Fwupd 2.0.16 ufika ukuqinisa iphrojekthi ebalulekile ku-ecosystem ye-Linux: ukuvuselela i-firmware ngokuphepha nangokungenabuhlungu. Uma ufuna ukuthi yini entsha nokuthi ungayisebenzisa kanjani emsebenzini wakho wansuku zonke, nawu umhlahlandlela ophelele, onomongo ophuma ekukhishweni kwangaphambilini nezibonelo ezisebenzayo.
Le nguqulo yethula a injini yokusesha edidiyelwe entsha ezinsizakalweni zomugqa womyalo, ukuthuthukiswa okuqondene ne-FreeBSD, nokusekelwa okuqhubekayo kwehadiwe lokho belilokhu likhula ngesivinini emasontweni edluleSiphinde sabuyekeza izici eziwusizo zephrojekthi ngokwayo, njenge-LVFS, ukusakaza okuthuthukisiwe, ukushicilela imethadatha ye-P2P, nokulawula izinketho ezindaweni zebhizinisi.
Izici ezintsha ezithile ku-Fwupd 2.0.16
Isihloko salesi sitolimende ukufika kwe-a umsebenzi wokucinga ezinsizeni ze-console. Manje ungathola izinguqulo ze-firmware ezitholakalayo kumarimothi amisiwe, usebenzisa imethadatha eqoqwe ku-LVFS ngaphandle kokuzulazula ezinhlwini ezingapheli.
Lokhu kusesha kuyatholakala kuzo zombili i-fwupdmgr kanye ne-fwupdtool. Isibonelo esisebenzayo kungaba ukuthola izilungiso ezihlobene ne-a I-CVE ethile ngomyalo owodwa: fwupdmgr search CVE-2022-21894. Ngokufanayo, ungakwazi ukuhlunga ngedivayisi, umthengisi, noma izihlonzi ezifanele.
Ngaphezu kwenjini yokusesha, kukhona isithuthukisi esigxile ekucwaningweni: umyalo fwupdtool umlando Ikuvumela ukuthi ubuke umlando wokufakwa okwenziwe, okuwusizo kakhulu emaqenjini osekelo noma abasebenzisi abafuna ukubuyekeza ukuthi yini esetshenzisiwe nokuthi nini.
Mayelana nokuhambisana, le nguqulo yandisa ukwesekwa i-hardware enemindeni emisha yamadivayisi, okuhlanganisa izingxenye ze-Logitech Bolt ne-AMD SB-RMI. Lokhu kukhula kwekhava kugcina uchungechunge lwe-2.0.x luhamba kahle, obelungeza izingxenye eziningi emasontweni adlule.
Kubasebenzisi beFreeBSD, fwupd 2.0.16 yengeza "okunye ukulungisa" ukuze kukhulunywe phatha ngendlela efanele izibuyekezo ze-firmware kuleyo sistimu, iqinisa ukuzinza kwenqubo ezimeni ezingaphandle kwe-Linux.
Ukukhishwa kufike ezinsukwini ezimbalwa ngemuva kwe-2.0.15, eyayivele yethuliwe ukwesekwa okusha kwehadiwe kanye nokuthuthukiswa okuhlukahlukene.
I-Fwupd 2.0.16 yethula ukulungiselelwa kwenethiwekhi yendawo ngePasim
Uma ufake i-Passim futhi inikwe amandla, i-fwupd ingashicilela kabusha ifayela lemethadatha ilandwe ukuze uyinikeze ekhelini elithi 0.0.0.0:27500. Ngale ndlela, amanye amakhompyutha akunethiwekhi efanayo angazuza, anciphise ukusetshenziswa komkhawulokudonsa ukuya kumarimothi angaphandle.
Lokhu kusatshalaliswa kabusha kumenyezelwe ngu mDNS noma i-LLMNR, futhi ilungele amahhovisi noma amalebhu anamakhasimende amaningi e-Linux. Ngaphambi kokuwusebenzisa ekukhiqizeni, cabangela ukuvikeleka nokuhlukaniswa kwenethiwekhi imithelela eqondene nendawo okuyo.
Uma ungasifuni lesi sici, ungasikhubaza kalula: setha I-P2pPolicy=ayikho en /etc/fwupd/daemon.conf, khipha iphakheji ye-passim noma imaski isevisi nge systemctl mask passim.service.
Ukulawula izibuyekezo ezinkampanini: ukugunyazwa
Ezindaweni zezinkampani, i-fwupd ikuvumela ukuthi uhlunge ukuthi yimaphi ama-firmware agunyazwe ngawo izibuyekezo ezigunyaziwe. Vele wenze inketho isebenze ApprovalRequired=true efayeleni lokumisa elikude, njenge lvfs.conf.
Uma isisebenza, ungachaza uhlu lwezibuyekezo ezigunyaziwe kulo fwupd.conf, kusetshenziswa uhlu oluhlukaniswe ngokhefana lwamasheke esiqukathi ahambisana nokufakiwe kwemethadatha. Lokhu kuqinisekisa ukuthi izibuyekezo eziqinisekiswe inhlangano yakho kuphela ezinikezwayo.
Ngaphezu kwalokho, kungenzeka khulisa lolo hlu ngomyalo fwupdmgr set-approved-firmware kulandelwe isihlonzi esifanele, noma ngesixhumi esibonakalayo se-D-Bus uma ukhetha ukusihlanganisa namathuluzi akho okuphatha.
Ukuhlanganiswa kwezithombe, ukuhlaziya okumile kanye nokupakishwa
Noma kunjalo fwupdmgr iyiklayenti le-console; kukhona imidwebo engaphambili ebhalwe ekhasini layo lomuntu. Kumadeskithophu e-GNOME, ukuhlanganiswa ne-GNOME Software kwenza inqubo ibe lula kubasebenzisi abakhetha ukugwema ukuphela.
Iphrojekthi isebenzisa amathuluzi okuhlaziya amile njenge I-Coverity ne-PVS-Studio ukuqinisa ikhwalithi yekhodi. Lokhu kuqapha okuqhubekayo kusiza ukuthola ukuhlehla namaphethini ayinkinga ngaphambi kokuthi kufinyelele kubasebenzisi bokugcina.
Uma ugcina iphakethe elingezansi lomfula fwupd, naka inketho systemd_unit_user I-Meson: kufanele isetshenziswe ngokucophelela ukuze kugwenywe imizila yokukhuphuka kwamalungelo. Inani elizenzakalelayo, nge DynamicUser=true, iphephile futhi iyanconywa ezimeni eziningi.
Imikhuba emihle nokucatshangelwa kokuthunyelwa
Indlela engcono kakhulu yokugcina ukugeleza kwesibuyekezo kuzinzile ukusebenzisa izinqolobane ezisemthethweni yokusabalalisa kwakho. Abanakekeli baqinisekisa ukuhlanganiswa, ukuncika, nokuhambisana nazo zonke ezinye izingxenye zesistimu.
Okwemikhumbi noma amalabhorethri, hlanganisa uhlelo lwe izimvume ngePasim noma nini lapho kufaneleka. Lokhu kunciphisa ubungozi futhi konga umkhawulokudonsa, kodwa khumbula ukubhala izinguquko nokugcina amarekhodi ngakho fwupdtool history lapho udinga ukuhlolwa.
Emishinini ene-UEFI namaphilisi, hlola ukuthi ikufanele yini gwema i-Capsule-on-Disk uma kunezidingo ezithile zokuqalisa noma zokuhlukanisa. Lokhu kuvumelana nezimo kwethulwe ochungechungeni lwe-2.0.14 futhi kusiza ukuhlanganiswa okuyinkimbinkimbi.
Uma usebenza namadivayisi we-TPM, sicela uqaphele lokho ibuyekeze imephu abakhiqizi, okuthuthukisa ukufana kokuhlonza. Futhi uma uphatha iziteshi zokusebenza ze-Lexar NVMe, inombolo yenguqulo efanele isiza ukugwema ukudideka.
Ngengqalasizinda esekwe ku-RHEL, yiba ukwakha ukwesekwa ye-RHEL 9 kanye ne-10 yenza lula umjikelezo wokupakishwa nokuhlola wangaphakathi, iqondanise fwupd namazinga ezinkampani aleyo nkundla.
Labo abaphethe amamodemu athile kanye nokusakaza ukusakaza bangasebenzisa leli thuba i-firehose ezenzakalelayo ye-QCDM kanye nokuvunyelwa okungeziwe emagameni wefayela lesilayishi, ukunciphisa ukulungiswa okwenziwa ngesandla kanye namaphutha angenzeka e-orchestration.
Mayelana nokuphepha, khubaza isheke le isikhathi sokusayina Ngesikhathi sokuqinisekiswa kwe-firmware, kunciphisa ama-negative amanga; ngokufanayo, ukungangezi umphakeli ONGAZIWAYO lapho inkampani ingenalo lolo lwazi kuvimbela isitokwe kanye nomsindo wokubika.
I-Fwupd 2.0.16 isiyatholakala
Usesho olusha lwe-2.0.16 lungena kahle kakhulu ekuhambeni lapho ubuyekeza khona I-CVE, abathengisi noma amamodeli ethize. Kuyisithuthukisi esonga isikhathi nesithuthukisa ukubonakala, ikakhulukazi esiwusizo lapho uphatha amakhompuyutha anama-peripheral ahlukahlukene.
Ku-FreeBSD, ukulungiswa okufakwe ku-2.0.16 kuthuthukisa i- buyekeza ukuphathwa futhi wenze umphumela ubikezeleke kakhudlwana, uphawu oluhle kulabo abasebenza ezindaweni ezixubile noma abafudukayo phakathi kwamapulatifomu.
Ekugcineni, umjikelezo we-2.0.x ubonisa ukugxila okuqhubekayo kukho ukuhambisana, ikhwalithi nokulawulaNge-2.0.16, injini yokusesha ye-FreeBSD kanye nokuqina kwakhela phezu kwesisekelo esiqinile esesivele sethulwe ku-2.0.14 no-2.0.15 mayelana nezici, ama-plugin, kanye nokupholisha okuvamile.
Kuyacaca ukuthi lokhu kukhululwa kukhulisa ukusetshenziswa kwansuku zonke kwe-fwupd ngamathuluzi asebenzayo, ukwandisa ukusekelwa kwezingxenyekazi zekhompuyutha, nezinketho ezidizayinelwe amanethiwekhi omhlaba wangempela, ukusuka ekhaya kuye ebhizinisini. Nge injini yokusesha edidiyelwe, umlando wokufaka kanye nokuhlanganiswa kwe-LVFS, fwupd 2.0.16 iqiniswa njengendlela elula kakhulu yokugcina i-firmware yakho isesikhathini ku-Linux naku-FreeBSD.
