ProHoster > Π‘Π»ΠΎΠ³ > wararka internetka > Cusboonaysiinta Java SE, MySQL, VirtualBox iyo alaabada kale ee Oracle ee leh baylahda go'an

Cusboonaysiinta Java SE, MySQL, VirtualBox iyo alaabada kale ee Oracle ee leh baylahda go'an

Shirkadda Oracle la daabacay sii daynta qorshaysan ee ku saabsan wax soo saarkeeda (Critical Patch Update), oo looga dan leeyahay in meesha laga saaro dhibaatooyinka muhiimka ah iyo dayacanka. In update July, wadar ahaan 319 baylahda.

Arrimaha Java SE 12.0.2, 11.0.4 iyo 8u221 10 arrimood oo amniga ah ayaa go'an. 9 dayacanka ayaa laga faa'iidaysan karaa meel fog iyadoon la xaqiijin. Heerka darnaanta ugu sarreysa ee loo qoondeeyay waa 6.8 (nuglaanta libpng). Ma jiraan arrimo sare ama halis ah oo la aqoonsaday taas oo u oggolaanaysa isticmaale aan la aqoonsan shabakada inuu waxyeeleeyo codsiyada Java SE.

Marka laga soo tago arrimaha Java SE, dayacanka ayaa si guud loogu soo bandhigay alaabada kale ee Oracle, oo ay ku jiraan:

  • 43 baylahda gudaha MySQL (heerka darnaanta ugu badan ee 9.8, oo muujinaysa dhibaato halis ah). Dhibaatada ugu khatarta badan
    (CVE-2019-3822) la xidhiidha bakhaar buuxdhaafay gudaha NTLM koodhka falanqaynta madaxa ee maktabadda libcurl, kaas oo loo isticmaali karo in meel fog laga weeraro server-ka MySQL ee isticmaale aan la xaqiijin. Ku dhawaad ​​​​dhammaan dhibaatooyinka kale waxay muuqdaan kaliya haddii ay jirto marin la xaqiijiyay oo DBMS ah. Waxa kaliya ee ka reeban waa u nuglaanshaha Shell: Admin / InnoDB Cluster, kaas oo loo qoondeeyay heerka darnaanta 7.5. Arrimaha waxa lagu xallin doonaa siidaynta MySQL Community Server 8.0.17, 5.7.27 iyo 5.6.45.

  • 14 baylahda gudaha VirtualBox, kuwaas oo 3 ka mid ah ay aad khatar u yihiin (CVSS Score 8.2 iyo 8.8). Nuglaanta waxa lagu hagaajiyaa cusboonaysiinta VirtualBox 6.0.10 iyo 5.2.32 (in note Xaqiiqda ah in dhibaatooyinka amniga la xaliyay lama xayeysiin ka hor inta aan la sii deyn). Faahfaahinta lama bixiyo, laakiin, marka la eego heerka CVSS, baylahda u oggolaanaysa in kood lagu fuliyo dhinaca nidaamka martida ee jawiga nidaamka martida waa la tirtiray;
  • 10 baylahda gudaha Solaris (heerka darnaanta ugu badan 9.1 -
    Nuglaanta IPV6 la xiriirta ee kernel-ka (CVE-2019-5597) oo u oggolaanaysa weerar fog (faahfaahin lama bixin). Laba dayacan ayaa sidoo kale leh heerka darnaanta halista ah ee 8.8 - arrimaha deegaanka laga faa'iidaysan karo ee deegaanka Desktop-ka ee la wadaago iyo adeegyada macmiilka ee LDAP. Arrimaha leh heerka darnaanta ee ka sarreeya 7 sidoo kale waxaa ka mid ah dayacanka fog ee laga faa'iidaysan karo ee ICMPv6 iyo NFS maamulayaasha Solaris kernel, iyo dhibaatooyinka maxalliga ah ee nidaamka faylka iyo Gnuplot.

Source: opennet.ru

Add a comment