Rocky Linux yakaburitsa repository ine chengetedzo uye kuchengetedza chishandiso mapakeji 

Darkcrizt

4 maminitsi

dombo linux

Rocky Linux igovera ine chinangwa chekugadzira yemahara kuunganidzwa kweRHEL iyo inogona kutora nzvimbo yekirasi CentOS.

Munguva pfupi yapfuura iyo vagadziri ve "Rocky Linux" kugovera, yakaziviswa Kuburikidza ne blog post, vakazivisa iyo kugadzira boka idzva reGIS (Special Interest Group) Chengetedzo, nechinangwa chekuchengetedza mapakeji ane chekuita nekupihwa kwedziviriro yepamusoro uye kupihwa kwemamwe maturusi ekuchengetedza.

Kune avo vasingazive nezve Rocky Linux, iwe unofanirwa kuziva kuti iyi "itsva Linux kugovera" (zvishoma) yakagadziriswa neRocky Enterprise Software Foundation uye ine chinangwa chekugadzira yemahara vhezheni yeRHEL inokwanisa kutsiva yekare CentOS, iva kugovera "kudzika", yakaburitswa zvachose yebhinari kodhi tsigiro uchishandisa iyo Red Hat Enterprise Linux inoshanda sisitimu kodhi.

Nyowani GIS repository paRocky Linux

Nezve iyo nyowani repository yakagadzirwa muRocky Linux, inotaurwa izvozvo zvinotarisirwa kuti mu "Security Special Interest Group" zvakare Dzimwe shanduro dzemapakeji dzichaburitswa zvagara zviripo izvo zviripo yakagadzirirwa kusanganisa nzira dzakasiyana dzekuvandudza chengetedzo kana kugadzirisa kusagadzikana izvo zvisati zvasungwa muRHEL uye CentOS Stream.

Saka nekudaro, iyo repository haizongove yekugovera chete, asi zvese zviri kuitika zvichaburitswa mune yakazvimirira repository, iyo inogona zvakare kushandiswa mune kumwe kugoverwa kunoenderana neRed Hat Enterprise Linux.

Mune blog post, Rocky Linux vagadziri taura kuti basa reSecurity SIG ndere:

  • Gadzira uye chengetedza akasiyana chengetedzo ane hukama mapakeji asina kuwanikwa muEL (Enterprise Linux) kumusoro.
  • Ziva, gadzira uye chengetedza kuchengetedza kuomesa shanduko dzine chekuita nekumusoro EL mapaketi.
  • Batanidza / chiteshi chekuwedzera chekuchengetedza zvigadziriso zvisati zvatove muELupstream mapakeji.
  • Batsira kune mamwe matanho ekutanga kana zvichiita.

Kune chikamu che repository content, zvinonzi mapakeji anotevera ari kupihwa mune repository, iyo OpenSSH package inosanganisira sshd ine mashoma maraibhurari yakagovaniswa, nezvepakeji iyi, inotaurwa kuti inongonyorerwa bazi reRHEL 9, pamwe nemapakeji ane hukama: pam_ssh_agent_auth, libnsl, nscd, nss_db, nss_hesiod.

Pamusoro peizvi, inopawo iyo LKRG kernel module (Linux Kernel Runtime Guard) iyo yakagadzirirwa kuona nekuvhara zvese kurwiswa uye kutyorwa kwekuvimbika kwezvimiro zve kernel (semuenzaniso, iyo module inogona kudzivirira kubva kune isingatenderwe shanduko kune inomhanya kernel uye kuyedza kushandura mvumo yevashandisi maitiro, nezve. pasuru iyi, inogadzirirwa iyo RHEL 8 uye RHEL 9 mapazi.

Imwe yemapakeji anosanganisirwa mune repository ndeye «passwdqc» iyo inoshandiswa kutarisa kuoma kwepassword nemapassword, kusanganisira pam_passwdqc module, pwqcheck, pwqfilter, uye pwqgen zvirongwa, uye libpasswdqc raibhurari. Iyo package yakavakirwa iyo RHEL 8 uye RHEL 9 mapazi.

Zvakare mune repository pane, Glibc inosanganisira kuvandudzwa kwekuchengetedza kwakagadziridzwa neOwl purojekiti uye inoshandiswa kuALT Linux. Iyo pasuru iyi inosanganisirawo zvigadziriso zvekuvharisa zvidziviriro zviviri: kusagadzikana muld.so (CVE-2023-4911), iyo inobvumira mushandisi wemuno kukwidziridza maropafadzo avo pane system nekutsanangura yakanyatso kurongeka dhata muGLIBC_TUNABLES nharaunda inosiyana, uye Vulnerability. (CVE-2023-4527) mune getaddrninfo basa, izvo zvinogona kutungamirira kune stack inodonha kana kuputsika. Iyo package yakavakirwa iyo RHEL 9 bazi.

Chengetedzo SIG mubatsiri Solar Designer akataura zvinotevera paX (yaimbova Twitter):

Ini nguva pfupi yadarika ndakajoinha Rocky Linux purojekiti uye takatangisa chengetedzo repository, iyo parizvino inopa mamwe uye ekuwedzera mapakeji (munguva pfupi pfupi), kusanganisira glibc ine kuchengetedzwa kwakaomarara kwekugoverwa kweEL9 (nenguva pfupi EL8) nekuderedza kunoshanda kurwisa CVE-2023 -4911

Kana vari avo vanofarira kukwanisa kuwedzera repository muRocky Linux kana mukugovera kwayo RHEL-inoenderana, vanogona kuzviita nekuvhura terminal uye nekunyora murairo mairi.

dnf install rocky-release-security

pakupedzisira kana uri kuda kuziva zvakawanda nezvazvo, unogona kutarisa ruzivo Mune inotevera chinongedzo.


Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa. Raida minda anozivikanwa ne *

*

*

  1. Inotarisira data: AB Internet Networks 2008 SL
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako