ukukhishwa kommeleli okulungisayo , elungise ubuthakathaka obu-5. Ukuba sengozini okukodwa (CVE-2019-12527) ungahle uhlele ukusetshenziswa kwekhodi ngamalungelo enqubo yeseva.
Inkinga ibangelwa iphutha kusibambi sokuqinisekisa esiyisisekelo se-HTTP futhi ivumela ukuchichima kwebhafa ukuthi iqaliswe lapho kudluliswa izifakazelo eziklanywe ngokukhethekile lapho ufinyelela Inqolobane ye-squid.
Umphathi noma isango le-FTP elakhelwe ngaphakathi. Ubungozi buvela kuqala ngokukhishwa kwe-squid 4.0.23. Njengendlela yokusebenza yokuvimbela ukuba sengozini, ungakha kabusha ingwane ngenketho ethi “--disable-auth-basic” noma ukhubaze ukufinyelela kumasevisi asebenzisa ukuqinisekiswa kwe-HTTP ekucushweni:
acl FTP proto FTP
http_access yenqaba i-FTP
http_access yenqaba umphathi
Obunye ubungozi obuthathu bungaholela ekwenqatshweni kwesevisi lapho kushintshwa i-cachemgr.cgi, i-HTTP Digest noma ukufakazela ubuqiniso kwe-HTTP. Ukuba sengozini okusele kuvumela ukubhalwa kwe-cross-site scripting nge-cachemgr.cgi.
Source: opennet.ru