Mamwe mazuva apfuura kukanganisa kwakawanikwa neX.Org Server kwakaburitswa, ichiisa chengetedzo yeLinux neBSD masisitimu panjodzi.
Tsvimbo ye ZDNet ndiye akaita yambiro yekutyora nyowani muX.Org iyo yaibvumidza anorwisa kuti awane mukana wakaringana weiyo sisitimu.
Nezve kukanganisa kwakawanikwa
Mhosva yakawanikwa iri muX.Org Server Iyo yaibvumidza iye anopinda kuti awane mukana wakaringana kune iyo system iyo inogona kunge iri kuburikidza neinogumira imomo kana mune SSH musangano uri kure, nokudaro uchikwanisa kushandura mvumo uye kuzadzisa Midzi modhi.
Kunetseka kwakawanikwa Haisi muchikamu che "chine njodzi" mhando kukundikana Uye zvakare haisi glitch iyo inogona kunetseka zvakanaka-yakarongedzwa, yepamusoro-chengetedzo makomputa.
Asi chikanganiso chidiki ichi chinoshandiswa nemurwadzi ane ruzivo rwakakwana anogona kukurumidza kushandura chimwe chinhu chisina kunetseka nekupinda kunotyisa., anodaro Catalin Cimpanu.
Iyo haigone kushandiswa kupinza makomputa akachengeteka, asi ichiri kubatsira kune vanorwisa nekuti inogona kukurumidza kushandura kupinza kuri nyore kuita pirouettes isina kururama.
Nepo kushushikana kusingakwanise kufuratirwa neveLinux uye infosec nharaunda, iyo yakambovepo kuvapo kwechikanganiso ichi chekuchengetedzwa chakaitwa pachena neChina chapfuura, chakatanga kushanda kugadzirisa.
Kukundikana kwainge kwatowanikwa makore apfuura
Anopa chengetedzo chipangamazano akanzwikwa neZDNet, Narendra Shinde, akayambira izvozvo Kukanganisa uku kwakanongedzerwa mumushumo wavo waMay 2016 uye kuti iyo X.Org Server package ine izvi kutambura iyo inogona kupa varwisi midzi midzi uye inogona kuchinja chero faira, kunyangwe akanyanya kukosha eanoshanda system.
Uku kunetseka yakazivikanwa seCVE-2018-14665 uye mairi makaonekwa izvo zvingadai zvakakonzera kukanganisa kwakadaro.
Kubata zvisirizvo kwemitsara miviri yekodhi, iri mitsara "-logfile" uye "-modulepath", ingadai yakabvumira vapambi kuisa kodhi yavo yakaipa.
Iyi bhagi inoongororwa kana X.Org Server iri kumhanya nemidzi rombo uye izvi zvakajairika pane akawanda distros.
Kugoverwa kwakabatwa
ari X.Org Foundation vagadziri vari kutogadzirira mhinduro nyowani yeiyo X.Org vhezheni 1.20.3 uye nekudaro gadzirisa matambudziko aya anokonzerwa netambo mbiri idzi.
Kugovera senge Red Hat Enterprise Linux, Fedora, CentOS, Debian, Ubuntu, uye OpenBSD zvatove zvasimbiswa sekukanganiswa, kunyangwe mamwe mapurojekiti madiki akabatwawo.
Iwo ekuvandudzwa ekuchengetedza ari mupakeji anoitirwa kugadzirisa iyo X.Org Server kushupika iyo inofanirwa kuiswa mumaawa mashoma kana mazuva anotevera.
OpenBSD # 0day Xorg LPE kuburikidza neCVE-2018-14665 inogona kukonzerwa kubva kure kure SSH musangano, haidi kuve pane yemuno koni. Anorwisa anogona kutora chaiwo masisitimu akakwenenzverwa nemirairo mitatu kana zvishoma. kushandisa https://t.co/3FqgJPeCvO ? pic.twitter.com/8HCBXwBj5M
- Hacker Anoshamisa (@hackerfantastic) October 25, 2018
Kune rumwe rutivi, muLinux Mint uye Ubuntu iyo gadziriso yakatoburitswa uye yasimbiswa, iwe unongofanirwa kugadzirisa iyo systemNepo kumwe kugovera kusati kwaziva kana ivo vachifunga kuburitsa chigamba kana kumirira iyo yakaburitswa neboka reX.Org rekuvandudza.
"Anorwisa anogona kutora masisitimu akanganiswa nemirairo mitatu kana zvishoma," akadaro Hickey paTwitter. “Kune dzimwe nzira dzakawanda dzekushandisa, semuenzaniso crontab. Zvinoseka kuti zvidiki sei.
Izvi zvinoratidza kuti Linux neBSD haisi masystem akachengeteka zvachose, zvisinei iwo akasimba uye akachengeteka dzimwe nzira achienzaniswa nemaWindows masystem.
Finalmente Ichi chikonzero nei nyaya dzakadai seichi pa X.org uye dzimwe dzakaitwa kuti dzizivikanwe kare kare dzichiratidza zvakare kukosha kwekusimudzira kwekushanduka kwenzira senge Wayland.
Sezvo X.org iri yakare protocol uye inoda kutsiviwa izvozvi, kunyangwe zvinosuruvarisa kunyangwe tiine dzimwe nzira senge Wayland kana Mir idzi hadzisi dzakasimba zvakakwana kuti dzishandise kune vese.
Idzi dzimwe nzira dzatova mune mamwe maLinux uye dzakaedzwa, kunyange hazvo mune dzimwe dzisina kushanda sezvanga zvichitarisirwa, (ndizvo zvakaita Ubuntu neWayland). Iyi dzimwe nzira kuX.org ichine nzira refu yekufamba isati yaita chero yeiyi inogona kuve yakajairwa mukati meLinux.