Chrome 88.0.4324.150 yana magance raunin kwana sifili

Kwana biyu bayan fitowar sigar mai gyara ta Chrome tare da cire mawuyacin rauni, Google ya sanar da sakin wani sabuntawa don Chrome 88.0.4324.150, wanda yana gyara raunin CVE-2021-21148 wanda masu fashin kwamfuta suka riga sun yi amfani dashi a cikin amfani (0-rana).

Ba a bayyana cikakken bayani ba, rashin lafiyar kawai an san ta lalacewa ta hanyar tarin yawa a cikin injin V8 JavaScript.

Game da yanayin rauni da aka gyara a cikin Chrome

Wasu manazarta yi tunanin cewa an yi amfani da yanayin rauni a cikin wani amfani da aka yi amfani da shi a harin na ZINC na ƙarshen Janairu game da masu bincike na tsaro (a bara an inganta mai kirkirarren bincike a kan Twitter da cibiyoyin sadarwar jama'a daban-daban, da farko ya sami suna mai kyau ta hanyar buga bita da labarai kan sabbin lamuran, amma ta hanyar sanya wani labarin, Na yi amfani da amfani tare da raunin 0 na rana wanda ke jefa lamba a cikin tsarin lokacin da aka latsa hanyar haɗi a cikin Chrome don Windows).

Matsalar an sanya ta babban amma ba mawuyacin haɗarin haɗari baA wasu kalmomin, an nuna cewa raunin bai ba da izinin kewaye duk matakan kariya ba kuma bai isa ya aiwatar da lamba a kan tsarin ba a bayan yanayin sandbox.

Rashin lafiyar a cikin Chrome kanta baya bada izinin ƙetaren yanayin sandbox, kuma don kai hari gaba ɗaya, ana buƙatar wani yanayin rauni a cikin tsarin aiki.

Har ila yau, akwai sakonnin google da yawa da suka danganci tsaro wanda ya bayyana kwanan nan:

  1. Rahoton kan fa'ida tare da raunin kwana 0 wanda ƙungiyar Zero Project ta gano a bara. Labarin yana bayar da ƙididdiga cewa 25% na rauni Ranar 0 da aka yi karatu sun kasance suna da alaƙa kai tsaye da bayyana a bayyane da kuma daidaita yanayin rauni, ma'ana, marubutan ranar 0 masu amfani sun sami sabon vector na kai hari sabili da ƙarancin cikakke ko ƙarancin ƙarancin inganci (alal misali, masu haɓaka shirye-shiryen masu rauni waɗanda sukan gyara kawai na musamman harka ko kawai nuna cewa ya zama gyara ba tare da samun asalin matsalar ba).
    Waɗannan ƙarancin yanayin na sifili na iya yiwuwa a hana su tare da ƙarin bincike da kuma magance matsalolin.
  2. Rahoto kan kudaden da Google ke biya wa masu bincike tsaro don gano rauni. An biya jimillar dala miliyan 6.7 a matsayin farashi a shekarar 2020, wanda ya ninka $ 280,000 sama da na shekarar 2019 kuma kusan ninki biyu na na shekarar 2018. Gaba daya an biya kyaututtuka 662. Kyauta mafi girma ita ce $ 132.000.
  3. An kashe dala miliyan 1,74 kan biyan da suka danganci tsaron dandalin Android, dala miliyan $ 2,1 - Chrome, dala dubu 270 - Google Play, da dala dubu 400 don tallafin bincike.
  4. An gabatar da tsarin 'Sani, Kare, Gyara' don sarrafa metadata kan gyara yanayin rauni, saka idanu kan gyara, aika sanarwar game da sabbin larura, adana bayanan bayanai tare da bayanai kan lamuran, gano alamomin ga masu dogaro, da bincika haɗarin bayyanar rashin lahani ta hanyar dogaro.

Yadda ake girka ko sabuntawa zuwa sabon sigar Google Chrome?

Abu na farko da za ayi shine duba idan sabuntawa ya riga ya kasance, ga shi dole ne ka je chrome: // saituna / taimako kuma zaka ga sanarwar cewa akwai sabuntawa.

Idan wannan ba haka bane, dole ne ku rufe burauzarku kuma dole ne su zazzage kunshin daga shafin Google Chrome na hukuma, don haka dole ne su tafi zuwa mahaɗin mai zuwa don samun kunshin.

Ko daga tashar tare da:

[sourcecode rubutu = "bash"] wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb=/sourcecode]

Anyi aikin sauke kunshin suna iya yin shigarwa kai tsaye tare da manajan kunshin da suka fi so, ko daga tashar za su iya yin hakan ta hanyar buga wannan umarnin:

[sourcecode rubutu = "bash"] sudo dpkg -i google-chrome-stable_current_amd64.deb [/ sourcecode]

Kuma idan kuna da matsaloli tare da dogaro, zaku iya warware su ta hanyar buga wannan umarnin:

[sourcecode rubutu = "bash"] sudo apt shigar -f [/ sourcecode]

Game da tsarin tare da tallafi ga fakitin RPM kamar CentOS, RHEL, Fedora, openSUSE da abubuwan banbanci, dole ne ku zazzage kunshin rpm, wanda za'a iya samun shi daga mahaɗin mai zuwa. 

Anyi saukewar dole ne su shigar da kunshin tare da manajan kunshin da suka fi so ko daga tashar suna iya yin ta tare da umarnin mai zuwa:

[sourcecode rubutu = "bash"] sudo rpm -i google-chrome-stable_current_x86_64.rpm [/ sourcecode]

Game da Arch Linux da tsarin da aka samo daga gare ta, kamar su Manjaro, Antergos da sauransu, za mu iya shigar da aikace-aikacen daga wuraren ajiye AUR.

Dole ne kawai su rubuta umarnin mai zuwa a cikin tashar:

[sourcecode rubutu = "bash"] yay -S google-chrome [/ sourcecode]

Sharhi, bar naka

Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Wanda ke da alhakin bayanan: Miguel Ángel Gatón
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.

  1.   ba suna m

    Ta hanyar sauki tushen kasancewar rufaffen tushe tuni ya zama bashi da tsaro a karan kansa, bai dace da bata lokaci ba ta amfani da irin wadannan software din tunda akwai wasu hanyoyin kyauta.