Onjiniyela besikhulumi seselula se-LineageOS (leyo ethathe indawo yeCyanogenMod) baxwayisa mayelana nokuhlonza wemikhondo eshiywe ekufinyeleleni okungagunyaziwe kwingqalasizinda yakho. Kuyabonakala ukuthi ngehora lesithupha ekuseni (MSK) ngoMeyi 6, umhlaseli ukwazile ukufinyelela kuseva enkulu Isistimu yokuphathwa kokumiswa okuphakathi kwe-SaltStack ngokuxhaphaza ukuba sengozini okungakalungiswa kuze kube manje.
Kubikwa kuphela ukuthi ukuhlaselwa akuzange kuthinte okhiye bokwenza amasiginesha edijithali, uhlelo lokwakha nekhodi yomthombo yesikhulumi. Okhiye babekwa kumsingathi ohluke ngokuphelele kwingqalasizinda enkulu ephethwe ngeSaltStack futhi imihlangano yamiswa ngenxa yezizathu zobuchwepheshe ngo-Ephreli 30.
Uma kubhekwa ngemininingwane esekhasini le-status.lineageos.org, abathuthukisi sebevele babuyisele iseva ngohlelo lokubuyekeza ikhodi lweGerrit, iwebhusayithi kanye newiki. Amaseva anokwakha (kwakha.lineageos.org), i- landa ingosi wamafayela (download.lineageos.org), amaseva eposi kanye nohlelo lokuxhumanisa ukudluliselwa phambili kuzibuko abakhubazekile njengamanje.
Mayelana nesinqumo
Isibuyekezo sikhishwe ngo-Ephreli 29 kusuka kungxenyekazi yeSaltStack 3000.2 futhi ezinsukwini ezine kamuva (2 kaMeyi) ukukhubazeka okubili kwasuswa.
Inkinga ilele lapho, ngobungozi obabikwa, eyodwa yanyatheliswa ngo-Ephreli 30 futhi yanikezwa ingozi ephezulu kakhulu (lapha ukubaluleka kokushicilela imininingwane ezinsukwini ezimbalwa noma emasontweni ambalwa ngemuva kokutholakala kwayo nokukhishwa kwezimagqabhagqabha noma ukulungiswa kwamaphutha).
Njengoba i-bug ivumela umsebenzisi ongagunyaziwe ukuthi enze ukukhishwa kwekhodi ekude njengomphathi olawulayo (i-salt-master) nawo wonke amaseva aphethwe ngayo.
Lokhu kuhlasela kwenziwa ukuthi ichweba lenethiwekhi i-4506 (ukufinyelela i-SaltStack) alizange livinjwe yi-firewall yezicelo zangaphandle nalapho umhlaseli kwakufanele alinde ukuthatha isinyathelo ngaphambi kokuba abathuthukisi be-Lineage SaltStack ne-ekspluatarovat bazame ukufaka isibuyekezo ukulungisa ukwehluleka.
Bonke abasebenzisi beSaltStack bayelulekwa ukuthi bavuselele ngokushesha izinhlelo zabo futhi babheke izimpawu zokugenca.
Ngokusobala, Ukuhlaselwa nge-SaltStack bekungagcini nje ngokuthinta i-LineageOS futhi zasakazeka emini, abasebenzisi abaningana ababengenaso isikhathi sokuvuselela i-SaltStack baqaphela ukuthi izingqalasizinda zabo zonakaliswe yikhodi yokubamba izimayini noma iminyango yangemuva.
Ubuye abike nokugenca okufanayo ku- ingqalasizinda yohlelo lokulawulwa kokuqukethwe Ghost, iniKuthinte amasayithi weGhost (Pro) nokubhila (kusolwa ukuthi izinombolo zamakhadi wesikweletu bezingathinteki, kepha ama-password hashes wabasebenzisi be-Ghost angawela ezandleni zabahlaseli).
- Ukuba sengozini kokuqala (i-CVE-2020-11651) kubangelwa ukuntuleka kwamasheke afanele lapho kubizwa izindlela zesigaba se-ClearFuncs kunqubo yokwenza usawoti. Ukuba sengozini kuvumela umsebenzisi okude ukuthi afinyelele kuzindlela ezithile ngaphandle kokufakazela ubuqiniso. Ikakhulu, ngokusebenzisa izindlela eziyinkinga, umhlaseli angathola ithokheni yokufinyelela kwezimpande kuseva eyinhloko futhi enze noma imuphi umyalo kuma-host asetshenzisiwe aqhuba i-daemon-minion daemon. I-patch ikhishwe ezinsukwini ezingama-20 ezedlule ezilungisa lokhu kuba sengozini, kepha ngemuva kokuvela kohlelo lwayo, kube nezinguquko ezibuyela emuva ezenze ukuphazamiseka kokuvumelanisa kwamafayela nokuphazamiseka.
- Ukuba sengozini kwesibili (CVE-2020-11652) ivumela, ngokusebenzisa ukukhohlisa ngesigaba se-ClearFuncs, ukufinyelela ezindleleni ngokudluliswa kwezindlela ezichazwe ngendlela ethile, engasetshenziselwa ukufinyelela okugcwele kwizikhombisi-ndlela ezingqubuzana ku-FS yeseva eyinhloko enamalungelo empande, kepha idinga ukufinyelela okuqinisekisiwe ( ukufinyelela okunjalo kungatholakala ngokusebenzisa ukuba sengozini kokuqala nokusebenzisa ukuba sengozini kwesibili ukuphazamisa ngokuphelele ingqalasizinda yonke).