Iyo OISF (Open Information Security Foundation) yakaburitsa kuburitswa kwekugadzirisa kweiyo network intrusion yekuona uye yekudzivirira system Suricata 7.0.3 uye 6.0.16, iyo inobvisa kusagadzikana kushanu, matatu ayo (CVE-2024-23839, CVE-2024-23836, CVE- 2024-23837) akapihwa nhanho yakaoma. Tsanangudzo yekusagadzikana haisati yaburitswa, zvisinei, iyo yakakosha nhanho inowanzopihwa kana zvichikwanisika kuita kure kure kodhi yeanorwisa. Vese vashandisi veSuricata vanorayirwa kuti vagadzirise masisitimu avo nekukurumidza.
Iyo Suricata changelog hairatidzi pachena kusasimba, asi imwe yezvigadziriso inocherekedza kuwana ndangariro mushure mekusunungura kana uchigadzira isiriyo HTTP misoro. Imwe yeakakosha kusasimba (CVE-2024-23837) iripo muLibHTP HTTP traffic parsing raibhurari.
Source: opennet.ru