Inye Ubungozi obukhulu kwisixhobo esidumileyo sothando. Ukuba semngciphekweni kungenxa yegciwane kwinkqubo yesi sixhobo esivumela nawuphi na umsebenzisi oneseshoni kwigobolondo (nokuba inikwe iSELinux amandla) ukunyusa amalungelo ukuba abe yingcambu. Ingxaki ilele kukungasebenzi kakuhle kwesudo ukwahlula umxholo we / proc / [PID] / stat xa uzama ukumisela i-terminal.
I-bug efunyenwe ngokukodwa kwifowuni fumana_process_ttyname () I-Sudo yeLinux, evula umkhombandlela okhankanywe ngaphambili ukuze ufunde inombolo yefowuni tty yentsimi ye-tty_nr. Obu bungozi bucwangciswe njenge-CVE-2017-1000367 bunokuxhaphaza ukufumana amalungelo enkqubo, njengoko benditshilo, ke kubaluleke kakhulu kwaye kuchaphazela unikezelo oluninzi olwaziwayo nolubalulekileyo. Kodwa musa ukoyika, ngoku sixelela indlela yokuzikhusela ...
Ewe, i Ulwabiwo oluchaphazelekayo lukhona:
- I-Red Hat Enterprise Linux 6, 7 kunye neServer
- I-Oracle Enterprise 6, 7 kunye neServer
- CentOS Linux 6 kunye no-7
- UDebian Wheezy, uJessie, uSolula, uSid
- Ubuntu 14.04 LTS, 16.04 LTS, 16.10 kunye ne-17.04
- I-SuSE LInux Enterpsrise Software Development Kit 12-SP2, iServer yeRaspberry Pi 12-SP2, iServer 12-SP2 kunye neDesktop 12-SP2
- I-OpenSuSE
- Slackware
- Gentoo
- Arch Linux
- Fedora
Ke ngoko, kufuneka patch okanye uhlaziyo Inkqubo yakho ye-ASAP ukuba unayo enye yezi nkqubo (okanye ezivela kwezinye):
- OkweDebian kunye nokuphuma (Ubuntu, ...):
sudo apt update sudo apt upgrade
- Ye-RHEL kunye neziphumo (i-CentOS, i-Oracle, ...):
sudo yum update
- KwiFedora:
sudo dnf update
- I-SuSE kunye neziphumo (OpenSUSE, ...):
sudo zypper update
IArch Linux:
sudo pacman -Syu
- Islackware:
upgradepkg sudo-1.8.20p1-i586-1_slack14.2.txz
- Gentoo:
emerge --sync emerge --ask --oneshot --verbose ">=app-admin/sudo-1.8.20_p1"
Yeyiphi eya kusetyenziselwa iArchlinux nangaphambili?
Sawubona,
Kubekho impazamo ekufakweni kwekhowudi. Ngoku uyayibona.
Ukubulisa kunye nombulelo ngokucebisa.
Sawubona,
Ewe, kwi-arch kunye neziphumo ze-sudo pacman -Syyu
Ukubulisa
Kungenxa yoko le nto i-Sudo ihlaziyiwe ... kunjalo, into eyingozi yinto yokuba ayaziwa ukuba ngubani, ngaphandle kwalowo ngoku une-bug, ngubani omnye owaziyo. Kwaye oko kunokuba yingozi.