Cisco ya sanar da wani babban sabon sakin kayan riga-kafi na kyauta, ClamAV 0.104.0. Bari mu tuna cewa aikin ya shiga hannun Cisco a cikin 2013 bayan siyan Sourcefire, kamfanin haɓaka ClamAV da Snort. Ana rarraba lambar aikin a ƙarƙashin lasisin GPLv2.
A lokaci guda, Cisco ya sanar da farkon samar da rassan ClamAV na dogon lokaci (LTS), wanda za a tallafa shi tsawon shekaru uku daga ranar da aka buga na farko a cikin reshe. Reshen LTS na farko zai zama ClamAV 0.103, za a sake sabuntawa tare da lahani da batutuwa masu mahimmanci har zuwa 2023.
Sabuntawa na rassan da ba na LTS na yau da kullun ba za a buga aƙalla wasu watanni 4 bayan fitowar farko na reshe na gaba (misali, za a buga sabuntawa don reshen ClamAV 0.104.x na wasu watanni 4 bayan sakin ClamAV 0.105.0. 4). Hakanan za a ba da damar saukar da bayanan sa hannu don rassan da ba na LTS ba har na tsawon wasu watanni XNUMX bayan fitowar reshe na gaba.
Wani muhimmin canji shine ƙirƙirar fakitin shigarwa na hukuma, yana ba ku damar sabuntawa ba tare da sake ginawa daga rubutun tushe ba kuma ba tare da jiran fakitin su bayyana a cikin rarrabawa ba. An shirya fakitin don Linux (a cikin tsarin RPM da DEB a cikin nau'ikan gine-gine na x86_64 da i686), macOS (na x86_64 da ARM64, gami da tallafi ga guntuwar Apple M1) da Windows (x64 da win32). Bugu da kari, an fara buga hotunan kwantena na hukuma akan Docker Hub (ana bayar da hotuna tare da kuma ba tare da ginanniyar bayanan sa hannu ba). A nan gaba, na yi shirin buga fakitin RPM da DEB don gine-ginen ARM64 da taruka na FreeBSD (x86_64).
Babban haɓakawa a cikin ClamAV 0.104:
- Canje-canje zuwa amfani da tsarin taro na CMake, wanda ake buƙatar kasancewarsa yanzu don gina ClamAV. An dakatar da tsarin gina Autotools da Visual Studio.
- An cire abubuwan LLVM da aka gina a cikin rarraba don amfani da ɗakunan karatu na LLVM na waje. A lokacin aiki, don aiwatar da sa hannu tare da ginanniyar bytecode, ta tsohuwa ana amfani da fassarar bytecode, wanda bashi da tallafin JIT. Idan kana buƙatar amfani da LLVM maimakon mai fassarar bytecode lokacin ginawa, dole ne ka ƙayyadad da hanyoyin zuwa ɗakunan karatu na LLVM 3.6.2 (an shirya don ƙara sabbin abubuwan sakewa)
- Ana samun matakan clamd da freshclam yanzu azaman sabis na Windows. Don shigar da waɗannan ayyukan, an ba da zaɓin “--install-service”, kuma don farawa za ku iya amfani da daidaitattun umarnin “net start [name]”.
- An ƙara sabon zaɓin dubawa wanda yayi kashedin game da canja wurin fayilolin hoto da suka lalace, ta hanyar waɗanda za a iya yin yuwuwar ƙoƙarin yin amfani da rashin ƙarfi a cikin ɗakunan karatu masu hoto. Ana aiwatar da ingantaccen tsari don fayilolin JPEG, TIFF, PNG da GIF, kuma ana kunna ta ta hanyar saitin AlertBrokenMedia a cikin clamd.conf ko zaɓin layin umarni na "-alert-broken-media" a cikin clamscan.
- An ƙara sabbin nau'ikan CL_TYPE_TIFF da CL_TYPE_JPEG don daidaito tare da ma'anar GIF da fayilolin PNG. Ana ci gaba da bayyana nau'ikan BMP da JPEG 2000 a matsayin CL_TYPE_GRAPHICS saboda ba a tallafa musu.
- ClamScan ya ƙara alamar gani na ci gaban lodin sa hannu da haɗa injina, wanda ake yi kafin fara dubawa. Ba a nuna alamar lokacin da aka ƙaddamar da shi daga wajen tashar tashar ko lokacin da aka ƙayyade ɗaya daga cikin zaɓuɓɓukan "--debug", "-shuru", "-infected", "-no-summary".
- Don nuna ci gaba, libclamav ya ƙara kiran sake kiran cl_engine_set_clcb_sigload_progress(), cl_engine_set_clcb_engine_compile_progress() da injin kyauta: cl_engine_set_clcb_engine_free_progress (), wanda aikace-aikace na iya waƙa da ƙididdige lokacin ƙaddamarwa da ƙaddamar da lokacin aiwatarwa.
- Ƙara goyon baya ga mashin tsara kirtani "% f" zuwa zaɓi na VirusEvent don musanya hanyar zuwa fayil ɗin da aka gano kwayar cutar a ciki (mai kama da mashin "% v" tare da sunan cutar da aka gano). A cikin VirusEvent, ana samun irin wannan aikin ta hanyar $CLAM_VIRUSEVENT_FILENAME da $CLAM_VIRUSEVENT_VIRUSNAME masu canjin yanayi.
- Ingantattun ayyuka na tsarin cire kayan rubutun AutoIt.
- Ƙara goyon baya don cire hotuna daga fayilolin * .xls (Excel OLE2).
- Yana yiwuwa a zazzage hashes na Authenticode dangane da algorithm SHA256 a cikin nau'in fayilolin cat (an yi amfani da shi don tabbatar da fayilolin aiwatar da Windows ta lambobi).
source: budenet.ru