Kamfanin Oracle shirin sakin sabuntawa ga samfuran sa (Critical Patch Update), da nufin kawar da matsaloli masu mahimmanci da lahani. A cikin sabuntawar Yuli, jimlar .
A cikin batutuwa An gyara matsalolin tsaro guda 10. Ana iya amfani da raunin rauni guda 9 daga nesa ba tare da tantancewa ba. Mafi girman matakin tsanani da aka sanya shine 6.8 (rauni a cikin libpng). Ba a gano manyan batutuwa masu mahimmanci ko mahimmanci waɗanda za su ba da damar mai amfani da ba shi da tabbas akan hanyar sadarwar don yin sulhu da aikace-aikacen Java SE.
Baya ga batutuwan da ke cikin Java SE, an bayyana lahani a cikin wasu samfuran Oracle, gami da:
- a cikin MySQL (mafi girman girman matakin 9.8, yana nuna matsala mai mahimmanci). Matsala mafi hatsari
() hade da a cikin NTLM code parsing code a cikin ɗakin karatu na libcurl, wanda za a iya amfani da shi don kai hari ga uwar garken MySQL ta wani mai amfani mara inganci. Kusan duk wasu matsalolin suna bayyana ne kawai idan akwai ingantacciyar damar shiga DBMS. Iyakar abin da ke faruwa shine rashin lahani a cikin Shell: Admin / InnoDB Cluster, wanda aka sanya madaidaicin matakin 7.5. Za a gyara al'amura a cikin sakewa . - a cikin VirtualBox, wanda 3 suna da haɗari sosai (CVSS Score 8.2 da 8.8). An gyara lahani a cikin sabuntawa kasancewar an magance matsalolin tsaro ba a tallata shi ba kafin a saki). Ba a bayar da cikakkun bayanai ba, amma, yin hukunci da matakin CVSS, raunin da ke ba da damar yin amfani da lambar a gefen tsarin tsarin daga tsarin tsarin bako an kawar da shi;
- a cikin Solaris (mafi girman girman matakin 9.1 -
Rashin lahani mai alaƙa da IPv6 a cikin kwaya (CVE-2019-5597) yana ba da damar kai hari mai nisa (ba a bayar da cikakkun bayanai ba). Lalacewar biyu kuma suna da matsananciyar matsananciyar matakin 8.8 - al'amurran da za a iya amfani da su a cikin gida a cikin Muhalli na Desktop na gama-gari da kayan aikin abokin ciniki na LDAP. Batutuwa tare da matsananciyar matakin sama da 7 kuma sun haɗa da rashin lahani mai nisa a cikin masu sarrafa ICMPv6 da NFS a cikin kernel na Solaris, da matsalolin gida a cikin tsarin fayil da Gnuplot.
source: budenet.ru