Emahoreni ambalwa adlule, iCanonical ishicilelwe umbiko lapho ekhuluma khona nge ukuba sengozini ku-Ghostscript Ithinta zonke izinhlobo ze-Ubuntu ezisasekelwa kumjikelezo wazo wokuphila ojwayelekile. Njengamanje, lezo zinguqulo ziyi-Ubuntu 19.04 Disco Dingo, Ubuntu 18.04 LTS Bionic Beaver, ne-Ubuntu 16.04 LTS Xenial Xerus. Isoftware ethintekile yi- "ghostscript - PostScript kanye notolika we-PDF" futhi nezimagqabhagqabha zilungisa isilinganiselo se-4 CVE.
Ukuba sengozini okutholakele futhi sekuvele kwalungiswa yilawa mafayela we- I-CVE-2019-14811, I-CVE-2019-14812, I-CVE-2019-14813 y I-CVE-2019-14817, bonke baphathwa njengo ukuphuthuma okuphakathi. Bobane babelana kakhulu ngencazelo echaza 'I-ByPass Yemodi Ephephile ngokuvezwa .forceput in» .pdf_hook_DSC_Creator, setuserparams, amasethi y.umabhebhana ngokulandelana. Amaphakeji azovuselelwa angama- i-ghostscript - 9.26 ~ dfsg + 0-0ubuntu7.3 y libgs9 – 9.26~dfsg+0-0ubuntu7.3 ku-Ubuntu 19.04, i-ghostscript - 9.26 ~ dfsg + 0-0ubuntu0.18.04.11 y libgs9 – 9.26~dfsg+0-0ubuntu0.18.04.11 ku-Ubuntu 18.04 naku- i-ghostscript - 9.26 ~ dfsg + 0-0ubuntu0.16.04.11 y libgs9 – 9.26~dfsg+0-0ubuntu0.16.04.11 ku-Ubuntu 16.04.
Ukuba sengozini kweGhostscript kufikile eceleni komunye ku-Ceph
Lokhu kuba sengozini ku-Ghostscript akuyona ukuphela kwe-Canonical okukhishwe namuhla. Ngemuva kwesikhashana ubuye wabika enye, kulokhu ku «ceph - kusatshalaliswe isitoreji nohlelo lwefayela«, Okuthinta Ubuntu 19.04 kanye no-Ubuntu 18.04. Iphutha elilungisiwe nelivele selilungisiwe yi- I-CVE-2019-10222 futhi imininingwane ngobunye ubungozi bokuphuthuma okuphakathi lapho ceph ibingasetshenziselwa ukuzibamba uma ithola ithrafikhi yenethiwekhi eyenziwe ngobuciko. Umhlaseli okude angasebenzisa leli phutha ukudala ukwenqatshwa kwensiza (DoS). Amachashazi azosetshenziswa kuleli cala yiwona ceph - 13.2.6-0ubuntu0.19.04.3 y I-radosgw - 13.2.6-0ubuntu0.19.04.3 ku-Ubuntu 19.04 naku- ceph - 12.2.12-0ubuntu0.18.04.2 y I-radosgw - 12.2.12-0ubuntu0.18.04.2 ku-Ubuntu 18.04.
Onke ama-patches asevele etholakala njengesibuyekezo, ngakho-ke ukuwasebenzisa nokuzivikela ebucayini okukhulunywe ngawo kule ndatshana kulula njengokuvula uhlelo lokusebenza lweSoftware Update noma yisiphi isikhungo se-software futhi sebenzisa izibuyekezo.
Okujwayelekile, kufanele sigcine Ubuntu bethu buvuselelwe kahle futhi asikho isizathu sokukhathazeka. Siyabonga ngolwazi.