Mgbe izu abụọ gachara nsogbu dị egwu gara aga na 4 ọzọ yiri vulnerabilities (CVE-2019-14811, CVE-2019-14812, CVE-2019-14813, CVE-2019-14817), nke na-enye ohere site na-eke a njikọ na ".forceput" gafere "-dSAFER" ọnọdụ iche iche. . Mgbe ị na-ahazi akwụkwọ ahaziri ahazi, onye na-awakpo nwere ike ịnweta ọdịnaya nke sistemụ faịlụ wee mebie koodu aka ike na sistemụ (dịka ọmụmaatụ, site na ịgbakwunye iwu na ~/.bashrc ma ọ bụ ~/.profile). Ndozi ahụ dị ka patches (, ). Ị nwere ike soro enwere mmelite ngwugwu na nkesa na ibe ndị a: , , , , , , , .
Cheta na adịghị ike dị na Ghostscript na-ebute nnukwu ihe egwu, ebe a na-eji ngwugwu a n'ọtụtụ ngwa ewu ewu maka nhazi PostScript na PDF. Dịka ọmụmaatụ, a na-akpọ Ghostscript mgbe ị na-emepụta thumbnails desktọpụ, mgbe ị na-edepụta data n'azụ, na mgbe ị na-atụgharị ihe oyiyi. Maka ọgụ na-aga nke ọma, n'ọtụtụ oge, naanị nbudata faịlụ nrigbu ma ọ bụ iji ya na-eme nchọgharị na Nautilus ezuola. A pụkwara iji ihe adịghị mma na Ghostscript mee ihe site na ndị na-emepụta ihe oyiyi dabere na ngwugwu ImageMagick na GraphicsMagick site na ịnyefe ha faịlụ JPEG ma ọ bụ PNG nke nwere koodu PostScript kama nke oyiyi (a ga-edozi faịlụ dị otú ahụ na Ghostscript, ebe ọ bụ na ụdị MIME bụ nke a ghọtara. ọdịnaya, na-enweghị ịdabere na ndọtị).
isi: opennet.ru