Masu haɓaka aikin Fedora sun ba da sanarwar jinkirta sakin Fedora 37 zuwa Nuwamba 15 saboda buƙatar kawar da mummunan rauni a cikin ɗakin karatu na OpenSSL. Tun da bayanai game da ainihin raunin za a bayyana shi ne kawai a ranar 1 ga Nuwamba kuma ba a san tsawon lokacin da za a ɗauka don aiwatar da kariya a cikin rarraba ba, an yanke shawarar jinkirta sakin da makonni 2. Wannan ba shine karo na farko da aka sa ran ranar saki na Fedora 37 a ranar 18 ga Oktoba, amma an dage shi sau biyu (zuwa Oktoba 25 da Nuwamba 1) saboda gazawar cika ka'idoji masu inganci.
A halin yanzu, batutuwa 3 sun kasance ba a gyara su a cikin ginin gwaji na ƙarshe kuma ana rarraba su azaman toshe fitarwa. Baya ga buƙatar gyara rashin ƙarfi a cikin openssl, kwin composite manager yana rataye lokacin fara zaman KDE Plasma na tushen Wayland lokacin da aka saita yanayin zuwa nomodeset (na asali zane) a cikin UEFI, kuma aikace-aikacen gnome-calendar yana daskarewa lokacin gyara maimaituwa. abubuwan da suka faru.
Mummunan rauni a cikin OpenSSL yana shafar reshen 3.0.x kawai; Fitowar 1.1.1x ba ta da tasiri. An riga an yi amfani da reshen OpenSSL 3.0 a cikin irin wannan rarraba kamar Ubuntu 22.04, CentOS Stream 9, RHEL 9, OpenMandriva 4.2, Gentoo, Fedora 36, Debian Testing/Unstable. A cikin SUSE Linux Enterprise 15 SP4 da openSUSE Leap 15.4, fakiti tare da OpenSSL 3.0 suna samuwa na zaɓi, fakitin tsarin suna amfani da reshen 1.1.1. Debian 1, Arch Linux, Void Linux, Ubuntu 11, Slackware, ALT Linux, RHEL 20.04, OpenWrt, Alpine Linux 8 sun kasance akan rassan OpenSSL 3.16.x.
An rarraba rashin lafiyar a matsayin mai mahimmanci; har yanzu ba a bayar da cikakkun bayanai ba, amma dangane da tsananin matsalar tana kusa da rashin lafiyar Zuciya mai ban sha'awa. Muhimmin matakin haɗari yana nuna yuwuwar kai hari mai nisa akan daidaitattun jeri. Matsalolin da ke haifar da leaks mai nisa na abun ciki na ƙwaƙwalwar uwar garken, aiwatar da lambar mai hari, ko daidaita maɓallan sirri na uwar garken ana iya rarraba su da mahimmanci. Za a buga facin OpenSSL 3.0.7 wanda ke gyara matsalar da bayani game da yanayin raunin a ranar 1 ga Nuwamba.
source: budenet.ru