Iyo Open Information Security Foundation (OISF) yakaburitsa zvigamba zvakaburitswa zveSuricata 7.0.3 uye 6.0.16 network intrusion yekuona uye kudzivirira system, iyo inogadzirisa shanu kusasimba, matatu ayo (CVE-2024-23839, CVE-2024-23836, CVE-2024-23837-XNUMX-yakakosha level XNUMX yakapihwa aXNUMX yakakosha level. Tsanangudzo yekusagadzikana haisati yaburitswa, zvisinei, nhanho yakakosha inowanzopihwa kana kure kure kuuraya kweanorwisa kodhi kuchigoneka. Vese vashandisi veSuricata vanorayirwa kuti vakurumidze kugadzirisa masisitimu avo.
Iyo Suricata changelog hairatidze pachena kusasimba, asi imwe yezvigadziriso inocherekedza kuwana ndangariro mushure mekunge yasunungurwa kana ichigadzira isingaite HTTP misoro. Imwe yeakakosha kusasimba (CVE-2024-23837) iripo muLibHTP HTTP parsing raibhurari.
Source: opennet.ru
