Clam av warning
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
Clam av warning
This recently from Gentoo security for those who use an anti virus. Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details. Found in 099.3 --
ClamAV: Multiple vulnerabilities — GLSA 201801-19
I do not use it but in case your new to Linux, personally I use sophos.
ClamAV: Multiple vulnerabilities — GLSA 201801-19
I do not use it but in case your new to Linux, personally I use sophos.
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Re: Clam av warning
Most of us here don't use an antivirus in Mint, considering it to be a security risk, and not a security enhancement.
“If the government were coming for your TVs and cars, then you'd be upset. But, as it is, they're only coming for your sons.” - Daniel Berrigan
Re: Clam av warning
I already posted in the last week about those vulnerabilities. A perfect proof, how such software is able to reduce security. Using another AV does not help in general, because all major AVs had security problems in the past. The only secure AV is No AV.
Re: Clam av warning
Hello, TomT3rd.
The bugfixed version of clamav has arrived in the Ubuntu repositories, too.
The corresponding changelog available for clamav 0.99.3+addedllvm-0ubuntu0.16.04.1 reads
Analogy:
Every few weeks all the major web browsers like Chrome and Firefox receive security fixes, because new vulnerabilities have been detected and closed. Should our conclusion be that the only secure browser is no browser and we all stop using internet webpages?
P.S.:
Is there a specific reason for starting your thread in the LMDE 2 subforum? - I do not see any such reason. - Thread moved to "Chat about Linux Mint", which covers all Mint editions, Debian based and Ubuntu based.
Regards,
Karl
The bugfixed version of clamav has arrived in the Ubuntu repositories, too.
Code: Select all
$ apt-cache policy clamav
clamav:
Installed: (none)
Candidate: 0.99.3+addedllvm-0ubuntu0.16.04.1
Version table:
0.99.3+addedllvm-0ubuntu0.16.04.1 500
500 http://archive.ubuntu.com/ubuntu xenial-updates/main i386 Packages
500 http://security.ubuntu.com/ubuntu xenial-security/main i386 Packages
0.99+dfsg-1ubuntu1 500
500 http://archive.ubuntu.com/ubuntu xenial/main i386 Packages
I assume that this piece of information may be more helpful "for those who use an anti virus" than the stereotype statement that "the only secure AV is no AV".clamav (0.99.3+addedllvm-0ubuntu0.16.04.1) xenial-security; urgency=medium
* Updated to 0.99.3 to fix multiple security issues
- CVE-2017-12374, CVE-2017-12375, CVE-2017-12376, CVE-2017-12377,
CVE-2017-12378, CVE-2017-12379, CVE-2017-12380
* Removed patches no longer required
- debian/patches/CVE-2017-6418.patch
- debian/patches/CVE-2017-6420.patch
- debian/patches/CVE-2017-6420-2.patch
* debian/libclamav7.symbols,debian/rules: bumped cl_retflevel, add check.
* debian/patches/bb11549-fix-temp-file-cleanup-issue.patch: fix temp file
cleanup issue.
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 29 Jan 2018 10:21:19 -0500
Analogy:
Every few weeks all the major web browsers like Chrome and Firefox receive security fixes, because new vulnerabilities have been detected and closed. Should our conclusion be that the only secure browser is no browser and we all stop using internet webpages?
P.S.:
Is there a specific reason for starting your thread in the LMDE 2 subforum? - I do not see any such reason. - Thread moved to "Chat about Linux Mint", which covers all Mint editions, Debian based and Ubuntu based.
Regards,
Karl
The people of Alderaan have been bravely fighting back the clone warriors sent out by the unscrupulous Sith Lord Palpatine for 771 days now.
Lifeline
- Pjotr
- Level 24
- Posts: 20092
- Joined: Mon Mar 07, 2011 10:18 am
- Location: The Netherlands (Holland) 🇳🇱
- Contact:
Re: Clam av warning
Wrong analogy.karlchen wrote: Analogy:
Every few weeks all the major web browsers like Chrome and Firefox receive security fixes, because new vulnerabilities have been detected and closed. Should our conclusion be that the only secure browser is no browser and we all stop using internet webpages?
Yes, installing an application, any application, increases your attack surface. Web browsers are indispensable for browsing the web, so we take the "risk" of installing them. We accept their attack surface as the price we have to pay for using the web.
But in desktop Linux, AV is good for nothing at all. It promises extra security, but in fact it only decreases security. So why would anyone want to have AV in desktop Linux in the first place (überhaupt)?
Tip: 10 things to do after installing Linux Mint 21.3 Virginia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
Re: Clam av warning
I know a person and I know, that you know it also, who wrote regarding flash in the past "after the patch is before the patch". What is less stereotype with this sentence?karlchen wrote:the stereotype statement that "the only secure AV is no AV".
Security holes in AVs are not something, what happens only every leap-year. And AVs bring also other problems like stealing user data (discussed at the time when this had happened in the forum [1]). I clearly stay with my not at least stereotype statement. Alone the fact, that those things get used at all demonstrate, that such a statement cannot often enough get repeated. If we assume - and I do it -, that nobody installs an AV because he wants to get into the trouble, but because he - wrongly - believes, that he does something good, than it is absolutely obvious, that such a statement is urgently required. (Besides that you can also call other things "stereotype", e. g. the request for some system specs, if a user posts a question without giving any such information. In this sense a "stereotype" statement does not at least exclude, that it is necessary.)
Why are you not consequent, if you use such analogies? Than you would quickly get to the point, that also a kernel should never get used. Quite obviously this would end with the point, where you do not use a computer at all.karlchen wrote: Analogy:
Fact is, that there is software, which is unavoidable - besides the kernel a browser is for 99.999... % of all users such a software. And there is software, which a user should avoid. I leave it to you to imagination, which I mean.
[1] Examples: avast and McAfee (last paragraph)
Re: Clam av warning
I like being in the minority, so...
OK, AV software isn't needed on a Linux desktop (You could argue that it doesn't hurt to check before transferring files to a Windows box, especially if that box belongs to a child), but how would you describe Anti-Malware? Is it a program that just looks for malware and quarantines/deletes it? Or is Anti-Malware any program that attempts to make your system less likely to be hacked? (Which, incidentally, means nothing now with Meltdown and Spectre).
Is Firejail Anti-Malware? What about Apparmour? It's theoretically possible that both provide an attack vector that doesn't exist without installing and running them. So, are they different to other Anti-Malware programs? Or are they the next type of software that some will say isn't needed?
BTW, see Ubuntu Security Notices... There's not much you/we have installed that isn't/wasn't vulnerable at some time.
OK, AV software isn't needed on a Linux desktop (You could argue that it doesn't hurt to check before transferring files to a Windows box, especially if that box belongs to a child), but how would you describe Anti-Malware? Is it a program that just looks for malware and quarantines/deletes it? Or is Anti-Malware any program that attempts to make your system less likely to be hacked? (Which, incidentally, means nothing now with Meltdown and Spectre).
Is Firejail Anti-Malware? What about Apparmour? It's theoretically possible that both provide an attack vector that doesn't exist without installing and running them. So, are they different to other Anti-Malware programs? Or are they the next type of software that some will say isn't needed?
BTW, see Ubuntu Security Notices... There's not much you/we have installed that isn't/wasn't vulnerable at some time.
- Pjotr
- Level 24
- Posts: 20092
- Joined: Mon Mar 07, 2011 10:18 am
- Location: The Netherlands (Holland) 🇳🇱
- Contact:
Re: Clam av warning
Apples and oranges.... Better not compare them.chrisuk wrote:I like being in the minority, so...
OK, AV software isn't needed on a Linux desktop (You could argue that it doesn't hurt to check before transferring files to a Windows box, especially if that box belongs to a child), but how would you describe Anti-Malware? Is it a program that just looks for malware and quarantines/deletes it? Or is Anti-Malware any program that attempts to make your system less likely to be hacked? (Which, incidentally, means nothing now with Meltdown and Spectre).
Is Firejail Anti-Malware? What about Apparmour? It's theoretically possible that both provide an attack vector that doesn't exist without installing and running them. So, are they different to other Anti-Malware programs? Or are they the next type of software that some will say isn't needed?
BTW, see Ubuntu Security Notices... There's not much you/we have installed that isn't/wasn't vulnerable at some time.
Anti-malware is much too broad a term. Clearly, there are certain applications like sandboxing applications, that do provide a useful extra security bonus as net result (after deducting the inevitable risk caused by increase of attack surface connected to installing any application).
Tip: 10 things to do after installing Linux Mint 21.3 Virginia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
-
- Level 6
- Posts: 1282
- Joined: Mon Nov 24, 2014 9:17 am
- Location: Chrząszczyżewoszyce, powiat Łękołody
Re: Clam av warning
Congradilation! Those who have ClamAV installed, also have numbers of installed vulnerable programs =N+1. I personally prefer only N.TomT3rd wrote:Multiple vulnerabilities have been discovered in ClamAV.
Windows assumes I'm stupid but Linux demands proof of it
Re: Clam av warning
Couldn't the same argument apply to the AVs as well that they might "provide a useful extra security bonus as net result"?Pjotr wrote: Clearly, there are certain applications like sandboxing applications, that do provide a useful extra security bonus as net result (after deducting the inevitable risk caused by increase of attack surface connected to installing any application).
Re: Clam av warning
TomT3rd had pointed out that a Gentoo security notice has alerted users that several security breaches had been detected in Clamav, which have been fixed in Clamav version 0.99.3.
So the message was to those who use Clamav, check whether the bugfixed version is available on Linux Mint as well. If it is update asap. - It is available in the official repos by the way.
This is the short essence of the whole thread.
The question whether any of the mainstream antivirus products are of much use on Linux was of no relevance in this thread. This question has been discussed in too many threads already. No need to restart the same old cruisade over and over again, just because the trigger word "clamav" has been spotted.
So the message was to those who use Clamav, check whether the bugfixed version is available on Linux Mint as well. If it is update asap. - It is available in the official repos by the way.
This is the short essence of the whole thread.
The question whether any of the mainstream antivirus products are of much use on Linux was of no relevance in this thread. This question has been discussed in too many threads already. No need to restart the same old cruisade over and over again, just because the trigger word "clamav" has been spotted.
The people of Alderaan have been bravely fighting back the clone warriors sent out by the unscrupulous Sith Lord Palpatine for 771 days now.
Lifeline
- Pjotr
- Level 24
- Posts: 20092
- Joined: Mon Mar 07, 2011 10:18 am
- Location: The Netherlands (Holland) 🇳🇱
- Contact:
Re: Clam av warning
No. Because AV doesn't provide any additional security for desktop Linux at all. Only, and I repeat only a decrease of security.Marziano wrote:Couldn't the same argument apply to the AVs as well that they might "provide a useful extra security bonus as net result"?Pjotr wrote: Clearly, there are certain applications like sandboxing applications, that do provide a useful extra security bonus as net result (after deducting the inevitable risk caused by increase of attack surface connected to installing any application).
@karlchen: this old discussion will be repeated again and again, that's inevitable.... In my opinion, that's no problem. As long as it helps Linux beginners to make the right choices.
Tip: 10 things to do after installing Linux Mint 21.3 Virginia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
Re: Clam av warning
I guess then the idea of having an AV as an extra layer of security is in the bone marrow after years of having used WindowsPjotr wrote: No. Because AV doesn't provide any additional security for desktop Linux at all. Only, and I repeat only a decrease of security.
Re: Clam av warning
That's absolutely right. And there are many, many former Windows users who find it difficult to let go of that idea. There is a good reason why this thread has been sticky for years: viewtopic.php?f=90&t=31723Marziano wrote:I guess then the idea of having an AV as an extra layer of security is in the bone marrow after years of having used Windows
Maybe it should be updated and reposted as a new sticky thread.
If your issue is solved, kindly indicate that by editing the first post in the topic, and adding [SOLVED] to the title. Thanks!
-
- Level 6
- Posts: 1282
- Joined: Mon Nov 24, 2014 9:17 am
- Location: Chrząszczyżewoszyce, powiat Łękołody
Re: Clam av warning
They having used Linux too but not yet realised it. Home roters working under the Linux. Kernels old as hell, last firmware update was long ago. And what? Go, install AV to router. It is not possible, so nobody cares.Marziano wrote:I guess then the idea of having an AV as an extra layer of security is in the bone marrow after years of having used Windows
Windows assumes I'm stupid but Linux demands proof of it
Re: Clam av warning
Right, I guess not. I somehow find myself installing Clamav in all my installations but I never use it (not sharing files with Windows). Talking about force of the habit, bad habit.BigEasy wrote:Kernels old as hell, last firmware update was long ago. And what? Go, install AV to router. It is not possible, so nobody cares.
PS. Home by the Sea, a beautiful one. It was long time ago, brought back a whole lot of memories. Thanks for the link
Re: Clam av warning
ThisBigEasy wrote:They having used Linux too but not yet realised it. Home roters working under the Linux. Kernels old as hell, last firmware update was long ago. And what? Go, install AV to router. It is not possible, so nobody cares.Marziano wrote:I guess then the idea of having an AV as an extra layer of security is in the bone marrow after years of having used Windows
Re: Clam av warning
This would had been correct, if the OP would not had added the last sentence in his starting post. What he wanted to express with this is something, he must explain. But for me it reads like "I use Sophos and there are no security holes, so I am safe."karlchen wrote:So the message was to those who use Clamav, check whether the bugfixed version is available on Linux Mint as well. If it is update asap. - It is available in the official repos by the way.
This is the short essence of the whole thread.
Just at this time in February 2018 this is correct. But there are more than a dozen vulnerabilities listed for Sophos in the last year. Believing, that this AV is somehow more secure can only do a person, who closes his eyes very strongly against the hard and cruel facts.
Regarding this thread: With this little sentence the essence of this post had been completely changed. It was this changed essence (and not the word clamav) which caused me to write the allegedly stereotypical statement. The "old cruisade" had actually been restarted (possibly not intentionally) by this last sentence
- Pjotr
- Level 24
- Posts: 20092
- Joined: Mon Mar 07, 2011 10:18 am
- Location: The Netherlands (Holland) 🇳🇱
- Contact:
Re: Clam av warning
This "crusade" is ongoing, for the foreseeable future.... Beginners don't read old threads on this forum, so they'll keep asking the same questions about antivirus.
Be prepared to answer them monthly or even weekly. That's how it is. Old Windows habits die hard.
Be prepared to answer them monthly or even weekly. That's how it is. Old Windows habits die hard.
Tip: 10 things to do after installing Linux Mint 21.3 Virginia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
Re: Clam av warning
Yes--Mint is missing out on such things as antivirus and malware program downloads from unknown sources, malware scans, definition updates, scan scheduling, false reports, scanning and cleaning with untrusted cleaner software, defragging, os updates holding open shutdown and reboot, and now even mandatory updates.
Everything in life was difficult before it became easy.