ProHoster > Blog > internet nhau > Cisco yakaburitsa iyo ClamAV 1.3.0 antivirus package uye yakagadzirisa njodzi ine njodzi

Cisco yakaburitsa iyo ClamAV 1.3.0 antivirus package uye yakagadzirisa njodzi ine njodzi

Mushure memwedzi mitanhatu yebudiriro, Cisco yakaburitsa kuburitswa kwemahara antivirus suite ClamAV 1.3.0. Iyo purojekiti yakapfuura mumaoko eCisco muna 2013 mushure mekutenga Sourcefire, iyo kambani inogadzira ClamAV uye Snort. Iyo kodhi yeprojekiti yakagoverwa pasi peGPLv2 rezinesi. Bazi re1.3.0 rinorongedzerwa senguva dzose (kwete LTS), zvigadziriso zvinoburitswa kanokwana mwedzi mina mushure mekuburitswa kwekutanga kwebazi rinotevera. Iko kugona kudhawunirodha dhatabhesi siginecha yeasiri-LTS matavi anopihwa zvakare kweinenge imwe mwedzi 4 mushure mekuburitswa kwebazi rinotevera.

Kuvandudza kwakakosha muClamAV 1.3:

  • Yakawedzera tsigiro yekubvisa uye yekutarisa zvakanamirwa zvinoshandiswa muMicrosoft OneNote mafaera. OneNote parsing inogoneswa nekusingaperi, asi inogona kudzimwa kana ichidiwa nekuisa "ScanOneNote no" mu clamd.conf, uchitsanangura sarudzo yemutsara wekuraira "--scan-onenote=no" paunenge uchimhanyisa clamsca utility, kana kuwedzera mureza weCL_SCAN_PARSE_ONENOTE ku. the options.parse parameter paunenge uchishandisa libclamav.
  • Gungano reClamAV muBeOS-like operating system Haiku yakatangwa.
  • Yakawedzerwa cheki ku clamd yekuvapo kwedhairekitori remafaira echinguvana anotsanangurwa mu clamd.conf faira kuburikidza ne TemporaryDirectory rairo. Kana dhairekitori iri risipo, maitiro acho anobuda nekukanganisa.
  • Pakumisikidza kuvakwa kwemaraibhurari akasimba muCMake, kuiswa kwemaibhurari estatic libclamav_rust, libclammspack, libclamunrar_iface uye libclamunrar, inoshandiswa mu libclamav, inovimbiswa.
  • Yakaitwa yekuona mhando yefaira yezvinyorwa zvePython zvakaunganidzwa (.pyc). Mhando yefaira inopfuudzwa muchimiro chetambo parameter CL_TYPE_PYTHON_COMPILED, inotsigirwa mu clcb_pre_cache, clcb_pre_scan uye clcb_file_inspection mabasa.
  • Rutsigiro rwakavandudzwa rwekunyora zvinyorwa zvePDF nepassword isina chinhu.

Panguva imwecheteyo, ClamAV 1.2.2 uye 1.0.5 zvigadziriso zvakagadzirwa, izvo zvakagadzirisa kusagadzikana kuviri kunobata mapazi 0.104, 0.105, 1.0, 1.1 uye 1.2:

  • CVE-2024-20328 - Kugona kwekuraira kutsiva panguva yekutarisa faira mu clamd nekuda kwechikanganiso mukuitwa kwe "VirusEvent" rairo, rinoshandiswa kumhanyisa rairo kana hutachiona hwaonekwa. Tsanangudzo yekushandiswa kwekusagadzikana haisati yaburitswa; zvese zvinozivikanwa ndezvekuti dambudziko rakagadziriswa nekudzima tsigiro yeVirusEvent tambo yekufometa parameter '%f', iyo yakatsiviwa nezita reiyo faira ine hutachiona.

    Sezviri pachena, kurwiswa kwacho kunosvika pakutumira zita rakagadzirirwa rakagadzirirwa faira rine hutachiona husingakwanise kupukunyuka kana uchimhanyisa murairo wakatsanangurwa muVirusEvent. Zvinokosha kuziva kuti kusagadzikana kwakafanana kwakatogadziriswa muna 2004 uye zvakare nekubvisa tsigiro yekutsiva '%f', iyo yakadzoserwa mukuburitswa kweClamAV 0.104 uye ikatungamira kumutsiridzo yekusagadzikana kwekare. Mukusagadzikana kwekare, kuita rairo yako panguva yekuongorora hutachiona, waingofanirwa kugadzira faira rakanzi β€œ; mkdir owned" uye nyora siginecha yekuongorora hutachiona mairi.

  • CVE-2024-20290 ndeye buffer kufashukira muOLE2 faira parsing kodhi, iyo inogona kushandiswa neasingabvumirwe anorwisa kukonzeresa kurambwa kwesevhisi (kuparara kwemaitiro ekuongorora). Iyo nyaya inokonzereswa nekusarongeka kwekupedzisira-kwe-line kutarisa panguva yemukati scanning, zvichikonzera kuverenga kubva kune imwe nzvimbo iri kunze kwemuganho webuffer.

Source: opennet.ru

Voeg