Cisco yakaunza kuburitswa kukuru kutsva kwayo yemahara antivirus suite, ClamAV 0.105.0, uye yakaburitsawo kururamisa kuburitswa kweClamAV 0.104.3 uye 0.103.6 inogadzirisa kusagadzikana uye tsikidzi. Ngatiyeukei kuti purojekiti yakapfuura mumaoko eCisco muna 2013 mushure mekutengwa kweSourcefire, iyo kambani inogadzira ClamAV uye Snort. Iyo kodhi yeprojekiti yakagoverwa pasi peGPLv2 rezinesi.
Kuvandudza kwakakosha muClamAV 0.105:
- A compiler yeRust mutauro inosanganisirwa mune inodiwa kuvaka inotsamira. Kuvaka kunoda kanenge Rust 1.56. Iwo anodiwa anotsamira maraibhurari muRust anosanganisirwa mune huru ClamAV package.
- Iyo kodhi yekuwedzera yekuvandudza yedatabase archive (CDIFF) yakanyorwazve muRust. Kuitwa kutsva kwaita kuti zvikwanise kukurumidza kukurumidza kushandiswa kwezvigadziriso zvinobvisa nhamba huru yemasaini kubva kudhatabhesi. Iyi ndiyo module yekutanga kunyorwazve muRust.
- Iwo default muganho kukosha akawedzerwa:
- MaxScanSize: 100M> 400M
- MaxFileSize: 25M> 100M
- StreamMaxLength: 25M> 100M
- PCREMaxFileSize: 25M> 100M
- MaxEmbeddedPE: 10M > 40M
- MaxHTMLNormalize: 10M> 40M
- MaxScriptNormalize: 5M > 20M
- MaxHTMLNoTags: 2M > 8M
- Ukuru hwemutsetse wepamusoro mu freshclam.conf uye clamd.conf configuration mafaira akawedzerwa kubva 512 kusvika 1024 mavara (pakutsanangura kuwana tokens, DatabaseMirror parameter inogona kudarika 512 bytes).
- Kuti uone mifananidzo inoshandiswa kubira kana kugovera malware, tsigiro yakaitwa yemhando nyowani yemasiginecha ane musoro anoshandisa nzira isinganzwisisike yehashing, iyo inobvumira kuziva zvinhu zvakafanana nehumwe dhigirii remukana. Kugadzira hashi isinganzwisisike yemufananidzo, unogona kushandisa murairo "sigtool -fuzzy-img".
- ClamScan uye ClamDScan vane yakavakirwa-mukati memory scanning kugona. Ichi chimiro chakatamiswa kubva kuClamWin package uye chakanangana neWindows platform. Yakawedzerwa "--memory", "--kuuraya" uye "--unload" sarudzo kuClamScan uye ClamDScan paWindows platform.
- Yakagadziridzwa runtime zvikamu zvekushandisa bytecode zvichibva paLLVM. Kuti uwedzere kuita kwekutarisa kana uchienzaniswa neakasarudzika bytecode muturikiri, JIT yekubatanidza modhi yakatsanangurwa. Tsigiro yeshanduro dzekare dzeLLVM dzakamiswa; LLVM shanduro 8 kusvika 12 zvino inogona kushandiswa kubasa.
- Gadziriro yeGenerateMetadataJson yawedzerwa kuClamd, iyo yakaenzana ne "--gen-json" sarudzo mu clamscan uye inokonzeresa metadata nezvekufambira mberi kwekuongorora kunyorwa kune metadata.json faira muJSON fomati.
- Zvinogoneka kuvaka uchishandisa raibhurari yekunze TomsFastMath (libtfm), inogoneswa uchishandisa sarudzo "-D ENABLE_EXTERNAL_TOMSFASTMATH=ON", "-D TomsFastMath_INCLUDE_DIR= "uye"-D TomsFastMath_LIBRARY= " Kopi inosanganisirwa yeraibhurari yeTomsFastMath yakagadziridzwa kuita shanduro 0.13.1.
- Iyo Freshclam utility yakagadziridza maitiro kana uchibata iyo ReceiveTimeout nguva yekubuda, iyo ikozvino inomisa kurodha pasi nechando uye haikanganise kurodha kunononoka kurodha nedhata inotamiswa pamusoro pematanho asina kunaka ekutaurirana.
- Yakawedzerwa rutsigiro rwekuvaka ClamdTop uchishandisa iyo ncursesw raibhurari kana ncurses isipo.
- Kusagadzikana kwakagadziriswa:
- CVE-2022-20803 ndeyemahara kaviri muOLE2 faira parser.
- CVE-2022-20770 Iyo isingaperi loop muCHM faira parser.
- CVE-2022-20796 - Kuparara nekuda kweiyo NULL pointer dereference mune cache cheki kodhi.
- CVE-2022-20771 - Isingaperi loop muTIFF faira parser.
- CVE-2022-20785 - Memory leak muHTML parser uye Javascript normalizer.
- CVE-2022-20792 - Buffer kufashukira mune siginecha dhatabhesi yekurodha module.
Source: opennet.ru