Through a blog post, Cisco recently announced the release of the new corrective version of its free antivirus package “ClamAV 1.1.1” , along with which versions 1.0.2 and 0.103.9 have been released.
For those who do not know about ClamAV , you should know that this is an open source and multiplatform antivirus (it has versions for Windows, GNU/Linux, BSD, Solaris, Mac OS X and other Unix-like operating systems).
In the new version of ClamAV 1.1.1 presented, the main novelty is the implementation of the correction of the vulnerability (already cataloged under CVE-2023-20197) that causes a denial of service when scanning ClamAV files with files, especially images. disk formatted in the HFS+ format. This is mentioned to be the second vulnerability in the HFS+ file analyzer this year, as a previous issue allowed code to be executed with the rights of the ClamAV process and was recognized by the Pwnie Awards as the best remote code execution vulnerability of the year.
Other changes that stand out are that the CMake build system was improved to support compilation with OpenSSL 3.x on macOS with the Xcode toolchain. Official ClamAV installers and packages are now built with OpenSSL 3.1.1 or later.
In addition to this, it is also mentioned that a compilation issue was fixed when using Rust’s nightly toolchain, which affected the oss -fuzz build environment used for regression testing, in addition to a compilation issue in Windows when using Rust version 1.70 or later.
As for the changes in the ClamAV 1.0.2 version, in addition to also correcting the CVE-2023-20197 vulnerability, this version comes by correcting a specific vulnerability in the 1.0.x branch (cataloged under CVE-2023-20212) that resulted in a denial of service when parsing AutoIt data.
Non-security fixes include:
Finally, if you are interested in learning more about it, you can consult the details in the following link.
For those who are interested in being able to install this antivirus on their system, they will be able to do so in a fairly simple way and ClamAV is found within the repositories of most Linux distributions .
In the case of Ubuntu and its derivatives, you can install it from the terminal or from the system software center. If you choose to install with the Software Center, you just have to search for “ClamAV” and the antivirus should appear and the option to install it.
Now, for those who choose the option of being able to install from the terminal, they only have to open one on their system (they can do it with the Ctrl + Alt + T key shortcut) and in it they only have to type the following command:
sudo apt-get install clamav
And with that done, you will have this antivirus installed on your system. Now, like any antivirus, ClamAV also has its database which it downloads and uses to make comparisons in a “definitions” file. This file is a list that informs the scanner about questionable items.
From time to time it is important to be able to update this file , which we can update from the terminal, to do this simply run:
sudo freshclam
If for any reason you want to remove this antivirus from your system, just type the following in a terminal:
sudo apt remove --purge clamav
One of the most critical gaps in traditional Large Language Models (LLMs) is that they…
Canonical is continuously hiring new talent. Being a remote- first company, Canonical’s new joiners receive…
What is patching automation? With increasing numbers of vulnerabilities, there is a growing risk of…
Wouldn’t it be wonderful to wake up one day with a desire to explore AI…
Ubuntu and Ubuntu Pro supports Microsoft’s Azure Cobalt 100 Virtual Machines (VMs), powered by their…
Welcome to the Ubuntu Weekly Newsletter, Issue 870 for the week of December 8 –…