O le OISF (Open Information Security Foundation) na faʻasalalau faʻasalalauga faʻasaʻo o le fesoʻotaʻiga o fesoʻotaʻiga suʻesuʻega ma le puipuiga o le Suricata 7.0.3 ma le 6.0.16, lea e faʻaumatia ai le lima vaivai, tolu o ia mea (CVE-2024-23839, CVE-2024-23836, CVE-2024-23837) ua tu'uina atu i se tulaga mata'utia mata'utia. O le faʻamatalaga o faʻafitauli e leʻi faʻaalia, ae ui i lea, o le tulaga taua e masani ona tuʻuina atu pe a mafai ona faʻatinoina mamao le code a le tagata osofaʻi. Ua fautuaina uma tagata Suricata e fa'afou a latou faiga vave.
O le Suricata changelog e leʻo faʻamaonia manino le faʻafitauli, ae o se tasi o faʻamaufaʻailoga e faʻamautu ai le manatua o le avanoa pe a maeʻa le faʻasaʻoloto pe a faʻaogaina ulutala HTTP sese. O se tasi o faʻafitauli matuia (CVE-2024-23837) o loʻo i ai i le LibHTP HTTP traffic parsing library.
puna: opennet.ru