Abubuwan Canonical har zuwa 7 Apache HTTP Server rauni a cikin dukkan nau'ikan Ubuntu masu goyan baya

Pablinux

2 minti

Sabar HTTP ta Apache mara tsaro

Da kaina, Ina tsammanin kamar yawancinku: babu wani abin damuwa. Ubuntu, kamar kowane rarraba Linux gabaɗaya, tsarin aiki ne mai amintacce, a wani ɓangare na godiya ga jama'ar da ke taimakawa wajen gyara kwari da zaran an gano su. Hakanan, Canonical babban kamfani ne wanda ke amsawa a cikin kwanaki, idan ba awanni ba, amma wannan shafi ne game da Ubuntu kuma wani lokacin dole ne mu bayar da rahoton kuskuren tsaro, kamar 7 Apache HTTP Server rauni cewa kamfanin da ke tafiyar da Mark Shuttleworth ya riga ya gyara.

Kamar dai sun bayar da rahoto a kan shafin tsaro na Ubuntu, bug din yana shafar (ba) duk nau'ikan Ubuntu har yanzu suna jin daɗin tallafi a tsarin rayuwarsu ta yau da kullun, waɗanda sune Ubuntu 19.04, Ubuntu 18.04 LTS, da Ubuntu 16.04 LTS. Mun ambaci "a cikin tsarin rayuwarta ta yau da kullun" saboda a halin yanzu akwai wasu nau'ikan guda biyu da ake tallafawa, Ubuntu 14.04 da Ubuntu 12.04 waɗanda suke cikin matakin ESM (Tsare Tsaron Tsaro), wanda ke nufin cewa har yanzu suna karɓar wasu facin tsaro.

Kuskuren HTTP na Apache an gyara a ranar 29 ga Agusta

Kamar yadda aka ambata, Canonical ya gyara har zuwa 7 Apache HTTP Server tsaro flaws: CVE-2019-0197, CVE-2019-10081, CVE-2019-10082, CVE-2019-10097 y CVE-2019-9517 mai amfani da nesa zai iya amfani dashi don haifar da ƙin sabis, a game da ɓangare na uku har ma fallasa bayanai masu mahimmanci. da CVE-2019-10092 na iya ƙyale maharan nesa don aiwatar da hare-haren wuce gona da iri (XSS). Kuma da CVE-2019-10098 maharin nesa zai iya amfani dashi don fallasa bayanai masu mahimmanci ko keta wasu ƙuntatawa.

Facin, tuni akwai shi kuma wancan ana iya amfani da shi daga ɗaukaka software saba, suna apache2 - 2.4.38-2ubuntu2.2 y apache2-bin - 2.4.38-2ubuntu2.2 akan Ubuntu 19.04, apache2 - 2.4.29-1ubuntu4.10 y apache2-bin - 2.4.29-1ubuntu4.10 akan Ubuntu 18.04 da apache2 - 2.4.18-2ubuntu3.12 y apache2-bin - 2.4.18-2ubuntu3.12 akan Ubuntu 16.04.

Amma, kamar yadda muka riga muka bayyana, babu wani abin damuwa. Kwarin da aka samo a cikin Linux galibi suna da wahalar amfani kuma kamfanoni kamar Canonical suna saurin gyara su. Abinda ya kamata muyi shine ci gaba da kasancewa da ƙungiyarmu koyaushe.

Canje-canje a cikin Ubuntu: Ghostscript da Ceph
Labari mai dangantaka:
Ana iya amfani da raunin Ghostscript don samun damar fayiloli mara izini a cikin Ubuntu

Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Wanda ke da alhakin bayanan: Miguel Ángel Gatón
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.