As mentioned here, the version 1.2.1 stable source does not build correctly if ClamAV is installed. Bro 1.2.1 is using the cl_scannbuf function which is not exported in newer versions of ClamAV.
To work around this I edited the configure.in file so it checks for the cl_scanbuff function and does not configure ClamAV support if it is not exported by ClamAV.
In the Bro configure.in I edited the ClamAV checks to read:
Then re-generated the configure file.
One possible "real fix" would be to re-write the FileAnalyzer functions to create temporary files and use cl_scanfile to scan the temporary file.