Oracle Company yakarongwa kuburitswa kwezvigadziriso kune zvigadzirwa zvavo (Critical Patch Update), ine chinangwa chekubvisa matambudziko akakosha uye kusasimba. Mukuvandudzwa kwaJanuary, mari yacho yakabviswa .
Nyaya kubviswa . Zvese zvinokanganisa zvinogona kushandiswa kure pasina humbowo. Iyo yakanyanya kuomarara nhanho ndeye 8.3, iyo inopihwa kune matambudziko mumaraibhurari (CVE-2020-2803, CVE-2020-2805). Kusagadzikana kuviri (mu libxslt neJSSE) kune kuomarara mazinga e8.1 uye 7.5.
Pamusoro pezvinhu muJava SE, kusadzivirirwa kwaitwa pachena mune zvimwe zvigadzirwa zveOracle, zvinosanganisira:
- muMySQL server uye
2 kusasimba mukuitwa kweMySQL mutengi (C API). Iyo yakanyanya kuomarara nhanho ye9.8 inopihwa kune munjodzi CVE-2019-5482, iyo inoonekwa kana yaunganidzwa nerutsigiro rwecURL. Nyaya dzakagadziriswa mukuburitswa . - , iyo matambudziko manomwe ane nhanho yakaoma yengozi (CVSS yakakura kupfuura 7). Izvi zvinosanganisira kugadzirisa kusasimba kunoshandiswa mukurwiswa kunoratidzwa pamakwikwi uye kubvumira, kuburikidza nekunyengedza padivi peiyo yevaenzi system, kuwana mukana kune iyo host system uye kuita kodhi ine hypervisor kodzero. Kusagadzikana kunogadziriswa mukuvandudza .
- muSolaris. Maximum ngozi level 8.8 - inoshandiswa munharaunda muCommon Desktop Environment, ichibvumira mushandisi asina rusarura kuti aite kodhi ine midzi ropafadzo. Nyaya dzakagadziriswawo mu kernel module kuita iyo SMB protocol, muWhodo, uye mune svcbundle SMF command. Nyaya dzakagadziriswa mukuvandudzwa kwezuro .
Source: opennet.ru