ProHoster > Блог > labaran intanet > BudeSSH 8.6 saki tare da gyara rauni

BudeSSH 8.6 saki tare da gyara rauni

An buga sakin OpenSSH 8.6, buɗe aikace-aikacen abokin ciniki da sabar don aiki ta amfani da ka'idojin SSH 2.0 da SFTP. Sabuwar sigar tana kawar da rauni a cikin aiwatar da umarnin LogVerbose, wanda ya bayyana a cikin sakin da ya gabata kuma yana ba ku damar haɓaka matakin ɓoye bayanan da aka zubar a cikin log ɗin, gami da ikon tacewa ta samfuri, ayyuka da fayilolin da ke da alaƙa da lambar da aka kashe. tare da sake saitin gata a cikin keɓantaccen tsari na sshd a cikin yanayin sandbox.

Maharin da ya sami ikon sarrafa tsari mara amfani ta amfani da wasu raunin da ba a sani ba tukuna zai iya amfani da batun LogVerbose don ketare sandboxing da kai hari kan tsarin da ke gudana tare da manyan gata. Ana ganin raunin LogVerbose ba zai iya faruwa a aikace ba saboda an kashe saitin LogVerbose ta tsohuwa kuma ana amfani da shi ne kawai yayin gyarawa. Har ila yau harin yana buƙatar nemo sabon rauni a cikin wani tsari mara gata.

Canje-canje a cikin OpenSSH 8.6 ba su da alaƙa da raunin:

  • An aiwatar da sabon tsawaita yarjejeniya a cikin sftp da sftp-server"[email kariya]", wanda ke bawa abokin ciniki na SFTP damar samun bayanai game da ƙuntatawa da aka saita akan uwar garken, gami da iyaka akan matsakaicin girman fakiti da rubutu da karanta ayyukan. A cikin sftp, ana amfani da sabon tsawo don zaɓar mafi kyawun girman toshe lokacin canja wurin bayanai.
  • An ƙara saitin ModuliFile zuwa sshd_config don sshd, yana ba ku damar tantance hanyar zuwa fayil ɗin "moduli" mai ɗauke da ƙungiyoyi don DH-GEX.
  • An ƙara canjin yanayi TEST_SSH_ELAPSED_TIMES zuwa gwaje-gwajen raka'a don ba da damar fitar da lokacin da ya wuce tun lokacin da aka gudanar da kowace gwaji.
  • An raba ma'aunin buƙatun kalmar sirri na GNOME zuwa zaɓuɓɓuka biyu, ɗaya don GNOME2 da ɗaya don GNOME3 (contrib/gnome-ssk-askpass3.c). Bambancin don GNOME3 don inganta dacewar Wayland yana amfani da kira zuwa gdk_seat_grab() lokacin sarrafa maɓalli da kama linzamin kwamfuta.
  • An ƙara ƙira mai laushi na tsarin fstatat64 zuwa akwatin yashi na tushen seccomp-bpf da aka yi amfani da shi a cikin Linux.

source: budenet.ru

Add a comment