Vagadziri veMidnightBSD purojekiti, iyo inovandudza desktop-yakatarisana inoshanda sisitimu yakavakirwa paFreeBSD ine zvinhu zvakatakurwa kubva kuDragonFly BSD, OpenBSD uye NetBSD, yakayambira vashandisi nezve kuziva kutarwa kweimwe yemaseva. Iyo yekubira yakaitwa kuburikidza nekushandiswa kweiyo CVE-2021-26084 kusagadzikana kwakawanikwa mukupera kwaNyamavhuvhu mune yekudyidzana injini injini Confluence (Atlassian yakapa mukana wekushandisa chigadzirwa ichi pasina muripo kune zvisiri zvekutengesa uye zvakavhurika sosi mapurojekiti).
Sevha yakamhanyisawo DBMS yepurojekiti uye yakabata nzvimbo yekuchengetera faira, iyo yakashandiswa, pakati pezvimwe zvinhu, yekuchengetedza yepakati mavhezheni matsva emapakeji asati aburitswa pane yekutanga FTP server. Zvinoenderana neyekutanga data, iyo huru pasuru repository uye iso mifananidzo iripo yekurodha haina kukanganisa.
Sezviri pachena, kurwiswa kwacho hakuna kunangwa uye chirongwa cheMidnightBSD chakava mumwe wevakabatwa nekubirwa kwevazhinji maseva ane hunyanzvi shanduro dzeConfluence, mushure mekurwiswa, malware yakanangana nemigodhi cryptocurrency yakaiswa. Parizvino, software ye server yakabirwa yakadzoserwa kubva pakutanga uye 90% yemasevhisi akavharwa mushure mekunge hack yadzoserwa kubasa. Izvo zvakasarudzwa kumisikidza kuburitswa kuri kuuya kweMidnightBSD 2.1.
Source: opennet.ru