[{"data":1,"prerenderedAt":187},["ShallowReactive",2],{"zh-cn:CommonContent:\u002Fnews\u002F2026-06-16-patch-tuesday":3},{"id":4,"title":5,"body":6,"categories":177,"date":179,"description":50,"extension":180,"home":181,"important":181,"meta":182,"navigation":181,"path":183,"seo":184,"stem":185,"__hash__":186},"zhCN\u002Fnews\u002F2026-06-16-patch-tuesday.md","安同 OS 每周安全公告 (2026\u002F6\u002F16)",{"type":7,"value":8,"toc":172},"minimark",[9,17,20,37,41,44,67,70,73,76,84,168],[10,11,12],"p",{},[13,14],"img",{"alt":15,"src":16},"安同 OS 每周安全公告 (2026\u002F6\u002F16)）","\u002Fassets\u002Fnews\u002Fcve-weekly-20260616.webp",[10,18,19],{},"在过去一周（2026 年 6 月 9 日至 2026 年 6 月 16 日），安同 OS 共发布了 10 个安全更新，包含针对 36 个安全漏洞的修复，其中 1 个被认定为严重 (Critical) 漏洞、14 个被认定为高危漏洞。",[10,21,22,23,30,31,36],{},"本周的较为重要安全漏洞的有针对 gRPC ≤ 1.80.0 的授权绕过漏洞 (",[24,25,29],"a",{"href":26,"rel":27},"https:\u002F\u002Fwww.cve.org\u002FCVERecord?id=CVE-2026-33186",[28],"nofollow","CVE-2026-33186",") 及 Clash Verge 服务 (IPC) 2.3.0 中的不必要权限执行漏洞（",[24,32,35],{"href":33,"rel":34},"https:\u002F\u002Fwww.cve.org\u002FCVERecord?id=CVE-2025-50505",[28],"CVE-2025-50505"," 变种，目前仅作了缓解，仍残留拒绝服务漏洞）。",[38,39,40],"h2",{"id":40},"更新指引",[10,42,43],{},"请使用 oma 更新您的系统：",[45,46,51],"pre",{"className":47,"code":48,"language":49,"meta":50,"style":50},"language-bash shiki shiki-themes github-light","oma upgrade\n","bash","",[52,53,54],"code",{"__ignoreMap":50},[55,56,59,63],"span",{"class":57,"line":58},"line",1,[55,60,62],{"class":61},"s7eDp","oma",[55,64,66],{"class":65},"sYBdl"," upgrade\n",[10,68,69],{},"在更新确认界面，oma 将向您展示安全更新的详情（安全更新条目标题为红色加粗字体）。",[10,71,72],{},"我们强烈推荐您及时更新您的安同 OS。",[38,74,75],{"id":75},"安全更新详表",[10,77,78,79,83],{},"以下末尾加  ",[80,81,82],"strong",{},"[*]"," 的条目为包含高危（及以上）漏洞修复的更新。",[85,86,87,96,104,112,120,128,136,148,154,162],"ul",{},[88,89,90,93,94],"li",{},[52,91,92],{},"aiohttp",": 3.13.5 → 3.14.1  ",[80,95,82],{},[88,97,98,101,102],{},[52,99,100],{},"clash-verge-service-ipc",": 2.3.0 → 2.3.0-1  ",[80,103,82],{},[88,105,106,109,110],{},[52,107,108],{},"gdal",": 3.12.1-5 → 3.13.1  ",[80,111,82],{},[88,113,114,117,118],{},[52,115,116],{},"grpc",": 1.72.0-3 → 1.81.1  ",[80,119,82],{},[88,121,122,125,126],{},[52,123,124],{},"ldns",": 1.8.4-2 → 1.9.2  ",[80,127,82],{},[88,129,130,133,134],{},[52,131,132],{},"nvm",": 0.40.3 → 0.40.5  ",[80,135,82],{},[88,137,138,141,142,145,146],{},[52,139,140],{},"openssl",", ",[52,143,144],{},"openssl+32",": 3.6.2 → 3.6.3  ",[80,147,82],{},[88,149,150,153],{},[52,151,152],{},"squid",": 7.5 → 7.6",[88,155,156,159,160],{},[52,157,158],{},"ujson",": 5.12.0 → 5.12.1  ",[80,161,82],{},[88,163,164,167],{},[52,165,166],{},"vim",": 9.2.0586 → 9.2.0653",[169,170,171],"style",{},"html pre.shiki code .s7eDp, html code.shiki .s7eDp{--shiki-default:#6F42C1}html pre.shiki code .sYBdl, html code.shiki .sYBdl{--shiki-default:#032F62}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}",{"title":50,"searchDepth":173,"depth":173,"links":174},2,[175,176],{"id":40,"depth":173,"text":40},{"id":75,"depth":173,"text":75},[178],"advisories","2026-06-16","md",true,{},"\u002Fnews\u002F2026-06-16-patch-tuesday",{"title":5,"description":50},"news\u002F2026-06-16-patch-tuesday","5nONrp_6e9dUpBQbObmr_wxFOFgSjwJy6MW8R6GlhAI",1781596979538]