Hauv lub tsev qiv ntawv LibKSBA, tsim los ntawm GnuPG qhov project thiab muab lub luag haujlwm rau kev ua haujlwm nrog X.509 daim ntawv pov thawj, qhov muaj qhov tsis zoo tseem ceeb tau raug txheeb xyuas (CVE-2022-3515), ua rau muaj qhov sib npaug dhau thiab sau cov ntaub ntawv tsis txaus siab tshaj qhov kev faib tawm thaum parsing ASN.1 cov qauv siv hauv S/MIME, X.509 thiab CMS. Qhov teeb meem yog qhov hnyav dua los ntawm qhov tseeb tias Libksba lub tsev qiv ntawv siv hauv GnuPG pob thiab qhov tsis zoo tuaj yeem ua rau cov chaw taws teeb ua haujlwm los ntawm tus neeg tawm tsam thaum GnuPG (gpgsm) txheej txheem encrypted lossis kos npe los ntawm cov ntaub ntawv lossis email lus siv S / MIME. Hauv qhov yooj yim tshaj plaws, txhawm rau tawm tsam tus neeg raug tsim txom siv email uas txhawb nqa GnuPG thiab S / MIME, nws txaus los xa tsab ntawv tsim tshwj xeeb.
Qhov tsis zoo kuj tuaj yeem siv los tua dirmngr servers uas rub tawm thiab txheeb xyuas daim ntawv pov thawj tshem tawm cov npe (CRLs) thiab txheeb xyuas cov ntawv pov thawj siv hauv TLS. Kev tawm tsam ntawm dirmngr tuaj yeem nqa tawm los ntawm lub vev xaib server tswj los ntawm tus neeg tawm tsam, los ntawm kev rov qab los ntawm CRLs lossis daim ntawv pov thawj tshwj xeeb. Nws tau raug sau tseg tias kev siv pej xeem muaj nyob rau gpgsm thiab dirmngr tseem tsis tau raug txheeb xyuas, tab sis qhov tsis zoo yog qhov raug thiab tsis muaj dab tsi tiv thaiv cov neeg tawm tsam tsim nyog los ntawm kev npaj kev siv lawv tus kheej.
Qhov tsis zoo tau raug kho hauv Libksba 1.6.2 tso tawm thiab hauv GnuPG 2.3.8 binary tsim. Ntawm Linux kev faib tawm, lub tsev qiv ntawv Libksba feem ntau yog muab los ua ib qho kev nyob sib cais, thiab ntawm Windows tsim nws yog tsim rau hauv lub ntsiab installation pob nrog GnuPG. Tom qab qhov hloov tshiab, nco ntsoov rov pib cov txheej txheem keeb kwm yav dhau nrog "gpgconf -kill tag nrho" hais kom ua. Txhawm rau txheeb xyuas qhov muaj teeb meem hauv cov zis ntawm "gpgconf -show-versions" hais kom ua, koj tuaj yeem ntsuas kab "KSBA ...", uas yuav tsum tau qhia qhov version ntawm tsawg kawg 1.6.2.
Kev hloov tshiab rau kev faib tawm tseem tsis tau tso tawm, tab sis koj tuaj yeem taug qab lawv qhov muaj nyob ntawm nplooj ntawv: Debian, Ubuntu, Gentoo, RHEL, SUSE, Arch, FreeBSD. Qhov tsis zoo kuj tseem muaj nyob hauv MSI thiab AppImage pob nrog GnuPG VS-Desktop thiab hauv Gpg4win.
Tau qhov twg los: opennet.ru