Tom qab rau lub hlis ntawm txoj kev loj hlob, Cisco tau tshaj tawm qhov kev tso tawm dawb antivirus suite ClamAV 1.3.0. Qhov project tau dhau mus rau hauv tes ntawm Cisco hauv 2013 tom qab kev yuav khoom Sourcefire, lub tuam txhab tsim ClamAV thiab Snort. Txoj haujlwm code raug faib raws li daim ntawv tso cai GPLv2. 1.3.0 ceg yog cais raws li niaj zaus (tsis yog LTS), hloov tshiab uas tau tshaj tawm tsawg kawg 4 lub hlis tom qab thawj zaug tso tawm ntawm ceg tom ntej. Muaj peev xwm rub tawm cov ntaub ntawv kos npe rau cov ceg ntoo uas tsis yog LTS kuj tau muab rau tsawg kawg 4 lub hlis tom qab tso tawm ntawm ceg tom ntej.
Kev txhim kho tseem ceeb hauv ClamAV 1.3:
- Ntxiv kev txhawb nqa rau rho tawm thiab tshuaj xyuas cov ntawv txuas siv hauv Microsoft OneNote cov ntaub ntawv. OneNote parsing yog qhib los ntawm lub neej ntawd, tab sis tuaj yeem ua tsis taus yog tias xav tau los ntawm kev teeb tsa "ScanOneNote tsis muaj" hauv clamd.conf, qhia cov kab hais kom ua "--scan-onenote = tsis" thaum khiav cov khoom siv clamscan, lossis ntxiv CL_SCAN_PARSE_ONENOTE chij rau cov options.parse parameter thaum siv libclamav.
- Kev sib dhos ntawm ClamAV hauv BeOS-zoo li kev khiav haujlwm Haiku tau tsim.
- Ntxiv kos rau clamd rau qhov muaj nyob ntawm daim ntawv teev npe rau cov ntaub ntawv ib ntus teev nyob rau hauv cov ntaub ntawv clamd.conf ntawm TemporaryDirectory cov lus qhia. Yog tias daim ntawv teev npe no ploj lawm, cov txheej txheem tam sim no tawm nrog qhov yuam kev.
- Thaum teeb tsa cov tsev qiv ntawv zoo li qub hauv CMake, kev teeb tsa ntawm cov tsev qiv ntawv zoo li qub libclamav_rust, libclammspack, libclamunrar_iface thiab libclamunrar, siv hauv libclamav, yog ua kom ntseeg tau.
- Siv hom ntaub ntawv nrhiav kom tau sau ua ke Python scripts (.pyc). Cov ntaub ntawv hom tau dhau los hauv daim ntawv ntawm txoj hlua parameter CL_TYPE_PYTHON_COMPILED, txhawb nqa hauv clcb_pre_cache, clcb_pre_scan thiab clcb_file_inspection functions.
- Txhim kho kev txhawb nqa rau decrypting PDF cov ntaub ntawv nrog tus password dawb.
Tib lub sijhawm, ClamAV 1.2.2 thiab 1.0.5 hloov tshiab tau tsim, uas kho ob qhov tsis zoo cuam tshuam rau ceg 0.104, 0.105, 1.0, 1.1 thiab 1.2:
- CVE-2024-20328 - Muaj peev xwm hloov pauv cov lus txib thaum tshawb xyuas cov ntaub ntawv hauv clamd vim yog qhov yuam kev hauv kev ua raws li "VirusEvent" cov lus qhia, siv los khiav qhov kev txiav txim siab yog tias kuaj pom tus kab mob. Cov ntsiab lus ntawm kev siv qhov tsis zoo tseem tsis tau nthuav tawm; txhua yam uas paub yog tias qhov teeb meem raug kho los ntawm kev cuam tshuam kev txhawb nqa rau '%f' txoj hlua formatting parameter hauv VirusEvent, uas tau hloov nrog lub npe ntawm cov ntaub ntawv muaj kab mob.
Thaj, qhov kev tawm tsam kub hnyiab mus rau kev xa cov npe tshwj xeeb tsim ntawm cov ntaub ntawv muaj kab mob uas muaj cov cim tshwj xeeb uas tsis tuaj yeem khiav tawm thaum khiav cov lus txib tau teev tseg hauv VirusEvent. Nws yog ib qho tseem ceeb uas qhov tsis zoo sib xws tau raug kho nyob rau xyoo 2004 thiab tseem los ntawm kev tshem tawm kev txhawb nqa rau '%f' hloov pauv, uas tau rov qab los hauv kev tso tawm ClamAV 0.104 thiab coj mus rau kev txhawb siab ntawm qhov qub qhov tsis zoo. Hauv qhov tsis zoo qub, txhawm rau ua tiav koj cov lus txib thaum kuaj kab mob, koj tsuas yog yuav tsum tsim cov ntaub ntawv hu ua "; mkdir muaj" thiab sau tus kab mob kuaj kos npe rau hauv nws.
- CVE-2024-20290 yog qhov tsis txaus nyob rau hauv OLE2 cov ntaub ntawv parsing code, uas tuaj yeem siv los ntawm cov chaw taws teeb tsis muaj pov thawj tsis lees paub los ua kom tsis lees txais kev pabcuam (kev sib tsoo ntawm cov txheej txheem scanning). Qhov teeb meem yog tshwm sim los ntawm qhov tsis raug ntawm qhov kawg ntawm kab tshuaj xyuas thaum lub sij hawm luam theej duab cov ntsiab lus, ua rau kev nyeem ntawv los ntawm ib cheeb tsam sab nraum qhov tsis muaj ciam teb.
Tau qhov twg los: opennet.ru