I-ProHoster > Π‘Π»ΠΎΠ³ > izindaba ze-inthanethi > Ukukhishwa kwe-FreeRDP 2.0, ukuqaliswa kwamahhala kwephrothokholi ye-RDP

Ukukhishwa kwe-FreeRDP 2.0, ukuqaliswa kwamahhala kwephrothokholi ye-RDP

Ngemva kweminyaka eyisikhombisa yentuthuko kwenzeka ukukhululwa kwephrojekthi I-FreeRDP 2.0, okunikeza ukuqaliswa kwamahhala kwephrothokholi yokufinyelela kudeskithophu ekude zomxhaso (Iphrothokholi Yedeskithophu Ekude), ithuthukiswe ngokusekelwe ku imininingwane Microsoft. Iphrojekthi ihlinzeka ngomtapo wolwazi wokuhlanganisa ukwesekwa kwe-RDP ezinhlelweni zezinkampani zangaphandle kanye neklayenti elingasetshenziswa ukuxhuma ukude kudeskithophu ye-Windows. Ikhodi yephrojekthi isatshalaliswa ngu ilayisensi ngaphansi kwe-Apache 2.0.

Ukukhishwa kokugcina okuzinzile kwephrojekthi kwaba kwakheka ngo-January 2013, futhi ukuhlolwa kwegatsha le-2.0 kwaqala ngo-2007. Ukuze ungabambezeli ukuthuthukiswa esikhathini esizayo, ukukhishwa okulandelayo kuzothuthukiswa ngaphakathi kohlaka lwe
imodeli enyakazayo, okusho ukwakheka kwaminyaka yonke kokukhishwa okubalulekile ngemva kokuba igatsha eliyinhloko lizinzisiwe kanye nokushicilelwa ngezikhathi ezithile kwezibuyekezo zokulungisa. Ukukhishwa okukhulu kuzosekelwa iminyaka emibili - unyaka owodwa wokulungiswa kweziphazamisi nomunye unyaka ukulungisa kuphela ubungozi.

main shintsha:

  • Kwengezwe amandla okusebenza njengommeleli wezokuthutha we-RDP;
  • Ukwesekwa okwengeziwe kwe-MS-RA 2 (I-Remote Assistance Protocol);
  • Ikhodi ehlobene nokusekelwa kwekhadi elihlakaniphile isisetshenziswe kabusha. Kwengezwe ukusebenza obekuntulekile ngaphambilini nokuqinisa ukuqinisekiswa kwedatha yokufaka;
  • Kwengezwe inketho ethi β€œ/cert”, ehlanganisa ukusebenza okuhlinzekwe ngezinketho ezihlukene zokucubungula izitifiketi (i-cert-ignore, cert-deny, cert-name, cert-tofu);
  • Ukulethwa kweklayenti ngokusekelwe ku-DirectFB, eshiywe ingasekelwa, kuyekwa;
  • Ukushelela kwefonti kunikwe amandla ngokuzenzakalela;
  • Ukwesekwa okwengeziwe kohlelo lweFlatpack lwamaphakheji azimele;
  • Kuzinhlelo ezisekelwe ku-Wayland, imodi yokukala ehlakaniphile isetshenziswe kusetshenziswa i-libcairo;
  • Sethule i-API yokukala izithombe lapho kunikezwa isofthiwe;
  • Ukuqaliswa kokusetshenziswa kwengxenye ye-RAIL (Izicelo Ezikude Ezididiyelwe Endaweni), evumela ukufinyelela ukude kumafasitela ngamanye kanye nezinkomba zezaziso, ithuthukisiwe ukuze ibe yisicaciso 28.0;
  • Ngesikhathi sokusebenza, kuyaqinisekiswa ukuthi iseva isekela ukusakaza ngefomethi ye-H.264;
  • Kwengezwe inketho ethi β€œmask=" emiyalweni ethi β€œ/gfx” kanye β€œ/gfx-h264” ";
  • Imibhalo ewumthombo ifomethwe kabusha;
  • Inketho eyengeziwe "/ukuphelelwa yisikhathi" ukuze ulungiselele ukuphela kwesikhathi sokulinda amaphakethe we-TCP ACK;
  • Ubungozi be-CVE-2020-11521, CVE-2020-11522, CVE-2020-11523, CVE-2020-11524, CVE-2020-11525, CVE-2020-11526 bulungisiwe, okuhlanganisa kukhona izinkinga eziholela ekubhaleni endaweni yememori engaphandle kwebhafa eyabelwe lapho kucutshungulwa idatha evela ngaphandle. Ngaphezu kwalokho, ubungozi obungaphezulu obuyi-9 ngaphandle kwe-CVE bulungisiwe, ikakhulukazi kubangelwa ukufunda ezindaweni zememori ngaphandle kwebhafa eyabelwe.

Ukukhishwa kwe-FreeRDP 2.0, ukuqaliswa kwamahhala kwephrothokholi ye-RDP

Source: opennet.ru

Engeza amazwana