Ciladaha amniga ee kaladuwan ee OpenJPEG waxay sababi karaan shilalka Ubuntu 18.04

Pablinux

Daqiiqado 2

Cilladda amniga ee OpenJPEG

Galabta, Canonical daabacay warbixin oo ay ku faahfaahiyaan 5 cilladaha amniga gudaha Openjpeg2 - JPEG 2000 decompression compression compression oo sababi kara Ubuntu inuu burburo ama ka sii daro. Markii hore, cilladaha laga helay Furan waxay saameyneysaa oo keliya Ubuntu 18.04 LTS, sidaa darteed labada nooc ee rasmiga ah ee weli haysta taageerada rasmiga ah waa la sii deyn doonaa, kuwaas oo ah Ubuntu 16.04 Xenial Xerus (waa la saxay waagii hore) iyo Ubuntu 19.04, oo ah nooca ugu dambeeya ee nidaamka qalliinka ee Canonical in la sii daayay. bishii Abriil ee la soo dhaafay.

Si ka duwan cilmi-baarayaasha amniga qaarkood ee sii daaya nugeylka ka hor intaan la xallin, Canonical waxay sii deysaa oo keliya cilladaha amniga ka dib marka la sii daayo dhejisyo. Wadar ahaan 5 cayayaanka waa la hagaajiyay dhammaantoodna waxaa loo isticmaali karaa inay sababaan diidmada adeegga (DoS). Mid ka mid ah xukunnada, waxay sidoo kale xusayaan taas u oggolaan kara fulinta koodhka fog.

Cillada OpenJPEG ayaa ogolaan karta in koodhka meel fog lagu fuliyo

Cayayaanka la hagaajiyay waxay ahaayeen:

  • CVE-2017-17480: OpenJPEG waxaa lagu ogaadey inuu si khaldan u maareeyo feylasha PGX qaarkood. Weeraryahan ayaa cilladan u adeegsan kara inuu diido adeegga ama fuliyo koodhka fog.
  • CVE-2018-14423: OpenJPEG waxaa lagu ogaadey inuu si khaldan u maareeyo feylasha qaarkood. Weeraryahan ayaa cilladan u adeegsan kara inuu diido adeegga.
  • CVE-2018-18088: OpenJPEG waxaa lagu ogaadey inuu si khaldan u maareeyo feylasha PNM qaarkood. Weeraryahan ayaa cilladan u adeegsan kara inuu diido adeegga.
  • CVE-2018-5785 y CVE-2018-6616: OpenJPEG sidoo kale si khalad ah ayey u maamushay qaar ka mid ah faylasha BMP. Weeraryahan ayaa cilladda u adeegsan kara inuu diido adeegga.

Balastarrada hagaajiya 5-taan cayayaan waxaa horey loogu heli karaa keydadka rasmiga ah ee Ubuntu 18.04 LTS. Faylasha la rakibayo ayaa ah libopenjp2-7 – 2.3.0-2build0.18.04.1, libopenjp3d7 – 2.3.0-2build0.18.04.1 iyo libopenjpip7 - 2.3.0-2build0.18.04.1. Si tan loo sameeyo, kaliya fur barnaamijka Cusboonaysiinta Software-ka ama xarumaha kala duwan ee barnaamijyada ee la heli karo oo cusboonaysii baakadaha la soo sheegay.

U nuglaanta WPA
Maqaalka laxiriira:
Cilladaha nabadgelyada ee WPA waxay u oggolaaneysaa weeraryahan fog inuu helo lambarka sirta ah

Ka tag faalladaada

cinwaanka email aan la daabacin doonaa. Beeraha loo baahan yahay waxaa lagu calaamadeeyay la *

*

*

  1. Masuul ka ah xogta: Miguel Ángel Gatón
  2. Ujeedada xogta: Xakamaynta SPAM, maaraynta faallooyinka.
  3. Sharci: Oggolaanshahaaga
  4. Isgaarsiinta xogta: Xogta looma gudbin doono dhinacyada saddexaad marka laga reebo waajibaadka sharciga ah.
  5. Kaydinta xogta: Macluumaadka ay martigelisay Shabakadaha Occentus (EU)
  6. Xuquuqda: Waqti kasta oo aad xadidi karto, soo ceshan karto oo tirtiri karto macluumaadkaaga.