ClamSAP Activity
Brought to you by:
ehhle
Activity for ClamSAP
-
ClamSAP released /RPM/clamsap-0.104.3-rhel8.10.x86_64.rpm
-
-
-
tbatou created ticket #24
clamav-1.0.7-1, last version of clamsap is not compatible
-
Markus Strehle modified ticket #23
ClamAV not listentnig on port
-
I have setup SLES15 SP2 and there the port was 3310, however if it is in your case 5555 Then please setup INITSERVERS with parameter tcp://127.0.0.1:5555
-
Hi Robert, I will take it. Let me reproduce it. So you use clamd (daemon) and you want use libclamdsap.so with VSCAN_RFC About your question 2. You can define all parameters including the connect to clamd in VSCANGROUP.
-
Peter Lintner posted a comment on ticket #23
Hi, any updates on this? Best regards Peter
-
Robert Orosz created ticket #23
ClamAV not listentnig on port
-
Bulding ClamSAP on AIX
-
Hello Ladislav, I close this, because I cannot change the build environment of clamav.
-
TCP port change and Local TCPsocket support
-
Julien C. posted a comment on ticket #19
Hi Markus, I missed that parameter INITSERVERS. It works in my setup. It seems that VSI doesn't support local socket, so we will change the clamd tcp port to an used port. Thanks for your answer and your support. Best Regards, Julien
-
here my clamconf Software settings Version: 0.103.8 Optional features supported: MEMPOOL IPv6 AUTOIT_EA06 BZIP2 LIBXML2 PCRE2 ICONV JSON Database information Database directory: /var/lib/clamav daily.cvd: version 26954, sigs: 2037855, built on Thu Jun 29 07:29:58 2023 main.cld: version 62, sigs: 6647427, built on Thu Sep 16 12:32:42 2021 bytecode.cvd: version 334, sigs: 91, built on Wed Feb 22 21:33:21 2023 main.cvd: version 62, sigs: 6647427, built on Thu Sep 16 12:32:42 2021 Total number of signatures:...
-
Hello Julien, I have setup your configuration and I see clamd running on different than 3310 and from VSI that is supported too. What I did 1. Changed the TCP port in clamd.conf . Depending on your OS , search for clamd.conf and change or add : - TCPSocket 8888 TCPAddr 127.0.0.1 Ensure that no other sections with TCPSocket are in clamd.conf. 2. Restart clamd, e.g. sudo clamd -c /etc/clamd.conf 3. Check LISTEN, e.g. netstat -ln , search for entries and check that 8888 is visible. In your case 3310...
-
TCP port change and Local TCPsocket support
-
Ladislav Mravec posted a comment on ticket #3
Hello Markus, We have been using clamav and clamsap on AIX for many years, but recent ClamAV requires some additional tools to be built (CMake, Rust, ...) and not all of them have been ported to AIX yet. The not-up-to-date ClamAV RPM package available in IBM opensource repository (0.102.2-1) installs OK, freshclam and other binaries work, but I was not able to build ClamSAP based on this installation. The required clamav.h file is present, but the ClamSAP configure script can't find it in any preferred...
-
Hello Ladislav, I tried to build the source on AIX but could not get a machine anymore. The problem with platforms different to Linux is, that support for a platform needs also involvement from the vendor of the platform. In best case the vendor officially support the open-source. In case of clamsap you need to know that this is only a small wrapper but the AV protection is in clamav. I am not really sure if IBM supports clamav officially, but found https://clamav-users.clamav.narkive.com/WEHNQ0Rf/clamav-support-for-aix-7-1...
-
Extension is not compatible to MIME type because of charset
-
close because of last feedback, thanks
-
Bulding ClamSAP on AIX
-
Matthieu S. posted a comment on ticket #17
Dear Markus Thanks you very much for the fix. I can now confirm this issue is solved with release 0.104.3 Thnaks again, best regards, matthieu
-
Virus scan interface for ClamSAP AV
-
Hi Sanjeev, you need to ask the SAP support. here. ClamSAP supports VSI, but not the other way around. So you can use clamsap in combination with clamav and contect to a SAP system - using VSI. Symantec is another vendor/product. kind regards, -markus
-
Hi Sanjeev, you need to ask the SAP support. here. ClamSAP supports VSI, but not the other way around. So you can use clamsap in combination with clamav and contect to a SAP system - using VSI. Symantec is another vendor/product. kind regards, -markus
-
Can the isHTMLCharacter() whitelist used to determine MIME types be amended?
-
Can the isHTMLCharacter() whitelist used to determine MIME types be amended?
-
Thank you for the answer I will close this bug
-
Thank you for the answer I will close this bug
-
Sanjeev Pal created ticket #2
Virus scan interface for ClamSAP AV
-
Jaroslav Jindrak posted a comment on ticket #18
I have received positive feedback on the patch for the original case (the bullet point and opening single quote) and have sent the patched packages to another reporter with different characters, but looking at the patch I assume the feedback will be positive there too. Thanks!
-
Thanks Markus. I'll let you know but I fear I won't be able to provide a feedback before september. best regards, matthieu
-
ok, thanks for the response, so if you need a package for RedHat or older SUSE OSes you can use https://sourceforge.net/projects/clamsap/files/RPM/clamsap-0.104.3-1.x86_64.rpm/download or if you tell me your architecture I can check if I am able to provide a test library for you.
-
Hi, I have already noticed your patch earlier today, built a clamsap package with it and sent it for testing (I unfortunately do not have any reproducing machine at hand), will update here once I receive feedback, thanks.
-
Hi, in general I would like to know if the XML detection you mentioned at the begin now is solved with the library version 104.3 because here I enhanced the check to use libmagic . The internal function isHTMLCharacter was a shortcut before using libmagic and still is a shortcut to check if syntax is XML with only ASCII chars. If any non-ascii character is found now the libmagic check is done, but the final decision should be application/xml independent from encoding inside the content kind rega...
-
Hi, dont know if this bug mixes some questions, however here you mean you have a Excel file rename to .xml only or do you have converted a Excel file to .xml via export. I ask because if you simply use the xlsx file then this is internally a ZIP package and due to misleading MIME detecting this will fail and should fail. I tried this and internally office is detected via libmagic but a file extension .xml is not compatible to office and therefore it fails. If you have exported from Excel your content...
-
Lessons Learned for Windows Install
-
Hi Matthieu, thanks a lot! I created a new patch and the OpenSuse repos http://download.opensuse.org/repositories/security should get it soon, e.g. http://download.opensuse.org/repositories/security/SLE_12_SP5/x86_64/ So please try if this fixes your issue. best regards, -markus
-
0.104.3
-
-
-
0.104.3 Fix XML MIME type detection using libmagic
-
d036670 committed [0e4702]
new version 0.104.3
-
d036670 committed [0833b6]
fix bug 17
-
Dear Markus Nice vacations ;) A lib for SUSE would be great, I would say. Thanks ! best summer regards, matthieu
-
Extension is not compatible to MIME type because of charset
-
commited a fix, are you able to verify it from source or due you need a library ? if you need a library for which OS ?
-
Fix bug 17 due to refacatoring of object checks
-
Fix bug 17 due to refacatoring of object checks
-
Can the isHTMLCharacter() whitelist used to determine MIME types be amended?
-
Hi, the internal function is only valid for ASCII, yes and thus will re-use code from file (magic) to detect encoding and handle ASCII and UTF-8 . kind regards
-
Hi, I will re-use code from file to determine utf-8 so that it will end both in application/xml The internal function is only valid for ASCII I will do a fix in next weeks during summer vacation. regards
-
Hans-Peter Jansen posted a comment on ticket #18
BTW, this was a legitimate xlsx document, that was renamed to a .xml file. In the long run, it would be nice to fully cover the UTF-8 standard.
-
Can the isHTMLCharacter() whitelist used to determine MIME types be amended?
-
Dear Markus, Thanks you very much for the time and effort. And sorry for the delay. Unfortunately I cannot confirm that 0.104.2 and the ending wildcard (neither text/xml* , nor text/xml*utf-8) solved the issue. Interestingly, when testing both of those attached files in VSCANTEST, the us-ascii one get accepted and recognized as application/xml, so there's still some part in the mechanic that evades me. (both files comes from the same source, I've just replaced one char (A) with an accented A) best...
-
Dear Markus, Thanks you very much for the time and effort. And sorry for the delay. Unfortunately I cannot confirm that 0.104.2 and the ending wildcard (neither text/xml* , nor text/xml*utf-8) solved the issue. Interestingly, when testing both of those attached files in VSCANTEST, the us-ascii one get accepted and recognized as application/xml, so there's still some part in the mechanic that evades me. (both files comes from the same source, I've just replaced one char (A) with an accented A) best...
-
Hello Matthieu, ok, so in ABAP I now that there are restrictions in input field. I kow about length and characters restrictions, but I always recommend to report this as bug to support component BC-SEC-VIR. The check was defined according to https://datatracker.ietf.org/doc/html/rfc2045 and here charset is defined for text types, text/plain; charset="us-ascii". I have found VSA spec, see https://ftp.gwdg.de/pub/misc/sapdb/icc/nw-vsi/VSA-Specification.pdf so in Java the MIME type with charset is possible...
-
Hello Markus, Thanks for the sunday recommendation, it's very helpful. text/xml* will be my way to go but I'll first need to update from 0.103.3 to 0.104.1 at least. However, your suggestion to "distinguish between both" (which is not my main goal, but could nevertheless be pretty useful), leads to another question : can I achieve to define the 2 types in full length without the wildcard while transaction vscanprofile doesn't seem to accept charset additions as is (Message no. VSCAN082) ? As per...
-
Hello Matthieu, in the output and tests you see that difference comes from file utilities which is used to determine the MIME type. Since some week clamsap supports now simply wildcards and therefore I recommend that you set text/xml* as allowed or blocked MIME type and then this includes both charsets. If you want distinguish between both then define the types in full length, but if you dont want then use either text/ if you want allow all text types or only text/xml. Hope this helps best regards,...
-
Extension is not compatible to MIME type because of charset
-
0.104.2
-
-
-
-
0.104.2 Relax javascript check in PDF
-
d036670 committed [a54781]
new version 0.104.2
-
d036670 committed [c1f531]
Relax javascript check in PDF
-
0.104.1
-
-
-
0.104.1 Add feature: wildcard support for MIME settings
-
b'Markus Strehle committed [535543]
Merge /u/ehhle/clamsap/ branch version01041 into main
-
Version Update 0.104.1
-
Support wildcards for MIME parameters (positive/negative list)
-
Version Update 0.104.1
-
Support wildcards for MIME parameters (positive/negative list)
-
-
-
d036670 committed [db1846]
sync
-
b'Markus Strehle committed [bc8b8c]
Merge /u/ehhle/clamsap/ branch updateVersion into main
-
Version Update 0.103.4
-
Allow to ignore OpenAction in PDF documents
-
Version Update 0.103.4
-
update version 0.103.4
1 >
