Kusintha kwa Exim 4.92.1 komwe kumakhala pachiwopsezo

Lofalitsidwa kutulutsidwa kosakonzekera kwa seva yamakalata Chithunzi 4.92.1 zomwe zimachotsa chiwopsezo chachikulu (CVE-2019-13917) chomwe chimalola kukhazikitsidwa kwa ma code akutali ndi mwayi wokhala ndi mizu pomwe zosintha zinazake zilipo.

Chiwopsezo zikuwoneka Kuyambira ndi kutulutsidwa 4.85, mukamagwiritsa ntchito "${sort }" operator mu kasinthidwe, ngati zinthu zomwe zagwiritsidwa ntchito mu mndandanda wa "sort" zitha kuperekedwa kwa wowukira (mwachitsanzo, kudzera mu $local_part ndi $domain variables). Mwachisawawa, operator uyu sagwiritsidwa ntchito mu kasinthidwe komwe kamaperekedwa mu kugawa koyambira kwa Exim komanso mu phukusi la Debian ΠΈ Ubuntu (Mwinanso m'magawo ena). Kuti muwone ngati dongosolo lanu lili pachiwopsezo, mutha kuyendetsa lamulo lakuti "exim -bP config | grep sort".

Zosintha pamaphukusi okonza chiwopsezo zatulutsidwa kale Debian ΠΈ UbuntuZosintha sizinakonzekere SUSE, Fedora, FreeBSD ΠΈ Chipilala Linux. RHEL ndi CentOS vuto osatengeka, popeza Exim siyikuphatikizidwa muzosungira zawo zokhazikika (ngati kuli kofunikira, imayikidwa kuchokera kunkhokwe epel).

Source: opennet.ru

Gulani kuchititsa kodalirika kwamasamba okhala ndi chitetezo cha DDoS, ma seva a VPS VDS Gulani malo odalirika osungira mawebusayiti okhala ndi chitetezo cha DDoS, ma seva a VPS VDS | ProHoster