Ukukhutshwa kokulungiswa kwephakheji ye-Samba 4.14.2, 4.13.7 kunye ne-4.12.14 kulungiselelwe, apho ubuthathaka obubini bulungiswayo:
- I-CVE-2020-27840 yingozi yokugcwala kwe-buffer eyenzeka xa kusetyenzwa amagama akhethekileyo aDumileyo (ii-DN). Umhlaseli ongaziwayo unokuphazamisa iseva ye-AD DC LDAP esekelwe kwi-Samba ngokuthumela isicelo sokubopha esenziwe ngokukodwa. Ekubeni uhlaselo lunokulawula umda wokubhala kwakhona, iziphumo ezibi kakhulu, njengokuphunyezwa kwekhowudi, azinakuthintelwa. umncedisi, kodwa akukho ntshukumo isebenzayo okwangoku. Ekubeni ikhowudi ebangela ukuba ubuthathaka bokuhlalutya umtya we-DN buphunyezwe ngaphambi kokuba kujongwe iiparameter zokuqinisekisa, ingxaki inokusetyenziswa ngumhlaseli ngaphandle kweakhawunti umncedisi.
- I-CVE-2021-20277 Isithinteli esiphuma ngaphandle kwemida senzeka xa iseva ye-AD DC LDAP iqhuba isihluzo esenziwe ngokukodwa esichazwe ngumsebenzisi. Ingxaki inokubangela ukuba umphathi womncedisi aphuke okanye aqhubekise inkumbulo ukuba ivuze.
umthombo: opennet.ru
