Ngenxa yozinzo kunye nemiba yokhuseleko, ukukhululwa kwe-Fedora 37 kulibaziseka kwakhona
Kutshanje i abaphuhlisi beprojekthi yeFedora babhengeze ukuhlehliswa kokukhululwa kweFedora 37, eyayicwangciselwe ukukhutshwa ngo-Oktobha 18, kodwa ngenxa yeengxaki zokhuseleko, umhla omtsha wokukhululwa uhlehliselwe ngoNovemba 15, oku njengoko sele kukhankanyiwe ngenxa yesidingo sokulungisa ubuthathaka obubalulekileyo kwilayibrari ye-OpenSSL.
Ukususela kwidatha kwi-essence ye ubuthathaka buya kubhengezwa kuphela ngoNovemba 1 kwaye akucaci ukuba kuya kuthatha ixesha elingakanani ukuphumeza ukhuseleko. ekusasazweni, kwagqitywa ukuba kuhlehliswe ukukhululwa kwiiveki ezi-2.
Ngenxa yeempazamo ezibalaseleyo [1], F37 Final Release Umgqatswa 3 wabhengezwa NO-GO. Ngenxa yokuchaza okuzayo kobungozi be-OpenSSL, sihambisa umhla olandelayo ekujoliswe kuwo ngeveki enye.
Intlanganiso yokugqibela elandelayo yeFedora Linux 37 Go/No-Go[3] iya kubanjelwa kwi-1700 UTC ngoLwesine, ngoNovemba 10 kwi-#fedora-intlanganiso. Siza kuba sijonge “umhla ekujoliswe kuwo #3” we-15 kaNovemba. Ishedyuli yokukhupha ihlaziywe ngokufanelekileyo.
Esi ayisosihlandlo sokuqala ukukhululwa kukaFedora kuhlengahlengiswa. 37 ngo-Oktobha 18, kodwa yalibaziseka kabini (ukuya ku-Oktobha 25 kunye noNovemba 1) ngenxa yeendlela zomgangatho ezingakhange zifikelelwe.
Ngoku kukho imiba emi-3 engekasonjululwa kuvavanyo lokugqibela lwakha oluhlelwa njengesitshixo sokukhulula, malunga ingxaki nge OpenSSL oku kulandelayo kukhankanyiwe:
Oku kuchaphazela ulungelelwaniso oluqhelekileyo kwaye kusenokwenzeka ukuba lusebenziseke. Imizekelo ibandakanya ukubhengezwa okubalulekileyo kwemixholo yememori yeseva (enokuthi iveze iinkcukacha zomsebenzisi), ubuthathaka obunokuxhatshazwa ngokulula ukude ukuthomalalisa izitshixo zabucala zeseva, okanye apho ukuphunyezwa kwekhowudi ekude kuthathwa njengenokwenzeka kwiimeko eziqhelekileyo. Le miba iya kugcinwa ngasese kwaye iya kubangela inguqulelo entsha yazo zonke iinguqulelo ezixhaswayo. Siza kuzama ukuzisombulula ngokukhawuleza.
Malunga nobuthathaka obubalulekileyo kwi OpenSSL, kukhankanyiwe ukuba oku kuchaphazela kuphela isebe le-3.0.x, ngoko ke iinguqulelo 1.1.1x azichaphazeleki. Ingxaki kwakhona kukuba isebe le-OpenSSL 3.0 sele lisetyenziswe kwizabelo ezifana no-Ubuntu 22.04, i-CentOS Stream 9, i-RHEL 9, i-OpenMandriva 4.2, i-Gentoo, i-Fedora 36, i-Debian Testing / Unstable.
Kwi-SUSE Linux Enterprise 15 SP4 kunye ne-openSUSE Leap 15.4, iipakethe ezine-OpenSSL 3.0 ziyafumaneka njengokhetho, iipakethe zesixokelelwano zisebenzisa i-1.1.1 yesebe. Debian 11, Arch Linux, Void Linux, Ubuntu 20.04, Slackware, ALT Linux, RHEL 8, OpenWrt, Alpine Linux 3.16 zihlala kumasebe e-OpenSSL 1.x.
Ubuthathaka buhlelwa njengobubalulekileyo, Iinkcukacha azikaxelwa okwangoku, kodwa ngokobungqongqo, lo mbandela ukufutshane nokuba sesichengeni seHeartbleed. Inqanaba elibalulekileyo lengozi lithetha ukuba nokwenzeka kohlaselo olukude kuqwalaselo oluqhelekileyo. Imiba ebalulekileyo ingahlelwa njengemiba ekhokelela ekuvuzeni kwememori ye-remote server, ukubulawa kwekhowudi yomhlaseli, okanye i-server yangasese ye-compromise. Ulungiso lwe-OpenSSL 3.0.7 olulungisa ingxaki kunye nolwazi malunga nohlobo lobuthathaka luya kupapashwa nge-1 kaNovemba.
Ukongeza kwimfuno yokulungisa ubuthathaka kwi-openssl, kwin umphathi odityanisiweyo uyamisa xa uqalisa iseshoni yePlasma yaseWayland esekwe kwi KDE xa imiselwe kwi-nomodeset (imizobo esisiseko) kwi-UEFI, oku kuyenzeka kuba simpledrm ibhengeza ngokungalunganga iifomati ze-pixel ezili-10 kwiibuffers zesakhelo se-8-bit.
enye ingxaki ebonisiweyo, ikwisicelo Ikhalenda ye-gnome iyaba ngumkhenkce xa uhlela iziganeko eziphindaphindiweyo kwaye kukuba xa isiganeko esiphindaphindiweyo songezwa esongezelelwa ngeveki de kube ngumhla othile kwixesha elizayo, oko kukuthi, kwiiveki ezininzi, akunakuphinda kuhlelwe okanye kucinywe. Oku kukhokelela kulo naluphi na umzamo wokuvula isiganeko sokukhenkcisa i-app kunye nokuzisa "Nyanzelela Ukuyeka" ingxoxo ekufuneka isetyenziswe ekugqibeleni ukuphuma kwi-app.
Gqibela ukuba unomdla wokwazi okungakumbi ngayo, ungazijonga iinkcukacha kwi eli khonkco lilandelayo.