adịghị ike na Perl, ownCloud, GStreamer na Zephyr RTOS

Ọtụtụ adịghị ike achọpụtara nso nso a:

  • Mwepụta mmezi nke Perl 5.38.1 na-ekwu maka adịghị ike (CVE-2023-47038) nke nwere ike ime ka e depụta otu byte n'ókè na ebe nchekwa ekenyela mgbe ejiri ihe Unicode dị n'ime chịkọta okwu oge niile na aha na-amalite na-ezighi ezi. na "utf8 ::" perl. Nsogbu a pụtara kemgbe alaka Perl 5.30.

    Na mgbakwunye, Perl 5.38.1 wepụrụ otu ikpo okwu kpọmkwem maka ikpo okwu. Windows Ndakpọ (CVE-2023-47039) na-enye ohere maka mmejuputa koodu na-enweghị usoro mgbe a na-agba scripts ma ọ bụrụ na enwere ike itinye faịlụ cmd.exe na ndekọ dị ugbu a (n'ihi enweghị nhicha ụzọ mgbe a na-achọ faịlụ ndị a na-arụ ọrụ, Perl na-ebu ụzọ gbalịa ịgba cmd.exe na ndekọ dị ugbu a). Dịka ọmụmaatụ, onye na-awakpo nwere ike itinye cmd.exe omenala na ndekọ C:\ProgramData ma mee ka ikike ha ka mma ma ọ bụrụ na onye nchịkwa na-agba script Perl site na ndekọ ahụ.

  • Achọpụtara adịghị ike (CVE-2023-49103) na ikpo okwu igwe ojii nke ownCloud, nke e si na ya tinye ọrụ Nextcloud na 2016, nke metụtara ngwa graphapi ma kwe ka a chọpụta ihe dị na mgbanwe gburugburu ebe obibi, nke nwere ike ịnwe paswọọdụ onye nchịkwa, igodo ikike, na nzere maka ijikọ na ozi-e. ihe nkesaNsogbu a na-esi na iji ọbá akwụkwọ nke atọ na graphapi apụta, nke, tinyere ihe ndị ọzọ, na-enye onye na-ejikwa GetPhpInfo.php, nke na-akpọ ọrụ phpinfo(), nke mmepụta ya gụnyere mgbanwe gburugburu ebe obibi.
  • Achọpụtala ihe ọghọm abụọ dị na GStreamer multimedia framework: CVE-2023-44446 - ohere nchekwa mgbe emechara (Jiri-Mgbe-N'efu) na koodu nchịkọta faịlụ MXF; CVE-2023-44429 - Mkpuchi ihe na-ejupụta n'ime koodu ntụgharị AV1. Nsogbu nke mbụ na-akpata site na ịleleghị ihe ahụ tupu arụ ọrụ na ya, na nke abụọ site na ịleleghị nha data tupu iṅomi ya na ebe nchekwa edozi. Ọdịmma ndị ahụ nwere ike ikwe ka e gbuo koodu mwakpo mgbe ị na-achọ ịhazi faịlụ MXF ahaziri ahazi yana mgbasa ozi AV1. Achọpụtara na vectors ọgụ na-adabere na mmejuputa ngwa a wakporo. Enyerela nsogbu ndị ahụ ọkwa dị njọ nke 8.8 n'ime 10. A na-edozi adịghị ike na ntọhapụ GStreamer 1.22.7.
  • Achọpụtala adịghị ike 25 na Zephyr RTOS sistemụ arụmọrụ oge, ọtụtụ n'ime ha nwere ike bute mkpochapụ koodu mwakpo. Ihe ọghọm ndị a na-akpata site na oke njupụta na shei WiFi, ngwugwu Bluetooth, ọkwọ ụgbọ ala IPM, ọdụ USB, ọkwọ ụgbọ ala IEEE 802.15.4, sistemụ faịlụ Mgmt, sistemụ faịlụ, ọkwọ ụgbọ ala eS-WiFi na sistemụ CANbus. A na-edozi ọtụtụ n'ime adịghị ike ahụ na ntọhapụ Zephyr 3.5.0, mana otu okwu (CVE-2023-4261) ka edoghị anya (nkọwa banyere adịghị ike a adịghị ebipụta ruo mgbe edozi ya).

isi: opennet.ru

Zụta nnabata ntụkwasị obi maka saịtị nwere nchekwa DDoS, sava VPS VDS 🔥 Zụta ebe nrụọrụ weebụ a pụrụ ịtụkwasị obi na nchekwa DDoS, sava VPS VDS | ProHoster