Mushure memwedzi mishanu yekugadzirwa uye makore manomwe nehafu kubva pakuburitswa kukuru kwekupedzisira, Apache OpenOffice 4.1.11 yaburitswa sechisungo chekugadzirisa, ichipa zvigadziriso gumi nembiri. Mapakeji ekupedzisira agadzirira Linux, Windows и macOS.
Kuburitswa kutsva kunogadzirisa kusakwana kutatu:
- CVE-2021-33035 - Inobvumira kuita kodhi kana uchivhura yakanyatsogadzirwa DBF faira. Dambudziko rinokonzerwa neOpenOffice ichitsamira pamundaUrefu uye mundaType kukosha mumusoro wemafaira eDBF kugovera ndangariro, pasina kutarisa kuti iyo chaiyo data mhando muminda inowirirana. Kuti uite kurwisa, unogona kutsanangura mhando INTEGER mundimaType kukosha, asi isa data hombe uye tsanangura mundaUrefu kukosha kusingaenderane nehukuru hwe data neiyo INTEGER mhando, inotungamira kumuswe we data. kubva panzvimbo ichinyorwa kupfuura buffer yakagoverwa. Nekuda kweiyo inodzorwa buffer mafashama, iwe unogona kutsanangura zvakare chinongedzo chekudzoka kubva pabasa uye, uchishandisa kudzoka-yakatarisana programming matekiniki (ROP - Return-Oriented Programming), zadzisa kuitwa kwekodhi yako.
- CVE-2021-40439 i "bhiriyoni rinoseka" DoS kurwisa (XML bhomba), izvo zvinotungamira kune kuneta kweiyo iripo system zviwanikwa paunenge uchigadzira gwaro rakagadzirwa.
- CVE-2021-28129 - Zviri mukati meDEB package yakaiswa pane system senge isiri-midzi mushandisi.
Non-security shanduko:
- Saizi yefonti muchikamu chekubatsira zvinyorwa zvawedzerwa.
- Chinhu chawedzerwa kuInsert menyu kuti udzore mhedzisiro yeFontwork fonts.
- Yakawedzera chiratidzo chisipo kune iyo Faira menyu yeiyo PDF kutumira kunze basa.
- Dambudziko rekurasikirwa kwemadhayagiramu kana kuchengetedza muODS fomati yakagadziriswa.
- Nyaya ine mamwe mashandisirwo anobatsira ari kuvharirwa neaurogi yekusimbisa oparesheni yakawedzerwa mukuburitswa kwapfuura yakagadziriswa (semuenzaniso, dialog yakaratidzwa pairehwa chikamu chiri mugwaro rimwe chete).
Source: opennet.ru
