[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

wml://security/2015/dsa-3426.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2015/dsa-3426.wml	2015-12-18 11:51:58.000000000 +0500
+++ russian/security/2015/dsa-3426.wml	2015-12-18 13:08:10.619696731 +0500
@@ -1,68 +1,69 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in the Linux kernel that
- -may lead to a privilege escalation, denial of service, information leak
- -or data loss.</p>
+<p>Ð? Ñ?дÑ?е Linux бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей, коÑ?оÑ?Ñ?е могÑ?Ñ?
+пÑ?иводиÑ?Ñ? к повÑ?Ñ?ениÑ? пÑ?ивилегий, оÑ?казÑ? в обÑ?лÑ?живании, Ñ?Ñ?еÑ?ке инÑ?оÑ?маÑ?ии
+или поÑ?еÑ?е даннÑ?Ñ?.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2013-7446";>CVE-2013-7446</a>
 
- -    <p>Dmitry Vyukov discovered that a particular sequence of valid
- -    operations on local (AF_UNIX) sockets can result in a
- -    use-after-free. This may be used to cause a denial of service
- -    (crash) or possibly for privilege escalation.</p></li>
+    <p>Ð?миÑ?Ñ?ий Ð?Ñ?Ñ?ков обнаÑ?Ñ?жил, Ñ?Ñ?о опÑ?еделÑ?ннаÑ? поÑ?ледоваÑ?елÑ?ноÑ?Ñ?Ñ? коÑ?Ñ?екÑ?нÑ?Ñ?
+    опеÑ?аÑ?ий над локалÑ?нÑ?ми (AF_UNIX) Ñ?океÑ?ами можеÑ? пÑ?иводиÑ?Ñ? к
+    иÑ?полÑ?зованиÑ? Ñ?казаÑ?елей поÑ?ле оÑ?вобождениÑ? памÑ?Ñ?и. ЭÑ?о можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? длÑ? вÑ?зова оÑ?каза в
+    обÑ?лÑ?живании (аваÑ?ийнаÑ? оÑ?Ñ?ановка) или возможномÑ? повÑ?Ñ?ениÑ? пÑ?ивилегий.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7799";>CVE-2015-7799</a>
 
- -    <p>It was discovered that a user granted access to /dev/ppp can cause a
- -    denial of service (crash) by passing invalid parameters to the
- -    PPPIOCSMAXCID ioctl. This also applies to ISDN PPP device nodes.</p></li>
+    <p>Ð?Ñ?ло обнаÑ?Ñ?женое, Ñ?Ñ?о полÑ?зоваÑ?елÑ?, полÑ?Ñ?ивÑ?ий доÑ?Ñ?Ñ?п к /dev/ppp, можеÑ? вÑ?зÑ?ваÑ?Ñ?
+    оÑ?каз в обÑ?лÑ?живании (аваÑ?ийнаÑ? оÑ?Ñ?ановка) пÑ?Ñ?Ñ?м пеÑ?едаÑ?и некоÑ?Ñ?екÑ?нÑ?Ñ? паÑ?амеÑ?Ñ?ом
+    PPPIOCSMAXCID ioctl. ЭÑ?о Ñ?акже каÑ?аеÑ?Ñ?Ñ? и к нодам Ñ?Ñ?Ñ?Ñ?ойÑ?Ñ?в ISDN PPP.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7833";>CVE-2015-7833</a>
 
- -    <p>Sergej Schumilo, Hendrik Schwartke and Ralf Spenneberg discovered a
- -    flaw in the processing of certain USB device descriptors in the
- -    usbvision driver. An attacker with physical access to the system can
- -    use this flaw to crash the system. This was partly fixed by the
- -    changes listed in DSA 3396-1.</p></li>
+    <p>СеÑ?гей ШÑ?мило, ХенÑ?ик ШваÑ?Ñ?ке и РалÑ?Ñ? ШпеннебеÑ?г обнаÑ?Ñ?жили
+    Ñ?Ñ?звимоÑ?Ñ?Ñ? в коде обÑ?абоÑ?ки опÑ?еделÑ?ннÑ?Ñ? деÑ?кÑ?ипÑ?оÑ?ов Ñ?Ñ?Ñ?Ñ?ойÑ?Ñ?в USB в
+    дÑ?айвеÑ?е usbvision. Ð?лоÑ?мÑ?Ñ?ленник, имеÑ?Ñ?ий Ñ?изиÑ?еÑ?кий доÑ?Ñ?Ñ?п к Ñ?иÑ?Ñ?еме, можеÑ?
+    иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? аваÑ?ийного завеÑ?Ñ?ениÑ? Ñ?абоÑ?Ñ? Ñ?иÑ?Ñ?емÑ?. ЭÑ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? бÑ?ла Ñ?аÑ?Ñ?иÑ?но
+    иÑ?пÑ?авлена в DSA 3396-1.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8104";>CVE-2015-8104</a>
 
- -    <p>Jan Beulich reported a guest to host denial-of-service flaw
- -    affecting the KVM hypervisor running on AMD processors. A malicious
- -    guest can trigger an infinite stream of <q>debug</q> (#DB) exceptions
- -    causing the processor microcode to enter an infinite loop where the
- -    core never receives another interrupt. This leads to a panic of the
- -    host kernel.</p></li>
+    <p>Ян Ð?Ñ?лиÑ? Ñ?ообÑ?ил об Ñ?Ñ?звимоÑ?Ñ?и, Ñ?вÑ?занной Ñ? гоÑ?Ñ?евой и оÑ?новной Ñ?иÑ?Ñ?емами, пÑ?иводÑ?Ñ?ей к
+    оÑ?казÑ? в обÑ?лÑ?живании, коÑ?оÑ?аÑ? возникаеÑ? в гипеÑ?визоÑ?е KVM пÑ?и запÑ?Ñ?ке на пÑ?оÑ?еÑ?Ñ?оÑ?аÑ? AMD. Ð?лоÑ?мÑ?Ñ?ленник
+    на гоÑ?Ñ?евой Ñ?иÑ?Ñ?еме можеÑ? поÑ?ождаÑ?Ñ? беÑ?конеÑ?нÑ?й поÑ?ок иÑ?клÑ?Ñ?ений <q>debug</q> (#DB),
+    пÑ?иводÑ?Ñ?ий к Ñ?омÑ?, Ñ?Ñ?о микÑ?окод пÑ?оÑ?еÑ?Ñ?оÑ?а войдÑ?Ñ? в беÑ?конеÑ?нÑ?й Ñ?икл, пÑ?и коÑ?оÑ?ом
+    Ñ?дÑ?о никогда не полÑ?Ñ?аеÑ? дÑ?Ñ?гое пÑ?еÑ?Ñ?вание. ЭÑ?о пÑ?иводиÑ? к панике Ñ?дÑ?а на
+    оÑ?новной Ñ?иÑ?Ñ?еме.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8374";>CVE-2015-8374</a>
 
- -    <p>It was discovered that Btrfs did not correctly implement truncation
- -    of compressed inline extents. This could lead to an information
- -    leak, if a file is truncated and later made readable by other users.
- -    Additionally, it could cause data loss. This has been fixed for the
- -    stable distribution (jessie) only.</p></li>
+    <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о Btrfs непÑ?авилÑ?но Ñ?еализÑ?еÑ? обÑ?езание
+    Ñ?жаÑ?Ñ?Ñ? Ñ?Ñ?Ñ?оковÑ?Ñ? Ñ?кÑ?Ñ?енÑ?. ЭÑ?о можеÑ? пÑ?иводиÑ?Ñ? к Ñ?Ñ?еÑ?ке
+    инÑ?оÑ?маÑ?ии в Ñ?ом Ñ?лÑ?Ñ?ае, еÑ?ли Ñ?айл обÑ?езаеÑ?Ñ?Ñ?, а позднее дÑ?Ñ?гие полÑ?зоваÑ?ели полÑ?Ñ?аÑ?Ñ? к немÑ? доÑ?Ñ?Ñ?п
+    длÑ? Ñ?Ñ?ениÑ?. Ð?Ñ?оме Ñ?ого, Ñ?Ñ?о можеÑ? пÑ?иводиÑ?Ñ? к поÑ?еÑ?е даннÑ?Ñ?. ЭÑ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? бÑ?ла иÑ?пÑ?авленÑ?
+    Ñ?олÑ?ко в Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie).</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8543";>CVE-2015-8543</a>
 
- -    <p>It was discovered that a local user permitted to create raw sockets
- -    could cause a denial-of-service by specifying an invalid protocol
- -    number for the socket. The attacker must have the CAP_NET_RAW
- -    capability in their user namespace. This has been fixed for the
- -    stable distribution (jessie) only.</p></li>
+    <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о локалÑ?нÑ?й полÑ?зоваÑ?елÑ?, имеÑ?Ñ?ий пÑ?ава на Ñ?оздание
+    неÑ?Ñ?Ñ?Ñ?кÑ?Ñ?Ñ?иÑ?ованнÑ?Ñ? Ñ?океÑ?ов, можеÑ? вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании, Ñ?казав длÑ? Ñ?акого
+    Ñ?океÑ?а непÑ?авилÑ?нÑ?й номеÑ? пÑ?оÑ?окола. Ð?лоÑ?мÑ?Ñ?ленник должен обладаÑ?Ñ? CAP_NET_RAW
+    в полÑ?зоваÑ?елÑ?Ñ?ком пÑ?оÑ?Ñ?Ñ?анÑ?Ñ?ве имÑ?н. ЭÑ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? бÑ?ла иÑ?пÑ?авлена Ñ?олÑ?ко
+    в Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie).</p></li>
 
 </ul>
 
- -<p>For the oldstable distribution (wheezy), these problems have been fixed
- -in version 3.2.73-2+deb7u1. In addition, this update contains several
- -changes originally targeted for the upcoming Wheezy point release.</p>
- -
- -<p>For the stable distribution (jessie), these problems have been fixed in
- -version 3.16.7-ckt20-1+deb8u1. In addition, this update contains several
- -changes originally targeted for the upcoming Jessie point release.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 3.2.73-2+deb7u1. Ð?Ñ?оме Ñ?ого, данное обновление Ñ?одеÑ?жиÑ? неÑ?колÑ?ко
+изменений, коÑ?оÑ?Ñ?е изнаÑ?алÑ?но пÑ?едназнаÑ?алиÑ?Ñ? длÑ? гоÑ?овÑ?Ñ?ейÑ?Ñ? Ñ?едакÑ?ии Wheezy.</p>
+
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 3.16.7-ckt20-1+deb8u1. Ð?Ñ?оме Ñ?ого, данное обновление Ñ?одеÑ?жиÑ? неÑ?колÑ?ко
+изменений, коÑ?оÑ?Ñ?е изнаÑ?алÑ?но пÑ?едназнаÑ?алиÑ?Ñ? длÑ? гоÑ?овÑ?Ñ?ейÑ?Ñ? Ñ?едакÑ?ии Jessie.</p>
 
- -<p>We recommend that you upgrade your linux packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? linux.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJWc8AIAAoJEF7nbuICFtKl+7AQAKaUWySe2A/oFofVKWJNhQJZ
5rLH1bxVFoMm3E+hMZDLajQBpnCB6fzBXQjnU34MOY3bsMJfSMM0B+Ic3r1l8U49
j7kVRMA+DEh0OnTdo2EN04fEicurwiEo7Y6h4I+8TXZplDu79ZjL0iFt3Ch3qmjB
nVvCjE5oj56XqwjP/xSGq0uh12B6c9+3gerMf4v9CPWnxCZpRYo98fTFBjfpI68j
wZMq3NXiZDGFkaCc54MVdz84R2yrRBGvlX/sPuJhL5+KJ807jNKoMPKiDLu2dej3
nEjuYCy5Jm1+DaVP2wd4FehhhRWg2ZyNBMnvf35pf7+e/V+5uwdumRq+vdDwC2d/
bg+9chOBeUb7kxdREakoQaOD7NznmWA9+0CT8/xZya0PiNepQ+TmRqFLYiy9vxDz
XBbacK0mfr+HsOwZkacao8zNj5P138y4sXY/fFdBoka3guFkD19OBvMfxnZHFumg
GDo07J4n7uvLbLewqbSYvkKvzOXhXJBvwbywOfP5kHAogzMJ822Ai3Edyv4Y2TYU
d+ISUSuBm2h5ro/0AwpzDvQMX90+cHGD1Nbx16fKe1sXPV64qGcHiA85XUyp6sYF
z+cdhVzyhcxFaw26FrEpw9bGqHjnQuyU98Yjt/gKdqUErJ+tniMIsyYtborlnVmn
HNKnKhFwCDGBMxxhRbIO
=Mg3V
-----END PGP SIGNATURE-----
Reply to: