Pulogalamu ya ProHoster > Blog > nkhani zapaintaneti > Chiwopsezo mu LibKSBA chomwe chimatsogolera ku ma code pakukonza kwa S/MIME ku GnuPG

Chiwopsezo mu LibKSBA chomwe chimatsogolera ku ma code pakukonza kwa S/MIME ku GnuPG

Mu laibulale ya LibKSBA, yopangidwa ndi pulojekiti ya GnuPG ndikupereka ntchito zogwirira ntchito ndi ziphaso za X.509, chiwopsezo chachikulu chadziwika (CVE-2022-3515), zomwe zimapangitsa kuti pakhale kusefukira ndi kulemba zidziwitso zosavomerezeka kupitilira buffer yomwe idaperekedwa pogawa. Zomangamanga za ASN.1 zomwe zimagwiritsidwa ntchito mu S/MIME, X.509 ndi CMS. Vutoli limakulitsidwa chifukwa laibulale ya Libksba imagwiritsidwa ntchito mu phukusi la GnuPG ndipo kusatetezeka kungayambitse kupha kwa ma code akutali ndi wowukira pamene GnuPG (gpgsm) ikuchita encrypted kapena kusaina deta kuchokera kumafayilo kapena maimelo pogwiritsa ntchito S/MIME. Munthawi yosavuta, kuukira wozunzidwa pogwiritsa ntchito kasitomala wa imelo yemwe amathandizira GnuPG ndi S/MIME, ndikokwanira kutumiza kalata yopangidwa mwapadera.

Chiwopsezocho chitha kugwiritsidwanso ntchito kuukira ma seva a dirmngr omwe amatsitsa ndikuyika mindandanda yochotsa satifiketi (CRLs) ndikutsimikizira ziphaso zomwe zimagwiritsidwa ntchito mu TLS. Kuwukira kwa dirmngr kumatha kuchitidwa kuchokera pa seva yapaintaneti yomwe imayendetsedwa ndi wowukira, pobweza ma CRL kapena masatifiketi opangidwa mwapadera. Zimadziwika kuti zopezeka pagulu za gpgsm ndi dirmngr sizinadziwikebe, koma kusatetezeka kuli kofala ndipo palibe chomwe chimalepheretsa owukira oyenerera kukonzekera kugwirira okha.

Chiwopsezocho chinakhazikika pakumasulidwa kwa Libksba 1.6.2 ndi mu GnuPG 2.3.8 binary builds. Pa magawo a Linux, laibulale ya Libksba nthawi zambiri imaperekedwa ngati kudalira kwina, ndipo pa Windows imamanga imamangidwa mu phukusi lalikulu loyika ndi GnuPG. Pambuyo pakusintha, kumbukirani kuyambitsanso njira zakumbuyo ndi lamulo la "gpgconf -kill all". Kuti muwone ngati pali vuto pakutulutsa kwa lamulo la "gpgconf -show-versions", mutha kuyesa mzere "KSBA ....", womwe uyenera kuwonetsa mtundu wa osachepera 1.6.2.

Zosintha zamagawidwe sizinatulutsidwebe, koma mutha kutsata kupezeka kwawo patsamba: Debian, Ubuntu, Gentoo, RHEL, SUSE, Arch, FreeBSD. Chiwopsezochi chilinso m'mapaketi a MSI ndi AppImage okhala ndi GnuPG VS-Desktop komanso mu Gpg4win.

Source: opennet.ru

Kuwonjezera ndemanga