{"id":485417,"date":"2024-06-19T09:08:18","date_gmt":"2024-06-19T08:08:18","guid":{"rendered":"https:\/\/blog.jetbrains.com\/?post_type=security&#038;p=485417"},"modified":"2024-06-19T09:08:22","modified_gmt":"2024-06-19T08:08:22","slug":"updates-for-security-issue-affecting-intellij-based-ides-2023-1-and-github-plugin","status":"publish","type":"security","link":"https:\/\/blog.jetbrains.com\/zh-hans\/security\/2024\/06\/updates-for-security-issue-affecting-intellij-based-ides-2023-1-and-github-plugin\/","title":{"rendered":"\u9488\u5bf9\u5f71\u54cd\u57fa\u4e8e IntelliJ \u7684 IDE 2023.1+ \u548c JetBrains GitHub \u63d2\u4ef6\u7684\u5b89\u5168\u95ee\u9898\u7684\u66f4\u65b0"},"content":{"rendered":"<p>\u4e00\u4e2a\u65b0\u53d1\u73b0\u7684<a href=\"https:\/\/www.cve.org\/CVERecord?id=CVE-2024-37051\" target=\"_blank\" rel=\"noopener\">\u5b89\u5168\u95ee\u9898<\/a>\u4f1a\u5f71\u54cd IntelliJ \u5e73\u53f0\u4e0a\u7684 JetBrains <a href=\"https:\/\/plugins.jetbrains.com\/plugin\/13115-github\" target=\"_blank\" rel=\"noopener\">GitHub \u63d2\u4ef6<\/a>\uff0c\u53ef\u80fd\u5bfc\u81f4\u8bbf\u95ee\u4ee4\u724c\u88ab\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\u7f51\u7ad9\u3002 2023.1+ \u7248\u6240\u6709\u5df2\u542f\u7528\u5e76\u914d\u7f6e\/\u6b63\u5728\u4f7f\u7528 JetBrains GitHub \u63d2\u4ef6\u7684\u57fa\u4e8e IntelliJ \u7684 IDE \u90fd\u4f1a\u53d7\u6b64\u95ee\u9898\u5f71\u54cd\u3002\u00a0<\/p>\n<p>\u95ee\u9898\u73b0\u5df2\u89e3\u51b3\uff0c2023.1+ \u7248\u6240\u6709\u57fa\u4e8e IntelliJ \u5e73\u53f0\u7684 IDE \u5747\u5df2\u83b7\u5f97\u4fee\u6b63\u3002<\/p>\n<h2 class=\"wp-block-heading\">\u53ef\u7528\u7684\u4fee\u6b63\u7248\u672c<\/h2>\n<ul>\n<li><strong>Aqua<\/strong>\uff1a2024.1.2<\/li>\n<li><strong>CLion<\/strong>\uff1a2023.1.7\u30012023.2.4\u30012023.3.5\u30012024.1.3\u30012024.2 EAP2<\/li>\n<li><strong>DataGrip<\/strong>\uff1a2024.1.4<\/li>\n<li><strong>DataSpell<\/strong>\uff1a2023.1.6\u30012023.2.7\u30012023.3.6\u30012024.1.2<\/li>\n<li><strong>GoLand<\/strong>\uff1a2023.1.6\u30012023.2.7\u30012023.3.7\u30012024.1.3\u30012024.2 EAP3<\/li>\n<li><strong>IntelliJ IDEA<\/strong>\uff1a2023.1.7\u30012023.2.7\u30012023.3.7\u30012024.1.3\u30012024.2 EAP3<\/li>\n<li><strong>MPS<\/strong>\uff1a2023.2.1\u30012023.3.1\u30012024.1 EAP2<\/li>\n<li><strong>PhpStorm<\/strong>\uff1a2023.1.6\u30012023.2.6\u30012023.3.7\u30012024.1.3\u30012024.2 EAP3<\/li>\n<li><strong>PyCharm<\/strong>\uff1a2023.1.6\u30012023.2.7\u30012023.3.6\u30012024.1.3\u30012024.2 EAP2<\/li>\n<li><strong>Rider<\/strong>\uff1a2023.1.7\u30012023.2.5\u30012023.3.6\u30012024.1.3<\/li>\n<li><strong>RubyMine<\/strong>\uff1a2023.1.7\u30012023.2.7\u30012023.3.7\u30012024.1.3\u30012024.2 EAP4<\/li>\n<li><strong>RustRover<\/strong>\uff1a2024.1.1<\/li>\n<li><strong>WebStorm<\/strong>\uff1a2023.1.6\u30012023.2.7\u30012023.3.7\u30012024.1.4<\/li>\n<\/ul>\n<p>JetBrains GitHub \u63d2\u4ef6\u4e5f\u5df2\u66f4\u65b0\u5e76\u83b7\u5f97\u4fee\u6b63\uff0c\u4e4b\u524d\u53d7\u5f71\u54cd\u7684\u7248\u672c\u5df2\u4ece <a href=\"https:\/\/plugins.jetbrains.com\/\" target=\"_blank\" rel=\"noopener\" data-type=\"link\" data-id=\"https:\/\/plugins.jetbrains.com\/\">JetBrains Marketplace<\/a> \u79fb\u9664\u3002\u00a0<\/p>\n<p>\u5982\u679c\u60a8\u5c1a\u672a\u66f4\u65b0\uff0c\u6211\u4eec\u5f3a\u70c8\u5efa\u8bae\u66f4\u65b0\u5230\u6700\u65b0\u7248\u672c\u3002<\/p>\n<h2 class=\"wp-block-heading\">\u8be6\u7ec6\u4fe1\u606f<\/h2>\n<p>2024 \u5e74 5 \u6708 29 \u65e5\uff0c\u6211\u4eec\u6536\u5230\u4e00\u4efd\u5916\u90e8\u5b89\u5168\u62a5\u544a\uff0c\u5176\u4e2d\u5305\u542b\u5c06\u5f71\u54cd IDE \u5185\u62c9\u53d6\u8bf7\u6c42\u7684\u6f5c\u5728\u6f0f\u6d1e\u7684\u8be6\u7ec6\u4fe1\u606f\u3002 \u7279\u522b\u662f\uff0c\u5bf9 GitHub \u9879\u76ee\u7684\u62c9\u53d6\u8bf7\u6c42\u4e2d\u7684\u6076\u610f\u5185\u5bb9\uff08\u9879\u76ee\u5c06\u7531\u57fa\u4e8e IntelliJ \u7684 IDE \u5904\u7406\uff09\u4f1a\u5c06\u8bbf\u95ee\u4ee4\u724c\u66b4\u9732\u7ed9\u7b2c\u4e09\u65b9\u4e3b\u673a\u3002 \u6307\u5b9a\u7ed9\u6b64\u6f0f\u6d1e\u7684 CVE ID \u4e3a <a href=\"https:\/\/www.cve.org\/CVERecord?id=CVE-2024-37051\" target=\"_blank\" rel=\"noopener\">CVE-2024-37051<\/a>\u3002<\/p>\n<p>\u9664\u4e86\u8bc4\u4f30\u95ee\u9898\u548c\u5f00\u59cb\u7740\u624b\u63a8\u51fa\u89e3\u51b3\u65b9\u6848\uff0c\u6211\u4eec\u8fd8\u7acb\u5373\u8054\u7cfb\u4e86 GitHub \u6765\u534f\u52a9\u6211\u4eec\u91c7\u53d6\u7f13\u89e3\u63aa\u65bd\u3002 \u8bf7\u6ce8\u610f\uff0c\u7531\u4e8e\u8fd9\u4e9b\u7f13\u89e3\u63aa\u65bd\uff0c\u65e7\u7248\u672c JetBrains IDE \u4e2d\u7684 JetBrains GitHub \u63d2\u4ef6\u53ef\u80fd\u4e0d\u4f1a\u518d\u6309\u9884\u671f\u5de5\u4f5c\u3002<\/p>\n<h2 class=\"wp-block-heading\">\u60a8\u9700\u8981\u505a\u4ec0\u4e48<\/h2>\n<p>\u9996\u5148\uff0c\u6211\u4eec\u5f3a\u70c8\u5efa\u8bae\u66f4\u65b0\u5230 IDE \u7684\u6700\u65b0\u7248\u672c\u3002\u00a0<\/p>\n<p>\u6b64\u5916\uff0c\u5982\u679c\u60a8\u5728 IDE \u4e2d\u7ecf\u5e38\u4f7f\u7528 GitHub \u62c9\u53d6\u8bf7\u6c42\u529f\u80fd\uff0c\u6211\u4eec\u5f3a\u70c8\u5efa\u8bae\u60a8\u64a4\u9500\u63d2\u4ef6\u6b63\u5728\u4f7f\u7528\u7684 GitHub \u4ee4\u724c\u3002 \u7531\u4e8e\u63d2\u4ef6\u53ef\u80fd\u4f7f\u7528 OAuth \u96c6\u6210\u6216\u4e2a\u4eba\u8bbf\u95ee\u4ee4\u724c (PAT)\uff0c\u8bf7\u68c0\u67e5\u4e24\u8005\u5e76\u6839\u636e\u9700\u8981\u64a4\u9500\uff1a<\/p>\n<ol>\n<li>OAuth \u96c6\u6210\u8bbe\u7f6e\uff1a\u8f6c\u5230 <a href=\"https:\/\/github.com\/settings\/applications\" target=\"_blank\" rel=\"noopener\">Applications<\/a> \u2192 Authorized OAuth Apps\uff08\u5e94\u7528\u7a0b\u5e8f \u2192 \u6388\u6743\u7684 OAuth \u5e94\u7528\uff09\u5e76\u64a4\u9500 <strong><em>JetBrains IDE Integration<\/em><\/strong>\uff08JetBrains IDE \u96c6\u6210\uff09\u5e94\u7528\u7a0b\u5e8f\u7684\u8bbf\u95ee\u6743\u9650\u3002<\/li>\n<li>\u4e2a\u4eba\u8bbf\u95ee\u4ee4\u724c\u8bbe\u7f6e\uff1a\u8f6c\u5230 <a href=\"https:\/\/github.com\/settings\/tokens\" target=\"_blank\" rel=\"noopener\">Tokens<\/a>\uff08\u4ee4\u724c\uff09\u9875\u9762\u5e76\u5220\u9664\u4e3a\u63d2\u4ef6\u53d1\u653e\u7684\u4ee4\u724c\u3002 \u9ed8\u8ba4\u4ee4\u724c\u540d\u79f0\u4e3a <strong><em>IntelliJ IDEA GitHub integration plugin<\/em><\/strong>\uff0c\u60a8\u4e5f\u53ef\u4ee5\u4f7f\u7528\u81ea\u5b9a\u4e49\u540d\u79f0\u3002<\/li>\n<\/ol>\n<p>\u8bf7\u6ce8\u610f\uff0c\u4ee4\u724c\u88ab\u64a4\u9500\u540e\uff0c\u60a8\u9700\u8981\u91cd\u65b0\u8bbe\u7f6e\u63d2\u4ef6\uff0c\u56e0\u4e3a\u6240\u6709\u63d2\u4ef6\u529f\u80fd\uff08\u5305\u62ec Git \u64cd\u4f5c\uff09\u90fd\u5c06\u505c\u6b62\u5de5\u4f5c\u3002\u00a0\u00a0<\/p>\n<p>\u5bf9\u4e8e\u7531\u6b64\u7ed9\u60a8\u5e26\u6765\u7684\u4e0d\u4fbf\uff0c\u6211\u4eec\u6df1\u8868\u6b49\u610f\u3002<\/p>\n<p>\u8c22\u8c22\uff01<\/p>\n<p>\u00a0<\/p>\n<p>\u672c\u535a\u6587\u82f1\u6587\u539f\u4f5c\u8005\uff1a<\/p>\n\n    <div class=\"about-author \">\n        <div class=\"about-author__box\">\n            <div class=\"row\">\n                <div class=\"about-author__box-img\">\n                    <img decoding=\"async\" src=\"https:\/\/secure.gravatar.com\/avatar\/?s=200&#038;r=g\" width=\"200\" height=\"200\" alt=\"\" loading=\"lazy\"  class=\"avatar avatar-200 wp-user-avatar wp-user-avatar-200 photo avatar-default\">\n                <\/div>\n                <div class=\"about-author__box-text\">\n                                                        <\/div>\n            <\/div>\n        <\/div>\n    <\/div>\n","protected":false},"author":1297,"featured_media":485424,"comment_status":"closed","ping_status":"closed","template":"","categories":[],"tags":[91,655],"cross-post-tag":[6632,6637],"acf":[],"_links":{"self":[{"href":"https:\/\/blog.jetbrains.com\/zh-hans\/wp-json\/wp\/v2\/security\/485417"}],"collection":[{"href":"https:\/\/blog.jetbrains.com\/zh-hans\/wp-json\/wp\/v2\/security"}],"about":[{"href":"https:\/\/blog.jetbrains.com\/zh-hans\/wp-json\/wp\/v2\/types\/security"}],"author":[{"embeddable":true,"href":"https:\/\/blog.jetbrains.com\/zh-hans\/wp-json\/wp\/v2\/users\/1297"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.jetbrains.com\/zh-hans\/wp-json\/wp\/v2\/comments?post=485417"}],"version-history":[{"count":10,"href":"https:\/\/blog.jetbrains.com\/zh-hans\/wp-json\/wp\/v2\/security\/485417\/revisions"}],"predecessor-version":[{"id":485449,"href":"https:\/\/blog.jetbrains.com\/zh-hans\/wp-json\/wp\/v2\/security\/485417\/revisions\/485449"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.jetbrains.com\/zh-hans\/wp-json\/wp\/v2\/media\/485424"}],"wp:attachment":[{"href":"https:\/\/blog.jetbrains.com\/zh-hans\/wp-json\/wp\/v2\/media?parent=485417"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.jetbrains.com\/zh-hans\/wp-json\/wp\/v2\/categories?post=485417"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.jetbrains.com\/zh-hans\/wp-json\/wp\/v2\/tags?post=485417"},{"taxonomy":"cross-post-tag","embeddable":true,"href":"https:\/\/blog.jetbrains.com\/zh-hans\/wp-json\/wp\/v2\/cross-post-tag?post=485417"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}