Vapanduki vasingazivikanwe vakawana kutonga kwePython package ctx uye PHP raibhurari phpass, mushure mezvo vakatumira zvigadziriso zvine hutsinye hwekuisa iyo yakatumira zviri mukati memamiriro ekunze kuchinjika kune yekunze server netarisiro yekuba tokens kuAWS uye inoenderera mberi yekubatanidza masisitimu. Zvinoenderana nehuwandu huripo, iyo Python package 'ctx' inotorwa kubva kuPyPI repository kanosvika zviuru makumi maviri nemaviri pasvondo. Iyo phpass PHP package inogoverwa kuburikidza neComposer repository uye yakatorwa kanopfuura 22 miriyoni nguva kusvika zvino.
Mu ctx, kodhi yakashata yakatumirwa muna Chivabvu 15 mukuburitswa 0.2.2, muna Chivabvu 26 mukuburitswa 0.2.6, uye muna Chivabvu 21 iyo yekare kuburitswa 0.1.2, yakatanga kuumbwa muna 2014, yakatsiviwa. Zvinotendwa kuti kuwanikwa kwakawanikwa nekuda kwekukanganiswa kweakaundi yemugadziri.
Kana iri iyo PHP package phpass, iyo yakaipa kodhi yakabatanidzwa kuburikidza nekunyoreswa kweiyo GitHub repository ine zita rimwechetero hautelook/phpass (muridzi weiyo yepakutanga repository akadzima account yake yehautelook, yakatorwa nemurwisi ndokunyoresa account itsva. ine zita rimwe chete uye ndokuisa pasi peiyo phpass repository ine yakaipa kodhi). Mazuva mashanu apfuura, shanduko yakawedzerwa kune repository inotumira zviri mukati meAWS_ACCESS_KEY uye AWS_SECRET_KEY nharaunda zvinosiyana kune yekunze server.
Kuedza kuisa pasuru yakaipa muComposer repository yakakurumidza kuvharwa uye iyo yakakanganiswa hautelook/phpass package yakadzoserwa kune bordoni/phpass package, inoenderera mberi nekuvandudzwa kweprojekiti. Mu ctx uye phpass, nharaunda dzakasiyana dzakatumirwa kune imwechete server "anti-theft-web.herokuapp[.] com", zvichiratidza kuti kurwiswa kwepacket kubatwa kwakaitwa nemunhu mumwechete.
Source: opennet.ru