News
07.11.2010
HAVP 0.92a - security fix
- Add missing dot to sourceforge for safety
Only the whitelist needs an update:
*Description of Issue*
havp's whitelist configuration file contains an entry that would allow specially-named domain names to serve malware and completely avoid detection by havp.
Specifically, the following line in /etc/havp/whitelist:
*sourceforge.net/*clamav-*
The file has been updated in the sourceforge to include the fix:
*.sourceforge.net/*clamav-*
26.07.2010
HAVP 0.92 released
- Add SCANMIME and SKIPMIME options
- Add TIMEFORMAT option
- Add VIRUSLOG option
- Add PARENTUSER/PARENTPASSWORD (thanks to James Brotchie)
- DISABLELOCKINGFOR default has changed in favor of ClamAV 0.96, it only contains AVG:ALL now
05.07.2009
HAVP 0.91 released
- Fix possible segfault on dns lookups (thanks Gavin McCullagh)
- Fix compiling with gcc 4.4
- Support AVG version 8.5 (default AVGPORT 54322) (thanks Markus Wigge)
(note: you may need DISABLELOCKINGFOR AVG:ALL, which is now default)
02.04.2009
HAVP 0.90 released
- ClamAV library 0.95 support (recompile needed)
- Support NOD32 version 3 (set NOD32VERSION 30 in config)
- Add PRELOADZIPHEADER config (Squid 3.x might not work if enabled)
- Add SYSLOGVIRUSLEVEL config
03.08.2008
HAVP 0.89 released
- Fix possible retry loop and hang (thanks to Peter Warasin @ endian.it)
- Always send Via: header, fixes some IIS problems (e.g. MSNBC)
16.04.2008
HAVP 0.88 released
- ClamAV library 0.93 support (recompile needed, new option CLAMMAXSCANSIZE)
- CLAMMAXFILESIZE default is now 100MB (so 0.93 even starts scanning big files)
- Fix random seed issue (ClamAV generated some temporary file errors)
- Added DISABLELOCKINGFOR config (fix for ZIP handling in ClamAV 0.93)
- Arcavir version 2008 support (set ARCAVIRVERSION)
- Log scanner errors to errorlog
- Relaxed SSL/CONNECT port limits
(It is _not_ recommended to use --enable-ssl-tunnel, you should use Squid)
md5sum: 751d1811bdc3f0d0cbc9e4ae451fdb2a
23.01.2008
HAVP 0.87 released
- DrWeb scanner support
- F-Prot support for v6.0 added (also check FPROTOPTIONS)
- If false, X_FORWARDED_FOR drops also Via: header for privacy
- Fix Avast and AVG bugs
- Templates support <url> and <clientip> tags
- Uses supplementary groups for user if defined
- Added TRICKLINGBYTES config
- Reduced *MAXFILES settings to 50 for performance
- Add missing HTTP methods (MKACTIVITY, CHECKOUT, MERGE)
Archiv: 2007 2006 2005
|