search

Cisco-Talos / clamav

ClamAV - Documentation is here: https://docs.clamav.net
https://www.clamav.net/
GNU General Public License v2.0
4.43k stars 706 forks source link

freshclam-0.103.10 (lastes stable on Debian) is blocked from CDN #1256

Open MostFrabjous opened 6 months ago

MostFrabjous commented 6 months ago

Describe the bug

Latest stable clamav-freshclam version on Debian is 0.103.10. But it seems the ClamAV CDN enforces at least Version 0.103.11.

ClamAV 0.103.10/27260/Mon Apr 29 08:23:47 2024

I suggest to loosen the restriction until Debian's freshclam is updated.

How to reproduce the problem

Run freshclam on fully updated Debian Bullseye

Attachments

ClamAV update process started at Wed Apr 24 06:41:22 2024
Your ClamAV installation is OUTDATED!
Local version: 0.103.10 Recommended version: 0.103.11
DON'T PANIC! Read https://docs.clamav.net/manual/Installing.html
FreshClam previously received error code 429 or 403 from the ClamAV Content Delivery Network (CDN).
This means that you have been rate limited or blocked by the CDN.
 1. Verify that you're running a supported ClamAV version.
    See https://docs.clamav.net/faq/faq-eol.html for details.
 2. Run FreshClam no more than once an hour to check for updates.
    FreshClam should check DNS first to see if an update is needed.
 3. If you have more than 10 hosts on your network attempting to download,
    it is recommended that you set up a private mirror on your network using
    cvdupdate (https://pypi.org/project/cvdupdate/) to save bandwidth on the
    CDN and your own network.
 4. Please do not open a ticket asking for an exemption from the rate limit,
    it will not be granted.
ragusaa commented 6 months ago

Hi,

I just confirmed on my system that we still allow older versions of 0.103 to download signatures. It will print the following warning message, but still download the signatures.

ClamAV update process started at Mon May 6 08:22:35 2024 WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.103.10 Recommended version: 0.103.11 DON'T PANIC! Read https://docs.clamav.net/manual/Installing.html daily database available for download (remote version: 27267)

Is there another reason you could be blocked, such as a Russian IP address? If you have a Russian IP address, there is nothing we can do.

If not, could you delete your freshclam.dat file and re-run freshclam to get the cf-ray id, so that we can look up what the error is on our end?

Thanks, Andy