UGoogle ukhuphe uhlaziyo olungxamisekileyo olutsha isikhangeli sakho seGoogle Chrome, apho Inguqulelo entsha engu-79.0.3945.130 ifika ukuze isombulule ubuthathaka abathathu ezazidweliswe njenge ukugxeka kwaye enye yazo ibhekiswe kuyo enye leyo Microsoft lungisa ibug enobungozi enokuthi ivumele umhlaseli ukuba aphange isatifikethi ngokuzenza ngathi sivela kumthombo othembekileyo.
Ukusukela i-Arhente yoKhuseleko kaZwelonke (NSA) yazisa uMicrosoft ngobungozi Ichaphazela Windows 10, Windows Server 2016, Windows Server 2019, kunye yeWindows Server 1803Ngokwengxelo evela kurhulumente.
Malunga nee-bugs ezizinzileyo
Isiphene sichaphazele ukubethelwa kwesiginitsha yedijithali isetyenziselwa ukungqinisisa umxholo, kubandakanya isoftware okanye iifayile. Ukuba iyaqhuma, le mpazamo inokuvumela kubantu abaneenjongo ezimbi thumela umxholo okhohlakeleyo ngokusayina okungamanga okwenza ukuba kubonakale kukhuselekile.
Yiyo loo nto UGoogle ukhuphe uhlaziyo ukusuka kwiChannel 79.0.3945.130, eya kuthi ngoku ifumane izatifikethi ezizama ukuxhaphaza ubungozi I-CryptoAPI yeWindows CVE-2020-0601 ifunyenwe yi-NSA.
Njengoko sele kukhankanyiwe, ukuba semngciphekweni kuvumela abahlaseli ukuba benze i-TLS kunye nezatifikethi zokutyikitya ikhowudi ezizenza ezinye iinkampani zenze uhlaselo lomntu ophakathi okanye olwenza iindawo zobuqhetseba.
Njengoko ii-PoCs zixhaphaza ubungozi be-CVE-2020-0601 sele zikhutshiwe, umshicileli ukholelwa ukuba ngumcimbi wexesha kuphela ngaphambi kokuba abahlaseli baqale ngokulula ukwenza izatifikethi zomgunyathi.
Chrome 79.0.3945.130ngenxa yoko iza kuqhubeka nokuqinisekisa ukuthembeka kwesatifikethi sewebhusayithi ngaphambi kokugunyazisa undwendwe ukuba ungene kule ndawo. URyan Sleevi kaGoogle wongeze ikhowudi yokuqinisekisa utyikityo kabini kwiziteshi eziqinisekisiweyo.
Enye ingxaki abagxeki abalungiswe ngolu hlobo lutsha, Kukungaphumeleli okuvumela onke amanqanaba ukhuseleko lwebrawuza run ikhowudi kwinkqubo, ngaphandle kwendawo ekhuselekileyo nendalo.
Iinkcukacha malunga nokuba sesichengeni kokubaluleka (i-CVE-2020-6378) kusafuneka zityhilwe, kuyaziwa kuphela ukuba kubangelwa ngumnxeba kwindawo esele ikhululwe yememori kwicandelo lokwazisa intetho.
Olunye ubungozi lusonjululwe (I-CVE-2020-6379) ikwanxulunyaniswa nefowuni yebhloko yememori sele ikhutshiwe (Sebenzisa-emva-simahla) kwikhowudi yokwazisa intetho.
Ngelixa umba wempembelelo encinci (i-CVE-2020-6380) ibangelwa yimpazamo yokujonga imiyalezo ye-plugin.
Okokugqibela uSleevi uvumile ukuba eli nyathelo lolawulo aligqibekanga, kodwa lanele okwangoku njengoko abasebenzisi bephumeza uhlaziyo lokhuseleko kwiinkqubo zabo zokusebenza kwaye uGoogle usiya kwizingqinisiso ezingcono.
Ayifezekanga, kodwa olu hlolo lokhuseleko lwanele, lixesha lokuba sidlulele kwesinye isiqinisekiso okanye someleze ukubhloka kweemodyuli ze3P, nditsho nakwiCAPI.
Ukuba ufuna ukwazi ngakumbi ngayo Malunga nohlaziyo olutsha olukhutshwe kwisikhangeli, unokujonga iinkcukacha Kule khonkco ilandelayo.
Uhlaziya njani iGoogle Chrome ku-Ubuntu kunye neziphumo?
Ukuhlaziya isikhangeli kuhlobo olutsha, Inkqubo inokwenziwa ngeendlela ezimbini ezahlukeneyo.
Eyokuqala kubo ukwenza nje uhlaziyo olufanelekileyo kunye nokuphucula ngokufanelekileyo kwisiphelo sendlela (oku kuthathela ingqalelo ukuba wenze ukufakwa kwesikhangeli esongeza indawo yaso kwinkqubo).
Ukwenza le nkqubo, vula nje itheminali (ungayenza ngondlela-mfutshane Ctrl + Alt + T) kwaye kuyo uyokuchwetheza le miyalelo ilandelayo:
sudo apt update sudo apt upgrade
GqibelaEnye indlela kukuba ufake isikhangeli kwiphakheji yedebhu Ukukhuphela kwiwebhusayithi esemthethweni yesikhangeli.
Apha kuya kufuneka uphinde uhambe kwinkqubo efanayo, yokukhuphela iphakheji ye-.deb kwiwebhusayithi kwaye uyifake nge-dpkg package package.
Nangona le nkqubo inokwenziwa kwisiphelo sendlela ngokwenza le miyalelo ilandelayo:
wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb sudo dpkg -i google-chrome * .deb sudo apt-get install -f