toolkit tso tawm (GNU Privacy Guard), tau tshaj OpenPGP cov qauv () thiab S/MIME, thiab muab cov khoom siv rau cov ntaub ntawv encryption, ua haujlwm nrog kev kos npe hauv hluav taws xob, kev tswj xyuas qhov tseem ceeb thiab kev nkag mus rau cov khw muag khoom tseem ceeb rau pej xeem. Tus tshiab version kho qhov teeb meem tseem ceeb (), uas tshwm sim pib los ntawm version 2.2.21 thiab yog siv thaum importing tus yuam sij OpenPGP tshwj xeeb.
Ntshuam tus yuam sij nrog cov npe tshwj xeeb tsim loj ntawm AEAD algorithms tuaj yeem ua rau array overflow thiab poob los yog tus cwj pwm tsis meej. Nws tau raug sau tseg tias tsim kom muaj kev siv dag zog uas ua rau tsis yog tsuas yog kev sib tsoo yog ib txoj haujlwm nyuaj, tab sis qhov muaj peev xwm tsis tuaj yeem txiav tawm. Qhov teeb meem tseem ceeb hauv kev tsim cov kev siv yog vim qhov tseeb tias tus neeg tawm tsam tsuas tuaj yeem tswj hwm txhua ob byte thib ob ntawm qhov sib lawv liag, thiab thawj byte ib txwm siv tus nqi 0x04. Cov txheej txheem faib software nrog kev txheeb xyuas qhov tseem ceeb digital muaj kev nyab xeeb vim tias lawv siv cov npe yuam sij ua ntej.
Tau qhov twg los: opennet.ru