Ngenxa yephutha ngenkathi kuhlelwa ukugcinwa kwesikhashana ohlelweni lokulethwa kokuqukethwe, ngenkathi uzama ukulanda enye yama-assemblies ngosuku olwandulela izolo ukukhululwa kokulungisa Isakhiwo sokubuka kuqala esingaqukethe zonke izilungiso. Inkinga ingobo yomlando kuphela , umhlangano kusatshalaliswa ngendlela efanele.
Bonke abasebenzisi abalande ifayela elithi βPython-3.5.8.tar.xzβ emahoreni ayi-12 okuqala ngemva kokukhishwa bayelulekwa ukuthi bahlole ukulunga kwedatha elandiwe kusetshenziswa i-checksum (MD5 4464517ed6044bca4fc78ea9ed086c36). Ngokungafani nokukhishwa kokugcina, inguqulo yokubuka kuqala ayizange ifake ubuthakathaka kukhodi yeseva ye-XML-RPC. Ukuba sengozini kuvumele ukujova kwe-JavaScript (XSS) kunkambu ye-server_title ngenxa yokushoda kwe-engeli yokubaleka. Umhlaseli angazuza esikhundleni se-JavaScript uma uhlelo lokusebenza lusetha igama leseva ngokusekelwe kokufakwayo komsebenzisi (isibonelo, "server.set_server_name('test β)Β»).
Source: opennet.ru