Comment 20 for bug 1818211

Revision history for this message
In , Micksola (micksola) wrote :

It wasn't quite clear at the offset of this bug, but ClamAV cannot support unofficial signatures from a development standpoint. For numerous reasons, we do not regress against those signatures, and in cases where sig writers publish non-functional signatures due to insufficient testing (which then cause crashes in newer versions of clam) we cannot devote our resources to fixing that problem.

We can only urge users to be more selective in which signature set they decide to trust, and ask sigwriters to push an update which removes the offending sigs.

All that said, we definitely encourage sigwriters to submit their signatures to undergo our official QA, signing, and distribution process. https://www.clamav.net/contact#partners

I don't want to dwell on "what could have beens", but if the writer of these sigs had taken advantage of our partner program, I imagine this problem would have been sussed out and fixed long ago.

Leaving this open for now, as we clearly have a bug in yara rule parsing. No promise on timeline. Please don't schedule around this issue.