I-Cisco ishicilele ukukhishwa okusha kwephakheji ye-antivirus yamahhala i-ClamAV 1.0.1, 0.105.3 kanye ne-0.103.8, eqeda ubungozi obubalulekile (CVE-2023-20032) obungaholela ekusetshenzisweni kwekhodi lapho uskena amafayela anezithombe zediski eziklanywe ngokukhethekile Ifomethi ye-ClamAV HFS+.
Ukuba sengozini kubangelwa ukushoda kokuhlolwa okufanele kosayizi we-buffer, okuvumela ukuthi ubhale idatha yakho endaweni engaphezu komngcele we-buffer futhi uhlele ukukhishwa kwekhodi ngamalungelo enqubo ye-ClamAV, isibonelo, ukuskena amafayela akhishwe kuwo. izincwadi kuseva yemeyili. Ukushicilelwa kwezibuyekezo zephakheji ekusabalaliseni kungalandelelwa emakhasini: Debian, Ubuntu, Gentoo, RHEL, SUSE, Arch, FreeBSD, NetBSD.
Ukukhishwa okusha kuphinde kulungise okunye ukuba sengozini (CVE-2023-20052) okungavuza okuqukethwe kunoma imaphi amafayela kuseva afinyelelwa yinqubo yokuskena. Ukuba sengozini kwenzeka lapho kudluliswa amafayela aklanywe ngokukhethekile ngefomethi ye-DMG futhi kubangelwa iqiniso lokuthi umhlahleli, phakathi nenqubo yokuhlaziya, uvumela ukushintshwa kwezinto zangaphandle ze-XML ezikhonjwe kufayela le-DMG elihlukanisiwe.
Source: opennet.ru