Ukukhutshwa kwe-Exim 4.94.2 iseva yeposi iye yapapashwa kunye nokupheliswa kobuthathaka be-21 (CVE-2020-28007-CVE-2020-28026, CVE-2021-27216), ezichongiweyo yi-Qualys kwaye yanikezelwa phantsi kwegama lekhowudi. 21Izikhonkwane. Iingxaki ezili-10 zingasetyenziswa kude (kubandakanya ukuphumeza ikhowudi ngamalungelo engcambu) ngokusetyenziswa kwemiyalelo ye-SMTP xa usebenzisana nomncedisi.
Zonke iinguqulelo ze-Exim, imbali yazo ilandelwe kwi-Git ukususela ngo-2004, ichatshazelwa yingxaki. Iiprototypes ezisebenzayo zokuxhaphaza zilungiselelwe ubuthathaka bendawo ezi-4 kunye neengxaki ezikude ezi-3. Ukusetyenziswa kobuthathaka bendawo (CVE-2020-28007, CVE-2020-28008, CVE-2020-28015, CVE-2020-28012) ikuvumela ukuba uphakamise amalungelo akho kumsebenzisi weengcambu. Imiba emibini ekude (i-CVE-2020-28020, i-CVE-2020-28018) ivumela ikhowudi ukuba iqhutywe ngaphandle kokuqinisekiswa njengomsebenzisi we-Exim (ungafumana ukufikelela kweengcambu ngokuxhaphaza enye yobuthathaka bendawo).
Ubuthathaka be-CVE-2020-28021 buvumela ukuphunyezwa kwekhowudi ekude ngokukhawuleza kunye namalungelo eengcambu, kodwa ifuna ukufikelela okuqinisekisiweyo (umsebenzisi kufuneka aseke iseshoni eqinisekisiweyo, emva koko banokusebenzisa ubuthathaka ngokukhohlisa ipharamitha ye-AUTH kwi-MAIL FROM umyalelo). Ingxaki ibangelwa kukuba umhlaseli angakwazi ukuphumeza umtya endaweni yentloko yefayile ye-spool ngokubhala ixabiso le-authenticated_sender ngaphandle kokubaleka ngokufanelekileyo abalinganiswa abakhethekileyo (umzekelo, ngokugqithisa umyalelo βMAIL FROM:<> AUTH=Raven+0AReyes β).
Ukongeza, kuphawulwe ukuba omnye ubuthathaka obukude, i-CVE-2020-28017, iyasebenziseka ukwenza ikhowudi ngamalungelo omsebenzisi "ophumayo" ngaphandle kokuqinisekiswa, kodwa ifuna ngaphezulu kwe-25 GB yememori. Kubuthathaka obushiyekileyo be-13, ukuxhaphaza kungalungiselelwa, kodwa umsebenzi kweli cala awukenziwa.
Abaphuhlisi be-Exim bazisiwe ngeengxaki emva kwe-Okthobha kulo nyaka uphelileyo kwaye bachitha ngaphezulu kweenyanga ezi-6 bequlunqa izilungiso. Bonke abalawuli bayacetyiswa ukuba bahlaziye ngokukhawuleza i-Exim kwiiseva zabo zeposi kwinguqulo 4.94.2. Zonke iinguqulelo ze-Exim ngaphambi kokukhululwa kwe-4.94.2 ziye zabhengezwa njengeziphelelwe lixesha. Ukupapashwa kwenguqulelo entsha kwalungelelaniswa nokuhanjiswa okwapapashwa ngaxeshanye uhlaziyo lwephakheji: Ubuntu, Arch Linux, FreeBSD, Debian, SUSE kunye neFedora. I-RHEL kunye ne-CentOS ayichatshazelwa yingxaki, ekubeni i-Exim ayifakwanga kwindawo yokugcina iphakheji esemgangathweni (i-EPEL ayikabikho ukuhlaziywa).
Ubuthathaka obususiwe:
- I-CVE-2020-28017: Ukuphuphuma okupheleleyo kwi-receiver_add_recipient () umsebenzi;
- I-CVE-2020-28020: Ukuphuphuma okupheleleyo kwi-receiver_msg () umsebenzi;
- I-CVE-2020-28023: Ngaphandle kwemida ifundwe kwi-smtp_setup_msg ();
- I-CVE-2020-28021: Ukutshintshwa komgca omtsha kwi-header yefayile ye-spool;
- I-CVE-2020-28022: Bhala kwaye ufunde kwindawo engaphandle kwesithinteli esinikezelweyo kwi-extract_option () umsebenzi;
- I-CVE-2020-28026: Ukunqunyulwa komtya kunye nokutshintshwa kwi-spool_read_header ();
- I-CVE-2020-28019: Ukuwa xa useta kwakhona isalathisi somsebenzi emva kwempazamo ye-BDAT;
- CVE-2020-28024: Buffer underflow in smtp_ungetc () umsebenzi;
- I-CVE-2020-28018: Ukufikelela emva kwe-buffer kwi-tls-openssl.c
- I-CVE-2020-28025: Ingaphandle kwemida efundwe kwi-pdkim_finish_bodyhash () umsebenzi.
Ubuthathaka basekuhlaleni:
- I-CVE-2020-28007: Uhlaselo lwekhonkco elingumqondiso kwi-Exim log directory;
- I-CVE-2020-28008: Uhlaselo lwe-spool directory;
- I-CVE-2020-28014: Ukudalwa kweefayile ngokungaqhelekanga;
- I-CVE-2021-27216: Ukucima ifayile ngokungafanelekanga;
- I-CVE-2020-28011: Ukuphuphuma kwe-Buffer kumgca_wokugijima ();
- I-CVE-2020-28010: Ngaphandle kwemida bhala ngokuyintloko ();
- I-CVE-2020-28013: Ukuphuphuma kwe-Buffer kumsebenzi parse_fix_phrase ();
- I-CVE-2020-28016: Ngaphandle kwemida bhala kwi-parse_fix_phrase ();
- I-CVE-2020-28015: Ukutshintshwa komgca omtsha kwi-header yefayile ye-spool;
- I-CVE-2020-28012: iflegi elahlekileyo ye-close-on-exec yombhobho onelungelo elingachazwanga;
- I-CVE-2020-28009: Ukuphuphuma okupheleleyo kwi-get_stdinput () umsebenzi.
umthombo: opennet.ru