Onjiniyela Cisco kwenziwa kwaziwa ngenuncio inkululeko la inguqulo entsha yokulungisa iphakethe layo lamahhala le-ClamAV 0.10 lama-antivirus2.4 ukuze uxazulule ukuba sengozini okuthathu okungavumela ukuhlela ukususwa noma ukuhamba kwamafayela wokuphikisana nohlelo.
Kulabo abangazi I-ClamAV kufanele wazi ukuthi lokhu i-antivirus yomthombo ovulekile neplatform (Inezinguqulo zeWindows, GNU / Linux, BSD, Solaris, Mac OS X kanye nezinye izinhlelo ezinjenge-Unix).
I-ClamAV inikeza amathuluzi amaningi we-antivirus akhelwe ngqo ukuskena i-imeyili. Ukwakhiwa kweClamAV kuyabazeka futhi kuyabonga ngenxa yenqubo enemicu eminingi.
Inomqaphi onamandla ohlanganiswe nolayini womyalo namathuluzi wokuvuselela imininingwane ngokuzenzakalela.
Umgomo oyinhloko weClamAV ngu ukufezekiswa kweqoqo lamathuluzi okuthi khomba futhi uvimbele i-malware kwi-imeyili. Elinye lamaphuzu ayisisekelo kulolu hlobo lwesoftware ukushesha indawo nokufakwa kuthuluzi lamagciwane amasha atholakele futhi askenwa.
Lokhu kutholakala ngokubambisana kwezinkulungwane zabasebenzisi abasebenzisa i-ClamAv namasayithi afana ne-Virustotal.com ahlinzeka ngamagciwane askeniwe.
Yini okusha kuClamAV 0.102.4?
Kule nguqulo entsha yeClamAV 0.102.4 Onjiniyela wethule ikhambi lokwehluleka okukhulu okungathathu ezitholakele.
Abokuqala babo bahlelwa njenge-CVE-2020-3350, Ivumela umhlaseli wendawo ongavikelekile ukuthi enze ukususwa kwefayela noma ukunyakaza kusistimu. Leli iphutha elibi kakhulu, ngoba ngokwesibonelo, lingavumela umhlaseli ukuthi asuse umkhombandlela we / etc / passwd ngaphandle kwezimvume ezidingekayo.
Ukuba sengozini kubangelwa isimo somjaho esenzeka lapho kuthwetshulwa amafayela amabi futhi kuvumela umsebenzisi onokufinyelela kwegobolondo kusistimu ukuphazamisa umkhombandlela ohlosiwe ukuskena ngesixhumanisi esingokomfanekiso esikhomba indlela ehlukile.
Isibonelo, umhlaseli angakha umkhombandlela futhi alayishe ifayela ngesiginesha yegciwane lokuhlola, iqamba leli fayela "i-passwd".
Ngemuva kokuqala uhlelo lokuskena igciwane, kepha ngaphambi kokususa ifayela lenkinga, ungafaka esikhundleni senkomba "yokuxhaphaza" ngesixhumanisi esingokomfanekiso ekhomba enkombeni "/ etc", which izokwenza ukuthi i-antivirus isuse ifayela le- / etc / passwd. Ukuba sengozini kuvela kuphela uma usebenzisa i-clamscan, i-clamdscan ne-clamonacc ngenketho "- susa" noma "-susa".
Obunye ubungozi obulungisiwe i-CVE-2020-3327, CVE-2020-3481.
Uma ufuna ukwazi kabanzi ngayo, unga hlola isixhumanisi esilandelayo.
Ungayifaka kanjani iClamAV kuLinux?
Kulabo abanesifiso sokukwazi ukufaka le antivirus kusistimu yabo, bangayenza ngendlela elula futhi lokho I-ClamAV itholakala ngaphakathi kwezinqolobane zokusabalalisa okuningi kwe-Linux.
Endabeni ye-Ubuntu kanye nokutholakala kwayo, ungayifaka kusuka ku-terminal noma esikhungweni sesoftware yohlelo.
Ukuze ukwazi ukufaka kusuka esigungwini kufanele bavule eyodwa kuphela kusistimu yabo (ungakwenza ngesinqamuleli Ctrl + Alt + T) futhi kuyo kuphela kufanele bathayiphe umyalo olandelayo:
sudo apt-get install clamav
Ngendaba yalabo Abasebenzisi be-Arch Linux kanye nokususwayo:
sudo pacman-S clamav
Ngenkathi kulabo abasebenzisa I-Fedora kanye nokuphuma kokunye
sudo dnf install clamav
Vula i-OpenSUSE
sudo zypper install clamav
Futhi ngomumo ngalo, bazobe sebenayo le antivirus efakwe ohlelweni lwabo. Manje njengakuyo yonke i-antivirus, IClamAV nayo ine-database yayo okulandwayo nokuthathayo ukwenza ukuqhathanisa kufayela "lezincazelo". Leli fayela luluhlu olwazisa isithwebuli ngezinto ezingabazekayo.
Njalo njalo kubalulekile ukwazi ukuvuselela leli fayela, esingazivuselela kusuka esigungwini, ukwenza lokhu kalula sikwenze:
sudo freshclam