tuku takawaenga whakatika , i whakatika 5 whakaraeraetanga. Kotahi te whakaraeraetanga (CVE-2019-12527) Ka taea te whakarite i nga mahi waehere me nga tika o te tukanga tūmau.
Ko te take i puta mai i te pepeke i roto i te kaihautu whakamotuhēhēnga Tuatahi o te HTTP me te tuku i te puhake puhake kia puta mai i te wa e tukuna ana nga tohu i hangaia i te wa e uru ana ki te Squid Cache
Ko te Kaiwhakahaere, ko te kuaha FTP kua hangaia. Ka puta te whakaraeraetanga ka timata i te tukunga o Squid 4.0.23. Hei mahi mo te aukati i te whakaraeraetanga, ka taea e koe te hanga wheke me te "--disable-auth-basic" kōwhiringa ka whakakorehia ranei te uru ki nga ratonga e whakamahi ana i te whakamotuhēhēnga HTTP i roto i te whirihoranga:
acl FTP proto FTP
http_access whakahē FTP
http_access whakakore kaiwhakahaere
Ko etahi atu whakaraeraetanga e toru ka taea te whakakore i te ratonga i te wa e raweke ana i te cachemgr.cgi, HTTP Digest, HTTP Basic motuhēhēnga rānei. Ko te toenga whakaraeraetanga ka taea te tuhi whakawhiti-pae ma te cachemgr.cgi.
Source: opennet.ru