ClamAV Question

Customer support forums for Atomic Protector (formerly Atomic Secured Linux). There is no such thing as a bad question here as long as it pertains to using Atomic Protector. Newbies feel free to get help getting started or asking questions that may be obvious. Regular users are asked to be gentle. :-)
Imaging
Forum Regular
Forum Regular
Posts: 333
Joined: Sat Sep 25, 2010 2:46 pm

ClamAV Question

Unread post by Imaging »

For the latest ClamAV packages from the asl-4.0 repo on CentOS 5.x (on our way to migrating away from it by the end of March but still in use at present):

clamd-0.99.2-35.el5.art.x86_64.rpm and relateds, we are now seeing the logs filling up with:

LibClamAV Warning: cli_loadldb: logical signature for Win.Ransomware.Locky-4 uses PCREs but support is disabled, skipping
LibClamAV Warning: cli_loadldb: logical signature for Html.Exploit.CVE_2016_0184-1 uses PCREs but support is disabled, skipping
LibClamAV Warning: cli_loadldb: logical signature for Pdf.Exploit.APSB16_26-1 uses PCREs but support is disabled, skipping
LibClamAV Warning: cli_loadldb: logical signature for Swf.Exploit.2016_4215-1 uses PCREs but support is disabled, skipping
LibClamAV Warning: cli_loadldb: logical signature for Pdf.Exploit.CVE_2016_1079-2 uses PCREs but support is disabled, skipping

and similar when clam is restarted.

As best I can see on a couple of searches, appears to be related to how the package itself was built. Is this something we can change a setting on on our end or is it related to how the updated package was built (PCRE is installed on the box)?


Thanks.
Post Reply