:18 -0000

Summer of Code 2006 is a program sponsored by Google, that offers student developers stipends to create new open source programs or to help currently established projects. The ClamAV project is happy to join this event and get some help from emerging developers to quickly implement some of the features (see http://www.clamav.net/news/soc2006.html\) that are currently on our TODO list.

Google will give 5000 USD per accepted student, of which 4500 USD goes to the student and 500 USD goes to the mentoring organization.
Students who wish to join the program and help the ClamAV project will be paid 500 USD upon acceptance of their application, 2000 USD mid program (assuming they have made sufficient progress on the project), and 2000 USD at close of program (assuming they have completed the project).
See http://code.google.com/soc/studentfaq.html for more information.




ClamAV provides 100% detection for W32.Polipos.A

Sun, 30 Apr 2006 21:13:46 -0000

W32.Polipos.A is a complex polimorphic virus infecting 32-bit Windows executables. The virus uses advanced techniques, such as entry point obscuring, to make the detection even harder. It can also spread via P2P networks and contains procedures against security software.

Extensive tests in our secure environments showed that ClamAV 0.88.2 was able to detect 100% W32.Polipos.A infections without producing a single false positive alert.




Security company announces defense against already fixed bug

Thu, 13 Apr 2006 14:52:36 -0000

On April 12, the security company SonicWALL announced Day Zero protection against vulnerability in Clam AntiVirus. The press release (see: http://biz.yahoo.com/prnews/060412/sfw078.html?.v=47\) bewildered ClamAV developers. The problem described in the press release was... already fixed in the 0.88.1 version of ClamAV published on April 4. Moreover, it was ranked by the Clam AntiVirus programmers as low risk.

Information about "Clam AntiVirus Win32-UPX Heap Overflow" was posted to bugtraq (url: http://seclists.org/lists/bugtraq/2006/Apr/0174.html\) on
April 6, by a member of the security group Overflow.pl . It described a potential heap overflow in the UPX unpacker. In its press release, SonicWALL failed to mention that the bug was already fixed and what's even most important: the problem was impossible to exploit on properly configured systems. In fact, only the ClamAV installations with archive scan limits completely disabled were vulnerable to the heap overflow, however such incorrectly configured systems were at the same time vulnerable to many other attacks such as archive bombs.

It's the opinion of Clam AntiVirus authors that these security companies and researchers should take more care about information they are publishing.
The ClamAV project always offers them help understanding its internals.