Cisco tau tshaj tawm qhov kev tso tawm tshiab loj ntawm nws qhov dawb antivirus suite, ClamAV 0.105.0, thiab tseem tau tshaj tawm cov kev hloov kho tshiab ntawm ClamAV 0.104.3 thiab 0.103.6 uas kho qhov tsis zoo thiab kab laum. Cia peb nco qab tias qhov project tau dhau mus rau hauv tes ntawm Cisco hauv 2013 tom qab kev yuav khoom ntawm Sourcefire, lub tuam txhab tsim ClamAV thiab Snort. Txoj haujlwm code raug faib raws li daim ntawv tso cai GPLv2.
Kev txhim kho tseem ceeb hauv ClamAV 0.105:
- Lub compiler rau cov lus Rust muaj nyob rau hauv qhov tsim kom muaj kev vam meej. Tsim kom muaj tsawg kawg yog Rust 1.56. Cov tsev qiv ntawv uas tsim nyog nyob rau hauv Rust muaj nyob rau hauv lub ntsiab ClamAV pob.
- Cov cai rau kev hloov kho ntxiv ntawm cov ntaub ntawv khaws cia (CDIFF) tau raug sau dua tshiab hauv Rust. Qhov kev siv tshiab tau ua rau nws muaj peev xwm ua kom nrawm nrawm ntawm daim ntawv thov hloov tshiab uas tshem tawm ntau tus neeg kos npe los ntawm cov ntaub ntawv. Qhov no yog thawj module rewritten nyob rau hauv Rust.
- Qhov kev txwv tsis pub muaj txiaj ntsig tau nce ntxiv:
- MaxScanSize: 100M> 400M
- MaxFileSize: 25M> 100M
- StreamMaxLength: 25M> 100M
- PCREMaxFileSize: 25M> 100M
- MaxEmbeddedPE: 10M> 40M
- MaxHTMLNormalize: 10M > 40M
- MaxScriptNormalize: 5M> 20M
- MaxHTMLNoTags: 2M > 8M
- Qhov siab tshaj plaws kab loj hauv cov ntaub ntawv freshclam.conf thiab clamd.conf configuration tau nce los ntawm 512 mus rau 1024 cim (thaum qhia txog kev nkag tokens, DatabaseMirror parameter tuaj yeem tshaj 512 bytes).
- Txhawm rau txheeb xyuas cov duab siv rau phishing lossis malware faib, kev txhawb nqa tau siv rau hom kev kos npe tshiab uas siv txoj kev fuzzy hashing, uas tso cai rau txheeb xyuas cov khoom zoo sib xws nrog qee qhov kev tshwm sim. Txhawm rau tsim kom muaj fuzzy hash rau cov duab, koj tuaj yeem siv cov lus txib "sigtool -fuzzy-img".
- ClamScan thiab ClamDScan muaj cov txheej txheem tsim ua lub cim xeeb scanning. Cov yam ntxwv no tau raug xa mus los ntawm ClamWin pob thiab tshwj xeeb rau Windows platform. Ntxiv "--memory", "--tua" thiab "--unload" xaiv rau ClamScan thiab ClamDScan ntawm lub Windows platform.
- Hloov kho lub sijhawm ua haujlwm rau kev ua haujlwm bytecode raws li LLVM. Txhawm rau nce kev ua haujlwm scanning piv rau tus neeg txhais lus bytecode default, JIT compilation hom tau thov. Kev them nyiaj yug rau cov laus versions ntawm LLVM tau raug txiav lawm; LLVM versions 8 txog 12 tam sim no siv tau rau kev ua haujlwm.
- Ib qho GenerateMetadataJson qhov chaw tau ntxiv rau Clamd, uas yog sib npaug rau "--gen-json" kev xaiv hauv clamscan thiab ua rau cov ntaub ntawv metadata txog kev ua tiav scan yuav sau rau hauv metadata.json cov ntaub ntawv hauv JSON hom.
- Nws tuaj yeem tsim siv lub tsev qiv ntawv sab nraud TomsFastMath (libtfm), qhib siv cov kev xaiv "-D ENABLE_EXTERNAL_TOMSFASTMATH=ON", "-D TomsFastMath_INCLUDE_DIR= " thiab " -D TomsFastMath_LIBRARY = " Cov ntawv luam ntawm TomsFastMath tsev qiv ntawv tau raug hloov kho rau version 0.13.1.
- Lub tshuab hluav taws xob Freshclam tau txhim kho tus cwj pwm thaum tuav lub sij hawm txais txais Timeout, uas tam sim no tsuas yog txiav cov downloads khov thiab tsis cuam tshuam cov rub tawm qeeb nrog cov ntaub ntawv xa mus rau cov kev sib txuas lus tsis zoo.
- Ntxiv kev txhawb nqa rau kev tsim ClamdTop siv lub tsev qiv ntawv ncursesw yog tias ncurses ploj lawm.
- Vulnerabilities fixed:
- CVE-2022-20803 yog ob zaug pub dawb hauv OLE2 cov ntaub ntawv parser.
- CVE-2022-20770 Ib lub voj tsis kawg hauv CHM cov ntaub ntawv parser.
- CVE-2022-20796 - Crash vim yog NULL pointer dereference hauv cache check code.
- CVE-2022-20771 - Infinite voj nyob rau hauv TIFF cov ntaub ntawv parser.
- CVE-2022-20785 - Nco xau hauv HTML parser thiab Javascript normalizer.
- CVE-2022-20792 - Buffer overflow hauv kos npe database loading module.
Tau qhov twg los: opennet.ru