Mgbe ọnwa ise nke mmepe na afọ asaa na ọkara kemgbe ikpeazụ pụtara mkpa ewepụtara, a mmezi ntọhapụ nke ụlọ ọrụ suite Apache OpenOffice 4.1.11 e hiwere, nke tụrụ aro 12 fixes. A na-akwado ngwugwu emebere maka Linux, Windows na macOS.
Ntọhapụ ọhụrụ a na-edozi adịghị ike atọ:
- CVE-2021-33035 - Na-enye ohere igbu koodu mgbe imepe faịlụ DBF emebere nke ọma. Ihe kpatara nsogbu a bụ OpenOffice na-adabere n'ọhịa Ogologo na ubi Ụdị ụkpụrụ dị na isi nke faịlụ DBF iji kesaa ebe nchekwa, na-enweghị ịlele na ụdị data dị na ubi dakọtara. Iji mee mwakpo, ị nwere ike ịkọwapụta ụdị INTEGER n'ọhịa Ụdị uru, ma tinye nnukwu data wee kọwaa ubi Ogologo uru nke na-adabaghị na nha data nwere ụdị INTEGER, nke ga-eduga na ọdụ data ahụ. site n'ubi a na-ede n'ofe ihe nchekwa ekenyela. N'ihi oke njupụta nke ihe nchekwa a na-achịkwa, ị nwere ike kọwapụta ntụghachi azụ site na ọrụ ahụ ma, site na iji usoro mmemme na-alaghachi azụ (ROP - Return-oriented Programming), nweta mmezu nke koodu gị.
- CVE-2021-40439 bụ “Ijeri na-achị ọchị” ọgụ DoS (bọmbụ XML), nke na-eduga na ike ọgwụgwụ nke akụrụngwa sistemụ dịnụ mgbe ị na-ahazi akwụkwọ ahaziri iche.
- CVE-2021-28129 - A na-etinye ọdịnaya nke ngwugwu DEB na usoro dịka onye ọrụ na-abụghị mgbọrọgwụ.
Mgbanwe na-abụghị nchekwa:
- A abawanyela nha font na ederede ngalaba enyemaka.
- Etinyela otu ihe na fanye menu iji jikwaa mmetụta nke mkpụrụedemede Fontwork.
- Etinyere akara ngosi efu na menu faịlụ maka ọrụ mbupụ PDF.
- E doziela nsogbu dị na mfu eserese mgbe ị na-echekwa n'ụdị ODS.
- E doziela nsogbu nwere ụfọdụ ọrụ bara uru nke ejiri nkwenye ọrụ agbakwunyere na ntọhapụ gara aga na-egbochi (dịka ọmụmaatụ, egosipụtara mkparịta ụka ahụ mgbe ị na-ezo aka na ngalaba dị n'otu akwụkwọ ahụ).
isi: opennet.ru