Akukho sistim esebenzayo egqibeleleyo, kwaye akukho software ekhululekile ekuqulatheni ubuthathaka. Kule veki, iCanonical ipapashe ezininzi Python, ulwimi oludumileyo lwenkqubo yesoftware enokusebenza kuyo nayiphi na inkqubo yokusebenza, nokuba yiLinux, macOS, Windows okanye iiselfowuni kunye ne-Intanethi yeZinto (IoT). Njengesiqhelo, inkampani ephuhlisa inkqubo yokusebenza enika igama layo kule bhlog ipapashe lonke ulwazi emva kokuba ilungise iingxaki.
Ubuthathaka buchaphazela zonke iinguqulelo ze-Ubuntu ezonwabela inkxaso esemthethweni, ekhoyo ngoku Ubuntu 19.04 Disco Dingo, Ubuntu 18.04 Bionic Beaver kunye ne-Ubuntu 16.04 Xenial Xerus, nangona zingachaphazeli zonke iinkqubo zokusebenza. Iyonke, Ama-8 asengozini alungisiwe, ezintandathu kuzo ziphambili ngokubaluleka kwaye ezimbini ziphantsi kokubaluleka. Akukho nanye echaphazela Ubuntu 19.10, eya kukhutshwa phakathi ku-Okthobha. OLUHLAZIYIWEYOKukho neepetshi ze-Ubuntu 14.04 ESM kunye ne-Ubuntu 12.04 ESM.
Ubuthathaka bePython bulungiswe kule veki
- I-CVE-2018-20406-Ngokuphatha kakubi ezinye iifayile zepickle, umhlaseli unokusebenzisa esi siphene ukuze atye imemori ngokukhanyela inkonzo (DoS). Le bug ichaphazela kuphela Ubuntu 16.04 kunye no-Ubuntu 18.04.
- I-CVE-2018-20852-Umhlaseli unokukhohlisa iPython ngokuthumela iikuki kwisizinda esingalunganga, kuba iPython ibiqinisekisa ngokungalunganga isizinda xa iphethe iikuki.
- I-CVE-2019-10160 y I-CVE-2019-9636: I-Python iphathwe ngokungalunganga kwi-Unicode encryption ngexesha le-NFKC eqhelekileyo. Umhlaseli unokusebenzisa oku ukufumana ulwazi olubuthathaka.
- I-CVE-2019-5010: I-Python iluphethe ngendlela engafanelekanga ucazululo lwezatifikethi ze-X509 ezithile. Umhlaseli unokusebenzisa oku kubangela ukuba iPython iphahlazeke, okukhokelela ekukhanyeni kwenkonzo (DoS). Le bug ichaphazele Ubuntu 18.04 kunye no-Ubuntu 16.04.
- I-CVE-2019-9740 y I-CVE-2019-9947- Ngokuphatha kakubi ezinye ii-url, umhlaseli unokusebenzisa oku ukwenza uhlaselo lwe-CRLF yokutofa.
- I-CVE-2019-9948: I-Python ayiphathanga kakuhle i local_file: iskimu, into enokusetyenziswa ngumhlaseli okude ukugqitha iindlela zoluhlu lwabamnyama.
Njengoko sele sichazile, iCanonical sele ilungisile bonke ubuthathaka obukhankanywe kweli nqaku, zombini ku-Ubuntu 19.04, Ubuntu 18.04 kunye no-Ubuntu 16.04. Ekuphela kwento ekufuneka siyenzile kukuvula iziko lesoftware (okanye uhlaziyo lweapp yokuhambisa kwethu) kunye sebenzisa uhlaziyo. Nje ukuba ifakwe, ikhompyuter iya kufuneka iqalwe kwakhona ukuqinisekisa ukuba iipetshi ziyasebenza.