ClamAV has released version 1.5, marking a significant upgrade for this open-source antivirus engine. This version introduces several major new features, enhancing its capabilities in detecting a variety of malicious threats including trojans and viruses.
One of the key updates is the integration of CVD signing and verification, which now utilizes external .sign files. This update also allows users to specify an alternative directory for CVD certificates. Additionally, the Freshclam tool has been improved to download external signature files to accompany existing .cvd databases, making updates more efficient.
Another notable enhancement is the introduction of features that allow for recording URIs found within HTML and PDF files when the JSON metadata generation feature is enabled. Users can opt out of storing these URIs with new command line options.
Security improvements include options to restrict the use of MD5 and SHA1 cryptographic hashes, which are often not recommended due to vulnerabilities. ClamAV 1.5 can now detect if FIPS (Federal Information Processing Standards) mode is enabled, thus enhancing its operation in secure environments.
The upgrade also optimizes the clean-file scan cache to utilize the SHA2-256 algorithm, adds new CLI options, and improves file recognition capabilities, especially for AI model file types. Enhancements have also been made for handling malformed ZIP archives and administrative commands.
Overall, this release not only fixes numerous bugs but also enhances support for various platforms, including Solaris and GNU/Hurd systems. Users can download ClamAV 1.5 from the official website or the project’s GitHub page where it is available as both source tarballs and binary packages for Debian/Ubuntu and Red Hat distributions.