Umthelela
Izinguqulo ze-LibreNMS ezingu-24.9.1 nangaphambili ziqukethe ukuba sengozini okuvumela abasebenzisi abagunyaziwe ukuthi benze umjovo womyalo we-OS [S2]. Ukuxhashazwa okuyimpumelelo kuvumela ukusetshenziswa kwemiyalelo engafanele ngezimvume zomsebenzisi weseva yewebhu [S1]. Lokhu kungaholela ekonakaleni okugcwele kwesistimu, ukufinyelela okungagunyaziwe kudatha yokuqapha ebucayi, kanye nokunyakaza okungase kube khona ngaphakathi kwengqalasizinda yenethiwekhi ephethwe yi-LibreNMS [S2].
Imbangela
Ukuba sengozini kusekelwe ekwenziweni hlangothi okungafanele kokokufaka okunikezwa umsebenzisi ngaphambi kokuthi kufakwe emyalweni wesistimu yokusebenza [S1]. Leli phutha lihlukaniswa njenge-CWE-78 [S1]. Ezinguqulweni ezithintekile, izindawo zokugcina eziqinisekisiwe ziyehluleka ukuqinisekisa ngokwanele noma ukuhlanza amapharamitha ngaphambi kokuwadlulisela emisebenzini yokusayinda yezinga lesistimu [S2].
Ukulungiswa
Abasebenzisi kufanele bathuthukise ukufakwa kwabo kwe-LibreNMS kube inguqulo engu-24.10.0 noma eyakamuva ukuze baxazulule le nkinga [S2]. Njengomkhuba ongcono kakhulu wokuvikeleka ojwayelekile, ukufinyelela kusixhumi esibonakalayo sokuphatha se-LibreNMS kufanele kukhawulelwe kumasegimenti enethiwekhi athenjiwe kusetshenziswa izibhulamlilo noma izinhlu zokulawula ukufinyelela (ACLs) [S1].
I-FixVibe iyihlolela kanjani
I-FixVibe manje ihlanganisa lokhu ku-GitHub repo scans. Isheke lifunda amafayela ancike enqolobaneni agunyaziwe kuphela, okuhlanganisa i-composer.lock kanye ne-composer.json. Ihlaba umkhosi okuthi librenms/librenms izinguqulo ezikhiyiwe noma imikhawulo efana nobubanzi obuthintekile <=24.9.1, bese ibika ifayela lokuncika, inombolo yomugqa, ama-ID abelulekayo, ububanzi obuthintekile, nenguqulo engaguquki.
Lokhu ukuhlola kwe-repo okumile, okufundwayo kuphela. Ayisebenzisi ikhodi yekhasimende futhi ayithumeli ukuxhaphaza okukhokhelwayo.