Ngemuva kwezinyanga eziyisithupha zokuthuthuka, iCisco ishicilele ukukhululwa kwe-antivirus suite yamahhala i-ClamAV 1.3.0. Lo msebenzi wadlulela ezandleni zeCisco ngo-2013 ngemuva kokuthenga i-Sourcefire, inkampani eyakha i-ClamAV ne-Snort. Ikhodi yephrojekthi isatshalaliswa ngaphansi kwelayisensi ye-GPLv2. Igatsha le-1.3.0 lihlukaniswa njengelivamile (hhayi i-LTS), izibuyekezo ezishicilelwa kuzo okungenani izinyanga ezi-4 ngemva kokukhishwa kokuqala kwegatsha elilandelayo. Amandla okulanda isizindalwazi sesiginesha samagatsha angewona ama-LTS nawo ahlinzekwa okungenani ezinye izinyanga ezi-4 ngemva kokukhishwa kwegatsha elilandelayo.
Ukuthuthukiswa okubalulekile ku-ClamAV 1.3:
- Ukwesekwa okwengeziwe kokukhipha nokuhlola okunamathiselwe okunamathiselwe okusetshenziswe kumafayela e-Microsoft OneNote. Ukuhlaziya kwe-OneNote kunikwe amandla ngokuzenzakalela, kodwa kungakhutshazwa uma kuthanda ngokusetha okuthi "ScanOneNote no" ku-clamd.conf, ucacise inketho yomugqa womyalo "--scan-onenote=no" lapho usebenzisa insiza ye-clamscan, noma ukwengeza ifulegi le-CL_SCAN_PARSE_ONENOTE ku- ipharamitha yezinketho.hlaziya uma usebenzisa i-libclamav.
- Umhlangano we-ClamAV kusistimu yokusebenza efana ne-BeOS i-Haiku isisunguliwe.
- Kwengezwe isheke ku-clamd ukuze uthole ubukhona bohla lwemibhalo lwamafayela esikhashana acaciswe kufayela le-clamd.conf ngomyalelo we-TemporaryDirectory. Uma lolu hlu lwemibhalo lungekho, inqubo manje iphuma ngephutha.
- Lapho usetha ukwakhiwa kwemitapo yolwazi emile ku-CMake, ukufakwa kwemitapo yolwazi emile ibclamav_rust, libclammspack, libclamunrar_iface kanye ne-libclamunrar, esetshenziswa ku-libclamav, kuyaqinisekiswa.
- Kusetshenziswe ukutholwa kohlobo lwefayela kumaskripthi ahlanganisiwe e-Python (.pyc). Uhlobo lwefayela luphasiswa ngendlela yepharamitha yeyunithi yezinhlamvu CL_TYPE_PYTHON_COMPILED, esekelwa ku-clcb_pre_cache, clcb_pre_scan kanye nemisebenzi ye-clcb_file_inspection.
- Usekelo oluthuthukisiwe lokususa ukubethela kwamadokhumenti e-PDF ngephasiwedi engenalutho.
Ngesikhathi esifanayo, kwenziwa izibuyekezo ze-ClamAV 1.2.2 ne-1.0.5, ezalungisa ubungozi obubili obuthinta amagatsha angu-0.104, 0.105, 1.0, 1.1 kanye no-1.2:
- I-CVE-2024-20328 - Amathuba okushintshaniswa komyalo ngesikhathi sokuskena ifayela ku-clamd ngenxa yephutha ekusetshenzisweni komyalelo we- "VirusEvent", osetshenziswa ukwenza umyalo ongekho emthethweni uma kutholwa igciwane. Imininingwane yokuxhashazwa kokuba sengozini ayikadalulwa; okwaziwayo ukuthi inkinga yalungiswa ngokukhubaza usekelo lwepharamitha yokufometha kochungechunge lwe-VirusEvent '%f', eyathathelwa indawo igama lefayela elithelelekile.
Ngokusobala, ukuhlasela kubilisa ekudluliseni igama eliklanywe ngokukhethekile lefayela elinegciwane eliqukethe izinhlamvu ezikhethekile ezingenakuphunyuka lapho kusetshenziswa umyalo ocaciswe ku-VirusEvent. Kuyaphawuleka ukuthi ukuba sengozini okufanayo kwase kulungisiwe kakade ngo-2004 futhi nangokususa usekelo lokushintshwa kwe-'%f', okwabuye kwabuyiswa ekukhishweni kwe-ClamAV 0.104 futhi kwaholela ekuvuselelweni kokuba sengozini okudala. Ebucayini obudala, ukuze wenze umyalo wakho ngesikhathi sokuskena amagciwane, bekufanele udale ifayela elinegama elithi β; mkdir owned" bese ubhala isiginesha yokuhlola igciwane kuyo.
- I-CVE-2024-20290 iwukuchichima kwebhafa kukhodi yokudlulisa ifayela ye-OLE2, engasetshenziswa umhlaseli ongagunyaziwe ukude ukudala ukunqatshelwa kwesevisi (ukuphahlazeka kwenqubo yokuskena). Inkinga ibangelwa ukuhlola ukuphela komugqa okungalungile ngesikhathi sokuskena okuqukethwe, okuholela ekufundeni endaweni engaphandle komngcele webhafa.
Source: opennet.ru