Re: clamav: Out of bounds read and segfault in xar parser

[Eddie Chapman <eddie () ehuk net>]

On 29/09/17 14:09, Hanno Böck wrote:
> Meta-level comment:
> It seems to me clamav development has mostly stalled. Detection rates
> are very low and I'm considering to stop using it for mail filtering.
> (also there's of course the whole AV debate, however I never saw
> clamav as a security tool, more as something like a spam filter that
> prevents crap in my inbox. Still of course it needs to have secure
> parsers.)

I agree with much of this, and I think you're right that the 
effectiveness of Clamav in mail filtering contexts can be debated, 
though maybe more in terms of the AV debate, as you say.  As a user 
myself with it deployed filtering multi-user domains, I agree that 
detection rates are low.

However, checking just now on Github I do not get the impression at all 
that development has stalled. Judging purely by number of commits, every 
month there are consistently a very healthy number. But what has stalled 
is stable releases; the last one being 0.99.2 on 22nd April 2016, so 
something is not quite right. But I've seen many open source/free 
software projects stalled over the years and definitely Clamav does not, 
IMO, fit that description (at least not yet).

Eddie