MuCargo package maneja, anoshandiswa kubata mapakeji uye kuvaka mapurojekiti mumutauro weRust, zvikanganiso zviviri zvakaonekwa zvinogona kushandiswa pakurodha mapakeji akagadzirwa kubva kune wechitatu-bato repositori (zvinonzi vashandisi veiyo official crates.io repository havakanganisike nedambudziko). Kusagadzikana kwekutanga (CVE-2022-36113) inobvumira maviri ekutanga mabhayiti echero faira kuti anyorwe chero bedzi mvumo iripo. Kusagadzikana kwechipiri (CVE-2022-36114) inogona kushandiswa kupedza disk nzvimbo.
Iko kusasimba kuchagadziriswa mukuburitswa kweRust 1.64, yakarongerwa Gunyana 22. Kusagadzikana kunopihwa yakaderera mwero wekuomarara, sezvo kukuvadzwa kwakafanana kuchigona kukonzerwa kana uchishandisa mapakeji asina kusimbiswa kubva kune wechitatu-bato repositori uchishandisa iyo yakajairwa kugona kuvhura echinyakare zvibatiso kubva kugungano zvinyorwa kana procedural macros anopihwa mupakeji. Panguva imwecheteyo, matambudziko ataurwa pamusoro apa anosiyana pakuti anoshandiswa padanho rekuvhura pasuru mushure mekurodha (pasina gungano).
Kunyanya, mushure mekudhawunirodha pasuru, zvinotakura zvinoburitsa zviri mukati me ~/.cargo dhairekitori uye inochengeta chiratidzo chekubudirira kuburitsa mu.cargo-ok faira. Izvo zvakakosha zvekunetseka kwekutanga ndezvekuti mugadziri wepakeji anogona kuisa chinongedzo chekufananidzira mukati ine zita .cargo-ok, izvo zvinozoita kuti unyore rugwaro "ok" kune faira inongedzerwa neiyo link.
Kusagadzikana kwechipiri kunokonzerwa nekushaikwa kwemuganho pahukuru hwe data yakatorwa kubva mudura, iyo inogona kushandiswa kugadzira "zip mabhomba" (iyo archive inogona kunge ine data inobvumira kuwana iyo yakanyanya compression ratio yezip fomati - nezve. 28 miriyoni nguva, mune iyi kesi, semuenzaniso, yakanyatsogadzirirwa 10 MB zip faira ichaguma nekudzikira kweanosvika makumi maviri nemasere TB yedata).
Source: opennet.ru