作者:Qualys
Qualys 今天公布了详细信息 Linux 上带有 glibc 的严重 OpenSSH 漏洞 (即几乎所有发行版,Alpine 除外) CVE-2024–6387. 该错误被昵称为 “回归“。该漏洞可被利用以 root 权限远程执行任意代码。如果 4.4p1 之前的版本没有针对 CVE-2006-5051 和 CVE-2008-4109 的补丁,则容易受到攻击。然后是 8.5p1–9.8p1 版本容易受到攻击。后者不再容易受到攻击。
幸运的是,这个漏洞显然很难被利用。错误 已修复 6 月 6 日,但此修复是多项更改的一部分,因此反向移植会有些困难。更多详情 在 Qualys 技术描述中。
(来源: 福罗尼克斯)
(由用户 LamZelezo 指出,谢谢)
`; 如果 (youtubeIframe !== null && vastUrls.length > 0) { const re = /embed/(.*)?/; const youtubeId = youtubeIframe.src.match(re)[1]; const youtubeImg = ' + youtubeId + '/hqdefault.jpg'; 让 thumbWrap = `
`;youtubeIframe.after(document.createRange().createContextualFragment(thumbWrap));youtubeIframe.style.display = 'none';const youtubeThumb = document.getElementById('ytPrerollThumb') let prerollAdInitialized = false;document.addEventListener('DOMContentLoaded',handleInitScroll,false);window.addEventListener('scroll',handleInitScroll,false);函数handleInitScroll(){if(prerollAdInitialized === false){const containerOffset = document.getElementById('ytPrerollThumb').getBoundingClientRect();const windowHeight = window.innerHeight;if(containerOffset.top < windowHeight / 1 && containerOffset.bottom > 0.0) { prerollAdInitialized = true; setTimeout(() => { youtubeThumb.remove(); playPrerollAd(); }, 2000); document.removeEventListener('DOMContentLoaded', handleInitScroll, false); window.removeEventListener('load', handleInitScroll, false); } } } 函数 playPrerollAd() { youtubeIframe.after(document.createRange().createContextualFragment(videoEl)); const vjsOptions = { fluid: true }; const player = videojs('iinfo_youtube_preroll', vjsOptions); let vastUrlIndex = 0; let playingAdCounter = 0; const imaOptions = { adTagUrl: vastUrls[vastUrlIndex]numRedirects: 20 }; console.log(“前贴片广告:正在加载第一个广告 – ” + vastUrls[vastUrlIndex]); player.ima(imaOptions); player.on('adend', () => { console.log('预卷:VAST 广告结束 (adend)。'); playingAdCounter++; playNext(); }); player.ima.addContentEndedListener(() => { console.log('预卷:VAST 广告结束 (内容结束)。'); playingAdCounter++; playNext(); }); player.on('adserror', (e) => { console.log('预卷:VAST 广告错误。'); playNext(); }); let adInitialized = false; let adPlaying = false; player.on('ads-manager', () => { // resumeAd 需要 AdsManager 准备就绪 document.addEventListener('DOMContentLoaded', handleScroll, false); window.addEventListener('scroll', handleScroll, false); player.muted(true); player.play(); adInitialized = true; }); 函数 handleScroll() { const containerOffset = document.getElementById('iinfo_youtube_preroll_wrapper').getBoundingClientRect(); const windowHeight = window.innerHeight; if (player.isDisposed() === false) { if (containerOffset.top < windowHeight / 1 && containerOffset.bottom > 0.0) { if (adInitialized === false) { player.muted(true); player.play(); adInitialized = true; document.removeEventListener('DOMContentLoaded', handleScroll, false); window.removeEventListener('load', handleScroll, false); } if (adPlaying === false) { player.ima.resumeAd(); adPlaying = true; } } else { if (adPlaying === true) { player.ima.pauseAd(); adPlaying = false; } } } 函数 playYtVideo() { player.dispose(); youtubeIframe.style.display = 'block'; youtubeIframe.src += '&autoplay=1&mute=1'; } 函数 playNextAd() { if (vastUrlIndex < vastUrls.length - 1) { console.log("Preroll: Loading next ad - " + vastUrls[vastUrlIndex]); vastUrlIndex++; player.ima.changeAdTag(vastUrls[vastUrlIndex]); player.ima.requestAds(); } } function playNext() { if (vastUrlIndex >= vastUrls.length – 1 || playingAdCounter >=2) { playYtVideo(); } else { playNextAd(); } } }
1719867818
#Linux #上带有 #glibc #的危险 #OpenSSH #漏洞regreSSHion
2024-07-01 14:12:01
