SquidClamAv Changelog

New in version 5.11

November 3rd, 2012
  • Fix printing level of debug message when printing chunk sent to clamd. Thanks to Yuri Voinov for the report.

New in version 6.10 (October 29th, 2012)

  • Replace clamd STREAM by zINSTREAM protocol as clamav have removed the obsolete STREAM protocol in release 0.97.4.

New in version 6.9 (August 29th, 2012)

  • Add 'safebrowsing' configuration directive to enable/disable Safe Browsing detection.
  • Fix support to Clamav Google Safe Browsing that need a second query to clamd because the url need to be embeded in an email like content. Thanks to frOgz for the report.
  • Documentation updated for safebrowsing and proxy configuration variables.
  • All redirect CGI scripts have been rewritten with some CSS and to better handle virus vs malware. Thanks to frOgz for the patches.
  • Tested SquidClamav with Squid 3.2 successfuly.

New in version 6.8 (July 27th, 2012)

  • Compatibility fix with new c-icap 0.2.1 release that prevent squidclamav service to be initialized. Thanks to Martin Matuska for the patch.
  • Fix issue with new c-icap 0.2.1 release that generate an error error each time squidclamav return CI_MOD_204 in end of data handler function. Thanks to Martin Matuska or the patch.

New in version 6.7 (July 25th, 2012)

  • Add a workaround for a squidGuard bug that unescape the URL and send it back unescaped. This result in garbage staying into pipe of the system command call and could crash squidclamav on next read or return false information. This is specially true with URL containing the or
  • character. Thanks to John Xue for the report.
  • Update documentation about the recommanded way to call squidGuard through the use of url_rewrite_program in squid.conf. You may not use the squidguard configuration directive into squidclamav.conf.

New in version 6.6 (May 29th, 2012)

  • Rewrite entirely the squidclamav behavior with the maxsize directive. The previous fix was only a workaround.
  • Fix a bug on 'trustclient' check part that was never executed if 'dnslookup' was disabled. Thanks to Kandalf for the report.

New in version 6.5 (January 16th, 2012)

  • Fix a squidclamav crash when maxsize is removed from configuration file or disabled/set to 0. Thanks to Pascal Bendeich for the report.
  • Fix an issue when downloaded file size is upper than clamd.conf limit set into the StreamMaxLength configuration directive. Thanks to Arnvid Karstad for the report.
  • All cgi Perl script have been modified to report unsafe browsing.
  • Add a note about ClamAV and the support for Google Safe Browsing database.

New in version 6.4 (August 22nd, 2011)

  • Change default value for clamd_local configuration directive to the common package default clamd local socket '/var/run/clamav/clamd.ctl'.
  • The origin of the double free corruption was partially found in last release. It is now completely fixed. Thanks to Tim Weippert for the report.
  • The call to squidGuard from SquidClamav by a bidirectional pipe seem to make squid/c-icap system going slower and slower. The reason comes from more and more pending squidGuard processes after c-icap threads restart. The historical reason of this feature is related to Squid version 2.x that doesn't allow to chained url_rewrite_program. I think this is no more useful so the squidguard configuration directive will be removed in next major release. Thank to Marco Schuth and David Tannheimeri for the report. You'd better use the Squid configuration file (squid.conf) and the 'url_rewrite_program' directive to use squidGuard. There's no plan to reintroduce the call to squidGuard from SquidClamav at least until squidGuard has a daemon mode or you really asked for it.
  • Fix an issue on reallocating mishandled null pattern array.

New in version 6.2 (February 28th, 2011)

  • Fix squidclamav crash when X-Client-IP is not forwarded by default from squid to icap, i-e: when 'icap_send_client_ip on' is not set into squid.conf. Thanks to Diego Elio Pettenò for the patch.
  • Force client Ip and Username to '-' when they are not set or null. Thanks to Alex for the report.
  • Fix a signal 11 when username was not set.
  • Add new configuration option 'dnslookup' to disable DNS lookup of client ip address. Default is enabled for backward compatibility but you must desactivate this feature if you don't use trustclient with hostname in the regexp or don't have a DNS on your network. Disabling it will also speed up squidclamav.