{"id":12891,"date":"2016-06-20T16:01:09","date_gmt":"2016-06-20T08:01:09","guid":{"rendered":"https:\/\/www.deepin.org\/?p=12891"},"modified":"2017-08-31T10:44:05","modified_gmt":"2017-08-31T02:44:05","slug":"security-updates%ef%bc%88dsa-3585-1-dsa-3586-1-dsa-3587-1-dsa-3588-1%ef%bc%89","status":"publish","type":"post","link":"https:\/\/www.deepin.org.cn\/zh\/security-updates%ef%bc%88dsa-3585-1-dsa-3586-1-dsa-3587-1-dsa-3588-1%ef%bc%89\/","title":{"rendered":"\u5b89\u5168\u66f4\u65b0\uff08DSA-3585-1 &#038;DSA-3586-1 &#038;DSA-3587-1 &#038;DSA-3588-1\uff09"},"content":{"rendered":"\u6b64\u6b21\u5b89\u5168\u6f0f\u6d1e\u66f4\u65b0\u5305\u62ecwireshark\u3001atheme-services\u3001libgd2\u548csymfony\u66f4\u65b0\u3002<\/p>\n<p>&nbsp;<\/p>\n<h2>\u6f0f\u6d1e\u6982\u8ff0<\/h2>\n<p><strong><a href=\"https:\/\/www.debian.org\/security\/2016\/dsa-3585.en.html\" target=\"_blank\">DSA-3585-1 wireshark<\/a>\u00a0\u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n<p>\u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n<ul>\n<li>\u5728\u8fdb\u884cPKTC\u3001IAX2\u3001GSM CBCH\u3001NCP\u7684\u89e3\u6790\u4e2d\u53d1\u73b0\u591a\u4e2a\u6f0f\u6d1e\uff0c\u8fd9\u4e9b\u6f0f\u6d1e\u4f1a\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><strong><a href=\"https:\/\/www.debian.org\/security\/2016\/dsa-3586.en.html\" target=\"_blank\">DSA-3586-1 atheme-services<\/a> \u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n<p>\u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n<ul>\n<li>\u5728Atheme IRC\u670d\u52a1\u4e2d\u7684XMLRPC\u54cd\u5e94\u4ee3\u7801\u4e2d\u53d1\u73b0\u4e00\u4e2a\u7f13\u51b2\u533a\u6ea2\u51fa\u7684\u6f0f\u6d1e\uff0c\u6b64\u6f0f\u6d1e\u53ef\u80fd\u4f1a\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><strong><a href=\"https:\/\/www.debian.org\/security\/2016\/dsa-3587.en.html\" target=\"_blank\">DSA-3587-1 libgd2<\/a>\u00a0\u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n<p>\u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n<ul>\n<li>\u51e0\u4e2a\u5b89\u5168\u6f0f\u6d1e\u5728libgb2\uff08\u4e00\u4e2a\u7528\u4e8e\u56fe\u5f62\u521b\u5efa\u548c\u64cd\u4f5c\u7684\u7a0b\u5e8f\u7684\u5e93\uff09\u4e2d\u53d1\u73b0\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8fd9\u4e9b\u6f0f\u6d1e\u5bfc\u81f4\u4f7f\u7528libgd2\u7684\u5e93\u7684\u5e94\u7528\u7a0b\u5e8f\u62d2\u7edd\u670d\u52a1\u3002<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><strong><a href=\"https:\/\/www.debian.org\/security\/2016\/dsa-3588.en.html\" target=\"_blank\">DSA-3588-1 symfony<\/a> \u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n<p>\u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n<ul>\n<li>CVE-2016-1902\uff1a\u5728SecureRandom\u7c7b\u4e2d\u5728\u7279\u5b9a\u8bbe\u7f6e\u73af\u5883\u4e0b\u53ef\u80fd\u4ea7\u751f\u52a0\u5bc6\u4f7f\u7528\u7684\u968f\u673a\u6570\u5f31\u7684\u95ee\u9898\u3002\u5982\u679crandom_bytes\u51fd\u6570\u6216 openssl_random_pseudo_bytes\u51fd\u6570\u4e0d\u53ef\u7528\uff0cSecureRandom\u7684\u8f93\u51fa\u662f\u4e0d\u5b89\u5168\u7684\u3002<\/li>\n<li>CVE-2016-4423\uff1a\u901a\u8fc7\u63d0\u4ea4\u4e0d\u5b58\u5728\u7684\u5927\u91cf\u7684\u7528\u6237\u540d\uff0c\u586b\u5145\u4e86\u4f1a\u8bdd\u5b58\u50a8\u7a7a\u95f4\u7684\u6f0f\u6d1e\u3002<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h2>\u4fee\u590d\u60c5\u51b5<\/h2>\n<p>wireshark\u7684\u5b89\u5168\u6f0f\u6d1e\u57282.0.3+geed34f0-1\u7248\u672c\u4e2d\u8fdb\u884c\u4e86\u4fee\u590d\uff1batheme-services\u7684\u5b89\u5168\u6f0f\u6d1e\u57287.0.7-2\u7248\u672c\u4e2d\u8fdb\u884c\u4e86\u4fee\u590d\uff1blibgd2\u7684\u5b89\u5168\u6f0f\u6d1e\u57282.2.1-1\u4ee5\u4e0a\u7248\u672c\u4e2d\u8fdb\u884c\u4e86\u4fee\u590d\uff0csymfony\u7684\u5b89\u5168\u6f0f\u6d1e\u57282.8.6+dfsg-1\u4ee5\u4e0a\u7248\u672c\u4e2d\u8fdb\u884c\u4e86\u4fee\u590d\u3002<\/p>\n<p>\u8bf7\u5404\u4f4d\u5c3d\u5feb\u66f4\u65b0\u7cfb\u7edf\u4ee5\u83b7\u53d6\u6f0f\u6d1e\u4fee\u590d\u8865\u4e01\u3002","protected":false},"excerpt":{"rendered":"<p>\u6b64\u6b21\u5b89\u5168\u6f0f\u6d1e\u66f4\u65b0\u5305\u62ecwireshark\u3001atheme-services\u3001libgd2\u548csymfony\u66f4\u65b0\u3002 &nbsp; \u6f0f\u6d1e\u6982\u8ff0 DSA-3585-1 wireshark\u00a0\u2014 \u5b89\u5168\u66f4\u65b0 \u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a \u5728\u8fdb\u884cPKTC\u3001IAX2\u3001GSM CBCH\u3001NCP\u7684\u89e3\u6790\u4e2d\u53d1\u73b0\u591a\u4e2a\u6f0f\u6d1e\uff0c\u8fd9\u4e9b\u6f0f\u6d1e\u4f1a\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002 &nbsp; DSA-3586-1 atheme-services \u2014 \u5b89\u5168\u66f4\u65b0 \u5b89\u5168\u6570\u636e\u5e93 ...<a href=https:\/\/www.deepin.org.cn\/zh\/security-updates%ef%bc%88dsa-3585-1-dsa-3586-1-dsa-3587-1-dsa-3588-1%ef%bc%89\/>\u9605\u8bfb\u66f4\u591a<\/a><\/p>\n","protected":false},"author":1,"featured_media":12897,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[75],"tags":[],"_links":{"self":[{"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/posts\/12891"}],"collection":[{"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/comments?post=12891"}],"version-history":[{"count":13,"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/posts\/12891\/revisions"}],"predecessor-version":[{"id":25292,"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/posts\/12891\/revisions\/25292"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/media?parent=12891"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/categories?post=12891"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/tags?post=12891"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}