Ghostscript, seti yezvishandiso zvekugadzirisa, kushandura uye kugadzira magwaro muPostScript uye mafomati ePDF, ine njodzi yakaoma (CVE-2021-3781) iyo inobvumira kuuraya kodhi zvisina tsarukano paunenge uchigadzira faira rakanyatso kurongeka. Pakutanga, dambudziko rakaunzwa kuna Emil Lerner, uyo akataura nezvekusagadzikana kwaAugust 25 pamusangano weZeroNights X wakaitirwa muSt. gamuchira mabhonasi ekuratidzira kurwiswa pamasevhisi AirBNB, Dropbox uye Yandex.Real Estate).
Musi waGunyana 5, kushandiswa kwekushanda kwakaonekwa munzvimbo yeruzhinji iyo inokutendera iwe kurwisa masisitimu ari kuita Ubuntu 20.04 nekufambisa gwaro rakagadzirirwa rakatakurwa semufananidzo kune webhu script inomhanya pane sevha uchishandisa php-imagemagick package. Zvakare, maererano nedata rekutanga, kushandiswa kwakafanana kwave kushandiswa kubva munaKurume. Zvainzi masisitimu ari kumhanyisa GhostScript 9.50 anogona kurwiswa, asi zvakazoitika kuti kusagadzikana kwaivepo mune ese aitevera mavhezheni eGhostScript, kusanganisira mukuvandudza 9.55 kuburitswa kubva kuGit.
Kugadziriswa kwakarongwa munaGunyana 8 uye, mushure mekuongorora kwevezera, kwakagamuchirwa muGhostScript repository munaGunyana 9. Mukugovera kwakawanda, dambudziko rinoramba risina kugadziriswa (chimiro chekuburitswa kwezvigadziriso chinogona kutariswa pamapeji eDebian, Ubuntu, Fedora, SUSE, RHEL, Arch Linux, FreeBSD, NetBSD). Kuburitswa kweGhostScript nekugadzirisa kwekusagadzikana kwakarongwa kuburitswa mwedzi usati wapera.
Dambudziko rinokonzerwa nekukwanisa kunzvenga "-dSAFER" yekuzviparadzanisa nevamwe nekuda kwekusakwana kutariswa kwema paramita ePostscript mudziyo "% pipe%", iyo yaibvumira kuurayiwa kwemirairo yegomba. Semuenzaniso, kuvhura iyo id utility mugwaro, ingotaura mutsara "(% pipe%/tmp/&id)(w)file" kana "(% pipe%/tmp/;id)(r)file".
Ngatikuyeuchidzei kuti kusasimba muGhostscript kunoisa njodzi yakawedzera, sezvo pasuru iyi inoshandiswa mune zvakawanda zvakakurumbira zvikumbiro zvekugadzirisa PostScript uye mafomati ePDF. Semuenzaniso, Ghostscript inodaidzwa panguva yekugadzira zvidhori zvedesktop, yekumashure data indexing, uye kutendeuka kwemufananidzo. Kuti ubudirire kurwiswa, muzviitiko zvakawanda zvakakwana kungo dhawunirodha faira nekushandisa kana kuona dhairekitori naro mune maneja wefaira anotsigira kuratidza zvinyorwa zvigunwe, semuenzaniso, muNautilus.
Kusagadzikana muGhostscript kunogona zvakare kushandiswa kuburikidza nemifananidzo processors zvichienderana ne ImageMagick uye GraphicsMagick mapakeji nekuvapa JPEG kana PNG faira rine PostScript code pachinzvimbo chemufananidzo (faira rakadaro richagadziriswa muGhostscript, sezvo mhando yeMIME ichizivikanwa ne zvemukati, uye pasina kuvimba nekuwedzera).
Source: opennet.ru