Ezinsukwini ezithile ezedlule iphutha elitholwe nge-X.Org Server lishicilelwe, okubeka ukuphepha kwezinhlelo zeLinux neBSD engcupheni.
Abasebenzi be UZDNet nguyena owenza isexwayiso sokwephulwa kwezokuphepha okusha ku-X.Org evumele umhlaseli ukuthi athole ukufinyelela okulinganiselwe kusistimu.
Mayelana nephutha elitholakele
Iphutha elitholakele likuseva yeX.Org Ivumele umhlaseli ukuthi athole ukufinyelela okulinganiselwe ohlelweni olungaba nge-terminal yangakini noma kuseshini ye-SSH ukude, ngaleyo ndlela ilawule ukushintsha izimvume nokufeza imodi ye-Root.
Ukuba sengozini kutholakele Akukho esigabeni sokwehluleka kohlobo "okuyingozi" Futhi akuyona i-glitch engakhathazeka ngamakhompiyutha ahlelwe kahle, aphephe kakhulu.
Kepha leli phutha elincane elisetshenziswe kahle ngumhlaseli onolwazi olwanele lingaguqula ngokushesha okuthile okungakhathazi ukuhlasela okubi, kusho uCatalin Cimpanu.
Ayinakusetshenziselwa ukungena kumakhompiyutha aphephile, kepha isasebenziseka kubahlaseli ngoba ingasheshe iguqule ukungena okulula kube ama-pirouettes ayiphutha.
Ngenkathi ukuba sengozini kungenakunganakwa yimiphakathi yeLinux kanye ne-infosec, okwathi lapho ukutholakala kwaleli phutha lezokuphepha kwenziwa kwaba sesidlangalaleni ngoLwesine olwedlule, yaqala ukulungisa.
Ukwehluleka kwase kutholakele eminyakeni edlule
Umxhumanisi wezokuphepha olalelwe yiZDNet, uNarendra Shinde, uxwayise ngalokho Leli phutha likhonjiswe embikweni wabo kaMeyi 2016 nokuthi iphakethe le-X.Org Server liqukethe lokhu kuba sengozini okunganikeza abahlaseli amalungelo ezimpande futhi kungashintsha noma yiliphi ifayela, ngisho nelibaluleke kakhulu ohlelweni lokusebenza.
Lokhu kuba sengozini ikhonjwe njenge-CVE-2018-14665 futhi kuyo kwabonwa ukuthi yini eyayingadala iphutha elinjalo.
Ukuphathwa ngendlela engafanele kwemigqa emibili yekhodi, okuyimigqa ethi "-logfile" ne- "-modulepath", bekungavumela abahlaseli ukufaka ikhodi yabo enonya.
Le bug iskenwa lapho i-X.Org Server isebenza ngamalungelo ezimpande futhi lokhu kuvamile kuma-distros amaningi.
Ukusabalalisa okuthintekile
I-Los Abathuthukisi beX.Org Foundation bavele bahlela isisombululo esisha yenguqulo ye-X.Org 1.20.3 futhi ngaleyo ndlela uxazulule lezi zinkinga ezidalwe yile migqa emibili.
Ukusatshalaliswa okufana I-Red Hat Enterprise Linux, Fedora, CentOS, Debian, Ubuntu, ne-OpenBSD seziqinisekisiwe njengezithintekile, yize amanye amaphrojekthi amancane nawo ethintekile.
Izibuyekezo zokuphepha eziqukethwe kuphakheji zihloselwe ukulungisa ubungozi be-X.Org Server okufanele busetshenziswe emahoreni noma ezinsukwini ezimbalwa ezilandelayo.
I-OpenBSD # 0day I-Xorg LPE nge-CVE-2018-14665 ingacushwa kusuka kuseshini ekude ye-SSH, ayidingi ukuba kukhonsoli yendawo. Umhlaseli angathatha ngokoqobo amasistimu athintekayo ngemiyalo emi-3 noma ngaphansi. ukuxhaphaza https://t.co/3FqgJPeCvO ? pic.twitter.com/8HCBXwBj5M
- IHacker Fantastic (@hackerfantastic) October 25, 2018
Ngakolunye uhlangothi, ku-Linux Mint naku-Ubuntu ukulungiswa sekuvele kukhishiwe futhi kwaqinisekiswa, kufanele uvuselele uhleloNgenkathi okunye ukwabiwa kungakaziwa ukuthi bahlose ukukhipha i-patch noma balinde leyo ekhishwe yiqembu le-X.Org lokuthuthukisa.
"Umhlaseli angazithatha ngokoqobo izinhlelo ezithintekile ngemiyalo emi-3 noma ngaphansi," kusho uHickey kuTwitter. “Ziningi ezinye izindlela zokuxhaphaza, isibonelo i-crontab. Kuyahlekisa ukuthi kuncane kangakanani.
Lokhu kukhombisa ukuthi i-Linux ne-BSD akuzona izinhlelo ezivikeleke ngokuphelele, kepha ziyizindlela eziqinile neziphephile uma ziqhathaniswa nezinhlelo zeWindows.
Okokugcina Kungakho izingqinamba ezinjengalezi kuX.org nezinye ezenziwe zaziwa kudala zibonisa futhi ukubaluleka kokuthuthukisa ezinye izindlela njengeWayland.
Njengoba i-X.org iyi-protocol endala kakhulu futhi idinga ukushintshwa manje, noma ngeshwa noma sinezinye izindlela ezinjengeWayland noma iMir lezi aziqinile ngokwanele ukuhlinzeka ngokusebenziseka kubo bonke.
Lezi ezinye izindlela sezivele zikhona ekusatshalalisweni kweLinux futhi sezihloliwe, yize kokunye kungasebenzi njengoba bekulindelekile, (kunjalo nge-Ubuntu ngeWayland). Lezi ezinye izindlela ze-X.org zisenendlela ende okufanele zihambe ngaphambi kokuthi noma iyiphi yalezi zibe yindinganiso ngaphakathi kweLinux.