ProHoster > Π‘Π»ΠΎΠ³ > xov xwm hauv internet > Kev hloov kho tshiab rau Java SE, MySQL, VirtualBox thiab lwm yam khoom siv Oracle nrog qhov tsis zoo

Kev hloov kho tshiab rau Java SE, MySQL, VirtualBox thiab lwm yam khoom siv Oracle nrog qhov tsis zoo

Oracle tuam txhab luam tawm npaj kev tso tawm tshiab rau nws cov khoom (Critical Patch Update), txhawm rau tshem tawm cov teeb meem tseem ceeb thiab qhov tsis zoo. Nyob rau hauv lub Xya hli ntuj hloov tshiab, tag nrho ntawm 319 vulnerabilities.

Hauv cov teeb meem Java SE 12.0.2, 11.0.4 thiab 8u221 10 teeb meem kev ruaj ntseg kho. 9 qhov tsis zoo tuaj yeem raug siv los ntawm qhov chaw deb yam tsis muaj kev lees paub. Qhov siab tshaj plaws qhov hnyav yog 6.8 (vulnerability hauv libpng). Tsis muaj teeb meem siab lossis tseem ceeb tau raug txheeb xyuas uas yuav tso cai rau tus neeg siv tsis tau lees paub hauv lub network kom cuam tshuam Java SE daim ntawv thov.

Ntxiv rau cov teeb meem hauv Java SE, qhov tsis zoo tau raug nthuav tawm hauv lwm cov khoom lag luam Oracle, suav nrog:

  • 43 vulnerabilities hauv MySQL (qhov hnyav tshaj plaws 9.8, qhia txog qhov teeb meem tseem ceeb). Qhov teeb meem txaus ntshai tshaj plaws
    (CVE-2019-3822) txuam nrog tsis pub dhau nyob rau hauv NTLM header parsing code nyob rau hauv lub libcurl tsev qiv ntawv, uas yuav siv tau los remotely tua lub MySQL neeg rau zaub mov los ntawm ib tug neeg siv tsis raug cai. Yuav luag tag nrho lwm yam teeb meem tsuas yog tshwm sim yog tias muaj kev lees paub nkag mus rau DBMS. Qhov tshwj xeeb nkaus xwb yog qhov muaj qhov tsis zoo hauv Plhaub: Admin / InnoDB Cluster, uas tau muab rau qhov hnyav ntawm 7.5. Cov teeb meem yuav raug kho hauv kev tshaj tawm MySQL Community Server 8.0.17, 5.7.27 thiab 5.6.45.

  • 14 vulnerabilities hauv VirtualBox, ntawm 3 yog qhov txaus ntshai heev (CVSS Score 8.2 thiab 8.8). Vulnerabilities raug kho nyob rau hauv kev hloov tshiab VirtualBox 6.0.10 thiab 5.2.32 (hauv ceeb toom qhov tseeb tias cov teeb meem kev ruaj ntseg raug daws tsis tau tshaj tawm ua ntej tso tawm). Cov ntsiab lus tsis tau muab, tab sis, txiav txim siab los ntawm qib CVSS, qhov tsis zoo uas tso cai rau kev ua tiav ntawm tus tswv tsev sab ntawm cov qhua system ib puag ncig tau raug tshem tawm;
  • 10 vulnerabilities hauv Solaris (qhov mob hnyav tshaj plaws 9.1 -
    IPv6-hais txog qhov tsis zoo nyob rau hauv cov ntsiav (CVE-2019-5597) tso cai rau cov chaw taws teeb nres (cov ntsiab lus tsis muab). Ob qhov tsis zoo kuj tseem muaj qhov tseem ceeb ntawm 8.8 - cov teeb meem siv tau hauv zos hauv Common Desktop Ib puag ncig thiab cov neeg siv khoom siv rau LDAP. Cov teeb meem uas muaj qhov hnyav siab dua 7 kuj suav nrog kev ua haujlwm tsis zoo hauv ICMPv6 thiab NFS cov neeg tuav hauv Solaris kernel, thiab cov teeb meem hauv zos hauv cov ntaub ntawv kaw lus thiab Gnuplot.

Tau qhov twg los: opennet.ru

Ntxiv ib saib