eXtremeSHOK has released a new version of their ClamAV unofficial signatures updater script.
The clamav-unofficial-sigs script provides a simple way to download, test, and update third-party signature databases provided by Sanesecurity, FOXHOLE, OITC, Scamnailer, BOFHLAND, CRDF, Porcupine, Securiteinfo, MalwarePatrol, Yara-Rules Project, urlhaus, MalwareExpert, interServer etc. The script will also generate and install cron, logrotate, and man files.
Change log:
- eXtremeSHOK.com maintenance
- Database rating downgrades are now supported, eg, changing from HIGH to LOW will remove the HIGH and MEDIUM rated databases.
- Disabled databases are automatically removed
- Disable databases by setting the rating to "DISABLED" eg. securiteinfo_dbs_rating="DISABLED" will disable all securiteinfo databases
- Added Malware Expert databases (non-free)
- Added interServer databases (free)
- Reworked securiteinfo premium databases (non-free)
- Added malwarepatrol_db to specify the exact database name (default: malwarepatrol.db)
- Added detection of tar executable (use gtar on mac and bsd)
- Config os.macosx.conf renamed to os.macos.conf
- Fix: set ownership of last-version-check.txt
- More automated linting and testing (markdown and macOS / osx) via travis-ci
- Updated macOS installation guide for Big Sur (OSX 11)
- Incremented the config to version 94
- Thank you @dandanio @jkellerer @msapiro @shawniverson
- Enforce HTTPS validation by default
- Updated sanesecurity publickey.gpg url to use SSL
- Ignore yara files that include modules
- Enabled yararulesproject rules by default
- os.gentoo.conf: disable updates and upgrade checks
- Fix: URLhaus log message
- Fix wrong download URL for MalwarePatrol
- Fix: fallback to host if dig is not used
- Disable cron MAILTO
- BSD read config fix
- Incremented the config to version 92
- Thank you @dandanio @jkellerer @m0urs @Mrothyr @msapiro @orlitzky @RobbieTheK @SlothOfAnarchy
