Bug #2674
[clamav] Virus signatures licensing
0%
Description
ClamAV is antivirus software and it uses virus signatures to detect malware. Most malicious software is non-free so there might be non-free signatures in the database.
History
Updated by freemor about 3 years ago
IIUC virus signature are just small strings unique to the virus not who9le chuncks of code and thus considered too trivial to be copyrightable. Or it looks for heuristics. tries to create these files in this location, ergo most likely bad. Again not the actual code from the virus. Virus signatures aren't executed. They are a set of conditions to match against.
Updated by Zuss about 1 year ago
Here's the documentation relating to signatures: https://docs.clamav.net/manual/Signatures.html
They looks pretty non trivial to make and as freemor said, they're just conditions to be matched against.
You can verify yourself by unpacking the .cvd file clamav distributes with "sigtool -u main.cvd" which will then show all the files and signatures within them.
I don't think there's much of an issue and ClamAV should be able to stay in the repos