NgoLwesibini, iMozilla waphosa Inguqulelo entsha yesikhangeli sakho. Sasisazi ukuba isavenge esitsha seFirefox sifike nokhuseleko oluphuculweyo, kuba i-ETP (uKhuselo lokuKhangelwa okuKhokelisiweyo) ibandakanya imisebenzi emitsha eyenziwe yasebenza, kodwa khange sijonge kwicandelo elithetha ngalo izilungiso zokhuseleko, ngokuyinxenye kuba ixesha elininzi bathetha ngeencukuthu ezincinci. Ukuba sijonge kungenxa yeCanonical li papashwe eyabo ingxelo edwelise ukuba semngciphekweni kweCVE eliqela iMozilla elungise kulo Firefox 69.
Ukucacisa ngakumbi, IFirefox 69 i-17 CVE yokuba sesichengeni, Zonke ziphambili ngokubaluleka ngokweCanonical, ezinye zibaluleke kakhulu ngokweMozilla, ezinje nge I-CVE-2019-11741 o I-CVE-2019-9812. I-Canonical ithi iinguqulelo ze-Ubuntu 19.04, 18.04 LTS kunye ne-16.04 LTS zonakalisiwe, kodwa iziphene zokhuseleko ziyavela kwiphepha lewebhu likaMozilla lokhuseleko, ke ndicinga ukuba andiphosakalanga ukuba ndithi zonke iinguqulelo zazo zonke zichaphazele iinkqubo zokusebenza, iLinux okanye hayi.
I-17 isengozini yokungxamiseka okuphakathi ifunyenwe kwiFirefox
- Iziphene kwezokhuseleko CVE-2019-5849, CVE-2019-11734, CVE-2019-11735, CVE-2019-11737, CVE-2019-11738, CVE-2019-11740, CVE-2019-11742, CVE-2019- 11743, I-CVE-2019-11744, i-CVE-2019-11746, i-CVE-2019-11748, i-CVE-2019-11749, i-CVE-2019-11750 kunye ne-CVE-2019-11752 inokusetyenziswa ukuba bayasikhohlisa ekuvuleni iiwebhusayithi eziyilelwe ngokukodwa, ngako oko umhlaseli unokusebenzisa eli nyathelo ukufumana ulwazi olubuthathaka, ukugqitha ukukhuselwa kwe-CSP, ukugqitha kuthintelo lwemvelaphi efanayo, ukwenza uhlaselo lwe-XSS, ukubangela ukungavumi kwenkonzo (DoS), okanye ukwenza ikhowudi engalawulekiyo. Iphakheji epheleleyo, yiza.
- I-CVE-2019-9812 bug inokusetyenziswa ngumhlaseli ngokudibeneyo nolunye umngcipheko wokukhubaza ibhokisi yesanti.
- Ubungozi be-CVE-2019-11741 buya kuvumela umhlaseli, ngokudibanisa nolunye ubungozi, ukumilisela uhlaselo lwe-XSS ukuze uguqule useto lwesikhangeli.
- Kwaye i-CVE-2019-11747 bug iya kuvumela umhlaseli ukuba agqithe kukhuseleko olunikezelwa yi-HSTS.
Ukulungisa zonke ezi bugs, isisombululo silula: sivula iziko lethu lesoftware okanye isicelo soHlaziyo lweSoftware kulwabiwo olusekwe ku-Ubuntu kunye sisebenzisa uhlaziyo. Eyona inomdla kuthi yile "firefox-69.0 + build2-0ubuntu0." + Uhlobo lwenkqubo yokusebenza. Yenze ngoku, kuba kunokwenzeka ntoni.