I-Cisco ibhengeze ukukhutshwa okukhulu kwe-antivirus yasimahla, iClamAV 0.104.0. Masikhumbule ukuba iprojekthi idluliselwe ezandleni zikaCisco kwi-2013 emva kokuthengwa kwe-Sourcefire, inkampani ephuhlisa iClamAV kunye ne-Snort. Ikhowudi yeprojekthi isasazwa phantsi kwelayisensi ye-GPLv2.
Ngelo xesha, iCisco ibhengeze ukuqala kokusekwa kwamasebe eClamAV enkxaso yexesha elide (LTS), eya kuxhaswa iminyaka emithathu ukususela kumhla wokupapashwa kokuqala kwisebe. Isebe lokuqala le-LTS liya kuba yiClamAV 0.103, uhlaziyo olunobuthathaka kunye nemiba ebalulekileyo iya kukhutshwa kude kube yi-2023.
Uhlaziyo lwamasebe angengo-LTS oluqhelekileyo luya kupapashwa ubuncinane kwezinye iinyanga ze-4 emva kokukhululwa kokuqala kwesebe elilandelayo (umzekelo, ukuhlaziywa kwesebe le-ClamAV 0.104.x kuya kupapashwa kwezinye iinyanga ze-4 emva kokukhululwa kweClamAV 0.105.0. 4). Ukukwazi ukukhuphela i-database yesiginitsha kumasebe angengawo awe-LTS kuya kubonelelwa kwakhona ubuncinane ezinye iinyanga ezi-XNUMX emva kokukhululwa kwesebe elilandelayo.
Olunye utshintsho olubalulekileyo yayikukwenziwa kweepakethe zokufakela ezisemthethweni, ezikuvumela ukuba uhlaziye ngaphandle kokwakha kwakhona ukusuka kwimibhalo yemvelaphi kwaye ngaphandle kokulinda ukuba iipakethe zivele kunikezelo. Iiphakheji zilungiselelwe i-Linux (kwiifomathi ze-RPM kunye ne-DEB kwiinguqulelo ze-x86_64 kunye ne-i686 architectures), i-macOS (ye-x86_64 kunye ne-ARM64, kuquka inkxaso ye-Apple M1 chip) kunye ne-Windows (x64 kunye ne-win32). Ukongeza, ukupapashwa kwemifanekiso yesikhongozeli esisemthethweni kwi-Docker Hub sele iqalile (imifanekiso inikezelwa zombini kunye nangaphandle kwesiseko sedatha yesignesha eyakhelwe-ngaphakathi). Kwixesha elizayo, ndicwangcise ukupapasha iiphakheji ze-RPM kunye ne-DEB ye-ARM64 yokwakha kunye neendibano zeposi ze-FreeBSD (x86_64).
Uphuculo oluphambili kwiClamAV 0.104:
- Ukutshintshela ekusebenziseni inkqubo yendibano yeCMake, ubukho bayo ngoku obufunekayo ukwakha iClamAV. Izixhobo ze-Autotools kunye ne-Visual Studio yokwakha iinkqubo ziye zayekiswa.
- Amacandelo e-LLVM awakhelwe kunikezelo asusiwe kuxhamlo lokusetyenziswa kwamathala eencwadi angaphandle e-LLVM. Ngexesha lokusebenza, ukucubungula iisignesha kunye ne-bytecode eyakhelwe-ngaphakathi, ngokungagqibekanga itoliki ye-bytecode isetyenzisiweyo, engenayo inkxaso ye-JIT. Ukuba ufuna ukusebenzisa i-LLVM endaweni yetoliki ye-bytecode xa usakha, kufuneka ucacise ngokucacileyo iindlela eziya kumathala eencwadi e-LLVM 3.6.2 (inkxaso yokukhutshwa okutsha kucetywa ukuba kongezwe kamva)
- Iinkqubo ze-clamd kunye ne-freshclam ngoku ziyafumaneka njengeenkonzo zeWindows. Ukufakela ezi nkonzo, ukhetho "--fakela-inkonzo" lunikiwe, kwaye ukuqalisa ungasebenzisa "umnatha wokuqala [igama]" umyalelo.
- Ukhetho olutsha lokuskena longezwe olulumkisa malunga nokudluliselwa kweefayile zegraphic ezonakalisiweyo, apho iinzame ezinokubakho zinokwenziwa ukuxhaphaza ubuthathaka kwiilayibrari zegraphic. Uqinisekiso lwefomathi luphunyeziwe kwiJPEG, TIFF, PNG kunye neefayile zeGIF, kwaye yenziwe ngeAlertBrokenMedia isethingi kwi-clamd.conf okanye "--alert-broken-media" ukhetho lomyalelo kwi-clamscan.
- Iintlobo ezintsha ezifakiweyo CL_TYPE_TIFF kunye CL_TYPE_JPEG ukuze zingqinelane nenkcazelo yeGIF kunye neefayile zePNG. I-BMP kunye ne-JPEG 2000 iindidi ziyaqhubeka ukuchazwa njenge-CL_TYPE_GRAPHICS kuba ulwahlulo lwefomathi aluxhaswanga kuzo.
- I-ClamScan yongeze isalathisi esibonakalayo senkqubela phambili yokulayishwa kwesiginitsha kunye nokuhlanganiswa kwe-injini, eyenziwa ngaphambi kokuba ukuskena kuqale. Isalathisi asiboniswa xa siqaliswa ngaphandle kwe-terminal okanye xa enye yeenketho "--debug", "-quiet", "-infected", "-akukho-summary" icacisiwe.
- Ukubonisa inkqubela, i-libclamav yongeze iifowuni zokufowunela cl_engine_set_clcb_sigload_progress(), cl_engine_set_clcb_engine_compile_progress() kunye ne-injini yasimahla: cl_engine_set_clcb_engine_free_progress(), apho izicelo zinokulandelela kwaye zisayine inqanaba lokulayisha uqikelelo lwexesha lokulayisha kwangaphambili.
- Inkxaso eyongeziweyo yesigqubuthelo sokufomatha imaski "%f" kukhetho lweVirusEvent ukufaka indawo yendlela kwifayile apho intsholongwane ifunyenwe khona (ifana ne "% v" imaski enegama lentsholongwane echongiweyo). Kwi-VirusEvent, ukusebenza okufanayo kukwafumaneka nge-$CLAM_VIRUSEVENT_FILENAME kunye ne-$ CLAM_VIRUSEVENT_VIRUSNAME eguquguqukayo.
- Ukusebenza okuphuculweyo kwemodyuli yokungapakishi yeskripthi ye-AutoIt.
- Inkxaso eyongeziweyo yokukhupha imifanekiso kwiifayile ze-*.xls (Excel OLE2).
- Kuyenzeka ukukhuphela i-Authenticode hashes ngokusekelwe kwi-algorithm ye-SHA256 ngohlobo lwe-*.cat iifayile (ezisetyenziselwa ukungqininisa iifayili eziphunyeziweyo ze-Windows ezisayinwe ngokwamanani).
umthombo: opennet.ru