A few weeks ago we got caught out by the clamav shenannigans (they released an update that broke old versions of clamAV) we patched it at the time but the only way to get it updating again was to do a distro upgrade. so I upgraded the server from debian sarge to debian etch and then to lenny. The process mostly went smoothly but the amavis config got mangled and because amavis didn't upgrade, neither would clam. so I ripped it out and started again but I'm not sure if my clam is now updating. Here's what I get in my freshclam logs To me this says that clamAV is running an old version but the definition files are up to date. However, this is what I get when I do clamscan -V To me that says that clamAV is running the latest version but with an old definition file. What's that about? Can anybody clarify this?
you mostlikely have updated "clamav-base", but not "clamav-daemon" you should have these packages up to date: clamav clamav-base clamav-daemon clamav-freshclam libclamav6
oh, this confused me because I did have the latest versions but when i tried to install libclamav6 it wouldn't let me because the package didn't exist. After a bit of head scratching I added this to /etc/apt/sources.list deb http://volatile.debian.org/debian-volatile lenny/volatile main contrib non-free ran apt-get update and bam, newer versions of everything plus libclamav6 I now get this in my freshclam logs However I still get this when I run clamscan -V ClamAV 0.96/10677/Wed Mar 31 16:16:29 2010 But I'm tempted to ignore that. What do you reckon?
They rolled out the new clamav (0.96) on the repositories, so i don't see the problem here, everything is updated to 0.96, and that's good .. AND you don't get the error in freshclam.log anymore .. so what's the problem?
1. http://www.gopiano.com/ 2. you said "But I'm tempted to ignore that. What do you reckon?" .. i reckon nothing
Cannot update CLAMAV Getting a warning when running freshclam as follows: WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.96 Recommended version: 0.96.1 DON'T PANIC! Read http://www.clamav.net/support/faq Running ubuntu 10.04 and can't seem to update it with apt-get. When I go to the faq link above I get lost and confused. Can anyone shed some light on how to get this resolved? TIA!
You can ignore that message (it's just a warning, not an error ) It's because the ubuntu repositories don't have the latest version (yet)
You can install the latest version from source (http://www.clamav.net/lang/en/download/sources/) if the message really bothers you. Uninstall the previous version first. Note: When I installed from source the executables were put in a different place (/usr/local/bin) than the previous version (/usr/bin). Solved by adding a symlink from old to new.
I have to be honest...I've never had good success (meaning, never been left with a cleanly, perfectly working system) using any package manager to update a package like amavis or clam. On server environments, that is one thing I will always build from sources and customize. I do lose some of the "automatic" feature of a package manager, but at least i know how exactly how it was put in and exactly how to take it out. But this is just me. Lastly, you could have two versions of the clam engine running 0.94 and 0.96. Except that 0.94 is the one being utilized by the system. I strongly suggest you totally remove all traces of clam and reinstall. P.S. - I think a very large amount of people got stung by that little trick the devs at clam did. I know I did.
Update on Debian Lenny I did the following as root and my clamav was updated : /etc/init.d/clamav-daemon stop /etc/init.d/clamav-freshclam stop Check /var/log/clamav/freshclam.log If « has connected too many times … » : rm /var/lib/clamav/mirrors.dat Nano /etc/apt/sources.list Add following line (if not present) deb http://volatile.debian.org/debian-volatile lenny/volatile main contrib non-free apt-get update if problems with pubkey : W: GPG error: http://volatile.debian.org lenny/volatile Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY ...... W: You may want to run apt-get update to correct these problems Apt-get install debian-archive-keyring Apt-get update apt-get install clamav apt-get install clamav-daemon apt-get install clamav-freshclam freshclam (this will force an update) this should do the trick check clamav is running now ps aux |grep clam you should get something like this clamav 14148 6.5 4.2 217652 170888 ? Ssl 09:35 0:02 /usr/sbin/clamd clamav 14807 4.2 0.1 43344 7396 ? Ss 09:35 0:00 /usr/bin/freshclam -d --quiet root 14816 0.0 0.0 5160 772 pts/0 R+ 09:36 0:00 grep clam