Ngale njikalanga, iCanonical ipapashiwe ingxelo apho zichaziwe Iimpazamo ezi-5 zokhuseleko kwi-openjpeg2 -JPEG 2000 yonciphiso lwethala leencwadi elinokubangela ukuba Ubuntu buphazamise okanye bube mbi. Ekuqaleni, iziphene ezifumaneka kwi- I-OpenJPEG ichaphazela kuphela Ubuntu 18.04 LTS, ke ezinye iinguqulelo ezisemthethweni ezisenenkxaso esemthethweni ziya kukhutshwa, eziyi-Ubuntu 16.04 Xenial Xerus (zilungisiwe ngaphambili) kunye no-Ubuntu 19.04, inguqulelo yamvanje yenkqubo yokusebenza yeCanonical ekhutshiweyo ku-Epreli ophelileyo.
Ngokungafaniyo nabanye abaphandi bezokhuseleko abakhupha ukuba semngciphekweni ngaphambi kokuba balungiswe, iCanonical ikhupha kuphela iziphene emva kokukhutshwa kwamabala. Zizonke i-5 bugs zilungisiwe kwaye zonke zinokusetyenziselwa ukwenza ukwaliwa kwenkonzo (DoS). Kwesinye isigwebo, bayayichaza loo nto inokuvumela ukwenziwa kwekhowudi ekude.
I-OpenJPEG bug inokuvumela ukwenziwa kwekhowudi ekude
Ukulungiswa kwe-bugs yile:
- I-CVE-2017-17480: I-OpenJPEG ifunyenwe ekuphatheni kakubi iifayile ezithile zePGX. Umhlaseli unokusebenzisa le mpazamo ukwenza ukwaliwa kwenkonzo okanye ukwenza ikhowudi ekude.
- I-CVE-2018-14423: I-OpenJPEG ifunyenwe ukuba iphathe ngokungachanekanga iifayile ezithile. Umhlaseli unokusebenzisa le mpazamo ukwenza ukwaliwa kwenkonzo.
- I-CVE-2018-18088: I-OpenJPEG ifunyenwe ukuba iphathe ngokungachanekanga iifayile ezithile ze-PNM. Umhlaseli unokusebenzisa le mpazamo ukwenza ukwaliwa kwenkonzo.
- I-CVE-2018-5785 y I-CVE-2018-6616: I-OpenJPEG ibiphethe ngokungachanekanga ezinye zeefayile ze-BMP. Umhlaseli unokusebenzisa isiphoso ukwenza ukwaliwa kwenkonzo.
Iimpawu ezilungisa ezi bugs zi-5 sele zifumaneka kwiindawo zokugcina ezisemthethweni Ubuntu 18.04 LTS. Iifayile zokufakelwa zezi libopenjp2-7 – 2.3.0-2build0.18.04.1, libopenjp3d7 – 2.3.0-2build0.18.04.1 kunye libopenjpip7-2.3.0-2build0.18.04.1. Ukwenza oku, vula uvule iNkqubo yoVavanyo lweSoftware okanye amaziko ahlukeneyo esoftware akhoyo kunye nokuhlaziya iiphakheji ezichaziweyo.