Bugzilla – Bug 12160
daily.cvd: Malformed database CentOS 6.10 32 bit servers, and works on 64 bit servers
Last modified: 2018-07-14 19:28:08 EDT
for reference https://bugzilla.redhat.com/show_bug.cgi?id=1600458 something is wrong with LibClamAV on i686 of EL6 trying freshclam and the result output is: #freshclam ClamAV update process started at Fri Jul 13 02:19:13 2018 main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr) Downloading daily-24742.cdiff [100%] Downloading daily-24743.cdiff [100%] Downloading daily-24744.cdiff [100%] Downloading daily-24745.cdiff [100%] Downloading daily-24746.cdiff [100%] Downloading daily-24747.cdiff [100%] daily.cld updated (version: 24747, sigs: 2011847, f-level: 63, builder: neo) bytecode.cvd is up to date (version: 324, sigs: 89, f-level: 63, builder: neo) WARNING: [LibClamAV] cli_cvdload: Corrupted CVD header ERROR: Corrupted database file /var/lib/clamav/bytecode.cvd: Malformed database Corrupted database file renamed to /var/lib/clamav/bytecode.cvd.broken WARNING: [LibClamAV] cli_cvdload: Corrupted CVD header ERROR: Corrupted database file /var/lib/clamav/main.cvd: Malformed database Corrupted database file renamed to /var/lib/clamav/main.cvd.broken Trying again in 5 secs... ClamAV update process started at Fri Jul 13 02:19:39 2018 Downloading main.cvd [100%] WARNING: [LibClamAV] cli_cvdload: Corrupted CVD header ERROR: Verification: Malformed database Trying again in 5 secs... ClamAV update process started at Fri Jul 13 02:19:56 2018 Downloading main.cvd [100%] WARNING: [LibClamAV] cli_cvdload: Corrupted CVD header ERROR: Verification: Malformed database Giving up on db.local.clamav.net... ClamAV update process started at Fri Jul 13 02:20:07 2018 Downloading main.cvd [100%] WARNING: [LibClamAV] cli_cvdload: Corrupted CVD header ERROR: Verification: Malformed database Giving up on db.local.clamav.net... Update failed. Your network may be down or none of the mirrors listed in /etc/freshclam.conf is working. Check https://www.clamav.net/documents/official-mirror-faq for possible reasons.
ClamAV 0.100 has You should be able to alleviate this issue by upgrading zlib to a recent version: http://zlib.net/ https://github.com/Cisco-Talos/clamav-devel/blob/dev/0.100/NEWS.md#known-issues I will make a point to add something to our configuration script to require a newer version of zlib. *** This bug has been marked as a duplicate of bug 12162 ***
Please tell lowest version of zlib without this bug. with latest version http://zlib.net/ (1.2.11) clamscan makes extremely slow
We haven't tested for a minimum working version as of yet, as we were not aware the latest version impacted clamscan performance. Admittedly, this is a bit lower priority for us right now since there's a known, viable solution, but if you'd like to contribute to the community and find out which earliest version is still compatible with Clam, we will definitely credit you accordingly.
Sorry about my copy-paste typo. I tried to say that ClamAV 0.100 has a known issue on 32bit CentOS regarding older versions of zlib. As far as I can tell, versions of zlib as early as 1.2.6.1 will work fine, and possibly older. Regardless of which version is the oldest that works, I caution you to use something newer than 1.2.8, as 1.2.8 has 4 published CVE's: https://www.cvedetails.com/vulnerability-list/vendor_id-72/product_id-1820/GNU-Zlib.html
I just tested with 1.2.4, and it worked ok for me. Again though, there have been security vulns published and patched since then, so I do recommend 1.2.9 or later.