Virusdefinition update

[draske79]

Output of go version:

go version go1.6.2 linux/amd64

Output of docker version:

Client:
 Version:       17.12.1-ce
 API version:   1.35
 Go version:    go1.9.4
 Git commit:    7390fc6
 Built: Tue Feb 27 22:17:40 2018
 OS/Arch:       linux/amd64

Server:
 Engine:
  Version:      17.12.1-ce
  API version:  1.35 (minimum version 1.12)
  Go version:   go1.9.4
  Git commit:   7390fc6
  Built:        Tue Feb 27 22:16:13 2018
  OS/Arch:      linux/amd64
  Experimental: false

Output of docker info:

Containers: 2
 Running: 1
 Paused: 0
 Stopped: 1
Images: 21
Server Version: 17.12.1-ce
Storage Driver: overlay2
 Backing Filesystem: extfs
 Supports d_type: true
 Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge host macvlan null overlay
 Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 9b55aab90508bd389d7654c4baf173a981477d55
runc version: 9f9c96235cc97674e935002fc3d78361b696a69e
init version: 949e6fa
Security Options:
 apparmor
 seccomp
  Profile: default
Kernel Version: 4.4.0-116-generic
Operating System: Ubuntu 16.04.4 LTS
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 15.66GiB
Name: localhost.localdomain
ID: TK54:XMAH:3IPH:ZYAW:YRAG:D7JK:S6QK:WXSS:JLM7:PF5A:SZLR:5PT2
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false

Additional environment details (AWS, VirtualBox, physical, Docker For Mac, Docker Toolbox, docker-machine, etc.):

Steps to reproduce the issue:
The scan seem to use outdated signatures (most of them from 28-2-2018). Is there a way to update them ?

Describe the results you received:

Comodo

Infected	Result	Engine	Updated
false		1.1	20180228

Avast

Infected	Result	Engine	Updated
false		2.2.0	20180316

Sophos

Infected	Result	Engine	Updated
false		5.43.0	20180228

eScan

Infected	Result	Engine	Updated
false		7.0-20	20180228

F-Secure

Infected	Result	Engine	Updated
false		11.10 build 68	20180228

time="2018-03-19T20:40:25Z" level=fatal msg="exit status 2" category=av path=/malware/d34e7a806569a0948190758971b0c1e63e45c822ffa5671a04bf5a30a84fb421 plugin=avg

ClamAV

Infected	Result	Engine	Updated
false		0.99.2	20180228

Describe the results you expected:

Updated signatures :)

Additional information you deem important (e.g. issue happens only occasionally):

[blacktop]

I just ran a command to update all the plugins. So they should all be finished in a few hours.

[Schi11ing]

Hello!
I think i can update only whole docker image, not a ativirus database?

[blacktop]

I just created a job to update all the AVs in the dockerHUB cloud so after a few hours when they are all done you should be able to docker pull or malice update those plugins and they will. have the most up to date AV defs. The way I created the AV plugins was to make sure I updated the sig LAST in the docker image creation process so that when you do a docker pull you ONLY have to update the docker layer containing the AV defs and not the rest. Which is the "docker way" of doing AV updates in my opinion, but there is also a plan to let the users update the AV defs on their own, but for now you would have to do it with a bash script or something. You can see all the AV plugins have an update command if you go to their individual github pages.