Ranar Gyarawa: Canonical yana Saki faci don Gyara 6 Matsakaici Gaggawa Vulnerabilities

Pablinux

2 minti

Kafaffen rauni

Bayan 'yan awanni da suka gabata mun buga wata magana game da abin da aka sani da Kullewa, sabon tsarin tsaro wanda zaizo tare da Linux 5.4. Daga cikin abin da wannan darasin zai yi dole ne don taimakawa guje wa aiwatar da lambar doka. Misalin da yafi bayyana mahimmancin sa ya iso yau, tun Canonical ya gyara lahani da yawa kuma wasu daga cikinsu za a iya amfani da su don aiwatar da lambar sirri, abin da zai fi wahala bayan fitowar Linux 5.4.

Gaba ɗaya, an gyara su 6 rauni tattara a cikin uku rahotanni: da Saukewa: USN-4142-1 wanda ya shafi Ubuntu 19.04, Ubuntu 18.04 da Ubuntu 16.04, da Saukewa: USN-4142-2 wanda yake daidai da na baya amma ya mai da hankali kan Ubuntu 14.04 da Ubuntu 12.04 (duka a cikin sifofin ESM) da USN-4143-1, wanda ke shafar nau'ikan ukun da har yanzu suke jin daɗin goyon bayan hukuma. Duk lahani ya sanya alama cikin gaggawa.

Abubuwa shida da suka bayyana dalilin da yasa muke damuwa da Kullewa

Abubuwan lalacewa da aka gyara sun kasance masu zuwa:

  • CVE-2019-5094: Akwai yiwuwar aiki da lambar zartarwa a cikin ayyukan fayil ɗin E2fsprogs 1.45.3. Wani bangare na musamman wanda aka kirkira dashi zai iya haifar da rubutaccen izuwa ga tarin, yana haifar da aiwatar da lambar. Mai kai hari Kuna iya lalata bangare don kunna wannan yanayin rauni.
  • CVE-2017-2888: Abun amfani mai amfani da yawa yana aiki lokacin ƙirƙirar sabuwar Matsayin RGB a cikin SDL 2.0.5. Fayil da aka kera shi na musamman na iya haifar da lamba yawo sakamakon ƙananan ƙwaƙwalwar ajiyar da aka ware wanda zai iya haifar da a Buffer ya cika da yuwuwar aiwatar da lambar. Wani mai kawo hari na iya samar da Fayil ɗin hoto an tsara shi musamman don jawo wannan yanayin.
  • CVE-2019-7635, CVE-2019-7636, CVE-2019-7637 y CVE-2019-7638: SDL (Simple DirectMedia Layer) har zuwa 1.2.15 kuma 2.x har zuwa 2.0.9 yana da lBlit1to4 ya fi ƙarfin karatu a cikin bidiyo / SDL_blit_1.c, SDL_GetRGB a cikin bidiyo / SDL_pixels.c, SDL_FillRect a cikin bidiyo / SDL_surface.c da Map1toN a cikin bidiyo / SDL_pixels.c.

Na farko daga cikin na sama yana shafar Ubuntu 19.10 Eoan Ermine, don haka nan ba da jimawa ba za a saki faci don sigar da za a fitar a ranar 17 ga Oktoba. Bayan an shigar da abubuwan sabuntawa, dole ne a sake kunna kwamfutarka don canje-canjen ya fara aiki. Kuma kodayake ba su kasance manyan gazawa ba, Kullewa, Zamu jira ka.


Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Wanda ke da alhakin bayanan: Miguel Ángel Gatón
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.