Nekuda kwekumwe kugadzikana uye kuchengetedza nyaya, kuburitswa kweFedora 37 kunononoka zvakare
Munguva pfupi yapfuura iyo vanogadzira chirongwa cheFedora vakazivisa kumisikidzwa kwekuburitswa kweFedora 37, iyo yakarongerwa kuburitswa muna Gumiguru 18, asi nekuda kwematambudziko ekuchengetedza, zuva idzva rekuburitswa rakasundirwa kuna Mbudzi 15, izvi sezvatotaurwa nekuda kwekudiwa kwekugadzirisa kusagadzikana kwakanyanya muraibhurari yeOpenSSL.
Kubva pane data pane essence ye kusagadzikana kunozoburitswa chete munaNovember 1 uye hazvisi pachena kuti zvichatora nguva yakareba sei kuita kudzivirira. mukugovera, zvakasarudzwa kumisa kuburitswa kwemavhiki maviri.
Nekuda kwezvipembenene zvekuputsika [1], F37 Yekupedzisira Release Mumiriri 3 akanzi NO-GO. Nekuda kwekuuya kwakaomarara kweOpenSSL kuburitswa pachena, tiri kufambisa rinotevera zuva rekuda kumberi nesvondo rimwe.
Musangano wekupedzisira weFedora Linux 37 Go/No-Go[3] uchaitwa pa1700 UTC nemusi weChina, Mbudzi 10 ku #fedora-musangano. Tichange tichivavarira "zuva rechinangwa #3" chiitiko chemusi wa15 Mbudzi. Iyo purogiramu yekuburitsa yakagadziridzwa zvinoenderana.
Aka hakasi kekutanga kuburitswa kwaFedora kudzokororwa. 37 yeGumiguru 18, asi yakanonoka kaviri (kusvika Gumiguru 25 uye Mbudzi 1) nekuda kwemaitiro emhando asina kusangana.
Parizvino pane 3 nyaya dzisina kugadziriswa muyedzo yekupedzisira inovaka iyo yakarongedzerwa kusunungura kiyi, nezve dambudziko ne OpenSSL zvinotevera zvakataurwa:
Izvi zvinokanganisa magadzirirwo akajairwa uye anogona zvakare kushandiswa. Mienzaniso inosanganisira kuburitswa kwakakosha kwemukati mememory server (zvinogona kuburitsa ruzivo rwemushandisi), kusagadzikana kunogona kushandiswa zviri nyore kure kure kukanganisa server zvakavanzika makiyi, kana uko kure kodhi kuuraya kunoonekwa kungangoita mumamiriro ezvinhu akajairika. Nyaya idzi dzichachengetwa dzakavanzika uye zvinozoita kuti pave neshanduro itsva yemavhezheni ese anotsigirwa. Tichaedza kuzvigadzirisa nekukurumidza.
Nezvekusagadzikana kwakanyanya mu OpenSSL, inotaurwa kuti izvi zvinongobata 3.0.x bazi, saka shanduro 1.1.1x haina kukanganiswa. Dambudziko zvakare nderekuti bazi reOpenSSL 3.0 rakatoshandiswa mukugovera seUbuntu 22.04, CentOS Stream 9, RHEL 9, OpenMandriva 4.2, Gentoo, Fedora 36, Debian Testing/Unstable.
MuSUSE Linux Enterprise 15 SP4 uye vhuraSUSE Leap 15.4, mapakeji ane OpenSSL 3.0 anowanikwa senge sarudzo, system mapakeji anoshandisa 1.1.1 bazi. Debian 11, Arch Linux, Void Linux, Ubuntu 20.04, Slackware, ALT Linux, RHEL 8, OpenWrt, Alpine Linux 3.16 inoramba iri mumapazi eOpenSSL 1.x.
Kusagadzikana kunorondedzerwa sekukosha, Details haisati yataurwa, asi maererano nekuomarara, nyaya iri padyo nekusagadzikana kweHeartbleed vulnerability. Iyo yakakosha nhanho yengozi inoreva mukana wekurwisa kure pane zvakajairwa zvigadziriso. Nyaya dzakakomba dzinogona kuverengerwa senyaya dzinotungamira kune kure kure server memory kuvuza, kurwisa kodhi kuuraya, kana server yakavanzika kiyi kukanganisa. Iyo OpenSSL 3.0.7 inogadzirisa inogadzirisa dambudziko uye ruzivo rwemhando yekusagadzikana ichaburitswa munaNovember 1.
Pamusoro pekuda kwekugadzirisa kusagadzikana mu openssl, kwin composite maneja inotonhora kana uchitanga Wayland yakavakirwa KDE Plasma chikamu kana yaiswa ku nomodeset (basic graphics) muUEFI, izvi zvinoitika nekuti simpledrm inoshambadza zvisizvo 10-bit pixel mafomati muiyo 8-bit furemu buffers.
Rimwe dambudziko iyo inoratidzwa, iri mukushandiswa gnome-karenda inomira kana uchigadzirisa zviitiko zvinodzokororwa uye ndezvekuti kana chiitiko chinodzokororwa chawedzerwa chinowedzera vhiki nevhiki kusvika pane rimwe zuva mune ramangwana, kureva, kwemavhiki akati wandei, hachichakwanisa kugadziridzwa kana kudzimwa. Izvi zvinotungamira kune chero kuyedza kuvhura chiitiko nekuomesa iyo app uye kuunza "Force Quit" dialog iyo inofanira kupedzisira yashandiswa kubuda muapp.
Finalmente kana iwe uchifarira kuziva zvakawanda nezvazvo, unogona kutarisa ruzivo mu chinotevera chinongedzo.