Cisco has released new releases of the free ClamAV antivirus package 0.104.1 and 0.103.4 . Recall that the project passed into the hands of Cisco in 2013 after the purchase of Sourcefire, which develops ClamAV and Snort. The project code is distributed under the GPLv2 license.
The main changes in ClamAV 0.104.1:
- The FreshClam utility has implemented a suspension of activity for 24 hours after receiving a response with a 403 code from the server. The change is intended to reduce the load on the content delivery network from clients blocked due to too frequent requests for updates.
- Redesigned the logic of recursive checking and extracting data from nested archives. Added new restrictions on the definition of attached files when scanning each file.
- Added mention of the base name of the virus to the text of warnings about exceeding the limits during scanning, such as Heuristics.Limits.Exceeded.MaxFileSize, to determine the correlation between the virus and blocking.
- The warnings “Heuristics.Email.ExceedsMax. *” Have been renamed to “Heuristics.Limits.Exceeded. *” To unify the names.
- Fixed issues leading to memory leaks and crashes.