+1 from me on the “official fix”. I’m paying for the stable update repository (Crostino subscription) so this sort of problem shouldn’t happen.
OK, I accept you can’t control upstream faults. Please publish an official fix as soon as you’re able to - there must be lots of Nethserver users who are experiencing this issue.
I followed upgrade instructions from developerpage (as @mrmarkuz postet) right now and was “downgraded” to version 6.1.0 with config V80 and no errors anymore.
I think the developer has already reacted. The file clamav-unofficial-sigs.sh is only 4 hours old.
After update to v 7.0.1 i received this message hourly.
Edit: And now i think i have a other problem.
Sun Jan 26 12:38:01 2020
Scanned Folder: //var/lib/clamav/rfxn.yara: Php.Exploit.C99-23 FOUND
/var/lib/clamav-unofficial-sigs/dbs-lmd/sigpack.tgz: Php.Exploit.C99-23 FOUND
/var/lib/clamav-unofficial-sigs/dbs-lmd/rfxn.yara: Php.Exploit.C99-23 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 6561649
Engine version: 0.101.5
Scanned directories: 25633
Scanned files: 147284
Infected files: 3
Data scanned: 21793.64 MB
Data read: 16757.90 MB (ratio 1.30:1)
Time: 2059.986 sec (34 m 19 s)
Sorry, i wish I new how to fix this. My NethServer is a production device (runs my home network and email) so I’m waiting for the official fix via the software center. I hope they sort it out soon. It’s not causing me a huge problem, i just delete the junk emails.
Do you have any backups or snapshots you could restore from?
Bob
Followed the update instruction on the devs page for 6.1
Downloaded files to tmp dir. Made clamav-unofficial-sigs.sh executable. Copied files into right directories.
and did a forced update:
sh /usr/sbin/clamav-unofficial-sigs.sh --force
################################################################################
eXtremeSHOK.com ClamAV Unofficial Signature Updater
Version: v7.0.1 (2020-01-25)
Required Configuration Version: v91
Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com
################################################################################
Loading config: /etc/clamav-unofficial-sigs/master.conf
Loading config: /etc/clamav-unofficial-sigs/os.conf
Loading config: /etc/clamav-unofficial-sigs/user.conf
+++++++++++++++++++++++
NOTICE: forcing updates
+++++++++++++++++++++++
===================
Preparing Databases
===================
==================================================
Sanesecurity Database & GPG Signature File Updates
==================================================
Checking for Sanesecurity updates...
Sanesecurity mirror site used: 46.21.115.195
receiving file list ...
58 files to consider
-------------------------------------------
No Sanesecurity database file updates found
-------------------------------------------
========================================
LinuxMalwareDetect Database File Updates
========================================
Checking for LinuxMalwareDetect updates...
========================================
LinuxMalwareDetect Database File Updates
========================================
---
---
Testing updated LinuxMalwareDetect database file: rfxn.yara
Clamscan reports LinuxMalwareDetect rfxn.yara database integrity tested good
Successfully updated LinuxMalwareDetect production database file: rfxn.yara
================================
Yara-Rules Database File Updates
================================
Checking for urlhaus updates...
Checking for updated urlhaus database file: urlhaus.ndb
Testing updated urlhaus database file: urlhaus.ndb
Clamscan reports urlhaus urlhaus.ndb database integrity tested good
Successfully updated urlhaus production database file: urlhaus.ndb
=================================
Setting permissions and ownership
=================================
===========================================================
Database reload has been disabled in the configuration file
===========================================================
----------------------------------------------------------------------------
Issue tracker : https://github.com/extremeshok/clamav-unofficial-sigs/issues
----------------------------------------------------------------------------
##############################################
Powered By https://eXtremeSHOK.com
##############################################
[root@nethserver sbin]# clamav-unofficial-sigs.sh -V
################################################################################
eXtremeSHOK.com ClamAV Unofficial Signature Updater
Version: v7.0.1 (2020-01-25)
Required Configuration Version: v91
Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com
################################################################################
No errors so far.
Now waiting for cron to execute, if this will generate an error or a message.
Will report at about 09:30
EDIT: Markt this as solution, as for my problem it is. No more errors in the log, no more email-alerts. Everything seems to fine again. It was a upstream issue. Nothing partikular to nethserver.
The spaming was annoying, but not a real issue. So have a nice day all together…