和记官网登录

    安全漏洞

    安全漏洞补丁公告

    当前位置  >  首页  >  服务支持  >  安全漏洞  >  安全漏洞补丁公告

    公告ID(KYSA-202108-0007

    摘要:gnutls28安全漏洞安全漏洞 安全等级:低等 公告ID:KYSA-202108-0007 发布日期:2021-10-13 影响CVE:CVE-2021-20231、CVE-2021-20232

    详细介绍

    1. 修复的CVE信息

    • CVE-2021-20231

      GnuTLS是一款免费的用于实现SSL、TLS和DTLS协议的安全通信库。

      gnutls 存在安全漏洞,该漏洞源于客户端发送密钥共享扩展的自由后使用可能会导致内存损坏和其他后果。

    • CVE-2021-20232

    GnuTLS是一款免费的用于实现SSL、TLS和DTLS协议的安全通信库。

    gnutls 存在安全漏洞,该漏洞源于lib/ext/pre_shared_key.c的client_send_params导致内存损坏。


    2. 影响的操作系统

    银河和记官网登录桌面操作系统V10 SP1


    3. 修复版本

    软件包:gnutls28

    3.6.13-2kylin1.6(V10 SP1)


    4. 受影响的软件包

    • 银河和记官网登录桌面操作系统V10 SP1

    gnutls-bin

    gnutls-doc

    guile-gnutls

    libgnutls-dane0

    libgnutls-openssl27

    libgnutls28-dev

    libgnutls30

    libgnutlsxx28


    5. 修复方法

    方法一:配置源进行升级安装

    打开软件包源配置文件,根据仓库地址进行修改。

    4.0.2-sp1:https://archive.cq-jq.com/kylin/KYLIN-ALL 4.0.2sp1-desktop main restricted universe multiverse

    4.0.2-sp2:https://archive.cq-jq.com/kylin/KYLIN-ALL 4.0.2sp2-desktop main restricted universe multiverse

    4.0.2-sp3:https://archive.cq-jq.com/kylin/KYLIN-ALL 4.0.2sp3-desktop main restricted universe multiverse

    4.0.2-sp4:https://archive.cq-jq.com/kylin/KYLIN-ALL 4.0.2sp4-desktop main restricted universe multiverse

    10.0:https://archive.cq-jq.com/kylin/KYLIN-ALL 10.0 main restricted universe multiverse

    10.0 SP1:https://archive.cq-jq.com/kylin/KYLIN-ALL 10.1 main restricted universe multiverse

    配置完成后执行更新命令进行升级。$sudo apt update

    方法二:下载安装包进行升级安装

    通过软件包地址下载软件包,使用软件包升级命令根据受影响的组件包列表 升级相关的组件包。$dpkg -i Packagelists


    6. 软件包下载地址

    • 银河和记官网登录桌面操作系统V10 SP1

      X86_64软件包下载地址:

      https://archive.cq-jq.com/kylin/KYLIN-ALL/pool/main/g/gnutls28/libgnutls30_3.6.13-2kylin1.6_amd64.deb

      https://archive.cq-jq.com/kylin/KYLIN-ALL/pool/main/g/gnutls28/libgnutls28-dev_3.6.13-2kylin1.6_amd64.deb

      https://archive.cq-jq.com/kylin/KYLIN-ALL/pool/main/g/gnutls28/libgnutlsxx28_3.6.13-2kylin1.6_amd64.deb

      https://archive.cq-jq.com/kylin/KYLIN-ALL/pool/main/g/gnutls28/gnutls-doc_3.6.13-2kylin1.6_all.deb

      https://archive.cq-jq.com/kylin/KYLIN-ALL/pool/main/g/gnutls28/gnutls-bin_3.6.13-2kylin1.6_amd64.deb

      https://archive.cq-jq.com/kylin/KYLIN-ALL/pool/main/g/gnutls28/guile-gnutls_3.6.13-2kylin1.6_amd64.deb

      https://archive.cq-jq.com/kylin/KYLIN-ALL/pool/main/g/gnutls28/libgnutls-openssl27_3.6.13-2kylin1.6_amd64.deb

      arm64软件包下载地址:

      https://archive.cq-jq.com/kylin/KYLIN-ALL/pool/main/g/gnutls28/libgnutls30_3.6.13-2kylin1.6_arm64.deb

      https://archive.cq-jq.com/kylin/KYLIN-ALL/pool/main/g/gnutls28/libgnutls28-dev_3.6.13-2kylin1.6_arm64.deb

      https://archive.cq-jq.com/kylin/KYLIN-ALL/pool/main/g/gnutls28/libgnutlsxx28_3.6.13-2kylin1.6_arm64.deb

      https://archive.cq-jq.com/kylin/KYLIN-ALL/pool/main/g/gnutls28/gnutls-doc_3.6.13-2kylin1.6_all.deb

      https://archive.cq-jq.com/kylin/KYLIN-ALL/pool/main/g/gnutls28/gnutls-bin_3.6.13-2kylin1.6_arm64.deb

      https://archive.cq-jq.com/kylin/KYLIN-ALL/pool/main/g/gnutls28/guile-gnutls_3.6.13-2kylin1.6_arm64.deb

      https://archive.cq-jq.com/kylin/KYLIN-ALL/pool/main/g/gnutls28/libgnutls-openssl27_3.6.13-2kylin1.6_arm64.deb

      mips64el软件包下载地址:

      https://archive.cq-jq.com/kylin/KYLIN-ALL/pool/main/g/gnutls28/libgnutls30_3.6.13-2kylin1.6_mips64el.deb

      https://archive.cq-jq.com/kylin/KYLIN-ALL/pool/main/g/gnutls28/libgnutls28-dev_3.6.13-2kylin1.6_mips64el.deb

      https://archive.cq-jq.com/kylin/KYLIN-ALL/pool/main/g/gnutls28/libgnutlsxx28_3.6.13-2kylin1.6_mips64el.deb

      https://archive.cq-jq.com/kylin/KYLIN-ALL/pool/main/g/gnutls28/gnutls-doc_3.6.13-2kylin1.6_all.deb

      https://archive.cq-jq.com/kylin/KYLIN-ALL/pool/main/g/gnutls28/gnutls-bin_3.6.13-2kylin1.6_mips64el.deb

      https://archive.cq-jq.com/kylin/KYLIN-ALL/pool/main/g/gnutls28/guile-gnutls_3.6.13-2kylin1.6_mips64el.deb

      https://archive.cq-jq.com/kylin/KYLIN-ALL/pool/main/g/gnutls28/libgnutls-openssl27_3.6.13-2kylin1.6_mips64el.deb

     

     

    上一篇: KYSA-202108-0003 下一篇: KYSA-202109-0002

    试用

    服务

    动态

    联系