Update NEWS.md with fixes and improvements since 1.0.0-rc2

Cisco-Talos · Nov 23, 2022 · 09f373f · 09f373f
1 parent e8a1fa6
commit 09f373f
Showing 1 changed file with 41 additions and 11 deletions.
diff --git a/NEWS.md b/NEWS.md
@@ -10,19 +10,19 @@ ClamAV 1.0.0 includes the following improvements and changes.
 ### Major changes
 
 - Support for decrypting read-only OLE2-based XLS files that are encrypted with
-  the default "VelvetSweatshop" password.
-  Use of the VelvetSweatshop password will now appear in the metadata JSON.
+  the default password.
+  Use of the default password will now appear in the metadata JSON.
   - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/700
 
 - Overhauled the implementation of the all-match feature. The newer code is more
   reliable and easier to maintain.
   - This project fixed several known issues with signature detection in all-
     match mode:
-    - Enabled embedded file-type-recognition-signatures to match when a malware
+    - Enabled embedded file-type recognition signatures to match when a malware
       signature also matched in a scan of the same layer.
     - Enabled bytecode signatures to run in all-match mode after a match has
       occurred.
-    - Fixed an assortment of all-match edge case issues:
+    - Fixed an assortment of all-match edge case issues.
   - Added multiple test cases to verify correct all-match behavior.
   - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/687
 
@@ -49,6 +49,21 @@ ClamAV 1.0.0 includes the following improvements and changes.
   The `ENABLE_EXTERNAL_TOMSFASTMATH` build is now ignored.
   - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/742
 
+- Moved the Dockerfile and supporting scripts from the main ClamAV repository
+  over to a new repository: https://github.com/Cisco-Talos/clamav-docker
+
+  The separate repository will make it easier to update the images and fix
+  issues with images for released ClamAV versions.
+
+  Any users building the ClamAV Docker image rather than pulling them from
+  Docker Hub will have to get the latest Docker files from the new location.
+
+  - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/764
+
+- Increased the SONAME major version for libclamav because of ABI changes
+  between the 0.103 LTS release and the 1.0 LTS release.
+  - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/778
+
 ### Other improvements
 
 - Add checks to limit PDF object extraction recursion.
@@ -66,13 +81,12 @@ ClamAV 1.0.0 includes the following improvements and changes.
   build.
   - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/694
 
-- Windows: The debugging symbol (PDB) files are now installed alongside the DLL
-- and LIB library files when built in "RelWithDebInfo" or "Debug" mode.
+- For Windows: The debugging symbol (PDB) files are now installed alongside the
+  DLL and LIB library files when built in "RelWithDebInfo" or "Debug" mode.
   - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/669
 
 - Relaxed the constraints on the check for overlapping ZIP file entries so as
   not to alert on slightly malformed, but non-malicious, Java (JAR) archives.
-  - Talos escalations issues:
   - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/561
 
 - Increased the time limit in FreshClam before warning if the DNS entry is
@@ -90,7 +104,7 @@ ClamAV 1.0.0 includes the following improvements and changes.
   - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/678
 
 - Added explicit minimum and maximum supported LLVM versions so that the build
-  will fail if you try to build with the version that is too old or too new and
+  will fail if you try to build with a version that is too old or too new and
   will print a helpful message rather than simply failing to compile because of
   compatibility issues. Patch courtesy of Matt Jolly.
   - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/692
@@ -102,6 +116,14 @@ ClamAV 1.0.0 includes the following improvements and changes.
   directly to files in the ClamAV release branches.
   - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/764
 
+- Fixed compiler warnings that may turn into errors in Clang 16.
+  Patch courtesy of Michael Orlitzky.
+  - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/767
+
+- Allow building with a custom RPATH so that the executables may be moved after
+  build in a development environment to a final installation directory.
+  - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/768
+
 ### Bug fixes
 
 - Assorted code quality fixes. These are not security issues and will not be
@@ -149,8 +171,8 @@ ClamAV 1.0.0 includes the following improvements and changes.
   signature condition.
   - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/724
 
-- Fixed a build issues when build with RAR disabled or when building with an
-  external libmspack library rather than the vendored library.
+- Fixed a build issue when build with RAR disabled or when building with an
+  external libmspack library rather than the bundled library.
   - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/672
 
 - Fixed the capitalization of the `-W` option for `clamonacc` in the `clamonacc`
@@ -161,7 +183,7 @@ ClamAV 1.0.0 includes the following improvements and changes.
 
 - macOS: Fixed an issue with memory-map (`mmap`) system call detection affecting
   versions 0.105 and 0.104. Memory maps may be used in ClamAV to improve
-  signature load performance, scan performance, and RAM usage.
+  signature load performance and scan performance, as well as RAM usage.
   - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/705
 
 - Fixed a performance issue with Rust code when the build type is not explicitly
@@ -196,13 +218,21 @@ ClamAV 1.0.0 includes the following improvements and changes.
   caused all subsequent scans to also use all-match mode.
   - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/741
 
+- Fixed bug when starting `clamonacc` with the `--log=FILE` option that created
+  randomly named files in the current directory.
+  - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/751
+
+- Other assorted bug fixes.
+
 ### Acknowledgments
 
 Special thanks to the following people for code contributions and bug reports:
+- Anthony Chan
 - Ben Bodenmiller
 - Дилян Палаузов
 - Liam Jarvis
 - Matt Jolly
+- Michael Orlitzky
 - monkz
 - teoberi
 - TerminalFi