[DONE] wml://{security/2016/dsa-3629.wml}
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- --- english/security/2016/dsa-3629.wml 2016-07-26 16:34:30.000000000 +0500
+++ russian/security/2016/dsa-3629.wml 2016-07-26 16:50:27.913027534 +0500
@@ -1,79 +1,80 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
<define-tag moreinfo>
- -<p>Several vulnerabilities were discovered in the Network Time Protocol
- -daemon and utility programs:</p>
+<p>Ð? Ñ?лÑ?жбе и Ñ?Ñ?илиÑ?аÑ? NTP бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко
+Ñ?Ñ?звимоÑ?Ñ?ей:</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7974">CVE-2015-7974</a>
- - <p>Matt Street discovered that insufficient key validation allows
- - impersonation attacks between authenticated peers.</p></li>
+ <p>Ð?Ñ?Ñ?Ñ? СÑ?Ñ?иÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о недоÑ?Ñ?аÑ?оÑ?наÑ? пÑ?овеÑ?ка клÑ?Ñ?ей позволÑ?еÑ?
+ вÑ?даваÑ?Ñ? Ñ?ебÑ? за дÑ?Ñ?гого полÑ?зоваÑ?елÑ? длÑ? аÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованнÑ?Ñ? одноÑ?анговÑ?Ñ? Ñ?злов.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7977">CVE-2015-7977</a>
<p><a href="https://security-tracker.debian.org/tracker/CVE-2015-7978">CVE-2015-7978</a></p>
- - <p>Stephen Gray discovered that a NULL pointer dereference and a
- - buffer overflow in the handling of <q>ntpdc reslist</q> commands may
- - result in denial of service.</p></li>
+ <p>СÑ?ивен Ð?Ñ?Ñ?й обнаÑ?Ñ?жил, Ñ?Ñ?о Ñ?азÑ?менование NULL-Ñ?казаÑ?елÑ? и
+ пеÑ?еполнение бÑ?Ñ?еÑ?а в коде обÑ?абоÑ?ки команд <q>ntpdc reslist</q> можеÑ?
+ пÑ?иводиÑ?Ñ? к оÑ?казÑ? в обÑ?лÑ?живании.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7979">CVE-2015-7979</a>
- - <p>Aanchal Malhotra discovered that if NTP is configured for broadcast
- - mode, an attacker can send malformed authentication packets which
- - break associations with the server for other broadcast clients.</p></li>
+ <p>Ð?анÑ?ал Ð?алÑ?оÑ?Ñ?а обнаÑ?Ñ?жил, Ñ?Ñ?о еÑ?ли NTP наÑ?Ñ?Ñ?оен на иÑ?полÑ?зование Ñ?ежима
+ Ñ?иÑ?окого веÑ?аниÑ?, Ñ?о злоÑ?мÑ?Ñ?ленник можеÑ? оÑ?пÑ?авиÑ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?е пакеÑ?Ñ? аÑ?Ñ?енÑ?иÑ?икаÑ?ии,
+ коÑ?оÑ?Ñ?е пÑ?иведÑ?Ñ? к поломке аÑ?Ñ?оÑ?иаÑ?ий Ñ? Ñ?еÑ?веÑ?ом длÑ? дÑ?Ñ?гиÑ? Ñ?иÑ?оковеÑ?аÑ?елÑ?нÑ?Ñ? клиенÑ?ов.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8138">CVE-2015-8138</a>
- - <p>Matthew van Gundy and Jonathan Gardner discovered that missing
- - validation of origin timestamps in ntpd clients may result in denial
- - of service.</p></li>
+ <p>Ð?Ñ?Ñ?Ñ?Ñ? ван Ð?анди и Ð?жонаÑ?ан Ð?аÑ?днеÑ? обнаÑ?Ñ?жили, Ñ?Ñ?о оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вие
+ пÑ?овеÑ?ки вÑ?еменнÑ?Ñ? меÑ?ок иÑ?Ñ?оÑ?ника в клиенÑ?аÑ? ntpd можеÑ? пÑ?иводиÑ?Ñ? к оÑ?казÑ?
+ в обÑ?лÑ?живании.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8158">CVE-2015-8158</a>
- - <p>Jonathan Gardner discovered that missing input sanitising in ntpq
- - may result in denial of service.</p></li>
+ <p>Ð?жонаÑ?ан Ð?аÑ?днеÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вие оÑ?иÑ?Ñ?ки вÑ?однÑ?Ñ? даннÑ?Ñ? в ntpq
+ можеÑ? пÑ?иводиÑ?Ñ? к оÑ?казÑ? в обÑ?лÑ?живании.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2016-1547">CVE-2016-1547</a>
- - <p>Stephen Gray and Matthew van Gundy discovered that incorrect handling
- - of crypto NAK packets my result in denial of service.</p></li>
+ <p>СÑ?ивен Ð?Ñ?Ñ?й и Ð?Ñ?Ñ?Ñ?Ñ? ван Ð?анди обнаÑ?Ñ?жили, Ñ?Ñ?о некоÑ?Ñ?екÑ?наÑ? обÑ?абоÑ?ка
+ пакеÑ?а Crypto-NAK можеÑ? пÑ?иводиÑ?Ñ? к оÑ?казÑ? в обÑ?лÑ?живании.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2016-1548">CVE-2016-1548</a>
- - <p>Jonathan Gardner and Miroslav Lichvar discovered that ntpd clients
- - could be forced to change from basic client/server mode to interleaved
- - symmetric mode, preventing time synchronisation.</p></li>
+ <p>Ð?жонаÑ?ан Ð?аÑ?днеÑ? и Ð?иÑ?оÑ?лав Ð?иÑ?ваÑ? обнаÑ?Ñ?жили, Ñ?Ñ?о клиенÑ?ов ntpd
+ можно заÑ?Ñ?авиÑ?Ñ? пеÑ?ейÑ?и из базового Ñ?ежима клиенÑ?/Ñ?еÑ?веÑ? в Ñ?еÑ?едÑ?Ñ?Ñ?ийÑ?Ñ?
+ Ñ?иммеÑ?Ñ?иÑ?нÑ?й Ñ?ежим, Ñ?Ñ?о не позволÑ?еÑ? вÑ?полниÑ?Ñ? Ñ?инÑ?Ñ?онизаÑ?иÑ? вÑ?емени.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2016-1550">CVE-2016-1550</a>
- - <p>Matthew van Gundy, Stephen Gray and Loganaden Velvindron discovered
- - that timing leaks in the the packet authentication code could result
- - in recovery of a message digest.</p></li>
+ <p>Ð?Ñ?Ñ?Ñ?Ñ? ван Ð?анди, СÑ?ивен Ð?Ñ?Ñ?й и Ð?оганаден Ð?елвиндÑ?он обнаÑ?Ñ?жили,
+ Ñ?Ñ?о Ñ?Ñ?еÑ?ки Ñ?аймингов в коде аÑ?Ñ?енÑ?иÑ?икаÑ?ии пакеÑ?ов могÑ?Ñ? пÑ?иводиÑ?Ñ?
+ к воÑ?Ñ?Ñ?ановлениÑ? дайджеÑ?Ñ?а Ñ?ообÑ?ениÑ?.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2016-2516">CVE-2016-2516</a>
- - <p>Yihan Lian discovered that duplicate IPs on <q>unconfig</q> directives will
- - trigger an assert.</p></li>
+ <p>Ð?Ñ?анÑ? Ð?Ñ?нÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о дÑ?блиÑ?Ñ?Ñ?Ñ?ие IP в диÑ?екÑ?иваÑ? <q>unconfig</q> пÑ?иводÑ?Ñ?
+ к вÑ?полнениÑ? Ñ?Ñ?веÑ?жениÑ?.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2016-2518">CVE-2016-2518</a>
- - <p>Yihan Lian discovered that an OOB memory access could potentially
- - crash ntpd.</p></li>
+ <p>Ð?Ñ?анÑ? Ð?Ñ?нÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о доÑ?Ñ?Ñ?п к памÑ?Ñ?и OOB поÑ?енÑ?иалÑ?но можеÑ?
+ пÑ?иводиÑ?Ñ? к аваÑ?ийномÑ? завеÑ?Ñ?ениÑ? ntpd.</p></li>
</ul>
- -<p>For the stable distribution (jessie), these problems have been fixed in
- -version 1:4.2.6.p5+dfsg-7+deb8u2.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1:4.2.6.p5+dfsg-7+deb8u2.</p>
- -<p>For the testing distribution (stretch), these problems have been fixed
- -in version 1:4.2.8p7+dfsg-1.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом вÑ?пÑ?Ñ?ке (stretch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 1:4.2.8p7+dfsg-1.</p>
- -<p>For the unstable distribution (sid), these problems have been fixed in
- -version 1:4.2.8p7+dfsg-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1:4.2.8p7+dfsg-1.</p>
- -<p>We recommend that you upgrade your ntp packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? ntp.</p>
</define-tag>
# do not modify the following line
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXl06IAAoJEF7nbuICFtKld0gP/3VeOlYulsXhQ7XnP7Ehjx0f
WPVJk6A8c9tgljHuvZR2Y5mGBwaWesq0nJfEQc1hIwYsdGUMBPKI/gLTah4NgUmt
LN3CAXKqvCUev3Rig4n+w4Wxy/4uFGAGGUcKr7tC5FHWmKaW4OLzNkJpOVjO1a+P
ZD7nkEa2m01754IVQ5g3PymYtTRmmwtgdmwY46DK5GfxQ2P66+3U12dHsui0S3Hm
Kvmt5pU6hqBqBgKHUbiPtuykO4XlgW4veN80iPuVWeD+iz2EQMnaw5Pn42s2fK2s
drL24pRNnJpq4I/iGxG9G6pHSLu/dHleavRRvrxRO4EDHPSuGQXWKjX2KjsQIJnu
kNiLe0/9RH4NP6C1fgs88BYZ1IfmU6CR3+bp3uF1rmSiVYnb9kpy6ixYOmgt5yQU
iFxae4HGKaQ5Hqc/jNGM2JeMp9zghhden9/HIY8p9EuPrp+Y0ATuMf9Ih3d6iBf5
YlRG6n+UfFpdShcM6y5uaxkTpdTLXlPaUx3RHuGr8wSWv/DmHOmUeV+4YATv8kh/
WlwoFJ97yxvI2peYz7K2tCAGYXyIuDxjYnP4O55XK5dRT5Mdpu36FlrI58POzH6a
uZdrM2kv4KhJZ6QUiUfLvviblRGISttgDlGEEpW/R9WuyCrRgzzBYuNUdWSpN1Zu
a1s0B1psqs4uLKfEk7vR
=qbbF
-----END PGP SIGNATURE-----
Reply to: