{"id":24473,"date":"2017-07-26T17:33:12","date_gmt":"2017-07-26T09:33:12","guid":{"rendered":"https:\/\/www.deepin.org\/?p=24473"},"modified":"2017-07-27T16:48:18","modified_gmt":"2017-07-27T08:48:18","slug":"deepin-security-updates-dsa-3900-1-dsa-3903-1-dsa-3906-1-cve-2017-1000370-cve-2017-1000371","status":"publish","type":"post","link":"https:\/\/www.deepin.org.cn\/zh\/deepin-security-updates-dsa-3900-1-dsa-3903-1-dsa-3906-1-cve-2017-1000370-cve-2017-1000371\/","title":{"rendered":"\u6df1\u5ea6\u5b89\u5168\u66f4\u65b0\uff08DSA 3900-1 &#038;DSA 3903-1 &#038;DSA 3906-1&#038; CVE-2017-1000370, CVE-2017-1000371\uff09"},"content":{"rendered":"<img loading=\"lazy\" class=\"aligncenter size-full wp-image-24475\" src=\"https:\/\/www.deepin.org\/wp-content\/uploads\/2017\/07\/zh-4.jpg\" alt=\"zh\" width=\"749\" height=\"321\" srcset=\"https:\/\/www.deepin.org.cn\/wp-content\/uploads\/2017\/07\/zh-4.jpg 749w, https:\/\/www.deepin.org.cn\/wp-content\/uploads\/2017\/07\/zh-4-600x257.jpg 600w, https:\/\/www.deepin.org.cn\/wp-content\/uploads\/2017\/07\/zh-4-150x64.jpg 150w, https:\/\/www.deepin.org.cn\/wp-content\/uploads\/2017\/07\/zh-4-300x129.jpg 300w, https:\/\/www.deepin.org.cn\/wp-content\/uploads\/2017\/07\/zh-4-24x10.jpg 24w, https:\/\/www.deepin.org.cn\/wp-content\/uploads\/2017\/07\/zh-4-36x15.jpg 36w, https:\/\/www.deepin.org.cn\/wp-content\/uploads\/2017\/07\/zh-4-48x21.jpg 48w\" sizes=\"(max-width: 749px) 100vw, 749px\" \/><\/p>\n<p>\u6b64\u6b21\u5b89\u5168\u6f0f\u6d1e\u66f4\u65b0\u5305\u62ecopenvpn\u3001tiff\u3001undertow\u53calinux\u5185\u6838\u7684\u66f4\u65b0\u3002<\/p>\n<h1>\u6f0f\u6d1e\u6982\u8ff0<\/h1>\n<p><strong><a href=\"https:\/\/www.debian.org\/security\/2017\/dsa-3900.en.html\">DSA-3900-1 openvpn<\/a> \u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n<p>\u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n<p>Openvpn\u88ab\u53d1\u73b0\u591a\u4e2a\u5b89\u5168\u6f0f\u6d1e,\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u53d1\u52a8\u670d\u52a1\u762b\u75ea\u653b\u51fb\u6216\u8005\u654f\u611f\u4fe1\u606f\u6cc4\u6f0f\u3002<\/p>\n<p>&nbsp;<\/p>\n<p><strong><a href=\"https:\/\/www.debian.org\/security\/2017\/dsa-3903.en.html\">DSA-3903-1 tiff<\/a>\u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n<p>\u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n<p>libtiff\u5e93\u88ab\u53d1\u73b0\u4e86\u591a\u4e2a\u5b89\u5168\u6f0f\u6d1e\u53ef\u80fd\u5bfc\u81f4\u670d\u52a1\u762b\u75ea\u6216\u8005\u6076\u610f\u4ee3\u7801\u6267\u884c\u3002<\/p>\n<p>&nbsp;<\/p>\n<p><strong><a href=\"https:\/\/www.debian.org\/security\/2017\/dsa-3906.en.html\">DSA-3903-1 undertow<\/a> \u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n<p>\u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n<p>&nbsp;<\/p>\n<p>\u4e24\u4e2a\u6f0f\u6d1e\u88ab\u53d1\u73b0\uff0cWeb\u670d\u52a1\u5668\u7528java\u5199\u7684\uff0c\u8fd9\u53ef\u80fd\u4f1a\u5bfc\u81f4\u670d\u52a1\u6216HTTP\u8bf7\u6c42\u88ab\u62d2\u7edd\u3002<\/p>\n<p>&nbsp;<\/p>\n<p><strong><a href=\"http:\/\/CVE-2017-1000370\">CVE-2017-1000370<\/a>\u00a0\u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n<p>\u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n<p>\u5728Linux\u5185\u6838\u4e2d\u4f7f\u7528\u7684offset2lib\u8865\u4e01\u5305\u542b\u4e00\u4e2a\u6f0f\u6d1e\uff0c\u5141\u8bb8PIE\u4e8c\u8fdb\u5236\u6587\u4ef6\u4f7f\u75281GB\u53c2\u6570\u6216\u73af\u5883\u5b57\u7b26\u4e32\u6267\u884cexecve\uff08\uff09\uff0c\u7136\u540e\u5806\u6808\u5360\u7528\u5730\u57400x80000000\uff0c\u5e76\u4e14PIE\u4e8c\u8fdb\u5236\u6587\u4ef6\u6620\u5c04\u52300x40000000\u4ee5\u4e0a\uff0c\u4ece\u800c\u65e0\u6548\u4fdd\u62a4 offset2lib\u8865\u4e01\u3002 \u8fd9\u4f1a\u5f71\u54cdLinux\u5185\u68384.11.5\u53ca\u66f4\u65e9\u7248\u672c\u3002 \u8fd9\u662f\u4e00\u4e2a\u4e0d\u540c\u4e8eCVE-2017-1000371\u7684\u95ee\u9898\u3002 \u8fd9\u4e2a\u95ee\u9898\u4f3c\u4e4e\u5c40\u9650\u4e8e\u57fa\u4e8ei386\u7684\u7cfb\u7edf\u3002<\/p>\n<p>&nbsp;<\/p>\n<p><strong><a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2017-1000371\">CVE-2017-1000371<\/a>\u00a0\u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n<p>\u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n<p>Linux\u5185\u6838\u4f7f\u7528\u7684offset2lib\u8865\u4e01\u5305\u542b\u4e00\u4e2a\u6f0f\u6d1e\uff0c\u5982\u679cRLIMIT_STACK\u8bbe\u7f6e\u4e3aRLIM_INFINITY\uff0c\u5e76\u4e14\u5206\u914d\u4e861 GB\u7684\u5185\u5b58\uff08\u6700\u5927\u503c\u57281\/4\u9650\u5236\u4e4b\u4e0b\uff09\uff0c\u90a3\u4e48\u8be5\u5806\u6808\u5c06\u4f1a\u4e0b\u964d\u52300x80000000\uff0c\u800c\u4f5c\u4e3aPIE \u4e8c\u8fdb\u5236\u6620\u5c04\u52300x80000000\u4ee5\u4e0a\uff0cPIE\u4e8c\u8fdb\u5236\u8bfb\u53d6\u6bb5\u7684\u7ed3\u675f\u4e0e\u5806\u6808\u7684\u8d77\u59cb\u70b9\u4e4b\u95f4\u7684\u6700\u5c0f\u8ddd\u79bb\u53d8\u5f97\u8db3\u591f\u5c0f\uff0c\u4ee5\u81f3\u4e8e\u653b\u51fb\u8005\u53ef\u4ee5\u8df3\u8fc7\u5806\u6808\u4fdd\u62a4\u9875\u9762\u3002 \u8fd9\u4f1a\u5f71\u54cdLinux\u5185\u6838\u7248\u672c4.11.5\u3002 \u8fd9\u662f\u4e00\u4e2a\u4e0d\u540c\u4e8eCVE-2017-1000370\u548cCVE-2017-1000365\u7684\u95ee\u9898\u3002 \u8fd9\u4e2a\u95ee\u9898\u4f3c\u4e4e\u5c40\u9650\u4e8e\u57fa\u4e8ei386\u7684\u7cfb\u7edf\u3002<\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"font-size: 29px; font-weight: bold;\">\u4fee\u590d\u60c5\u51b5<\/span><\/p>\n<p>openvpn\u7684\u5b89\u5168\u6f0f\u6d1e\u57282.4.3-1\u7248\u672c\u4e2d\u8fdb\u884c\u4e86\u4fee\u590d\uff1btiff\u7684\u5b89\u5168\u6f0f\u6d1e\u57284.0.8-3\u7248\u672c\u4e2d\u8fdb\u884c\u4e86\u4fee\u590d\uff1bundertow\u7684\u5b89\u5168\u6f0f\u6d1e\u57281.4.18-1\u7248\u672c\u4e2d\u8fdb\u884c\u4e86\u4fee\u590d\uff1blinux\u5185\u6838\u7684\u5b89\u5168\u66f4\u65b0\u5728\u6df1\u5ea6\u64cd\u4f5c\u7cfb\u7edf15.4.1\u5df2\u7ecf\u4fee\u590d\u3002<\/p>\n<p>\u8bf7\u5404\u4f4d\u5c3d\u5feb\u66f4\u65b0\u7cfb\u7edf\u4ee5\u83b7\u53d6\u6f0f\u6d1e\u4fee\u590d\u8865\u4e01\u3002","protected":false},"excerpt":{"rendered":"<p>\u6b64\u6b21\u5b89\u5168\u6f0f\u6d1e\u66f4\u65b0\u5305\u62ecopenvpn\u3001tiff\u3001undertow\u53calinux\u5185\u6838\u7684\u66f4\u65b0\u3002 \u6f0f\u6d1e\u6982\u8ff0 DSA-3900-1 openvpn \u2014 \u5b89\u5168\u66f4\u65b0 \u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a Openvpn\u88ab\u53d1\u73b0\u591a\u4e2a\u5b89\u5168\u6f0f\u6d1e,\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u53d1\u52a8\u670d\u52a1\u762b\u75ea\u653b\u51fb\u6216\u8005\u654f\u611f\u4fe1\u606f\u6cc4\u6f0f\u3002 &nbsp; DSA-3903-1 tiff\u2014 \u5b89\u5168\u66f4\u65b0 \u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a libtiff\u5e93\u88ab\u53d1\u73b0\u4e86\u591a\u4e2a\u5b89\u5168\u6f0f\u6d1e\u53ef\u80fd\u5bfc\u81f4\u670d\u52a1\u762b\u75ea\u6216\u8005\u6076\u610f\u4ee3\u7801 ...<a href=https:\/\/www.deepin.org.cn\/zh\/deepin-security-updates-dsa-3900-1-dsa-3903-1-dsa-3906-1-cve-2017-1000370-cve-2017-1000371\/>\u9605\u8bfb\u66f4\u591a<\/a><\/p>\n","protected":false},"author":141,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[75],"tags":[],"_links":{"self":[{"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/posts\/24473"}],"collection":[{"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/users\/141"}],"replies":[{"embeddable":true,"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/comments?post=24473"}],"version-history":[{"count":6,"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/posts\/24473\/revisions"}],"predecessor-version":[{"id":24477,"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/posts\/24473\/revisions\/24477"}],"wp:attachment":[{"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/media?parent=24473"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/categories?post=24473"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/tags?post=24473"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}