diff --git a/src/appendix/FileTypes.md b/src/appendix/FileTypes.md index c69376c..fe75aa9 100644 --- a/src/appendix/FileTypes.md +++ b/src/appendix/FileTypes.md @@ -10,21 +10,21 @@ Although the newer CL_TYPE string name notation has replaced the Target Type for This is the current list of available Target Types: -| Target Type | Description | -|-------------|-----------------------------------------------------------------------------------------------------| -| 0 | any file | -| 1 | Portable Executable, both 32- and 64-bit | -| 2 | OLE2 containers, including specific macros. Primarily used by MS Office and MSI installation files | -| 3 | HTML (normalized) | -| 4 | Mail file | -| 5 | Graphics | -| 6 | ELF | -| 7 | ASCII text file (normalized) | -| 8 | Unused | -| 9 | Mach-O files | -| 10 | PDF files | -| 11 | Flash files | -| 12 | Java class files | +| Target Type | Description | +| ----------- | -------------------------------------------------------------------------------------------------- | +| 0 | any file | +| 1 | Portable Executable, both 32-bit and 64-bit | +| 2 | OLE2 containers, including specific macros. Primarily used by MS Office and MSI installation files | +| 3 | HTML (normalized) | +| 4 | Mail file | +| 5 | Graphics | +| 6 | ELF | +| 7 | ASCII text file (normalized) | +| 8 | Unused | +| 9 | Mach-O files | +| 10 | PDF files | +| 11 | Flash files | +| 12 | Java class files | > _Important_: HTML, ASCII, Javascript are all normalized: > @@ -48,81 +48,84 @@ ClamAV maintains it's own file typing format and assigns these types using eithe ClamAV File Types are prefixed with `CL_TYPE_`. The following is an exhaustive list of all current file types. -| CL_TYPE | Description | -|------------------------|--------------------------------------------------------------| -| `CL_TYPE_7Z` | 7-Zip Archive | -| `CL_TYPE_7ZSFX` | Self-Extracting 7-Zip Archive | -| `CL_TYPE_APM` | Disk Image - Apple Partition Map | -| `CL_TYPE_ARJ` | ARJ Archive | -| `CL_TYPE_ARJSFX` | Self-Extracting ARJ Archive | -| `CL_TYPE_AUTOIT` | AutoIt Automation Executable | -| `CL_TYPE_BINARY_DATA` | binary data | -| `CL_TYPE_BINHEX` | BinHex Macintosh 7-bit ASCII email attachment encoding | -| `CL_TYPE_BZ` | BZip Compressed File | -| `CL_TYPE_CABSFX` | Self-Extracting Microsoft CAB Archive | -| `CL_TYPE_CPIO_CRC` | CPIO Archive (CRC) | -| `CL_TYPE_CPIO_NEWC` | CPIO Archive (NEWC) | -| `CL_TYPE_CPIO_ODC` | CPIO Archive (ODC) | -| `CL_TYPE_CPIO_OLD` | CPIO Archive (OLD, Little Endian or Big Endian) | -| `CL_TYPE_CRYPTFF` | Files encrypted by CryptFF malware | -| `CL_TYPE_DMG` | Apple DMG Archive | -| `CL_TYPE_EGG` | ESTSoft EGG Archive, new in 0.102 | -| `CL_TYPE_ELF` | ELF Executable (Linux/Unix program or library) | -| `CL_TYPE_GIF` | GIF Graphics File, new in 0.103 | -| `CL_TYPE_GPT` | Disk Image - GUID Partition Table | -| `CL_TYPE_GRAPHICS` | Other graphics files; BMP, JPEG2000 | -| `CL_TYPE_GZ` | GZip Compressed File | -| `CL_TYPE_HTML_UTF16` | Wide-Character / UTF16 encoded HTML | -| `CL_TYPE_HTML` | HTML data | -| `CL_TYPE_HWP3` | Hangul Word Processor (3.X) | -| `CL_TYPE_HWPOLE2` | Hangul Word Processor embedded OLE2 | -| `CL_TYPE_INTERNAL` | Internal properties | -| `CL_TYPE_ISHIELD_MSI` | Windows Install Shield MSI installer | -| `CL_TYPE_ISO9660` | ISO 9660 file system for optical disc media | -| `CL_TYPE_JAVA` | Java Class File | -| `CL_TYPE_JPEG` | JPEG Graphics File, new in 0.103.1 | -| `CL_TYPE_LNK` | Microsoft Windows Shortcut File | -| `CL_TYPE_MACHO_UNIBIN` | Universal Binary/Java Bytecode | -| `CL_TYPE_MACHO` | Apple/NeXTSTEP Mach-O Executable file format | -| `CL_TYPE_MAIL` | Email file | -| `CL_TYPE_MBR` | Disk Image - Master Boot Record | -| `CL_TYPE_MHTML` | MHTML Saved Web Page | -| `CL_TYPE_MSCAB` | Microsoft CAB Archive | -| `CL_TYPE_MSCHM` | Microsoft CHM help archive | -| `CL_TYPE_MSEXE` | Microsoft EXE / DLL Executable file | -| `CL_TYPE_MSOLE2` | Microsoft OLE2 Container file | -| `CL_TYPE_MSSZDD` | Microsoft Compressed EXE | -| `CL_TYPE_NULSFT` | NullSoft Scripted Installer program | -| `CL_TYPE_OLD_TAR` | TAR archive (old) | -| `CL_TYPE_OOXML_HWP` | Hangul Office Open Word Processor (5.X) | -| `CL_TYPE_OOXML_PPT` | Microsoft Office Open XML PowerPoint | -| `CL_TYPE_OOXML_WORD` | Microsoft Office Open Word 2007+ | -| `CL_TYPE_OOXML_XL` | Microsoft Office Open Excel 2007+ | -| `CL_TYPE_PART_HFSPLUS` | Apple HFS+ partition | -| `CL_TYPE_PDF` | Adobe PDF document | -| `CL_TYPE_PNG` | PNG Graphics File, new in 0.103 | -| `CL_TYPE_POSIX_TAR` | TAR archive | -| `CL_TYPE_PS` | Postscript | -| `CL_TYPE_RAR` | RAR Archive | -| `CL_TYPE_RARSFX` | Self-Extracting RAR Archive | -| `CL_TYPE_RIFF` | Resource Interchange File Format container formatted file | -| `CL_TYPE_RTF` | Rich Text Format document | -| `CL_TYPE_SCRENC` | Files encrypted by ScrEnc malware | -| `CL_TYPE_SCRIPT` | Generic type for scripts (Javascript, Python, etc) | -| `CL_TYPE_SIS` | Symbian OS Software Installation Script Archive | -| `CL_TYPE_SWF` | Adobe Flash File (LZMA, Zlib, or uncompressed) | -| `CL_TYPE_TEXT_ASCII` | ASCII text | -| `CL_TYPE_TEXT_UTF16BE` | UTF-16BE text | -| `CL_TYPE_TEXT_UTF16LE` | UTF-16LE text | -| `CL_TYPE_TEXT_UTF8` | UTF-8 text | -| `CL_TYPE_TIFF` | TIFF Graphics File (Little or Big Endian), new in 0.103.1 | -| `CL_TYPE_TNEF` | Microsoft Outlook & Exchange email attachment format | -| `CL_TYPE_UUENCODED` | UUEncoded (Unix-to-Unix) binary file (Unix email attachment) | -| `CL_TYPE_XAR` | XAR Archive | -| `CL_TYPE_XDP` | Adobe XDP - Embedded PDF | -| `CL_TYPE_XML_HWP` | Hangul Word Processor XML (HWPML) Document | -| `CL_TYPE_XML_WORD` | Microsoft Word 2003 XML Document | -| `CL_TYPE_XML_XL` | Microsoft Excel 2003 XML Document | -| `CL_TYPE_XZ` | XZ Archive | -| `CL_TYPE_ZIP` | Zip Archive | -| `CL_TYPE_ZIPSFX` | Self-Extracting Zip Archive | +| CL_TYPE | Description | +| ------------------------- | ------------------------------------------------------------ | +| `CL_TYPE_7Z` | 7-Zip Archive | +| `CL_TYPE_7ZSFX` | Self-Extracting 7-Zip Archive | +| `CL_TYPE_APM` | Disk Image - Apple Partition Map | +| `CL_TYPE_ARJ` | ARJ Archive | +| `CL_TYPE_ARJSFX` | Self-Extracting ARJ Archive | +| `CL_TYPE_AUTOIT` | AutoIt Automation Executable | +| `CL_TYPE_BINARY_DATA` | binary data | +| `CL_TYPE_BINHEX` | BinHex Macintosh 7-bit ASCII email attachment encoding | +| `CL_TYPE_BZ` | BZip Compressed File | +| `CL_TYPE_CABSFX` | Self-Extracting Microsoft CAB Archive | +| `CL_TYPE_CPIO_CRC` | CPIO Archive (CRC) | +| `CL_TYPE_CPIO_NEWC` | CPIO Archive (NEWC) | +| `CL_TYPE_CPIO_ODC` | CPIO Archive (ODC) | +| `CL_TYPE_CPIO_OLD` | CPIO Archive (OLD, Little Endian or Big Endian) | +| `CL_TYPE_CRYPTFF` | Files encrypted by CryptFF malware | +| `CL_TYPE_DMG` | Apple DMG Archive | +| `CL_TYPE_EGG` | ESTSoft EGG Archive, new in 0.102 | +| `CL_TYPE_ELF` | ELF Executable (Linux/Unix program or library) | +| `CL_TYPE_GIF` | GIF Graphics File, new in 0.103 | +| `CL_TYPE_GPT` | Disk Image - GUID Partition Table | +| `CL_TYPE_GRAPHICS` | Other graphics files; BMP, JPEG2000 | +| `CL_TYPE_GZ` | GZip Compressed File | +| `CL_TYPE_HTML_UTF16` | Wide-Character / UTF16 encoded HTML | +| `CL_TYPE_HTML` | HTML data | +| `CL_TYPE_HWP3` | Hangul Word Processor (3.X) | +| `CL_TYPE_HWPOLE2` | Hangul Word Processor embedded OLE2 | +| `CL_TYPE_INTERNAL` | Internal properties | +| `CL_TYPE_ISHIELD_MSI` | Windows Install Shield MSI installer | +| `CL_TYPE_ISO9660` | ISO 9660 file system for optical disc media | +| `CL_TYPE_JAVA` | Java Class File | +| `CL_TYPE_JPEG` | JPEG Graphics File, new in 0.103.1 | +| `CL_TYPE_LNK` | Microsoft Windows Shortcut File | +| `CL_TYPE_MACHO_UNIBIN` | Universal Binary/Java Bytecode | +| `CL_TYPE_MACHO` | Apple/NeXTSTEP Mach-O Executable file format | +| `CL_TYPE_MAIL` | Email file | +| `CL_TYPE_MBR` | Disk Image - Master Boot Record | +| `CL_TYPE_MHTML` | MHTML Saved Web Page | +| `CL_TYPE_MSCAB` | Microsoft CAB Archive | +| `CL_TYPE_MSCHM` | Microsoft CHM help archive | +| `CL_TYPE_MSEXE` | Microsoft EXE / DLL Executable file | +| `CL_TYPE_MSOLE2` | Microsoft OLE2 Container file | +| `CL_TYPE_MSSZDD` | Microsoft Compressed EXE | +| `CL_TYPE_NULSFT` | NullSoft Scripted Installer program | +| `CL_TYPE_OLD_TAR` | TAR archive (old) | +| `CL_TYPE_ONENOTE` | Microsoft OneNote Document section file | +| `CL_TYPE_OOXML_HWP` | Hangul Office Open Word Processor (5.X) | +| `CL_TYPE_OOXML_PPT` | Microsoft Office Open XML PowerPoint | +| `CL_TYPE_OOXML_WORD` | Microsoft Office Open Word 2007+ | +| `CL_TYPE_OOXML_XL` | Microsoft Office Open Excel 2007+ | +| `CL_TYPE_PART_HFSPLUS` | Apple HFS+ partition | +| `CL_TYPE_PDF` | Adobe PDF document | +| `CL_TYPE_PNG` | PNG Graphics File, new in 0.103 | +| `CL_TYPE_POSIX_TAR` | TAR archive | +| `CL_TYPE_PS` | Postscript | +| `CL_TYPE_PYTHON_COMPILED` | Python byte-compiled executable (.pyc) | +| `CL_TYPE_RAR` | RAR Archive | +| `CL_TYPE_RARSFX` | Self-Extracting RAR Archive | +| `CL_TYPE_RIFF` | Resource Interchange File Format container formatted file | +| `CL_TYPE_RTF` | Rich Text Format document | +| `CL_TYPE_SCRENC` | Files encrypted by ScrEnc malware | +| `CL_TYPE_SCRIPT` | Generic type for scripts (Javascript, Python, etc) | +| `CL_TYPE_SIS` | Symbian OS Software Installation Script Archive | +| `CL_TYPE_SWF` | Adobe Flash File (LZMA, Zlib, or uncompressed) | +| `CL_TYPE_TEXT_ASCII` | ASCII text | +| `CL_TYPE_TEXT_UTF16BE` | UTF-16BE text | +| `CL_TYPE_TEXT_UTF16LE` | UTF-16LE text | +| `CL_TYPE_TEXT_UTF8` | UTF-8 text | +| `CL_TYPE_TIFF` | TIFF Graphics File (Little or Big Endian), new in 0.103.1 | +| `CL_TYPE_TNEF` | Microsoft Outlook & Exchange email attachment format | +| `CL_TYPE_UDF` | UDF (Universal Disk Format) Partition | +| `CL_TYPE_UUENCODED` | UUEncoded (Unix-to-Unix) binary file (Unix email attachment) | +| `CL_TYPE_XAR` | XAR Archive | +| `CL_TYPE_XDP` | Adobe XDP - Embedded PDF | +| `CL_TYPE_XML_HWP` | Hangul Word Processor XML (HWPML) Document | +| `CL_TYPE_XML_WORD` | Microsoft Word 2003 XML Document | +| `CL_TYPE_XML_XL` | Microsoft Excel 2003 XML Document | +| `CL_TYPE_XZ` | XZ Archive | +| `CL_TYPE_ZIP` | Zip Archive | +| `CL_TYPE_ZIPSFX` | Self-Extracting Zip Archive | diff --git a/src/appendix/FunctionalityLevels.md b/src/appendix/FunctionalityLevels.md index 0857e0b..d0d02a3 100644 --- a/src/appendix/FunctionalityLevels.md +++ b/src/appendix/FunctionalityLevels.md @@ -8,7 +8,10 @@ Setting appropriate FLEVELs in signatures is particularly crucial when using fea | Release Date | Release | FLEVEL | FunctionalityLevel (bytecode enum) | clamav lib | .so | freshclam lib | .so | API/ABI changes, major features, other notes | | ------------ | -------- | ------ | ---------------------------------- | ---------- | ------ | ------------- | ----- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| n/a | 1.3.0 | 200 | FUNC_LEVEL_1_3 | n/a | n/a | n/a | n/a | | +| n/a | 1.4.0 | 210 | FUNC_LEVEL_1_3 | n/a | n/a | n/a | n/a | | +| Feb-2023 | 1.3.0 | 200 | FUNC_LEVEL_1_3 | 12:02:00 | 12.0.2 | 3:01:00 | 3.0.1 | OneNote attachment extraction (CL_TYPE_ONENOTE); CL_TYPE_PYTHON_COMPILED (.pyc) file type recognition | +| Feb-2023 | 1.2.2 | 192 | FUNC_LEVEL_1_2 | 12:01:00 | 12.0.1 | 3:01:00 | 3.0.1 | Critical bug fixes | +| Feb-2023 | 1.0.5 | 165 | FUNC_LEVEL_1_0_5 | 11:00:00 | 11.0.0 | 2:02:00 | 2.0.2 | Critical bug fixes | | Oct-2023 | 1.2.1 | 191 | FUNC_LEVEL_1_1 | 12:01:00 | 12.0.1 | 3:01:00 | 3.0.1 | Critical bug fixes | | Oct-2023 | 1.1.3 | 183 | FUNC_LEVEL_1_1_3 | 12:00:00 | 12.0.0 | 3:00:00 | 3.0.0 | Critical bug fixes | | Oct-2023 | 1.0.4 | 164 | FUNC_LEVEL_1_0_4 | 11:00:00 | 11.0.0 | 2:02:00 | 2.0.2 | Critical bug fixes | diff --git a/src/faq/faq-eol.md b/src/faq/faq-eol.md index a3648f0..9ac6b1a 100644 --- a/src/faq/faq-eol.md +++ b/src/faq/faq-eol.md @@ -82,19 +82,20 @@ Non-LTS feature releases will be allowed access to download signatures until at > _Note_: This markdown table is generated from a spreadsheet using [this tool](https://thisdavej.com/copy-table-in-excel-and-paste-as-a-markdown-table/). -| Feature release | First Published | Latest patch version | Expected End of Life (EOL) | Signature load testing until | Signature FP testing until | DB downloads allowed until | Patch versions continue until | -| --------------- | --------------- | -------------------- | -------------------------- | ---------------------------- | -------------------------- | -------------------------- | ----------------------------- | -| 1.3 | TBD | n/a | 1.5 + 4 months | 1.5 + 4 months | 1.4 published | 1.5 + 4 months | 1.4 + 4 months, or 1.5 | -| 1.2 | Aug-28 2023 | n/a | 1.4 + 4 months | 1.4 + 4 months | 1.3 published | 1.4 + 4 months | 1.3 + 4 months, or 1.4 | -| 1.1 | May-1 2023 | 1.1.0 | 1.3 + 4 months | 1.3 + 4 months | 1.2 published | 1.3 + 4 months | 1.2 + 4 months, or 1.3 | -| **1.0 LTS** | **Nov-28 2022** | **1.0.1** | **Nov-28 2025** | **Nov-28 2025** | 1.1 published | **Nov-28 2026** | **Nov-28 2025** | -| 0.105 | May-4 2022 | 0.105.2 | 1.1 + 4 months | 1.1 + 4 months | 1.0 published | 1.1 + 4 months | 1.0 + 4 months, or 1.1 | -| 0.104 | Sep-3 2021 | 0.104.4 | 1.0 + 4 months | 1.0 + 4 months | 0.105 published | 1.0 + 4 months | 0.105 + 4 months, or 1.0 | -| **0.103 LTS** | **Sep-14 2020** | **0.103.8** | **Sep-14 2024** | **Sep-14 2024** | 0.104 published | **Sep-14 2025** | **Sep-14 2024** | -| 0.102 | Oct-2 2019 | 0.102.4 | Jan-3 2022 (0.104 + 4 mo.) | Jan-3 2022 | | Jan-3 2022 | | -| 0.101 | Dec-3 2018 | 0.101.5 | Jan-3 2022 | Jan-3 2022 | | Jan-3 2022 | | -| 0.100 | Apr-9 2018 | 0.100.3 | Oct-29 2021 | Oct-29 2021 | | Oct-29 2021 | | -| 0.99 | Dec-1 2015 | 0.99.4 | Mar-1 2021 | | | | | +| Feature release | First Published | Latest patch version | Expected End of Life (EOL) | Signature load testing until | Signature FP testing until | DB downloads allowed until | Patch versions continue until | +| --------------- | --------------- | -------------------- | ---------------------------- | ---------------------------- | ---------------------------- | ---------------------------- | ---------------------------------------------- | +| 1.4 | TBD | n/a | 1.6 + 4 months | 1.6 + 4 months | 1.5 published | 1.6 + 4 months | 1.5 + 4 months, or 1.6 | +| 1.3 | Feb-7 2024 | 1.3.0 | 1.5 + 4 months | 1.5 + 4 months | 1.4 published | 1.5 + 4 months | 1.4 + 4 months, or 1.5 | +| 1.2 | Aug-28 2023 | 1.2.2 | 1.4 + 4 months | 1.4 + 4 months | Feb-7 2024 (1.3 published) | 1.4 + 4 months | Jun-7 2024 or earlier (1.3 + 4 months, or 1.4) | +| 1.1 | May-1 2023 | 1.1.3 | Jun-7 2024 (1.3 + 4 months) | Jun-7 2024 (1.3 + 4 months) | Aug-28 2023 (1.2 published) | Jun-7 2024 (1.3 + 4 months) | Dec-28 2023 (1.2 + 4 months, or 1.3) | +| **1.0 LTS** | **Nov-28 2022** | **1.0.5** | **Nov-28 2025** (3 years) | **Nov-28 2025** (3 years) | May-1 2023 (1.1 published) | **Nov-28 2026** (3 years) | **Nov-28 2025** (3 years) | +| 0.105 | May-4 2022 | 0.105.2 | Sep-1 2023 (1.1 + 4 months) | Sep-1 2023 (1.1 + 4 months) | Nov-28 2022 (1.0 published) | Sep-1 2023 (1.1 + 4 months) | Mar-28 2023 (1.0 + 4 months, or 1.1) | +| 0.104 | Sep-3 2021 | 0.104.4 | Mar-28 2023 (1.0 + 4 months) | Mar-28 2023 (1.0 + 4 months) | May-4 2022 (0.105 published) | Mar-28 2023 (1.0 + 4 months) | Sep-4 2022 (0.105 + 4 months, or 1.0) | +| **0.103 LTS** | **Sep-14 2020** | **0.103.8** | **Sep-14 2024** (3 years +1) | **Sep-14 2024** (3 years +1) | Sep-3 2021 (0.104 published) | **Sep-14 2025** (3 years +1) | **Sep-14 2024** (3 years +1) | +| 0.102 | Oct-2 2019 | 0.102.5 | Jan-3 2022 (0.104 + 4 mo.) | Jan-3 2022 | | Jan-3 2022 | | +| 0.101 | Dec-3 2018 | 0.101.5 | Jan-3 2022 | Jan-3 2022 | | Jan-3 2022 | | +| 0.100 | Apr-9 2018 | 0.100.3 | Oct-29 2021 | Oct-29 2021 | | Oct-29 2021 | | +| 0.99 | Dec-1 2015 | 0.99.4 | Mar-1 2021 | | | | | Currently, every version from ClamAV 0.102 and down, including all patch versions, are unsupported, and **are actively blocked from downloading new updates**.