Mushure memwedzi mishanu yebudiriro uye makore manomwe nehafu kubva pakuburitswa kwakakosha kwekupedzisira, kuburitswa kwekugadzirisa kwehofisi suite Apache OpenOffice 4.1.11 yakaumbwa, iyo yakakurudzira 12 kugadzirisa. Yakagadzirirwa-yakagadzirwa mapakeji akagadzirirwa Linux, Windows uye macOS.
Kuburitswa kutsva kunogadzirisa kusakwana kutatu:
- CVE-2021-33035 - Inobvumira kuita kodhi kana uchivhura yakanyatsogadzirwa DBF faira. Dambudziko rinokonzerwa neOpenOffice ichitsamira pamundaUrefu uye mundaType kukosha mumusoro wemafaira eDBF kugovera ndangariro, pasina kutarisa kuti iyo chaiyo data mhando muminda inowirirana. Kuti uite kurwisa, unogona kutsanangura mhando INTEGER mundimaType kukosha, asi isa data hombe uye tsanangura mundaUrefu kukosha kusingaenderane nehukuru hwe data neiyo INTEGER mhando, inotungamira kumuswe we data. kubva panzvimbo ichinyorwa kupfuura buffer yakagoverwa. Nekuda kweiyo inodzorwa buffer mafashama, iwe unogona kutsanangura zvakare chinongedzo chekudzoka kubva pabasa uye, uchishandisa kudzoka-yakatarisana programming matekiniki (ROP - Return-Oriented Programming), zadzisa kuitwa kwekodhi yako.
- CVE-2021-40439 i "bhiriyoni rinoseka" DoS kurwisa (XML bhomba), izvo zvinotungamira kune kuneta kweiyo iripo system zviwanikwa paunenge uchigadzira gwaro rakagadzirwa.
- CVE-2021-28129 - Zviri mukati meDEB package yakaiswa pane system senge isiri-midzi mushandisi.
Non-security shanduko:
- Saizi yefonti muchikamu chekubatsira zvinyorwa zvawedzerwa.
- Chinhu chawedzerwa kuInsert menyu kuti udzore mhedzisiro yeFontwork fonts.
- Yakawedzera chiratidzo chisipo kune iyo Faira menyu yeiyo PDF kutumira kunze basa.
- Dambudziko rekurasikirwa kwemadhayagiramu kana kuchengetedza muODS fomati yakagadziriswa.
- Nyaya ine mamwe mashandisirwo anobatsira ari kuvharirwa neaurogi yekusimbisa oparesheni yakawedzerwa mukuburitswa kwapfuura yakagadziriswa (semuenzaniso, dialog yakaratidzwa pairehwa chikamu chiri mugwaro rimwe chete).
Source: opennet.ru