Cisco corrective release of the free anti-virus package ClamAV 0.101.3, which fixes a vulnerability that could trigger a denial of service by sending a specially crafted zip archive as an attachment.
is an option , which requires a lot of time and resources to unpack. The essence of the method is to place data in the archive, which makes it possible to achieve the maximum compression ratio for the zip format - about 28 million times. For example, a specially prepared 10 MB zip file will unpack about 281 TB of data, and 46 MB - 4.5 Pb.
In addition, the built-in libmspack library has been updated in the new release, in which buffer overflow (), leading to data leakage when opening a specially designed chm file.
At the same time, a beta version of the new ClamAV 0.102 branch was presented, in which the functionality of transparent checking of opened files (on-access scanning, checking at the time of opening a file) was transferred from clamd to a separate clamonacc process, implemented similarly to clamdscan and clamav-milter. This change made it possible to organize clamd as a normal user without the need to obtain root privileges.
The new branch also adds support for egg archives (ESTsoft) and significantly redesigned the freshclam program, which now supports HTTPS and the ability to work with mirrors that process requests on network ports other than 80.
Source: opennet.ru