Kwanakin baya da masu binciken tsaro daga kamfanin kasar Sin Tencent sun gabatar da sabon abu sigar wani jerin yanayin rauni (CVE-2019-13734) wanda suka sanya masa suna Magellan 2.0, wanda aka bayyana bayan shekara guda da sati daya da bayyana jerin lamuran Magellan a cikin 2018.
Magellan 2.0 yana ba da damar cimma lambar aiwatarwa yayin sarrafa DBMS SQLite na wani nau'i na bayanan SQL. Raunin yanayin sananne ne saboda yana ba ku damar kai hari nesa Mai bincike na Chrome kuma sami iko akan tsarin mai amfani lokacin bude shafukan yanar gizo wanda mai kai hare hare ke sarrafawa. Baya ga nasarar aiwatar da aikin SQLite, maharin na iya rasa shirin ƙwaƙwalwar ajiya kuma ƙarshe yana haifar da haifar da haɗarin shirin.
Harin zuwa Chrome / Chromium ana aiwatar dashi ta hanyar WebSQL API, wanda direbansa ya dogara da lambar SQLite. Kai hari kan wasu aikace-aikacen yana yiwuwa ne kawai idan sun ba da izinin canja wurin ginin SQL daga waje zuwa SQLite, misali, suna amfani da SQLite a matsayin tsari don musayar bayanai. Ba a shafa Firefox ba, yayin da Mozilla ta ƙi aiwatar da WebSQL don goyon bayan IndexedDB API.
"Tenungiyar ta Tencent Blade Team ce ta gano waɗannan halayen kuma sun tabbatar da cewa za su iya yin amfani da lambar kode mai nisa a cikin aikin fassarar Chromium", saukar da Tencent a cikin talla.
Kamar yadda sanannen rumbun adana bayanai, SQLite ana amfani dashi ko'ina cikin duk tsarin aiki da software na zamani, don haka wannan yanayin rauni yana da tasiri mai yawa. SQLite da Google sun tabbatar kuma sun gyara waɗannan halayen. Ba za mu bayyana wani cikakken bayani game da matsalar rashin lafiyar ba a wannan lokacin, kuma muna matsa wa wasu dillalai da su gyara wannan matsalar cikin gaggawa. "
Magellan na iya shafar masu bincike tare da kunna WebSQL wanda ya sadu da ɗayan sharuɗɗa masu zuwa:
Chrome / Chromium kafin sigar 79.0.3945.79 (daga nan "sigar da ta gabata").
- Devicesananan na'urori masu amfani da tsofaffin sigar Chrome / Chromium.
- Masu binciken da aka gina tare da tsofaffin sifofin Chromium / Webview.
- Aikace-aikacen Android waɗanda ke amfani da tsofaffin sigar gidan yanar gizo kuma suna iya samun damar kowane shafin yanar gizo.
- Manhaja wacce take amfani da tsohuwar tsohuwar hanyar Chromium kuma tana iya samun damar kowane shafin yanar gizo.
Har ila yau, SQLite kuma ya gano ƙananan batutuwa masu haɗari 4 (CVE-2019-13750, CVE-2019-13751, CVE-2019-13752, CVE-2019-13753), hakan na iya haifar da zubewar bayanai da ƙuntatawa (ana iya amfani dashi azaman abubuwan haɗi don afkawa Chrome).
Duk da haka, Kungiyar Tencent ta ce masu amfani ba su da dalilin damuwa, kamar yadda suka riga sun yi rahoton waɗannan batutuwan ga Google da ƙungiyar SQLite.
Kamar yadda na SQLite 3.26.0, Ana iya amfani da yanayin SQLITE_DBCONFIG_DEFENSIVE azaman mafita madadin don kariya, wanda ya hana rubutu akan teburin inuwa kuma ana bada shawarar hada shi yayin aiwatar da tambayoyin SQL na waje a cikin SQLite.
Kamfanin tsaron China zai saki ƙarin cikakkun bayanai game da rauni a cikin Magellan 2.0 a cikin watanni masu zuwa. Daga yanzu, dole ne masu haɓaka su sabunta aikace-aikacen su.
Google ya gyara batun a cikin fitowar Chrome 79.0.3945.79. A cikin SQLite codebase, an daidaita batun a ranar Nuwamba 17th kuma a cikin Chromium codebase a ranar Nuwamba 21st.
Duk da yake don SQlite matsalar tana cikin lambar injin binciken rubutu Cikakken FTS3 kuma ta hanyar amfani da teburin inuwa (teburin inuwa, nau'ikan keɓaɓɓun tebura mai iya rubutu), kuna iya haifar da lalata cin hanci da ɓoyewa. Za a buga cikakken bayani kan dabarun aiki a cikin kwanaki 90.
Sabon sigar SQLite tare da gyara ba a samar dashi ba tukuna, wanda aka tsara za a sake shi a ranar 31 ga Disamba).
A cikin rarrabawa, yanayin rauni a cikin laburaren SQLite ya kasance ba a haɗa shi akan Debian, Ubuntu, RHEL, openSUSE / SUSE, Arch Linux, Fedora.
Chromium akan duk rarraba an riga an sabunta shi kuma bashi da rauni, amma matsalar na iya rufe masu bincike na wasu daban da aikace-aikacen da suke amfani da injin Chromium, da kuma aikace-aikacen Android masu tushen Webview.
Source: https://blade.tencent.com