Emva kweenyanga ezintandathu zophuhliso, iCisco ipapashe ukukhululwa kwe-antivirus yasimahla yeClamAV 1.3.0. Iprojekthi idlule ezandleni zeCisco kwi-2013 emva kokuthenga i-Sourcefire, inkampani ephuhlisa iClamAV kunye ne-Snort. Ikhowudi yeprojekthi isasazwa phantsi kwelayisensi ye-GPLv2. Isebe le-1.3.0 lihlelwa njengesiqhelo (kungekhona i-LTS), uhlaziyo olupapashwa ubuncinane kwiinyanga ezi-4 emva kokukhutshwa kokuqala kwesebe elilandelayo. Ukukwazi ukukhuphela i-database yesiginitsha kumasebe angengawo e-LTS kukwabonelelwa ubuncinane ezinye iinyanga ezi-4 emva kokukhululwa kwesebe elilandelayo.
Uphuculo oluphambili kwiClamAV 1.3:
- Inkxaso eyongeziweyo yokutsala kunye nokujonga izincamatheliso ezisetyenziswe kwiifayile zeMicrosoft OneNote. Ukwahlulahlula kwe-OneNote kwenziwe ngokungagqibekanga, kodwa kunokuvalwa ukuba kuyafunwa ngokuseta "ScanOneNote no" kwi-clamd.conf, ichaza ukhetho lomyalelo "--scan-onenote=no" xa usebenzisa into eluncedo yeclamscan, okanye ukongeza iflegi yeCL_SCAN_PARSE_ONENOTE iinketho.calula iparamitha xa usebenzisa libclamav.
- Indibano yeClamAV kwinkqubo yokusebenza efana ne-BeOS iHaiku isekiwe.
- Kongezwe ukukhangela kwi-clamd kubukho bolawulo lweefayile zexeshana ezichazwe kwifayile ye-clamd.conf ngomyalelo weTemporaryDirectory. Ukuba olu luhlu lulahlekile, inkqubo ngoku iphuma ngempazamo.
- Xa useka ukwakhiwa kwamathala eencwadi amileyo kwi-CMake, ukufakwa kweelayibrari ezingatshintshiyo libclamav_rust, libclammspack, libclamunrar_iface kunye ne-libclamunrar, ezisetyenziswe kwi-libclamav, ziqinisekisiwe.
- Ukufunyaniswa kohlobo lwefayile oluphunyeziweyo kuqulunqo lwemibhalo yePython ehlanganisiweyo (.pyc). Uhlobo lwefayile lupasiswa ngohlobo lweparameter yomtya CL_TYPE_PYTHON_COMPILED, exhaswa kwi clcb_pre_cache, clcb_pre_scan kunye clcb_file_inspection imisebenzi.
- Inkxaso ephuculweyo yokucofa amaxwebhu ePDF ngegama eliyimfihlo elingenanto.
Kwangaxeshanye, iClamAV 1.2.2 kunye nohlaziyo lwe-1.0.5 lwenziwa, olulungisa ububuthathaka obubini obuchaphazela amasebe 0.104, 0.105, 1.0, 1.1 kunye ne-1.2:
- I-CVE-2024-20328 - Inokwenzeka yokutshintshwa komyalelo ngexesha lokuskena ifayile kwi-clamd ngenxa yephutha ekuphunyezweni komyalelo we "VirusEvent", osetyenziselwa ukuqhuba umyalelo ongekho mthethweni ukuba intsholongwane ifunyenwe. Iinkcukacha zoxhatshazo lobuthathaka azikabhengezwa, into eyaziwayo kukuba ingxaki yalungiswa ngokukhubaza inkxaso yeparameter yokufomatha komtya weVirusEvent '%f', eyatshintshwa kwafakwa igama lefayile eyosulelekileyo.
Kuyabonakala ukuba, uhlaselo lubilisa ukuhambisa igama eliyilwe ngokukodwa lefayile eyosulelekileyo equlethe abalinganiswa abakhethekileyo abangenako ukubaleka xa uqhuba umyalelo ochazwe kwiVirusEvent. Kuyaphawuleka ukuba ubuthathaka obufanayo bebusele bulungisiwe ngo-2004 kwaye kwakhona ngokususa inkxaso yokutshintshwa kwe-'%f', eyathi yabuyiswa ekukhululweni kwe-ClamAV 0.104 kwaye yakhokelela ekuvuseleleni ubuthathaka obudala. Kubuthathaka obudala, ukwenza umyalelo wakho ngexesha lokuskena intsholongwane, kufuneka wenze kuphela ifayile ebizwa ngokuba β; mkdir owned" kwaye ubhale utyikityo lovavanyo lwentsholongwane kuyo.
- I-CVE-2024-20290 yi-buffer ephuphumayo kwikhowudi yokwahlulahlula ifayile ye-OLE2, enokusetyenziswa ngumhlaseli okude ongagunyaziswanga ukubangela ukwaliwa kwenkonzo (ukuphazamiseka kwenkqubo yokuskena). Umba ubangelwa kukutshekishwa kokuphela komgca okungachanekanga ngexesha lokuskena umxholo, okukhokelela ekubeni kufundwe kwindawo engaphandle komda webuffer.
umthombo: opennet.ru