Cisco e hlahisitse tokollo e ncha e ncha ea sesebelisoa sa eona sa mahala sa antivirus, ClamAV 0.105.0, hape e phatlalalitse tokollo ea tokiso ea ClamAV 0.104.3 le 0.103.6 e lokisang bofokoli le liphoso. A re hopoleng hore morero ona o ile oa fetela matsohong a Cisco ka 2013 ka mor'a ho reka Sourcefire, k'hamphani e hlahisang ClamAV le Snort. Khoutu ea projeke e ajoa tlasa laesense ea GPLv2.
Lintlafatso tsa bohlokoa ho ClamAV 0.105:
- Moqapi oa puo ea Rust o kenyelelitsoe ho litšepeho tse hlokahalang tsa moaho. Ho aha ho hloka bonyane Rust 1.56. Lilaebrari tse hlokahalang tse itšetlehileng ka Rust li kenyelelitsoe ka har'a sephutheloana sa mantlha sa ClamAV.
- Khoutu ea ntlafatso e ntseng e eketseha ea polokelo ea polokelo ea litaba (CDIFF) e ngotsoe bocha ho Rust. Ts'ebetsong e ncha e entse hore ho khonehe ho potlakisa haholo ts'ebeliso ea lintlafatso tse tlosang palo e kholo ea li-signature ho tsoa ho database. Ona ke mojule oa pele o ngotsoeng bocha ka Rust.
- Litekanyetso tsa moeli oa kamehla li ekelitsoe:
- MaxScanSize: 100M> 400M
- MaxFileSize: 25M > 100M
- StreamMaxLength: 25M > 100M
- PCREMaxFileSize: 25M > 100M
- MaxEmbeddedPE: 10M > 40M
- MaxHTMLNormaise: 10M > 40M
- MaxScriptNormaze: 5M > 20M
- MaxHTMLNoTags: 2M > 8M
- Boholo ba mohala oa li-file tsa freshclam.conf le clamd.conf li ekelitsoe ho tloha ho litlhaku tse 512 ho ea ho tse 1024 (ha u hlakisa li-tokens tsa phihlello, parameter ea DatabaseMirror e ka feta li-byte tse 512).
- Ho tsebahatsa litšoantšo tse sebelisoang bakeng sa phishing kapa kabo ea malware, ts'ehetso e kentsoe ts'ebetsong bakeng sa mefuta e mecha ea mesaeno e nang le kelello e sebelisang mokhoa o sa hlakang oa hashing, o lumellang ho khetholla lintho tse ts'oanang ka mokhoa o itseng. Ho hlahisa hashe e lerootho bakeng sa setšoantšo, o ka sebelisa taelo "sigtool -fuzzy-img".
- ClamScan le ClamDScan li na le bokhoni ba ho hlahloba memori e hahelletsoeng. Karolo ena e fetisitsoe ho tsoa ho sephutheloana sa ClamWin mme e tobile sethaleng sa Windows. E kentsoe "--memory", "--kill" le "--unload" likhetho ho ClamScan le ClamDScan sethaleng sa Windows.
- Likarolo tse ntlafalitsoeng tsa nako ea ho sebetsa bakeng sa ho sebelisa bytecode ho ipapisitse le LLVM. Ho eketsa ts'ebetso ea ho hlahloba ha e bapisoa le mofetoleli oa bytecode ea kamehla, mokhoa oa ho kopanya oa JIT o hlahisitsoe. Tšehetso bakeng sa mefuta ea khale ea LLVM e khaotsoe; LLVM mefuta ea 8 ho isa ho 12 e se e ka sebelisoa mosebetsing.
- Setlhophiso sa GenerateMetadataJson se kentsoe ho Clamd, e lekanang le khetho ea "--gen-json" ho clamscan 'me e etsa hore metadata e mabapi le tsoelo-pele ea ho hlahloba hore e ngoloe faeleng ea metadata.json ka sebopeho sa JSON.
- E fane ka bokhoni ba ho haha ka ho sebelisa laeborari ea kantle ea TomsFastMath (libtfm), e nolofalitsoeng ho sebelisoa likhetho "-D ENABLE_EXTERNAL_TOMSFASTMATH=ON", "-D TomsFastMath_INCLUDE_DIR=" le "-D TomsFastMath_LIBRARY=". Khopi e kenyellelitsoeng ea laeborari ea TomsFastMath e ntlafalitsoe hore e be mofuta oa 0.13.1.
- Ts'ebeliso ea Freshclam e ntlafalitse boitšoaro ha e sebetsana le nako ea ReceiveTimeout, eo hajoale e emisang feela ho khoasolla sehatsetsing 'me e sa sitisoe ho khoasolla butle ka data e fetisetsoang mecheng ea puisano e fosahetseng.
- Ts'ehetso e ekelitsoeng ea ho aha ClamdTop o sebelisa laeborari ea ncursesw haeba ncurses e le sieo.
- Bofokoli bo tsitsitse:
- CVE-2022-20803 ke mahala habeli ho OLE2 faele parser.
- CVE-2022-20770 Loop e sa feleng ho sekhechana sa faele sa CHM.
- CVE-2022-20796 - Ho oa ka lebaka la NULL pointer dereference ho cache check code.
- CVE-2022-20771 - Loop e sa feleng ka har'a sehlahlo sa faele sa TIFF.
- CVE-2022-20785 - Memori e lutla ho parser ea HTML le Javascript normalizer.
- CVE-2022-20792 - Buffer e phalla ka har'a mojule oa ho kenya polokelo ea polokelo ea lets'oao.
Source: opennet.ru