ProHoster > Blog > internet nhau > Cisco yakaburitsa yemahara antivirus package ClamAV 0.104

Cisco yakaburitsa yemahara antivirus package ClamAV 0.104

Cisco yakazivisa kuburitswa kukuru kutsva kweyemahara antivirus suite, ClamAV 0.104.0. Ngatiyeukei kuti purojekiti yakapfuura mumaoko eCisco muna 2013 mushure mekutengwa kweSourcefire, iyo kambani inogadzira ClamAV uye Snort. Iyo kodhi yeprojekiti yakagoverwa pasi peGPLv2 rezinesi.

Panguva imwecheteyo, Cisco yakazivisa kutanga kwekuumbwa kwemapazi eClamAV kwenguva refu yekutsigira (LTS), ayo achatsigirwa kwemakore matatu kubva pazuva rekuburitswa kwekutanga kuburitswa mubazi. Bazi rekutanga reLTS richave ClamAV 0.103, zvigadziriso zvine hurema uye nyaya dzakakomba zvichaburitswa kusvika 2023.

Zvigadziriso zvemapazi enguva dzose asiri eLTS zvichatsikiswa kweinenge mwedzi 4 mushure mekuburitswa kwekutanga kwebazi rinotevera (semuenzaniso, zvigadziriso zvebazi reClamAV 0.104.x zvichatsikiswa kweimwe mwedzi 4 mushure mekuburitswa kweClamAV 0.105.0. 4). Iko kugona kudhawunirodha dhatabhesi siginecha yeasiri-LTS matavi anozopihwa zvakare kweinenge imwe mwedzi XNUMX mushure mekuburitswa kwebazi rinotevera.

Imwe shanduko yakakosha yaive kuumbwa kwemapakeji ekumisikidza zviri pamutemo, zvichikubvumidza kuti uvandudze pasina kuvakazve kubva kuzvinyorwa zvezvinyorwa uye pasina kumirira kuti mapakeji aonekwe mukugovera. Iwo mapakeji akagadzirirwa Linux (mu RPM uye DEB mafomati mushanduro dze x86_64 uye i686 architecture), macOS (ye x86_64 uye ARM64, kusanganisira rutsigiro rweApple M1 chip) uye Windows (x64 uye win32). Pamusoro pezvo, kuburitswa kwemifananidzo yemidziyo yepamutemo paDocker Hub kwatanga (mifananidzo inopihwa zvese uye isina yakavakirwa-mukati siginecha dhatabhesi). Mune ramangwana, ndakaronga kuburitsa RPM neDEB mapakeji eiyo ARM64 yekuvaka uye kutumira magungano eFreeBSD (x86_64).

Kuvandudza kwakakosha muClamAV 0.104:

  • Shanduko yekushandisa iyo CMake musangano system, kuvapo kwayo kwave kudiwa kuvaka ClamAV. Autotools uye Visual Studio kuvaka masisitimu akamiswa.
  • Izvo zvikamu zveLLVM zvakavakwa mukugovera zvakabviswa nekuda kwekushandisa ekunze ekunze LLVM maraibhurari. Munguva yekumhanya, kugadzirisa masiginecha ane akavakirwa-mukati bytecode, nekusarudzika muturikiri webytecode anoshandiswa, uyo asina JIT rutsigiro. Kana uchida kushandisa LLVM pachinzvimbo chemuturikiri webytecode paunenge uchivaka, unofanira kunyatsotsanangura nzira dzinoenda kumaraibhurari eLLVM 3.6.2 (rutsigiro rwezvitsva zvinoburitswa rwakarongwa kuti ruwedzerwe gare gare)
  • Iyo clamd uye freshclam maitiro ave kuwanikwa seWindows masevhisi. Kuisa masevhisi aya, iyo "-install-service" sarudzo inopihwa, uye kutanga iwe unogona kushandisa yakajairwa "net kutanga [zita]" kuraira.
  • Sarudzo nyowani yekuongorora yakawedzerwa inonyevera nezve kuendeswa kweakakuvadzwa graphic mafaira, kuburikidza neanogona kuedza anogona kuitwa kushandisa kusasimba mumaraibhurari ane graphic. Kusimbiswa kwefomati kunoitwa kuJPEG, TIFF, PNG uye GIF mafaera, uye kunogoneswa kuburikidza neAlertBrokenMedia kuseta mu clamd.conf kana "--alert-broken-media" yekuraira mutsara muclamscan.
  • Akawedzera mhando itsva CL_TYPE_TIFF neCL_TYPE_JPEG kuti zvienderane netsananguro yeGIF nePNG mafaera. Mhando dzeBMP neJPEG 2000 dzinoramba dzichitsanangurwa kunzi CL_TYPE_GRAPHICS nekuti kupatsanurwa kwemafomati hakuna kutsigirwa kwavari.
  • ClamScan yakawedzera chiratidziro chekufambira mberi kwekuisa siginecha uye kuunganidzwa kweinjini, izvo zvinoitwa kusati kwatanga scanning. Chiratidzo hachina kuratidzwa kana chakatangwa kubva kunze kweiyo terminal kana imwe yesarudzo "--debug", "-nyarara", "-infected", "-no-summary" inotsanangurwa.
  • Kuti uratidze kufambira mberi, libclamav yakawedzera callback call cl_engine_set_clcb_sigload_progress(), cl_engine_set_clcb_engine_compile_progress() uye injini yemahara: cl_engine_set_clcb_engine_free_progress(), iyo maapplication anogona kuteedzera uye kusaina nhanho yekuisa nhanho yekumisikidza exe yekuisa.
  • Yakawedzera tsigiro yetambo yekumisikidza mask "%f" kune VirusEvent sarudzo yekutsiva nzira yefaira umo hutachiona hwakaonekwa (yakafanana ne "% v" mask ine zita rehutachiona hwakaonekwa). MuVirusEvent, kushanda kwakafanana kunowanikwa zvakare kuburikidza neiyo $CLAM_VIRUSEVENT_FILENAME uye $CLAM_VIRUSEVENT_VIRUSNAME nharaunda zvinosiyana.
  • Kuvandudzwa kwekuita kwe AutoIt script unpacking module.
  • Yakawedzerwa rutsigiro rwekutora mifananidzo kubva *.xls mafaera (Excel OLE2).
  • Zvinogoneka kudhaunirodha Authenticode hashes zvichibva pane SHA256 algorithm nenzira ye *.cat mafaira (anoshandiswa kuonesa akasainwa nedigital Windows executable files).

Source: opennet.ru

Voeg