Ubungozi kusitaki se-libc ne-FreeBSD IPv6

I-FreeBSD ilungise ubungozi obuningana obungavumela umsebenzisi wasendaweni ukuthi akhuphule amalungelo akhe ohlelweni:

  • I-CVE-2020-7458 β€” ukuba sengozini kwendlela ye-posix_spawnp enikezwe ku-libc ukuze kudalwe inqubo, kusetshenziswe kabi ngokucacisa inani elikhulu ngokweqile kokuhluka kwemvelo ye-PATH. Ukuba sengozini kungaholela ekubhalweni kwedatha ngale kwemingcele yememori eyabelwe isitaki, futhi kuvumela okuqukethwe kwamabhafa alandelayo ukuthi kubhalwe ngaphezulu ngevelu elilawulwayo.
  • I-CVE-2020-7457 β€” ukuba sengozini kusitaki se-IPv6 esivumela umsebenzisi wasendaweni ukuthi asebenzise ikhodi yakhe ezingeni le-kernel ngokukhohlisa inketho ye-IPV6_2292PKTOPTIONS yesokhethi yenethiwekhi.
  • Kuqediwe ubuthakathaka obubili (CVE-2020-12662, CVE-2020-12663) kuseva ye-DNS efakiwe itho olukhululekile, okungabangela ukunqatshelwa kwesevisi kude uma ufinyelela iseva elawulwa umhlaseli noma usebenzise iseva ye-DNS njengesikhulisi sethrafikhi lapho wenza ukuhlasela kwe-DDoS.

Ukwengeza, izinkinga ezintathu ezingezona ezokuvikela (i-errata) ezingaholela ekuphahlazekeni kwe-kernel ngenkathi usebenzisa umshayeli sezilungisiwe. mps (uma ukhipha umyalo we-sas2ircu), amasistimu angaphansi LinuxI-KPI (nokuqondisa kabusha kwe-X11) kanye ne-hypervisor bhve (uma udlula amadivayisi we-PCI).

Source: opennet.ru

Thenga ukusingathwa okuthembekile kwamasayithi anokuvikelwa kwe-DDoS, amaseva e-VPS VDS πŸ”₯ Thenga ukusingathwa kwewebhusayithi okuthembekile ngokuvikelwa kwe-DDoS, amaseva e-VPS VDS | ProHoster