Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 2171869 - daily.cvd in clamav-0.103.8-1 fails md5sum by clamscan
Summary: daily.cvd in clamav-0.103.8-1 fails md5sum by clamscan
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: clamav
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Sergio Basto
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-02-20 16:54 UTC by Neil Hanlon
Modified: 2023-03-01 02:55 UTC (History)
12 users (show)

Fixed In Version: clamav-0.103.8-3.fc36 clamav-0.103.8-3.fc37 clamav-0.103.8-3.el7 clamav-0.103.8-3.el8 clamav-0.103.8-3.el9
Doc Type: ---
Doc Text:
Clone Of:
Environment:
Last Closed: 2023-02-21 01:54:11 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 2170297 0 unspecified NEW clamav-1.3.1 is available 2024-04-17 23:01:43 UTC

Description Neil Hanlon 2023-02-20 16:54:49 UTC
Description of problem:

clamav-0.103.8-1 in Fedora & EPEL from [1] has a daily.cvd database which displays an error to the user when running clamscan due to failed signature verification of daily.cvd:

```
LibClamAV Error: Can't load /var/lib/clamav/daily.cvd: Can't verify database integrity
LibClamAV Error: cli_loaddbdir(): error loading database /var/lib/clamav/daily.cvd
ERROR: Can't verify database integrity
```

(trimmed for brevity)

With debug on, the following is printed:

```
LibClamAV debug: Loading databases from /var/lib/clamav
LibClamAV debug: in cli_cvdload()
LibClamAV debug: MD5(.tar.gz) = 9a3223dfc90446e2384856212b2a446f
LibClamAV debug: cli_cvdverify: MD5 verification error
```

Version-Release number of selected component (if applicable): clamav-0.103.8-1


How reproducible: Always


Steps to Reproduce:
1. Install release 0.103.8-1 of clamav-data
2. Run a clamscan command e.g. `clamscan --infected --recursive .`

Actual results:

The scan results in error messages like the above.

Expected results:

Scan completes without an error message regarding the database integrity

Additional info:

This can be mitigated by using `freshclam` provided by `clamav-update` to upgrade to a newer CVD manually.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=2170297

Comment 1 Fedora Update System 2023-02-20 17:09:32 UTC
FEDORA-EPEL-2023-d1e7c4387e has been submitted as an update to Fedora EPEL 9. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-d1e7c4387e

Comment 2 Fedora Update System 2023-02-20 17:09:33 UTC
FEDORA-2023-e272374534 has been submitted as an update to Fedora 37. https://bodhi.fedoraproject.org/updates/FEDORA-2023-e272374534

Comment 3 Fedora Update System 2023-02-20 17:09:34 UTC
FEDORA-EPEL-2023-466d8ae059 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-466d8ae059

Comment 4 Fedora Update System 2023-02-20 17:09:34 UTC
FEDORA-2023-3ba365d538 has been submitted as an update to Fedora 36. https://bodhi.fedoraproject.org/updates/FEDORA-2023-3ba365d538

Comment 5 Fedora Update System 2023-02-20 17:09:35 UTC
FEDORA-EPEL-2023-5cb6798308 has been submitted as an update to Fedora EPEL 8. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-5cb6798308

Comment 6 Fedora Update System 2023-02-21 01:23:25 UTC
FEDORA-2023-e272374534 has been pushed to the Fedora 37 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-e272374534`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-e272374534

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 7 Fedora Update System 2023-02-21 01:53:32 UTC
FEDORA-EPEL-2023-d1e7c4387e has been pushed to the Fedora EPEL 9 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-d1e7c4387e

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 8 Fedora Update System 2023-02-21 01:54:11 UTC
FEDORA-2023-3ba365d538 has been pushed to the Fedora 36 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 9 Fedora Update System 2023-02-21 02:06:49 UTC
FEDORA-EPEL-2023-466d8ae059 has been pushed to the Fedora EPEL 7 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-466d8ae059

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 10 Fedora Update System 2023-02-21 02:23:26 UTC
FEDORA-EPEL-2023-5cb6798308 has been pushed to the Fedora EPEL 8 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-5cb6798308

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 11 Fedora Update System 2023-02-22 10:11:50 UTC
FEDORA-2023-e272374534 has been pushed to the Fedora 37 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 12 Fedora Update System 2023-02-22 10:39:45 UTC
FEDORA-EPEL-2023-466d8ae059 has been pushed to the Fedora EPEL 7 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 13 Fedora Update System 2023-03-01 00:35:05 UTC
FEDORA-EPEL-2023-5cb6798308 has been pushed to the Fedora EPEL 8 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 14 Fedora Update System 2023-03-01 02:55:41 UTC
FEDORA-EPEL-2023-d1e7c4387e has been pushed to the Fedora EPEL 9 stable repository.
If problem still persists, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.