Am 31.03.25 um 20:23 schrieb Val Snyder (micasnyd) via clamav-users:
The ClamAV 1.5.0 beta is now available.
Hello Val, today, I tried to build 1.5.0-beta on a Debian/Bookworm system with a downloaded rust-1.86.0-x86_64-unknown-linux-gnu and distribution's openssl-3.0.15. 1. there are some warnings while compiling. I checked, they are not all new. I saw similar warnings in my clamav-1.4.2 build log. But I think, it's worth to mention them. You may load them from https://andreasschulze.de/tmp/clamav-1.5.0-beta.buildwarnings.txt 2. after `cmake --build . --config Release` I run `ctest -C Release -V` this starts also with a warning: Compiling clamav_rust v0.0.1 (/tmp/clamav-1.5.0-beta/libclamav_rust) warning: calls to `std::str::from_utf8` with a invalid literal always return an error --> libclamav_rust/src/ffi_util.rs:294:25 | 294 | if let Err(e) = std::str::from_utf8(b"\x80") { | ^^^^^^^^^^^^^^^^^^^^-------^ | | | the literal was valid UTF-8 up to the 0 bytes | = note: `#[warn(invalid_from_utf8)]` on by default warning: `clamav_rust` (lib test) generated 1 warning Finished `release` profile [optimized] target(s) in 19.79s Running unittests src/lib.rs (/tmp/clamav-1.5.0-beta/build/x86_64-unknown-linux-gnu/release/deps/clamav_rust-3141a63fdaf6b8b1) 3. later, the test fail: 6: [INFO]: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 6: [INFO]: sigtool test for --sign and --verify 6: [INFO]: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 6: [WARNING]: VG: None 6: [DEBUG]: Run command: /tmp/clamav-1.5.0-beta/build/sigtool/sigtool --sign /tmp/clamav-1.5.0-beta/build/unit_tests/TC-k0gsr81m/file_to_sign --key /tmp/clamav-1.5.0-beta/build/unit_tests/input/signing/sign/signing-test.key --cert /tmp/clamav-1.5.0-beta/unit_tests/input/signing/sign/signing-test.crt --cert /tmp/clamav-1.5.0-beta/unit_tests/input/signing/sign/intermediate-test.crt 6: [DEBUG]: Exit code: 0 6: [DEBUG]: stdout: sign: Successfully signed file '/tmp/clamav-1.5.0-beta/build/unit_tests/TC-k0gsr81m/file_to_sign', and placed the signature in '/tmp/clamav-1.5.0-beta/build/unit_tests/TC-k0gsr81m/file_to_sign.sign' 6: 6: [DEBUG]: Run command: /tmp/clamav-1.5.0-beta/build/sigtool/sigtool --verify /tmp/clamav-1.5.0-beta/build/unit_tests/TC-k0gsr81m/file_to_sign --cvdcertsdir /tmp/clamav-1.5.0-beta/unit_tests/input/signing/verify 6: [DEBUG]: Exit code: 0 6: [DEBUG]: stdout: verify: Successfully verified file '/tmp/clamav-1.5.0-beta/build/unit_tests/TC-k0gsr81m/file_to_sign' with signature '/tmp/clamav-1.5.0-beta/build/unit_tests/TC-k0gsr81m/file_to_sign.sign', signed by 'ClamAV TEST CVD Signing Cert' 6: 6: [DEBUG]: Run command: /tmp/clamav-1.5.0-beta/build/sigtool/sigtool --verify /tmp/clamav-1.5.0-beta/build/unit_tests/TC-k0gsr81m/file_to_sign --cvdcertsdir /tmp/clamav-1.5.0-beta/unit_tests/input/signing/verify 6: [DEBUG]: Exit code: 1 6: [DEBUG]: stdout: 6: [DEBUG]: stderr: Error verifying signature signed by ["ClamAV TEST CVD Signing Cert"]: error:10800065:PKCS7 routines:PKCS7_signatureVerify:digest failure:../crypto/pkcs7/pk7_doit.c:1089:, error:10800069:PKCS7 routines:PKCS7_verify:signature failure:../crypto/pkcs7/pk7_smime.c:363: 6: LibClamAV Warning: Invalid digital signature for "/tmp/clamav-1.5.0-beta/build/unit_tests/TC-k0gsr81m/file_to_sign": error:10800065:PKCS7 routines:PKCS7_signatureVerify:digest failure:../crypto/pkcs7/pk7_doit.c:1089:, error:10800069:PKCS7 routines:PKCS7_verify:signature failure:../crypto/pkcs7/pk7_smime.c:363: 6: ERROR: verify: Failed to verify file '/tmp/clamav-1.5.0-beta/build/unit_tests/TC-k0gsr81m/file_to_sign': Error verifying signature: error:10800065:PKCS7 routines:PKCS7_signatureVerify:digest failure:../crypto/pkcs7/pk7_doit.c:1089:, error:10800069:PKCS7 routines:PKCS7_verify:signature failure:../crypto/pkcs7/pk7_smime.c:363: 6: 6: ok 6: 6: 6: [INFO]: Removed tmp directory: /tmp/clamav-1.5.0-beta/build/unit_tests/TC-k0gsr81m 6: 6: ---------------------------------------------------------------------- 6: Ran 4 tests in 0.178s 6: 6: OK 6/6 Test #6: sigtool .......................... Passed 0.45 sec 83% tests passed, 1 tests failed out of 6 Total Test time (real) = 61.83 sec The following tests FAILED: 4 - clamd (Failed) Errors while running CTest 4. I seems, the "Talos PGP Public Key" published at https://www.clamav.net/downloads was updated. The old key (I used since years) was able to verify clamav-1.4.2. But to verify 1.5.0-beta, I had to use the (new?) version. Would have saved me some time if a changed key would be announced (or maybe I missed such announcement ...) Please let me know, if I should provide additional information ... Andreas _______________________________________________ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
