I-IPFire 2.29 Core 193 isebenzisa i-post-quantum cryptography kanye nokuthuthukiswa okubanzi kwesistimu

  • I-IPFire 2.29 Core Update 193 ihlanganisa i-post-quantum cryptography emhubheni we-IPsec esebenzisa i-ML-KEM.
  • Ama-algorithms wokubethela azenzakalelayo abuyekeziwe, asusa i-AES-128 futhi athanda i-AES-256 ne-ChaCha20-Poly1305.
  • Ukulungiswa kabusha kwesistimu eyisisekelo: izibuyekezo ze-glibc, i-Binutils, i-firmware, ne-microcode.
  • Ukulungiswa kweziphazamisi, isixhumi esibonakalayo esithuthukisiwe, nezingxenye ezibalulekile ezibuyekeziwe njenge-Apache ne-squid.
Pablinux

Imizuzu ye-5

Ukuvuselelwa kwe-IPFire 2.29 Core 193

Ithimba lezentuthuko le I-IPFire Usungule Isibuyekezo se-Core 193 kunguqulo 2.29, isinyathelo esibalulekile esiqinisa ukuphepha kwalokhu kusatshalaliswa komlilo okusekelwe ku-Linux. Njengengxenye yokugxila kwayo okuqhubekayo ekuzivumelaniseni nezinsongo ezivelayo, le nguqulo entsha ihlanganisa ukusekelwa i-post-quantum cryptography ekuxhumekeni IPsec VPN, ngaphezu kochungechunge lwentuthuko yobuchwepheshe eklanyelwe ukugcina ukusebenza kwesistimu nokuthembeka.

Lesi sibuyekezo silandela i-Core Update 192 futhi imele inqubekelaphambili ebalulekile ekuvikelekeni ekuhlaselweni kwe-inthanethi okuzayo, ikakhulukazi lezo ezingase zisebenzise amakhono e-quantum computing. Ngakho-ke, ukuhlanganisa ama-algorithms amelana nalolu hlobo lobuchwepheshe sekuyinto ehamba phambili kubathuthukisi be-IPFire, abazibophezele ukuhlala phambili ekuvikelekeni kwe-cybersecurity.

Ukuphepha Kwe-IT
I-athikili ehlobene:
Izinhlelo zokusebenza ezinhle kakhulu nokusatshalaliswa okungu-2016 kwezokuphepha

I-Cryptography ye-Post-Quantum: Isendlalelo Esisha Sokuvikela Semihubhe ye-IPsec

Isici esisha esiyinhloko se-IPFire 2.29 Core Update 193 yi- Ukufakwa komdabu kwe-post-quantum cryptography kumigudu yayo ye-IPsec. Ngokukhethekile, indlela yokhiye yokuhlanganisa esekelwe kumamojula amanethiwekhi, eyaziwa ngokuthi i-ML-KEM (I-Module-Lattice-Based Key-Encapsulation Mechanism), isetshenzisiwe. Le algorithm yakhiwe kucatshangelwa izimo lapho abahlaseli bengase babe namakhompyutha e-quantum akwazi ukuphula i-cryptography evamile esikhathini esizayo.

Lesi sici esisha senziwe sisebenze ngokuzenzakalela kuwo wonke amathaneli asanda kumiswa., engaphinda isebenzise ama-algorithms esimanje agunyazwe i-National Institute of Standards and Technology (NIST), njenge-Curve448, Curve25519, RSA-4096, ne-RSA-3072. Ukwengeza, abasebenzisi abanamathaneli akhona bangabuyekeza izilungiselelo zabo ukuze basebenzise lobu buchwepheshe ekhasini lezilungiselelo ezithuthukisiwe.

ntpsec
I-athikili ehlobene:
I-NTPsec, ukuqaliswa okuthuthukisiwe kwe-NTP

Ukubuyekezwa Okujulile kwe-Crypto Algorithm kanye nokususwa kwe-AES-128 ku-IPFire 2.29 Core 193

Ukuphepha njengokuza kuqala, Uhlu lwama-algorithms wokubethela okuzenzakalelayo lubuyekeziwe. I-IPFire manje isezingeni ku-AES-256 kumamodi e-GCM kanye ne-CBC, kanye ne-ChaCha20-Poly1305. Kulo mongo, i-AES-128 isuswe ngokuphelele ekucushweni okuzenzakalelayo, njengoba ibhekwa njengesengozini kakhulu uma iqhathaniswa nozakwabo we-256-bit.

Abathuthukisi baphikisana ngokuthi i-hardware yesimanje eminingi ihlanganisa ukusheshisa ukusebenza kwe-AES, ngakho i-AES-256 ingakwazi ukufeza ukusebenza okufana ne-AES-128 kodwa ngezinga eliphezulu lokuvikela. Lolu shintsho lumelele inguquko kunqubomgomo yephrojekthi ebheke kumodeli yokuphepha esekelwe ekuvimbeleni nasekusebenzeni.

kuvula
I-athikili ehlobene:
I-OpenSSH 9.6 ifika ilungisa izinkinga ezintathu zokuphepha, isebenzise ukuthuthukiswa nokunye okwengeziwe

Izibuyekezo zesistimu eyisisekelo: amalabhulali, amathuluzi, nokusebenza

Umnyombo wesistimu uphinde wathola ukuthuthukiswa okuphawulekayo mayelana namathuluzi okuhlanganiswa nokusebenza.. Phakathi kwezici ezintsha ukufakwa kwe-GNU C Library (glibc) enguqulweni yayo engu-2.41 kanye ne-GNU Binutils 2.44, evumela ukukhiqiza ikhodi esebenza kahle kakhulu nelungiselelwe ihadiwe yakamuva. Lokhu akugcini nje ukuthuthukisa ukusebenza okuphelele, kodwa futhi kuqinisa ukuphepha kokusebenza kwesistimu.

Futhi, I-Firmware ne-microcode updates zifakiwe ukunciphisa ubungozi obaziwayo obufana ne-INTEL-SA-01213 nezinye izindaba ezithinta ubuqotho bezinhlelo zesimanje. Lezi yizinyathelo okuthi, nakuba zingabonakali kumsebenzisi wokugcina, zibe nomthelela ngokuqondile ekuthembekeni kwendawo yenethiwekhi evikelwe yi-IPFire.

vulaZFS
I-athikili ehlobene:
I-OpenZFS 2.3.1 ifika nokusebenza, ukuhambisana nokuthuthukiswa kokuphathwa kwezifinyezo

Ezinye izinguquko ezibalulekile: I-DNS-over-TLS, ukuthuthukiswa okubonakalayo, nokulungiswa kweziphazamisi

Uhlu lwezinsizakalo ezizenzakalelayo inwetshiwe ukuze ifake usekelo lwendabuko lwe-DNS-over-TLS, okuqinisa ubumfihlo bemibuzo ye-DNS ngokumelene nokulalela kwangaphandle noma ukukhohlisa. Isiphazamisi esivimbele ukuvuselelwa kwesitifiketi se-IPsec sosokhaya ngenxa yenombolo ye-serial engalungile nayo isilungisiwe, iphutha elingase libe inselele enkulu ezindaweni zebhizinisi.

Mayelana nesixhumi esibonakalayo somsebenzisi, Ukuthuthukiswa okubonakalayo kwenziwe esigabeni samaqembu okuvikela umlilo, sibonga ngokwengxenye ngeminikelo evela kubanikeli bomphakathi abafana noStephen Cuka. Lezi zinhlobo zezinguquko, nakuba zizincane, zisiza ukuthuthukisa ulwazi lwansuku zonke lomsebenzisi futhi zenze ukuphathwa kwemithetho kube lula kubalawuli benethiwekhi.

Ekugcineni, Uhlu lwamabhulokhi lwemiyalo ye-C2 namaseva afakwe ngaphambilini yi-Abuse.ch lususiwe, njengoba lokhu kuyekwa. Lesi sinqumo sinciphisa ukuthembela emithonjeni yedatha yangaphandle engagciniwe, siqinisa ukuhambisana kwe-IPFire ecosystem.

Izinhlelo zokusebenza ezibuyekeziwe namaphakheji engeziwe ku-IPFire 2.29 Core 193

Ukuze ugcine ukuhambisana nobuchwepheshe bakamuva, amaphakheji abalulekile ambalwa abuyekeziwe. Phakathi kwazo kukhona I-Apache 2.4.63, I-StrongSwan 6.0.0 y Ingwane 6.13, izingxenye ezibalulekile zezimo zenethiwekhi eziyinkimbinkimbi ezisekelwe kummeleli noma amaseva e-VPN. Ukwengeza, kwenziwe umsebenzi wokuthuthukisa izengezo eziningi, kugqanyiswe izinguqulo ezintsha ze I-HAProxy 3.1.2, I-Git 2.48.1 y I-Samba 4.21.4.

Lezi zibuyekezo azinikezi izici ezintsha kuphela kodwa futhi zilungisa iziphazamisi ezikhona futhi ziqinisekise ukuthi izindawo zokukhiqiza zingaqhubeka nokusebenza ngaphandle kwezinkinga ezivela ezinguqulweni ezindala.

Ithimba le-IPFire lithathe leli thuba ukubonga umphakathi walo womhlaba ngokusebenzisana kwawo okuqhubekayo, kungaba ngokunikela ngekhodi, imibiko yeziphazamisi, noma ukwesekwa kontanga. Njengoba kuvamile kumaphrojekthi omthombo ovulekile, ukubamba iqhaza kwabasebenzisi okusebenzayo bekubalulekile ekukhiqizeni ukukhululwa okuphelele.

I-IPFire 2.29 Core Update 193 manje isiyatholakala ukuze ilandwe kuwebhusayithi esemthethweni yephrojekthi.. Amafayela atholakala ngazo zombili ifomethi yesithombe se-ISO ne-USB, futhi sincoma ukuthi uwafake ngokushesha ngangokunokwenzeka ukuze usebenzise ukuthuthukiswa nokugcina indawo evikelekile ehlangabezana nezinsongo zakamuva.

Lokhu kukhishwa okusha kuqinisa ukuzibophezela kwe-IPFire ekuziphendukeleni kwemvelo okuqhubekayo lapho kubhekene nokukhula kobuchwepheshe bezwe le-cybersecurity. Ngokuzibophezela kwayo ku i-post-quantum cryptography, ukuthuthukiswa kwangaphakathi kobuchwepheshe, nokunaka imininingwane, umphakathi wabasebenzisi unethuluzi eliqinile, elilungiselelwe izinselele zamanje nezesikhathi esizayo.


Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Unomthwalo wemfanelo ngedatha: AB Internet Networks 2008 SL
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.