Lub OISF (Open Information Security Foundation) tau tshaj tawm cov kev kho kom raug ntawm lub network nkag mus nrhiav thiab tiv thaiv kab ke Suricata 7.0.3 thiab 6.0.16, uas tshem tawm tsib qhov tsis zoo, peb qhov (CVE-2024-23839, CVE-2024-23836, CVE- 2024-23837) tau raug xa mus rau theem txaus ntshai heev. Cov lus piav qhia ntawm qhov tsis muaj peev xwm tseem tsis tau tshaj tawm, txawm li cas los xij, theem tseem ceeb feem ntau yog muab thaum nws tuaj yeem ua rau kev khiav tawm ntawm tus neeg tawm tsam txoj cai. Txhua tus neeg siv Suricata tau qhia kom hloov kho lawv cov tshuab tam sim ntawd.
Suricata changelog tsis qhia meej meej txog qhov tsis zoo, tab sis ib qho ntawm cov kev txhim kho sau ntawv nco nkag tom qab tso tawm thaum ua tiav HTTP headers tsis raug. Ib qho ntawm cov teeb meem tseem ceeb (CVE-2024-23837) yog tam sim no nyob rau hauv LibHTP HTTP tsheb parsing tsev qiv ntawv.
Tau qhov twg los: opennet.ru