Kuburitswa kwekugadzirisa kweOpenSSL cryptographic library 1.1.1k inowanikwa, iyo inogadzirisa kusakwana kuviri kunopihwa mwero wekuomarara:
- CVE-2021-3450 - Izvo zvinogoneka kunzvenga kusimbiswa kwechitupa chechiremera chitupa kana X509_V_FLAG_X509_STRICT mureza wagoneswa, iyo yakaremara nekusarudzika uye inoshandiswa kuwedzera kutarisa kuvepo kwezvitupa mucheni. Dambudziko rakaunzwa mukuitwa kweOpenSSL 1.1.1h kwecheki itsva inorambidza kushandiswa kwezvitupa mucheni inoisa elliptic curve parameters.
Nekuda kwekukanganisa mukodhi, cheki nyowani yakadarika mhedzisiro yecheki yakamboitwa yekurongeka kwechitupa chechiremera chetifiketi. Nekuda kweizvozvo, zvitupa zvakasimbiswa nechitupa chakasaina wega, icho chisina kubatanidzwa neketani yekuvimba kune chiremera chechitupa, yakabatwa seyakavimbika zvizere. Kusagadzikana hakuoneki kana "chinangwa" paramende yaiswa, iyo inoiswa nekumisikidza mune mutengi uye server setifiketi yekusimbisa maitiro mu libssl (inoshandiswa kuTLS).
- CVE-2021-3449 - Zvinogoneka kukonzera kuparara kweTLS server kuburikidza nemutengi achitumira meseji yakanyatsogadzirwa ClientHello. Nyaya ine hukama neNULL pointer dereference mukuitwa kweiyo siginecha_algorithms yekuwedzera. Nyaya yacho inongoitika pamaseva anotsigira TLSv1.2 uye inogonesa kutauriranazve (inogoneswa neyakagadzika).
Source: opennet.ru