Closed datumbox closed 4 years ago
Hi,
Thanks! It will be in 6.04 which should be released this week.
respectfully Dave M
@dave-theunsub Hope you are well. :)
I saw you released v6.04 couple of days ago on gitlab and I saw on the release notes that the Encrypted.PDFs are no longer considered a threat. I had a brief look on the commits but I could not spot the changes. Could you confirm that there are baked in? Thanks!!
Hi @datumbox ,
I'll have to check to see why the lib files are not reflecting the changes, but the released programs seem to all have it:
'OK',
'Zip module failure',
"RAR module failure",
'Encrypted.PDF', # <---
'Encrypted.RAR',
'Encrypted.Zip',
'Empty file',
'Excluded',
'Input/Output error',
'Files number limit exceeded',
'handler error',
'Broken.Executable',
'Oversized.Zip',
'Symbolic link' );
I also removed functionality like --alert-encrypted-archive --alert-encrypted-doc
from the scan, which is basically the same thing.
Thanks, Dave M
I see that you passed directly the changes on the Gitlab repo. Thanks for fixing it. Closing the PR.
Encrypted PDFs are marked by ClamAV as threats and Clamtk does not offer the option to ignore this on the GUI (#66 ):
Unfortunately the flags passed on
/usr/bin/clamscan
are hardcoded in theScan.pm
source file and there is no way to change them. This PR provides a quick & dirty fix and treats encrypted PDFs similar to encrypted ZIP/RAR files by ignoring the warning and modifying theclean_words
variable on the aforementioned file.