dave-theunsub
commented
4 years ago Hi,
Thanks! It will be in 6.04 which should be released this week.
respectfully Dave M
Closed datumbox closed 4 years ago
dave-theunsub
commented
4 years ago Hi,
Thanks! It will be in 6.04 which should be released this week.
respectfully Dave M
datumbox
commented
4 years ago @dave-theunsub Hope you are well. :)
I saw you released v6.04 couple of days ago on gitlab and I saw on the release notes that the Encrypted.PDFs are no longer considered a threat. I had a brief look on the commits but I could not spot the changes. Could you confirm that there are baked in? Thanks!!
dave-theunsub
commented
4 years ago Hi @datumbox ,
I'll have to check to see why the lib files are not reflecting the changes, but the released programs seem to all have it:
'OK',
'Zip module failure',
"RAR module failure",
'Encrypted.PDF', # <---
'Encrypted.RAR',
'Encrypted.Zip',
'Empty file',
'Excluded',
'Input/Output error',
'Files number limit exceeded',
'handler error',
'Broken.Executable',
'Oversized.Zip',
'Symbolic link' ); I also removed functionality like --alert-encrypted-archive --alert-encrypted-doc from the scan, which is basically the same thing.
Thanks, Dave M
datumbox
commented
4 years ago I see that you passed directly the changes on the Gitlab repo. Thanks for fixing it. Closing the PR.
Encrypted PDFs are marked by ClamAV as threats and Clamtk does not offer the option to ignore this on the GUI (#66 ):
Unfortunately the flags passed on
/usr/bin/clamscanare hardcoded in theScan.pmsource file and there is no way to change them. This PR provides a quick & dirty fix and treats encrypted PDFs similar to encrypted ZIP/RAR files by ignoring the warning and modifying theclean_wordsvariable on the aforementioned file.