ClamAV not updating (centos 64)

CpanSSH

Member
Nov 7, 2013
8
0
1
cPanel Access Level
Website Owner
I get this error on my email

LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: **************************************************



I open the ssh and write freshclam to update the ClamAV and it says to me command not found

- - - Updated - - -

Any idea how to update the ClamAV?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Hello :)

Which version of cPanel is installed on your system? You can check this with a command such as:

Code:
cat /usr/local/cpanel/version
Have you tried uninstalling and then installing the ClamAV plugin via "WHM Home » cPanel » Manage Plugins"?

Thank you.
 

CpanSSH

Member
Nov 7, 2013
8
0
1
cPanel Access Level
Website Owner
Hello :)

Which version of cPanel is installed on your system? You can check this with a command such as:

Code:
cat /usr/local/cpanel/version
Have you tried uninstalling and then installing the ClamAV plugin via "WHM Home » cPanel » Manage Plugins"?

Thank you.
11.40.0.16

Yes i tried but nothing!
 

lsimic

Registered
Nov 13, 2013
1
0
1
cPanel Access Level
Root Administrator
Hi,

same problem here. Problem started after the latest cPanel/whm update to 11.40.x.
After trying to update virus DB manualy:

[email protected] [/home]# freshclam
ClamAV update process started at Wed Nov 13 11:16:26 2013
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.97.8 Recommended version: 0.98
DON'T PANIC! Read http://www.clamav.net/support/faq
main.cld is up to date (version: 55, sigs: 2424225, f-level: 60, builder: neo)
Downloading daily-18104.cdiff [100%]
Downloading daily-18105.cdiff [100%]
daily.cld updated (version: 18105, sigs: 498521, f-level: 63, builder: neo)
bytecode.cld is up to date (version: 230, sigs: 43, f-level: 63, builder: dgoddard)
Database updated (2922789 signatures) from database.clamav.net (IP: 193.92.150.194)
[email protected] [/home]# clamscan -r -i -l /var/mouse.posluh.hr_20131113.log
LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: **************************************************

Any info on this?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
There are a few different cases open on ClamAV at this time. First, ensure you have updated to the latest version of cPanel available on your build tier with the following command:

Code:
/scripts/upcp --force
Next, try running the following command manually to check for any errors:

Code:
/usr/local/cpanel/3rdparty/bin/freshclam
Note that messages related to a newer version of ClamAV are normal. There are plans to include ClamAV 0.98 in cPanel version 11.40.1.

Thank you.
 

CharlesEarl

Registered
Apr 9, 2013
2
0
51
cPanel Access Level
Root Administrator
I'm going to toss in my 2 cents on this as well. I'm experiencing the same error as of the 11.40.0 release and as of build 19 the error continues.

At 1:20 this am I got this email.

ClamAV update process started at Sat Nov 16 01:20:03 2013
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.97.8 Recommended version: 0.98
DON'T PANIC! Read http://www.clamav.net/support/faq
main.cld is up to date (version: 55, sigs: 2424225, f-level: 60, builder: neo)
Downloading daily-18115.cdiff [ 49%]
Downloading daily-18115.cdiff [ 62%]
Downloading daily-18115.cdiff [ 73%]
Downloading daily-18115.cdiff [ 86%]
Downloading daily-18115.cdiff [100%]
Downloading daily-18115.cdiff [100%]
Downloading daily-18116.cdiff [ 18%]
Downloading daily-18116.cdiff [ 28%]
Downloading daily-18116.cdiff [ 39%]
Downloading daily-18116.cdiff [ 58%]
Downloading daily-18116.cdiff [ 68%]
Downloading daily-18116.cdiff [ 89%]
Downloading daily-18116.cdiff [ 99%]
Downloading daily-18116.cdiff [100%]
Downloading daily-18116.cdiff [100%]
Downloading daily-18117.cdiff [ 16%]
Downloading daily-18117.cdiff [ 25%]
Downloading daily-18117.cdiff [ 34%]
Downloading daily-18117.cdiff [ 43%]
Downloading daily-18117.cdiff [ 51%]
Downloading daily-18117.cdiff [ 69%]
Downloading daily-18117.cdiff [100%]
Downloading daily-18117.cdiff [100%]
daily.cld updated (version: 18117, sigs: 507925, f-level: 63, builder: neo)
bytecode.cld is up to date (version: 231, sigs: 44, f-level: 63, builder: neo)
Database updated (2932194 signatures) from database.clamav.net (IP: 207.57.106.31)
But at 7am I got this email

LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: **************************************************

----------- SCAN SUMMARY -----------
Known viruses: 2877586
Engine version: 0.97.8
Scanned directories: 2679
Scanned files: 33199
Infected files: 0
Data scanned: 930.79 MB
Data read: 1124.66 MB (ratio 0.83:1)
Time: 226.735 sec (3 m 46 s)
Did you notice the signature counts don't match?
ClamAV was installed prior to the update and working without error.
 

CharlesEarl

Registered
Apr 9, 2013
2
0
51
cPanel Access Level
Root Administrator
Turns out symlinks are not setup properly and there was a duplicate database created when the upgrade happened. I've changed references in cron to use /usr/local/cpanel/3rdparty/bin/ and dropped the duplicate database.
 

XenomediaBV

Well-Known Member
Sep 3, 2009
60
0
56
The Netherlands
cPanel Access Level
Root Administrator
I believe this should also be fixed. The version in cPanel is not updated either:

Code:
Name: clamavconnector
Author: cPanel Inc.
Installed Version:
Version: 0.97.8-3.6
Description: Virus Protection for Email and Filemanager Uploads
Price: free
Latest ClamAV® stable release is: 0.98
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Yes, please see the following from my last response:

Note that messages related to a newer version of ClamAV are normal. There are plans to include ClamAV 0.98 in cPanel version 11.40.1.
Thank you.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Just a remark. We're running WHM 11.40.1 (build 9) for some time now. Are the plans to include ClamAV 0.98 moved to a later cPanel version?
ClamAV 0.98 is already available in the version of cPanel that you referenced (11.40.1.9). If you are referring to ClamAV 0.98.1, then yes, there are plans to include that in a future build of cPanel versions 11.40 and 11.42 per internal case 87881.

Thank you.
 

cPanelPeter

Technical Analyst III
Staff member
Sep 23, 2013
575
21
143
cPanel Access Level
Root Administrator
Twitter
Hello,

Reading the link in question (which was moved). It states:

Update failed. Your network may be down or none of the mirrors listed in freshclam.conf is working.

It's not your lucky day. Freshclam tried every possible way to download the updates but failed. Usually this means that all the mirrors in your local pool are down or not synchronized, or something really nasty happened. Please wait a few minutes and try again. Remember to pass the -v option to freshclam.
It is also possible that you recently had a prolonged network outage and freshclam blacklisted all the mirrors: remove mirrors.dat from the DatabaseDirectory and try again.
If the problem persists, you may need to remove all files in DatabaseDirectory, and then re-run freshclam to pull a new copy of all of them.
Finally, check the "mirror status page":/mirrors.html and perhaps send the output of freshclam -v to mirror-admin at clamav dot net.

So, it would appear that you may have (or had) a network problem. That would need to be addressed first. Then see if freshclam updates.
 

Trane Francks

Well-Known Member
Jun 19, 2012
100
19
68
Machida, Tokyo, Japan
cPanel Access Level
Root Administrator
I'm seeing this in e-mail:

Code:
WARNING: Your ClamAV installation is OUTDATED!
    WARNING: Local version: 0.98.1 Recommended version: 0.98.4
I can understand a lag in deploying updates, but 3 engine releases behind is a bit much. When can we expect an update to be deployed on STABLE?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Hello :)

ClamAV version 0.98.3 is currently available in all build tiers utilizing cPanel version 11.44, and version ClamAV 0.98.4 is already under testing for implementation with cPanel. There is currently no exact time frame available on when 11.44 will make it's way to the "Stable" build tier, but you can review the following document for information on how the release process works:

cPanel - Versions and Release Process

Thank you.
 

Trane Francks

Well-Known Member
Jun 19, 2012
100
19
68
Machida, Tokyo, Japan
cPanel Access Level
Root Administrator
Thanks, Michael. I'm quite up to speed on the release process. I'm rather surprised to see the AV engines being locked to release tiers rather than being independent in the same manner as EasyApache. There are security implications with having the clamav engine so far out of step.
 

PbG

Well-Known Member
Mar 11, 2003
247
0
166
I agree I am switching to Release as a result of this. However I would rather remain on stable releases and receive these updates.

Thanks, Michael. I'm quite up to speed on the release process. I'm rather surprised to see the AV engines being locked to release tiers rather than being independent in the same manner as EasyApache. There are security implications with having the clamav engine so far out of step.