Upgrade to 0.104 to at least fix memory leak in clamdscan

Hello Malte and thanks for this bug report. We'll unlikely to go ahead of Debian with clamav, which means that clamav 0.104 will be released in Ubuntu only after being packaged in Debian. The Debian package is actively maintained, so this is very likely to happen in time for Ubuntu 22.04.

About the memory leak you mentioned: we can consider releasing that fix for the currently supported Ubuntu releases, but we need a better statement with the actual impact of the bug, which Ubuntu releases affected, and any other bit of information that can be helpful to show that the fix is worth a SRU [1]. Unfortunately the upstream commit you liked doesn't link to an upstream issue with a better description of the issue. Waiting for more information I'm marking this bug report as Incomplete for the moment.

[1] https://wiki.ubuntu.com/StableReleaseUpdates#When

updated desc

Thank you for improving the bug description.

As Paride mentioned, Debian has to take the lead on this so that we can merge the package from them. If you feel like it, you can file a bug against the clamav Debian package and make the same request there. If you do it, please link the bug here so that we can keep track of its status.

As for possible SRUs for this fix, I don't have a strong opinion for now. I haven't investigated the issue further to determine whether it is important enough to warrant SRUs, nor have I checked to see what the impacted releases are (Bionic, Focal, Impish?).

I'm marking this bug as Triaged and subscribing the Server team because it's something we might want to address before the end of the cycle.

Looks like it was backported to 0.103.4 https://github.com/Cisco-Talos/clamav/pull/203

0.103.5 is now distributed, containing the memleak fix above.
Basically this issue can be closed.

Yep, as you noted, this has already been fixed and available. Thank you for confirming. \o/