Okuningana okuhlonziwe kamuva nje:
- Ubungozi obuthathu ohlelweni lokuklama olusizwa ngekhompuyutha lwe-LibreCAD lwamahhala kanye nelabhulali ye-libdxfrw ekuvumela ukuthi uqalise ukuchichima kwebhafa elawulwayo futhi ube namandla wokuzuza ukukhishwa kwekhodi lapho uvula amafayela e-DWG ne-DXF afomethwe ngokukhethekile. Izinkinga sezilungisiwe kuze kube manje kuphela ngendlela yama-patches (CVE-2021-21898, CVE-2021-21899, CVE-2021-21900).
- Ukuba sengozini (CVE-2021-41817) ngendlela ye-Date.parse enikezwe kulabhulali evamile ye-Ruby. Amaphutha ezenzweni ezivamile ezisetshenziselwa ukuhlaziya amadethi endleleni ye-Date.parse angasetshenziswa ukwenza ukuhlasela kwe-DoS, okuholela ekusetshenzisweni kwezinsiza ezibalulekile ze-CPU nokusetshenziswa kwenkumbulo lapho kusetshenzwa idatha efomethwe ngokukhethekile.
- Ukuba sengozini kuplathifomu yokufunda yomshini ye-TensorFlow (CVE-2021-41228), evumela ikhodi ukuthi isetshenziswe lapho insiza elondoloziwe_model_cli icubungula idatha yomhlaseli idlule kupharamitha ethi β--input_examplesβ. Inkinga ibangelwa ukusetshenziswa kwedatha yangaphandle lapho ubiza ikhodi ngomsebenzi we-"eval". Inkinga ilungisiwe ekukhishweni kwe-TensorFlow 2.7.0, TensorFlow 2.6.1, TensorFlow 2.5.2, kanye ne-TensorFlow 2.4.4.
- Ukuba sengozini (CVE-2021-43331) kusistimu yokuphatha yokuthumela i-imeyili ye-GNU okubangelwa ukuphathwa okungalungile kwezinhlobo ezithile zama-URL. Inkinga ikuvumela ukuthi uhlele ukwenziwa kwekhodi ye-JavaScript ngokucacisa i-URL eklanywe ngokukhethekile ekhasini lezilungiselelo. Enye inkinga nayo ikhonjwe ku-Mailman (CVE-2021-43332), evumela umsebenzisi onamalungelo omengameli ukuthi aqagele iphasiwedi yomlawuli. Izinkinga zixazululiwe ekukhishweni kwe-Mailman 2.1.36.
- Uchungechunge lobungozi kusihleli sombhalo we-Vim olungaholela ekuchichimeni kwebhafa kanye nokwenziwa kwekhodi yomhlaseli okungenzeka uma kuvulwa amafayela aklanywe ngokukhethekile ngenketho ethi "-S" (CVE-2021-3903, CVE-2021-3872, CVE-2021 -3927, CVE -2021-3928, ukulungiswa - 1, 2, 3, 4).
Source: opennet.ru