Ko Libinput 1.20.1, he whare pukapuka e whakarato ana i tētahi puranga tāuru kotahi e āhei ai te whakamahi i ngā taputapu whakahaere kaupapa taputapu tāuru kotahi i roto i ngā taiao Wayland me X.Org, kua whakatikahia tētahi ngoikoretanga (CVE-2022-1215) e āhei ai te whakahaere waehere ritenga ina honoa he taputapu tāuru kua whakarerekētia/kua whakatauirahia ki te pūnaha. Ka pā te raruraru ki ngā taiao X.Org me Wayland, ā, ka taea te whakamahi mā roto i ngā hononga taputapu ā-rohe me te whakahaere i ngā taputapu Nihokikorangi. Ina whakahaerehia te tūmau X me ngā mana pakiaka, ka taea e te ngoikoretanga te whakahaere waehere me ngā mana teitei ake.
I puta te raruraru i te hapa hōputu aho i roto i te waehere e kawenga ana mō te takiuru i ngā mōhiohio hononga pūrere. Ina koa, ko te mahi evdev_log_msg, mā te whakamahi i te snprintf hei karanga, i whakarerekē i te aho hōputu tāurunga takiuru taketake, me te whakauru i te ingoa pūrere ki mua. Kātahi ka tukuna te aho kua whakarerekētia ki te mahi log_msg_va, ā, i whakamahia e ia te mahi printf. Nō reira, ko te tautohe printf tuatahi, e wetewetehia ana mō ngā pūāhua hōputu, kei roto ngā raraunga o waho kāore i te whakawhirinakihia, e āhei ai te kaiwhakaeke ki te whakakino i te puranga mā te whakahoki mai i te pūrere i tētahi ingoa kei roto ngā pūāhua hōputu (hei tauira, "Kino %s").
Source: opennet.ru
