wml://security/2015/dsa-3426.wml
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- --- english/security/2015/dsa-3426.wml 2015-12-18 11:51:58.000000000 +0500
+++ russian/security/2015/dsa-3426.wml 2015-12-18 13:08:10.619696731 +0500
@@ -1,68 +1,69 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
<define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in the Linux kernel that
- -may lead to a privilege escalation, denial of service, information leak
- -or data loss.</p>
+<p>Ð? Ñ?дÑ?е Linux бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей, коÑ?оÑ?Ñ?е могÑ?Ñ?
+пÑ?иводиÑ?Ñ? к повÑ?Ñ?ениÑ? пÑ?ивилегий, оÑ?казÑ? в обÑ?лÑ?живании, Ñ?Ñ?еÑ?ке инÑ?оÑ?маÑ?ии
+или поÑ?еÑ?е даннÑ?Ñ?.</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2013-7446">CVE-2013-7446</a>
- - <p>Dmitry Vyukov discovered that a particular sequence of valid
- - operations on local (AF_UNIX) sockets can result in a
- - use-after-free. This may be used to cause a denial of service
- - (crash) or possibly for privilege escalation.</p></li>
+ <p>Ð?миÑ?Ñ?ий Ð?Ñ?Ñ?ков обнаÑ?Ñ?жил, Ñ?Ñ?о опÑ?еделÑ?ннаÑ? поÑ?ледоваÑ?елÑ?ноÑ?Ñ?Ñ? коÑ?Ñ?екÑ?нÑ?Ñ?
+ опеÑ?аÑ?ий над локалÑ?нÑ?ми (AF_UNIX) Ñ?океÑ?ами можеÑ? пÑ?иводиÑ?Ñ? к
+ иÑ?полÑ?зованиÑ? Ñ?казаÑ?елей поÑ?ле оÑ?вобождениÑ? памÑ?Ñ?и. ÐÑ?о можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? длÑ? вÑ?зова оÑ?каза в
+ обÑ?лÑ?живании (аваÑ?ийнаÑ? оÑ?Ñ?ановка) или возможномÑ? повÑ?Ñ?ениÑ? пÑ?ивилегий.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7799">CVE-2015-7799</a>
- - <p>It was discovered that a user granted access to /dev/ppp can cause a
- - denial of service (crash) by passing invalid parameters to the
- - PPPIOCSMAXCID ioctl. This also applies to ISDN PPP device nodes.</p></li>
+ <p>Ð?Ñ?ло обнаÑ?Ñ?женое, Ñ?Ñ?о полÑ?зоваÑ?елÑ?, полÑ?Ñ?ивÑ?ий доÑ?Ñ?Ñ?п к /dev/ppp, можеÑ? вÑ?зÑ?ваÑ?Ñ?
+ оÑ?каз в обÑ?лÑ?живании (аваÑ?ийнаÑ? оÑ?Ñ?ановка) пÑ?Ñ?Ñ?м пеÑ?едаÑ?и некоÑ?Ñ?екÑ?нÑ?Ñ? паÑ?амеÑ?Ñ?ом
+ PPPIOCSMAXCID ioctl. ÐÑ?о Ñ?акже каÑ?аеÑ?Ñ?Ñ? и к нодам Ñ?Ñ?Ñ?Ñ?ойÑ?Ñ?в ISDN PPP.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7833">CVE-2015-7833</a>
- - <p>Sergej Schumilo, Hendrik Schwartke and Ralf Spenneberg discovered a
- - flaw in the processing of certain USB device descriptors in the
- - usbvision driver. An attacker with physical access to the system can
- - use this flaw to crash the system. This was partly fixed by the
- - changes listed in DSA 3396-1.</p></li>
+ <p>СеÑ?гей ШÑ?мило, ХенÑ?ик ШваÑ?Ñ?ке и РалÑ?Ñ? ШпеннебеÑ?г обнаÑ?Ñ?жили
+ Ñ?Ñ?звимоÑ?Ñ?Ñ? в коде обÑ?абоÑ?ки опÑ?еделÑ?ннÑ?Ñ? деÑ?кÑ?ипÑ?оÑ?ов Ñ?Ñ?Ñ?Ñ?ойÑ?Ñ?в USB в
+ дÑ?айвеÑ?е usbvision. Ð?лоÑ?мÑ?Ñ?ленник, имеÑ?Ñ?ий Ñ?изиÑ?еÑ?кий доÑ?Ñ?Ñ?п к Ñ?иÑ?Ñ?еме, можеÑ?
+ иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? аваÑ?ийного завеÑ?Ñ?ениÑ? Ñ?абоÑ?Ñ? Ñ?иÑ?Ñ?емÑ?. ÐÑ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? бÑ?ла Ñ?аÑ?Ñ?иÑ?но
+ иÑ?пÑ?авлена в DSA 3396-1.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8104">CVE-2015-8104</a>
- - <p>Jan Beulich reported a guest to host denial-of-service flaw
- - affecting the KVM hypervisor running on AMD processors. A malicious
- - guest can trigger an infinite stream of <q>debug</q> (#DB) exceptions
- - causing the processor microcode to enter an infinite loop where the
- - core never receives another interrupt. This leads to a panic of the
- - host kernel.</p></li>
+ <p>Ян Ð?Ñ?лиÑ? Ñ?ообÑ?ил об Ñ?Ñ?звимоÑ?Ñ?и, Ñ?вÑ?занной Ñ? гоÑ?Ñ?евой и оÑ?новной Ñ?иÑ?Ñ?емами, пÑ?иводÑ?Ñ?ей к
+ оÑ?казÑ? в обÑ?лÑ?живании, коÑ?оÑ?аÑ? возникаеÑ? в гипеÑ?визоÑ?е KVM пÑ?и запÑ?Ñ?ке на пÑ?оÑ?еÑ?Ñ?оÑ?аÑ? AMD. Ð?лоÑ?мÑ?Ñ?ленник
+ на гоÑ?Ñ?евой Ñ?иÑ?Ñ?еме можеÑ? поÑ?ождаÑ?Ñ? беÑ?конеÑ?нÑ?й поÑ?ок иÑ?клÑ?Ñ?ений <q>debug</q> (#DB),
+ пÑ?иводÑ?Ñ?ий к Ñ?омÑ?, Ñ?Ñ?о микÑ?окод пÑ?оÑ?еÑ?Ñ?оÑ?а войдÑ?Ñ? в беÑ?конеÑ?нÑ?й Ñ?икл, пÑ?и коÑ?оÑ?ом
+ Ñ?дÑ?о никогда не полÑ?Ñ?аеÑ? дÑ?Ñ?гое пÑ?еÑ?Ñ?вание. ÐÑ?о пÑ?иводиÑ? к панике Ñ?дÑ?а на
+ оÑ?новной Ñ?иÑ?Ñ?еме.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8374">CVE-2015-8374</a>
- - <p>It was discovered that Btrfs did not correctly implement truncation
- - of compressed inline extents. This could lead to an information
- - leak, if a file is truncated and later made readable by other users.
- - Additionally, it could cause data loss. This has been fixed for the
- - stable distribution (jessie) only.</p></li>
+ <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о Btrfs непÑ?авилÑ?но Ñ?еализÑ?еÑ? обÑ?езание
+ Ñ?жаÑ?Ñ?Ñ? Ñ?Ñ?Ñ?оковÑ?Ñ? Ñ?кÑ?Ñ?енÑ?. ÐÑ?о можеÑ? пÑ?иводиÑ?Ñ? к Ñ?Ñ?еÑ?ке
+ инÑ?оÑ?маÑ?ии в Ñ?ом Ñ?лÑ?Ñ?ае, еÑ?ли Ñ?айл обÑ?езаеÑ?Ñ?Ñ?, а позднее дÑ?Ñ?гие полÑ?зоваÑ?ели полÑ?Ñ?аÑ?Ñ? к немÑ? доÑ?Ñ?Ñ?п
+ длÑ? Ñ?Ñ?ениÑ?. Ð?Ñ?оме Ñ?ого, Ñ?Ñ?о можеÑ? пÑ?иводиÑ?Ñ? к поÑ?еÑ?е даннÑ?Ñ?. ÐÑ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? бÑ?ла иÑ?пÑ?авленÑ?
+ Ñ?олÑ?ко в Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie).</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8543">CVE-2015-8543</a>
- - <p>It was discovered that a local user permitted to create raw sockets
- - could cause a denial-of-service by specifying an invalid protocol
- - number for the socket. The attacker must have the CAP_NET_RAW
- - capability in their user namespace. This has been fixed for the
- - stable distribution (jessie) only.</p></li>
+ <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о локалÑ?нÑ?й полÑ?зоваÑ?елÑ?, имеÑ?Ñ?ий пÑ?ава на Ñ?оздание
+ неÑ?Ñ?Ñ?Ñ?кÑ?Ñ?Ñ?иÑ?ованнÑ?Ñ? Ñ?океÑ?ов, можеÑ? вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании, Ñ?казав длÑ? Ñ?акого
+ Ñ?океÑ?а непÑ?авилÑ?нÑ?й номеÑ? пÑ?оÑ?окола. Ð?лоÑ?мÑ?Ñ?ленник должен обладаÑ?Ñ? CAP_NET_RAW
+ в полÑ?зоваÑ?елÑ?Ñ?ком пÑ?оÑ?Ñ?Ñ?анÑ?Ñ?ве имÑ?н. ÐÑ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? бÑ?ла иÑ?пÑ?авлена Ñ?олÑ?ко
+ в Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie).</p></li>
</ul>
- -<p>For the oldstable distribution (wheezy), these problems have been fixed
- -in version 3.2.73-2+deb7u1. In addition, this update contains several
- -changes originally targeted for the upcoming Wheezy point release.</p>
- -
- -<p>For the stable distribution (jessie), these problems have been fixed in
- -version 3.16.7-ckt20-1+deb8u1. In addition, this update contains several
- -changes originally targeted for the upcoming Jessie point release.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 3.2.73-2+deb7u1. Ð?Ñ?оме Ñ?ого, данное обновление Ñ?одеÑ?жиÑ? неÑ?колÑ?ко
+изменений, коÑ?оÑ?Ñ?е изнаÑ?алÑ?но пÑ?едназнаÑ?алиÑ?Ñ? длÑ? гоÑ?овÑ?Ñ?ейÑ?Ñ? Ñ?едакÑ?ии Wheezy.</p>
+
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 3.16.7-ckt20-1+deb8u1. Ð?Ñ?оме Ñ?ого, данное обновление Ñ?одеÑ?жиÑ? неÑ?колÑ?ко
+изменений, коÑ?оÑ?Ñ?е изнаÑ?алÑ?но пÑ?едназнаÑ?алиÑ?Ñ? длÑ? гоÑ?овÑ?Ñ?ейÑ?Ñ? Ñ?едакÑ?ии Jessie.</p>
- -<p>We recommend that you upgrade your linux packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? linux.</p>
</define-tag>
# do not modify the following line
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJWc8AIAAoJEF7nbuICFtKl+7AQAKaUWySe2A/oFofVKWJNhQJZ
5rLH1bxVFoMm3E+hMZDLajQBpnCB6fzBXQjnU34MOY3bsMJfSMM0B+Ic3r1l8U49
j7kVRMA+DEh0OnTdo2EN04fEicurwiEo7Y6h4I+8TXZplDu79ZjL0iFt3Ch3qmjB
nVvCjE5oj56XqwjP/xSGq0uh12B6c9+3gerMf4v9CPWnxCZpRYo98fTFBjfpI68j
wZMq3NXiZDGFkaCc54MVdz84R2yrRBGvlX/sPuJhL5+KJ807jNKoMPKiDLu2dej3
nEjuYCy5Jm1+DaVP2wd4FehhhRWg2ZyNBMnvf35pf7+e/V+5uwdumRq+vdDwC2d/
bg+9chOBeUb7kxdREakoQaOD7NznmWA9+0CT8/xZya0PiNepQ+TmRqFLYiy9vxDz
XBbacK0mfr+HsOwZkacao8zNj5P138y4sXY/fFdBoka3guFkD19OBvMfxnZHFumg
GDo07J4n7uvLbLewqbSYvkKvzOXhXJBvwbywOfP5kHAogzMJ822Ai3Edyv4Y2TYU
d+ISUSuBm2h5ro/0AwpzDvQMX90+cHGD1Nbx16fKe1sXPV64qGcHiA85XUyp6sYF
z+cdhVzyhcxFaw26FrEpw9bGqHjnQuyU98Yjt/gKdqUErJ+tniMIsyYtborlnVmn
HNKnKhFwCDGBMxxhRbIO
=Mg3V
-----END PGP SIGNATURE-----
Reply to: