Update in-place replacement clamav on Ubuntu

Posted by kelly on Mon, 02/20/2023 - 20:43

For the current clamav vulnerabilites CVE-2023-20032 and CVE-2023-20052 are no updates for Ubuntu available at this time. We use the LTS Downloads 1.0.1 from clamav for a temporaray in-place replacement on Ubuntu.

We extracted from https://www.clamav.net/downloads the binaries and libs and placed them on the right place for ubuntu. Tested on Ubuntu 16.04 and 18.04. Please feedback your experience.

To install:

# Only if used with amavis
service postfix stop
service amavis stop
 
# Stop running services.
service clamav-freshclam stop
service clamav-daemon stop
 
# Remove old libraries.
rm /usr/lib/x86_64-linux-gnu/libclamav.so.*
rm /usr/lib/x86_64-linux-gnu/libfreshclam.so.*
 
 
# Download and extract LTS package.
mkdir clamav-1.0.1
cd clamav-1.0.1
wget https://www.clamav.net/downloads/production/clamav-1.0.1.linux.x86_64.deb
ar x clamav-1.0.1.linux.x86_64.deb
tar -xzf data.tar.gz
 
# Copy needed files to filesystem.
cp -a usr/local/bin usr/local/lib usr/local/sbin /usr/
 
# Run ldconfig and symlink original config.
ldconfig
ln -s /etc/clamav/clamd.conf /usr/local/etc/
ln -s /etc/clamav/freshclam.conf /usr/local/etc/
 
# Testing and starting freshclam.
freshclam --version
# ClamAV 1.0.1/26818/Mon Feb 20 09:21:31 2023
freshclam
service clamav-freshclam start
tail /var/log/syslog
 
# Starting clamav-daemon.
service clamav-daemon start
# Waiting for clamd.ctl
watch ls -l /var/run/clamav/clamd.ctl
tail -50 /var/log/syslog
 
 
# Only if used with amavis
service amavis start
tail /var/log/syslog
 
# Only if used with amavis
service postfix start
tail /var/log/mail.err
tail /var/log/mail.log

If you want to test you can send an email (or connect via telnet on port 25) and use Eicar string:

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

Reinstall Orginal packages:

service clamav-freshclam stop
service clamav-daemon stop
 
rm /usr/local/etc/clamd.conf
rm /usr/local/etc/freshclam.conf
rm /usr/lib/libclam*
rm /usr/lib/libfreshclam*
rm /usr/lib/pkgconfig/libclamav.pc
 
aptitude reinstall clamav clamav-base clamav-daemon clamav-freshclam clamdscan libclamav7 libclamav9 libclamunrar7

 

Systems
Server