Chiwopsezo (CVE-2023-28936) chakhazikika mu seva yapa intaneti ya Apache OpenMeetings yomwe ingalole mwayi wopezeka mwachisawawa komanso zipinda zochezera. Vutoli lapatsidwa mulingo wovuta kwambiri. Chiwopsezocho chimayamba chifukwa cha kutsimikizika kolakwika kwa hashi yomwe imagwiritsidwa ntchito polumikiza otenga nawo mbali atsopano. Vutoli lidakhalapo kuyambira pomwe 2.0.0 idatulutsidwa ndipo idakhazikitsidwa pakusintha kwa Apache OpenMeetings 7.1.0 komwe kudatulutsidwa masiku angapo apitawo.
Kuphatikiza apo, ziwopsezo ziwiri zocheperako zimakhazikika mu Apache OpenMeetings 7.1.0:
- CVE-2023-29032 - Kutha kudutsa kutsimikizika. Wowukira yemwe amadziwa zinthu zinazake zokhuza wogwiritsa ntchito amatha kukhala ngati wina.
- CVE-2023-29246 - Choloweza m'malo mwachabechabe chomwe chingagwiritsidwe ntchito kuyika khodi yanu pa seva ngati muli ndi akaunti yoyang'anira OpenMeetings.
Source: opennet.ru