Kampani ya Oracle kutulutsidwa kokonzekera zosintha pazogulitsa zake (Critical Patch Update), cholinga chake ndikuchotsa zovuta ndi zovuta. Mu July pomwe, okwana .
Mu nkhani 10 nkhani zachitetezo zidakhazikika. Zowopsa za 9 zitha kugwiritsidwa ntchito kutali popanda kutsimikizika. Mulingo wapamwamba kwambiri womwe wapatsidwa ndi 6.8 (chiwopsezo mu libpng). Palibe zovuta kapena zovuta zomwe zadziwika zomwe zingalole wogwiritsa ntchito osavomerezeka pamanetiweki kusokoneza mapulogalamu a Java SE.
Kuphatikiza pazovuta za Java SE, zofooka zawonetsedwa poyera pazinthu zina za Oracle, kuphatikiza:
- mu MySQL (mlingo wovuta kwambiri 9.8, kusonyeza vuto lalikulu). Vuto loopsa kwambiri
() zogwirizana ndi mu NTLM parsing code mu laibulale ya libcurl, yomwe ingagwiritsidwe ntchito kuukira seva ya MySQL kutali ndi wogwiritsa ntchito wosavomerezeka. Pafupifupi mavuto ena onse amangowoneka ngati pali mwayi wopezeka ku DBMS. Chokhacho ndi chiwopsezo mu Shell: Admin / InnoDB Cluster, yomwe imapatsidwa mulingo wovuta wa 7.5. Nkhani zidzakonzedwa muzotulutsa . - mu VirtualBox, yomwe 3 ndiyowopsa kwambiri (CVSS Score 8.2 ndi 8.8). Zowopsa zimakhazikika pazosintha mfundo yakuti mavuto achitetezo adathetsedwa sanalengezedwe asanatulutsidwe). Tsatanetsatane sanaperekedwe, koma, poyang'ana mulingo wa CVSS, zofooka zomwe zimalola kuti kachidindo ichitidwe kumbali ya gulu la alendo kuchokera ku malo ochezera alendo achotsedwa;
- mu Solaris (mlingo wovuta kwambiri 9.1 -
Chiwopsezo chokhudzana ndi IPv6 mu kernel (CVE-2019-5597) kulola kuwukira kutali (zambiri sizinaperekedwe). Ziwopsezo ziwiri zilinso ndi mulingo wovuta kwambiri wa 8.8 - zovuta zomwe zingagwiritsidwe ntchito kwanuko mu Common Desktop Environment ndi zothandizira kasitomala za LDAP. Nkhani zokhala ndi mulingo wowopsa kuposa 7 zimaphatikizanso zovuta zomwe zingagwiritsidwe ntchito patali mu ICMPv6 ndi oyang'anira NFS mu kernel ya Solaris, ndi mavuto am'deralo mumafayilo ndi Gnuplot.
Source: opennet.ru