In <list-8111005@2rosenthals.com>, on 10/13/23
at 09:25 AM, "Paul Smedley" <ecs-isp@2rosenthals.com> said:
Hi Paul,
>> Can't or won't. I'm not that familar with ClamAV.
>Both I think - at some point they claim to stop supporting older
>version - perhaps there are differences in the binary formats of the
>signatures?
From what I've seen so far, it's mostly freshclam that is forcing the
updates, because that's what it is designed to do. Clamscan seems to
accept any .cvd file that is marked binary compatible. For example, the
signatures I downloaded today are going to run with the current 1.2 on
other platforms. Your 0.103.6 build accepted them without complaints. I
did get to reboot, but that's on me.
>> Freshclam 0.103.6 fails with an SSL issue here. What .pem file is
>> freshclam looking for when it complains about:
>> * error setting certificate verify locations: CAfile:
>> /etc/ssl/cacert.pem CApath: none
>> If I create cacert.pem and make it read-only, the error changes to:
>> ERROR: Download failed (77) ERROR: Message: Problem with the SSL CA
>> cert (path? access rights?)
>This will probably go away once I rebuild clamav 0.103.6 with rpm
>openssl.
This would be good.
>Build is running now.
With debug symbols, I hope. :-)
FWIW, the memory usage problem may be beyond our ability to resolve, but
I'm willing to do some investigation, as time permits.