ProHoster > Π‘Π»ΠΎΠ³ > wararka internetka > Cusboonaysiinta Git oo leh baylah kale oo go'an

Cusboonaysiinta Git oo leh baylah kale oo go'an

La daabacay siidaynta saxda ah ee nidaamka xakamaynta isha qaybsan Git 2.26.2, 2.25.4, 2.24.3, 2.23.3, 2.22.4, 2.21.3, 2.20.4, 2.19.5, 2.18.4 iyo 2.17.5, in kaas oo meesha ka saaray nuglaanta (CVE-2020-11008), xasuusin dhibaatada, oo la tirtiray usbuucii hore. Nuglaanta cusubi waxay sidoo kale saamaysaa maamulayaasha "credntial.helper" waxaana laga faa'iideystaa marka la gudbinayo URL si gaar ah loo qaabeeyey oo ka kooban xarfo khad cusub, martigal madhan, ama nidaam codsi aan la cayimin. Marka la farsameynayo URL-ka noocaas ah, credential.helper wuxuu soo diraa macluumaadka ku saabsan shahaadooyinka aan ku habboonayn borotokoolka la codsaday ama martigeliyaha la gelayo.

Si ka duwan dhibaatadii hore, marka laga faa'iidaysanayo dayacanka cusub, weeraryahanku si toos ah uma maamuli karo martida loo yahay kaas oo aqoonsiga qof kale laga wareejinayo. Aqoonsiyada la daadiyay waxay ku xiran tahay sida loo maareeyo halbeegga "martigeliyaha" maqan ee aqoonsiga.caawiye. Nuxurka dhibku waa in meelaha madhan ee URL-ka ay u tarjumaan qaar badan oo ka mid ah gacan-qabayaasha aqoonsiga. Haddaba, credential.helper waxa ay u soo diri kartaa aqoonsiyada lagu kaydiyay seerfar kale serferka weerarka geystay ee lagu sheegay URL.

Dhibaatadu waxay dhacdaa marka la qabanayo hawlgallada sida "git clone" iyo "git fetch", laakiin waxay ugu khatarsan tahay marka la farsameynayo submodule - marka la samaynayo "git submodule update", URL-yada lagu qeexay faylka .gitmodules ee kaydka ayaa si toos ah loo farsameeyaa. Si looga hortago dhibaatada waxaa lagu talinayaa Ha isticmaalin aqoonsiga

Lagu soo bandhigay siidaynta Git cusub sixid waxay ka hortagtaa wacitaanka aqoonsiga.caawiye ee URL-yada ka kooban qiimayaal aan la matali karin (tusaale ahaan, marka la tilmaamayo saddex jajab oo laba ka mid ah - "http:///host" ama aan lahayn nidaamka borotokoolka - "http :: ftp.example.com/"). Arrintu waxay saamaysaa bakhaarka (Kaydinta aqoonsiga ee Git-ku-dhisan), khasnado (lagu dhex dhisay ee shahaadooyinka la geliyey), iyo osxkeychain (macOS kaydinta) maamulayaasha. Maamulaha Aqoonsiga Git (Windows repository) ma saameeyo.

Waxaad la socon kartaa sii deynta xirmada cusbooneysiinta ee qaybinta boggaga Debian, Ubuntu, RHEL, SUSE/furanSUSE, Fedora, halka, ALT, FreeBSD.

Source: opennet.ru

Add a comment