Zimbalwa iintsuku ezidlulileyo Isibhengezo senziwe ekuchongeni ubungozi obukhulu (I-CVE-2019-6116) kwiGhostscript Iseti yezixhobo zokuqhubekeka, ukuguqula kunye nokuvelisa amaxwebhu kwiPostScript kunye nePDF ('iFomathi yoXwebhu oluPhathekayo').
I-Ghostscript ivumela ukubonisa idatha yePS kunye nePDF kwiscreen kunye nokuyiguqulela ukwenzela ukuba zishicilelwe kwiprinta yemifanekiso ekwaziyo ukusebenzisa umqhubi womshicileli.
Inani lezixhobo zokuqhuba ziyafumaneka kwiindidi ezahlukeneyo zabashicileli. Ukuba i-gs -h ibonakalisiwe kwilayini yomyalelo wenkqubo yokusebenza, inani elikhulu lolwazi malunga nohlobo lweGhostscript efakwe kwikhompyuter iya kuvela, kubandakanya nezixhobo sele zikhankanyiwe.
Le ngxaki ichaphazela ngokuthe ngqo iGSview kuba olu luphawu olubonakalayo lweGhostscript, eya kukuvumela ukuba ungene kwaye unxibelelane neyokugqibela yokujonga ngokuchanekileyo iifayile zePDF.
Ngokumalunga nezi nkqubo, kunokuthiwa zisebenza ngokudibeneyo, ke ngoko zombini mazifakelwe; kuqala 'iGhostscript', emva koko 'iGSview', njengoko kunjalo 'iplagi yomsebenzisi' kule ingasentla.
Malunga nengxaki
Obu bungozi buthe bufunyenwe ivumela umhlaseli ukuba aququzelele ukwenziwa kwekhowudi engalawulekiyo kwinkqubo xa kusenziwa amaxwebhu awenziwe ngokukodwa.
Obu bungozi obunobungozi obufunyenwe kwiGhostscript kwiinyanga ezi-6 ezidlulileyo. Ngeli xesha, ukugqitha kwi "-dSAFER" imo yokuzahlula, amanqaku okusetyenzwa kwesiqhelo kunye nabaqhubi bepseudo bayasetyenziswa.
Ingxaki ibonakalisiwe kuhlobo lwamva nje lwe-9.26 kwaye ukuza kuthi ga ngoku isonjululwe kuphela ngokumisela iipatches ezi-6 esinokuzibona kwezi khonkco zilandelayo (1, 2, 3, 4, 5 y 6).
Kwizabelo ezahlukileyo ingxaki sele ilungisiwe apho ngoku sifumana i-SUSE, i-OpenSUSE, i-Ubuntu kunye ne-RHEL ngelixa ingxaki ihleli ingalungiswanga kulwabiwo olunje ngeDebian neFedora.
Phambi kwale ngxaki, kwenziwe inzame yokwenza ukuxhaphaza komzekelo okhoyo ukuvavanywa kwiinkqubo zakho, bayenza ifumaneke kwikhonkco elingezantsi.
Le ngxaki ichaziwe kwi-openwall (ungayijonga apha) kuba apha basixelela ukuba ingxaki ikwi-subroutines ngaphakathi kwabaqhubi be-pseudo.
Kubalulekile ukukhankanya ukuba semngciphekweni kwiGhostscript kubonisa umngcipheko ophezulu, kuba le phakheji isetyenziswa kwizicelo ezininzi ezithandwayo xa kusenziwa iifomathi zePostScript kunye nePDF.
Ukolula ubukhulu bento enokubangela le ngxaki, umzekelo, iGhostscript ibizwa ngexesha lokudala i-desktop, isalathiso sangasemva sedatha, naxa kuguqulwa imifanekiso.
Ukuze uhlaselo lube yimpumelelo kwiimeko ezininzi, kuya kufuneka ukhuphele ifayile kunye nokuxhaphaza okanye ukhangele umkhombandlela kwiNautilus.
Ukuba semngciphekweni kwiGhostscript Banokuxhatshazwa ngokuqhutywa kwemifanekiso esekwe kwiiphakheji zeMifanekisoMagick kunye neGraphicsMagick, kudluliswa ifayile yeJPEG okanye ye-PNG equlathe ikhowudi yePostScript endaweni yomfanekiso (ifayile enjalo iya kuqhutywa kwi-Ghostscript kuba uhlobo lwe-MIME luyaqatshelwa ngumxholo, kwaye lingaxhomekeki kulwandiso).
Ungasifaka njani nasiphi na isisombululo kule ngxaki?
Njengesisombululo sokukhusela ekuxhatshazweni, Kuyacetyiswa ukuba unike igama elitsha okwethutyana / usr / bin / evince-thumbnailer usebenzisa i-GNOME yomfanekiso ozenzekelayo we-thumbnail kunye ne-ImageMagick.
Ukongeza ekukhubazeni ukwenziwa kweefom zePS, EPS, PDF kunye neXPS kwiPageMagick, onokuthi uye kwicandelo lemigaqo-nkqubo.
Esinye isisombululo esinconywayo ekufuneka siqhutywa kukongeza oku kulandelayo kwifayile ebekwe kwi /etc/ImageMagick/policy.xml
‹policy domain="coder" rights="none" pattern="PS" /› ‹policy domain="coder" rights="none" pattern="PS2" /› ‹policy domain="coder" rights="none" pattern="PS3" /› ‹policy domain="coder" rights="none" pattern="EPS" /› ‹policy domain="coder" rights="none" pattern="PDF" /› ‹policy domain="coder" rights="none" pattern="XPS" /›
Ngaphandle komzuzwana nje wokulungisa lo mngcipheko ngokwakho, apha sabelana ngeendlela nangona ingumba wexesha lokwahlula kweLinux okwahlukileyo ukusebenzisa izilungiso kunye nokukhutshwa kwenguqulo yothintelo yeGhostscript.