Zvizhinji zvichangobva kuonekwa kusasimba:
- Kusagadzikana katatu muyemahara LibreCAD komputa-inobatsira dhizaini system uye libdxfrw raibhurari iyo inokutendera iwe kukonzeresa inodzorwa buffer mafashama uye uchikwanisa kuwana kodhi kuuraya paunovhura yakanyatso kurongeka DWG uye DXF mafaera. Matambudziko akagadziriswa kusvika parizvino chete muchimiro chezvigamba (CVE-2021-21898, CVE-2021-21899, CVE-2021-21900).
- Kusagadzikana (CVE-2021-41817) muDate.parse nzira yakapihwa muRuby standard library. Zvikanganiso mumatauriro enguva dzose anoshandiswa kutsanangudza misi muDate.parse nzira inogona kushandiswa kuita kurwisa kweDoS, zvichikonzera kudyiwa kwezviwanikwa zveCPU zvakakosha uye kushandiswa kwendangariro pakugadziridza data rakanyatsorongwa.
- Kusagadzikana muTensorFlow muchina kudzidza chikuva (CVE-2021-41228), iyo inobvumira kodhi kuti iitwe kana iyo saved_model_cli utility maitiro ekurwisa data akapfuura nepakati "--input_examples" paramende. Dambudziko rinokonzerwa nekushandiswa kwe data rekunze paunenge uchidana kodhi ne "eval" basa. Nyaya inogadziriswa mukuburitswa kweTensorFlow 2.7.0, TensorFlow 2.6.1, TensorFlow 2.5.2, uye TensorFlow 2.4.4.
- Kusagadzikana (CVE-2021-43331) muGNU Mailman mailing management system yakakonzerwa nekubata zvisirizvo kwemamwe marudzi emaURL. Dambudziko rinokutendera kuti uronge kuitiswa kweJavaScript kodhi nekutsanangura yakanyatsogadzirirwa URL pane peji rezvirongwa. Imwe nyaya yakaonekwa zvakare muMailman (CVE-2021-43332), iyo inobvumira mushandisi ane kodzero yemutungamiriri kufungidzira password yemutungamiriri. Nyaya dzakagadziriswa muMailman 2.1.36 kuburitswa.
- Yakateedzana yekusagadzikana muVim mameseji edhita iyo inogona kutungamira kune buffer kufashukira uye inogona kuuraya yeanorwisa kodhi kana uchivhura akanyatso kugadzirwa mafaira kuburikidza ne "-S" sarudzo (CVE-2021-3903, CVE-2021-3872, CVE-2021 -3927, CVE -2021-3928, kugadzirisa - 1, 2, 3, 4).
Source: opennet.ru