We may alter this function in a subsequent feature version.Īdded a new function to the public API for unpacking CVD signature archives. This new callback is to be considered unstable for the 1.0 release. The function cl_engine_set_clcb_file_inspection() may be used to enable the callback prior to performing a scan. The new callback function type is clcb_file_inspection defined in clamav.h. This project fixed several known issues with signature detection in all- match mode:Įnabled embedded file-type recognition signatures to match when a malware signature also matched in a scan of the same layer.Įnabled bytecode signatures to run in all-match mode after a match has occurred.įixed an assortment of all-match edge case issues.Īdded multiple test cases to verify correct all-match behavior.Īdded a new callback to the public API for inspecting file content during a scan at each layer of archive extraction. The newer code is more reliable and easier to maintain. Overhauled the implementation of the all-match feature. Use of the default password will now appear in the metadata JSON. Support for decrypting read-only OLE2-based XLS files that are encrypted with the default password. The ClamAV 1.0.0 feature release is now stable and available for download on or through Docker Hub.ĬlamAV 1.0.0 includes the following improvements and changes.
