Onjiniyela be-FreeBSD banqume egatsheni elisha le-FreeBSD 13, okulindeleke ukuthi likhishwe ngo-Ephreli 13, ukuze linikeze ichweba le-Architecture ye-ARM64 (AArch64) isimo senkundla eyinhloko (Isigaba 1). Ngaphambilini, izinga elifanayo lokusekelwa lalinikezwe izinhlelo ze-64-bit x86 (kuze kube kamuva nje, ukwakhiwa kwe-i386 kwakuyisakhiwo esiyinhloko, kodwa ngoJanuwari sidluliselwe ezingeni lesibili lokusekela).
Izinga lokuqala lokusekelwa lihilela ukwakhiwa kokuhlanganiswa kokufaka, ukubuyekezwa kanambambili namaphakheji enziwe ngomumo, kanye nokuhlinzeka ngeziqinisekiso zokuxazulula izinkinga ezithile nokugcina i-ABI engashintshiwe yendawo yomsebenzisi kanye ne-kernel (ngaphandle kwamanye amasistimu angaphansi). Ileveli yokuqala iwela ngaphansi kokusekelwa amaqembu anesibopho sokuqeda ubungozi, ukulungiselela ukukhishwa kanye nokugcina izimbobo.
Ukwengeza, singabona ukuqedwa kobungozi obuthathu ku-FreeBSD:
- I-CVE-2021-29626 Inqubo yasendaweni engenalo ilungelo ingafunda okuqukethwe kwememori ye-kernel noma ezinye izinqubo ngokusebenzisa ukukhohlisa kwemephu yekhasi lememori. Ukuba sengozini kungenxa yesiphazamisi kusistimu engaphansi yememori ebonakalayo evumela ukuthi inkumbulo yabiwe phakathi kwezinqubo, okungabangela inkumbulo ukuthi iqhubeke nokubophezeleka kunqubo ngemva kokuba ikhasi lememori elihlobene selikhululiwe.
- I-CVE-2021-29627 Umsebenzisi wasendaweni ongenalo ilungelo angakhuphula amalungelo akhe ohlelweni noma afunde okuqukethwe kwenkumbulo ye-kernel. Inkinga ibangelwa ukufinyelela kumemori ngemva kokuba ikhululiwe (ukusetshenziswa ngemva kokukhululwa) ekusetshenzisweni kwendlela yokwamukela isihlungi.
- I-CVE-2020-25584 - Amathuba okudlula indlela yokuhlukaniswa kweJail. Umsebenzisi ongaphakathi kwe-sandbox onemvume yokukhweza ama-partitions (allow.mount) angashintsha uhla lwemibhalo oluyimpande lube sesimweni esingaphandle kwesigaba se-Jail futhi athole ukufinyelela okugcwele kokufunda nokubhala kuwo wonke amafayela esistimu.
Source: opennet.ru