Cisco has published new releases of the free anti-virus package ClamAV 0.104.1 and 0.103.4. Recall that the project passed into the hands of Cisco in 2013 after the purchase of Sourcefire, which develops ClamAV and Snort. The project code is distributed under the GPLv2 license.
Main changes in ClamAV 0.104.1:
- The FreshClam utility now suspends activity for 24 hours after receiving a 403 response from the server. The change is intended to reduce the load on the content delivery network from clients that are blocked due to sending requests for updates too often.
- The logic of recursive checking and extracting data from nested archives has been redesigned. Added new restrictions on the detection of nested files when scanning each file.
- Added reference to the base name of the virus to the text of warnings about exceeding limits during scanning, such as Heuristics.Limits.Exceeded.MaxFileSize, to determine the correlation between the virus and blocking.
- "Heuristics.Email.ExceedsMax.*" alerts renamed to "Heuristics.Limits.Exceeded.*" to unify names.
- Fixed issues that caused memory leaks and crashes.
Source: opennet.ru