[DONE] wml://security/2016/dsa-343{4,5}.wml
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- --- english/security/2016/dsa-3434.wml 2016-01-06 00:51:22.212722466 +0500
+++ russian/security/2016/dsa-3434.wml 2016-01-06 13:27:26.749841237 +0500
@@ -1,101 +1,102 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
<define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in the Linux kernel that
- -may lead to a privilege escalation, denial of service or information
- -leak.</p>
+<p>Ð? Ñ?дÑ?е Linux бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?Ñ?, коÑ?оÑ?Ñ?е
+могÑ?Ñ? пÑ?иводиÑ?Ñ? к повÑ?Ñ?ениÑ? пÑ?ивилегий, оÑ?казÑ? в обÑ?лÑ?живании или Ñ?Ñ?еÑ?кам
+инÑ?оÑ?маÑ?ии.</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7513">CVE-2015-7513</a>
- - <p>It was discovered that a local user permitted to use the x86 KVM
- - subsystem could configure the PIT emulation to cause a denial of
- - service (crash).</p></li>
+ <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о локалÑ?нÑ?й полÑ?зоваÑ?елÑ?, имеÑ?Ñ?ий пÑ?ава на иÑ?полÑ?зование
+ подÑ?иÑ?Ñ?емÑ? KVM x86, можеÑ? наÑ?Ñ?Ñ?оиÑ?Ñ? Ñ?мÑ?лÑ?Ñ?иÑ? PIT Ñ?ак, Ñ?Ñ?о Ñ?Ñ?о пÑ?иведÑ?Ñ? к оÑ?казÑ?
+ в обÑ?лÑ?живании (аваÑ?ийное завеÑ?Ñ?ение Ñ?абоÑ?Ñ?).</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7550">CVE-2015-7550</a>
- - <p>Dmitry Vyukov discovered a race condition in the keyring subsystem
- - that allows a local user to cause a denial of service (crash).</p></li>
+ <p>Ð?миÑ?Ñ?ий Ð?Ñ?Ñ?ков обнаÑ?Ñ?жил Ñ?оÑ?Ñ?оÑ?ние гонки в подÑ?иÑ?Ñ?еме бÑ?елоков клÑ?Ñ?ей,
+ коÑ?оÑ?ое позволÑ?еÑ? локалÑ?номÑ? полÑ?зоваÑ?елÑ? вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании (аваÑ?ийное завеÑ?Ñ?ение Ñ?абоÑ?Ñ?).</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8543">CVE-2015-8543</a>
- - <p>It was discovered that a local user permitted to create raw sockets
- - could cause a denial-of-service by specifying an invalid protocol
- - number for the socket. The attacker must have the CAP_NET_RAW
- - capability.</p></li>
+ <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о локалÑ?нÑ?й полÑ?зоваÑ?елÑ?, имеÑ?Ñ?ий пÑ?ава на Ñ?оздание Ñ?Ñ?Ñ?Ñ?Ñ? Ñ?океÑ?ов,
+ можеÑ? вÑ?зваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании, Ñ?казав непÑ?авилÑ?нÑ?й номеÑ? пÑ?оÑ?окола длÑ?
+ Ñ?оздаваемого Ñ?океÑ?а. Ð?лоÑ?мÑ?Ñ?ленник должен имеÑ?Ñ? мандаÑ?
+ CAP_NET_RAW.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8550">CVE-2015-8550</a>
- - <p>Felix Wilhelm of ERNW discovered that the Xen PV backend drivers
- - may read critical data from shared memory multiple times. This
- - flaw can be used by a guest kernel to cause a denial of service
- - (crash) on the host, or possibly for privilege escalation.</p></li>
+ <p>ФеликÑ? Ð?илÑ?гелÑ?м из ERNW обнаÑ?Ñ?жил, Ñ?Ñ?о дÑ?айвеÑ?Ñ? движка Xen PV
+ могÑ?Ñ? по неÑ?колÑ?ко Ñ?аз Ñ?Ñ?иÑ?Ñ?ваÑ?Ñ? кÑ?иÑ?иÑ?нÑ?е даннÑ?е из Ñ?азделÑ?емой памÑ?Ñ?и. ÐÑ?а
+ Ñ?Ñ?звимоÑ?Ñ?Ñ? можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? гоÑ?Ñ?евÑ?м Ñ?дÑ?ом длÑ? вÑ?зова оÑ?каза в обÑ?лÑ?живании
+ (аваÑ?ийное завеÑ?Ñ?ение Ñ?абоÑ?Ñ?) на оÑ?новной Ñ?иÑ?Ñ?еме, либо длÑ? возможного повÑ?Ñ?ениÑ? пÑ?ивилегий.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8551">CVE-2015-8551</a> /
<a href="https://security-tracker.debian.org/tracker/CVE-2015-8552">CVE-2015-8552</a>
- - <p>Konrad Rzeszutek Wilk of Oracle discovered that the Xen PCI
- - backend driver does not adequately validate the device state when
- - a guest configures MSIs. This flaw can be used by a guest kernel
- - to cause a denial of service (crash or disk space exhaustion) on
- - the host.</p></li>
+ <p>Ð?онÑ?ад РжежÑ?ек Уилк из Oracle обнаÑ?Ñ?жил, Ñ?Ñ?о дÑ?айвеÑ? движка Xen PCI
+ непÑ?авилÑ?но вÑ?полнÑ?еÑ? пÑ?овеÑ?кÑ? Ñ?оÑ?Ñ?оÑ?ниÑ? Ñ?Ñ?Ñ?Ñ?ойÑ?Ñ?ва в Ñ?лÑ?Ñ?ае, когда
+ гоÑ?Ñ?еваÑ? Ñ?иÑ?Ñ?ема вÑ?полнÑ?еÑ? наÑ?Ñ?Ñ?ойкÑ? MSI. ÐÑ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? гоÑ?Ñ?евÑ?м
+ Ñ?дÑ?ом длÑ? вÑ?зова оÑ?каза в обÑ?лÑ?живании (аваÑ?ийного завеÑ?Ñ?ениÑ? Ñ?абоÑ?Ñ? или иÑ?полÑ?зование вÑ?его меÑ?Ñ?а на диÑ?ке)
+ на оÑ?новной Ñ?иÑ?Ñ?еме.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8569">CVE-2015-8569</a>
- - <p>Dmitry Vyukov discovered a flaw in the PPTP sockets implementation
- - that leads to an information leak to local users.</p></li>
+ <p>Ð?миÑ?Ñ?ий Ð?Ñ?Ñ?ков обнаÑ?Ñ?жил Ñ?Ñ?звимоÑ?Ñ?Ñ? в Ñ?еализаÑ?ии Ñ?океÑ?ов PPTP,
+ коÑ?оÑ?аÑ? пÑ?иводиÑ? к Ñ?Ñ?еÑ?ке инÑ?оÑ?маÑ?ии локалÑ?нÑ?м полÑ?зоваÑ?елÑ?м.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8575">CVE-2015-8575</a>
- - <p>David Miller discovered a flaw in the Bluetooth SCO sockets
- - implementation that leads to an information leak to local users.</p></li>
+ <p>Ð?Ñ?вид Ð?иллеÑ? обнаÑ?Ñ?жил Ñ?Ñ?звимоÑ?Ñ?Ñ? в Ñ?еализаÑ?ии Ñ?океÑ?ов Bluetooth SCO,
+ коÑ?оÑ?аÑ? пÑ?иводиÑ? к Ñ?Ñ?еÑ?ке инÑ?оÑ?маÑ?ии локалÑ?нÑ?м полÑ?зоваÑ?елÑ?м.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8709">CVE-2015-8709</a>
- - <p>Jann Horn discovered a flaw in the permission checks for use of
- - the ptrace feature. A local user who has the CAP_SYS_PTRACE
- - capability within their own user namespace could use this flaw for
- - privilege escalation if a more privileged process ever enters that
- - user namespace. This affects at least the LXC system.</p></li>
+ <p>Янн ХоÑ?н обнаÑ?Ñ?жил Ñ?Ñ?звимоÑ?Ñ?Ñ? в коде пÑ?овеÑ?ки пÑ?ав доÑ?Ñ?Ñ?па длÑ? иÑ?полÑ?зованиÑ?
+ возможноÑ?Ñ?и ptrace. Ð?окалÑ?нÑ?й полÑ?зоваÑ?елÑ?, имеÑ?Ñ?ий мандаÑ? CAP_SYS_PTRACE
+ в Ñ?воÑ?м полÑ?зоваÑ?елÑ?Ñ?ком пÑ?оÑ?Ñ?Ñ?анÑ?Ñ?ве имÑ?н, можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ?
+ повÑ?Ñ?ениÑ? пÑ?ивилегий в Ñ?ом Ñ?лÑ?Ñ?ае, еÑ?ли пÑ?оÑ?еÑ?Ñ? Ñ? болÑ?Ñ?ими пÑ?авами вÑ?одиÑ? в
+ его полÑ?зоваÑ?елÑ?Ñ?кое пÑ?оÑ?Ñ?Ñ?анÑ?Ñ?во имÑ?н. ÐÑ?а Ñ?Ñ?звимоÑ?Ñ?Ñ?, по менÑ?Ñ?ей меÑ?е, каÑ?аеÑ?Ñ?Ñ? Ñ?иÑ?Ñ?емÑ? LXC.</p></li>
</ul>
- -<p>In addition, this update fixes some regressions in the previous update:</p>
+<p>Ð?Ñ?оме Ñ?ого, данное обновление Ñ?одеÑ?жиÑ? иÑ?пÑ?авлениÑ? неÑ?колÑ?киÑ? Ñ?егÑ?еÑ?Ñ?ов, поÑ?вивÑ?иÑ?Ñ?Ñ? в пÑ?оÑ?лом обновлении:</p>
<ul>
<li><a href="https://bugs.debian.org/808293">#808293</a>
- - <p>A regression in the UDP implementation prevented freeradius and
- - some other applications from receiving data.</p></li>
+ <p>РегÑ?еÑ?Ñ? в Ñ?еализаÑ?ии UDP не позволÑ?еÑ? freeradius и
+ некоÑ?оÑ?Ñ?м дÑ?Ñ?гим пÑ?иложениÑ?м полÑ?Ñ?аÑ?Ñ? даннÑ?е.</p></li>
- -<li><a href="https://bugs.debian.org/808602">#808602</a> /
+<li><a href="https://bugs.debian.org/808602">#808602</a> /
<a href="https://bugs.debian.org/808953">#808953</a>
- - <p>A regression in the USB XHCI driver prevented use of some devices
- - in USB 3 SuperSpeed ports.</p></li>
+ <p>РегÑ?еÑ?Ñ? в дÑ?айвеÑ?е USB XHCI не позволÑ?еÑ? иÑ?полÑ?зоваÑ?Ñ? некоÑ?оÑ?Ñ?е Ñ?Ñ?Ñ?Ñ?ойÑ?Ñ?ва,
+ подклÑ?Ñ?еннÑ?е к поÑ?Ñ?ам USB 3 SuperSpeed.</p></li>
<li><a href="https://bugs.debian.org/808973">#808973</a>
- - <p>A fix to the radeon driver interacted with an existing bug to
- - cause a crash at boot when using some AMD/ATI graphics cards.
- - This issue only affects wheezy.</p></li>
+ <p>Ð?Ñ?пÑ?авление в дÑ?айвеÑ?е radeon взаимодейÑ?Ñ?вÑ?еÑ? Ñ? Ñ?Ñ?Ñ?еÑ?Ñ?вÑ?Ñ?Ñ?ей оÑ?ибкой и вÑ?зваеÑ? аваÑ?ийное
+ завеÑ?Ñ?ение Ñ?абоÑ?Ñ? во вÑ?емÑ? загÑ?Ñ?зки Ñ?иÑ?Ñ?емÑ? пÑ?и иÑ?полÑ?зовании некоÑ?оÑ?Ñ?Ñ? гÑ?аÑ?иÑ?еÑ?киÑ? каÑ?Ñ? AMD/ATI.
+ Ð?аннаÑ? пÑ?облема каÑ?аеÑ?Ñ?Ñ? Ñ?олÑ?ко вÑ?пÑ?Ñ?ка wheezy.</p></li>
</ul>
- -<p>For the oldstable distribution (wheezy), these problems have been fixed
- -in version 3.2.73-2+deb7u2. The oldstable distribution (wheezy) is not
- -affected by <a href="https://security-tracker.debian.org/tracker/CVE-2015-8709">CVE-2015-8709</a>.</p>
- -
- -<p>For the stable distribution (jessie), these problems have been fixed in
- -version 3.16.7-ckt20-1+deb8u2.
- -<a href="https://security-tracker.debian.org/tracker/CVE-2015-8543">CVE-2015-8543</a>
- -was already fixed in version 3.16.7-ckt20-1+deb8u1.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 3.2.73-2+deb7u2. Ð?Ñ?едÑ?дÑ?Ñ?ий Ñ?Ñ?абилÑ?нÑ?й вÑ?пÑ?Ñ?к (wheezy) не подвеÑ?жен
+<a href="https://security-tracker.debian.org/tracker/CVE-2015-8709">CVE-2015-8709</a>.</p>
+
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 3.16.7-ckt20-1+deb8u2. УÑ?звимоÑ?Ñ?Ñ?
+<a href="https://security-tracker.debian.org/tracker/CVE-2015-8543">CVE-2015-8543</a>
+Ñ?же бÑ?ла иÑ?пÑ?авлена в веÑ?Ñ?ии 3.16.7-ckt20-1+deb8u1.</p>
- -<p>For the unstable distribution (sid), these problems have been fixed in
- -version 4.3.3-3 or earlier.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 4.3.3-3 или более Ñ?анниÑ? веÑ?Ñ?иÑ?Ñ?.</p>
- -<p>We recommend that you upgrade your linux packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? linux.</p>
</define-tag>
# do not modify the following line
- --- english/security/2016/dsa-3435.wml 2016-01-06 01:57:14.000000000 +0500
+++ russian/security/2016/dsa-3435.wml 2016-01-06 13:30:48.039959108 +0500
@@ -1,23 +1,24 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
<define-tag moreinfo>
- -<p>Blake Burkhart discovered that the Git git-remote-ext helper incorrectly
- -handled recursive clones of git repositories. A remote attacker could
- -possibly use this issue to execute arbitary code by injecting commands
- -via crafted URLs.</p>
+<p>Ð?лÑ?йк Ð?Ñ?Ñ?Ñ?аÑ?Ñ? обнаÑ?Ñ?жил, Ñ?Ñ?о git-remote-ext, вÑ?помогаÑ?елÑ?наÑ? Ñ?Ñ?илиÑ?а длÑ? Git, непÑ?авилÑ?но
+обÑ?абаÑ?Ñ?ваеÑ? клонÑ? Ñ?епозиÑ?оÑ?иев git. Ð?еÑ?оÑ?Ñ?но, Ñ?далÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ?
+иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? пÑ?облемÑ? длÑ? вÑ?полнениÑ? пÑ?оизволÑ?ного кода пÑ?Ñ?Ñ?м введениÑ? команд
+Ñ?еÑ?ез Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?е URL.</p>
- -<p>For the oldstable distribution (wheezy), this problem has been fixed
- -in version 1:1.7.10.4-1+wheezy2.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена
+в веÑ?Ñ?ии 1:1.7.10.4-1+wheezy2.</p>
- -<p>For the stable distribution (jessie), this problem has been fixed in
- -version 1:2.1.4-2.1+deb8u1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1:2.1.4-2.1+deb8u1.</p>
- -<p>For the testing distribution (stretch), this problem has been fixed
- -in version 1:2.6.1-1.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом вÑ?пÑ?Ñ?ке (stretch) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена
+в веÑ?Ñ?ии 1:2.6.1-1.</p>
- -<p>For the unstable distribution (sid), this problem has been fixed in
- -version 1:2.6.1-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1:2.6.1-1.</p>
- -<p>We recommend that you upgrade your git packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? git.</p>
</define-tag>
# do not modify the following line
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJWjNDnAAoJEF7nbuICFtKly5UP/RnSdXZ/Wc/3ryknAGSS3unQ
+YhOTBlD1q9/d0mBv+GHUZ+1eS/GBnz2tTPLhYihWSE+mk+UBSRdNo9eCh4cpGvL
mLWesQ0iQtpqGftlsG2iIItfsDeZwWQfUaja0JbR4735E408yVzw5/MsnR3SvMzv
nn0aFhsocCk/P99mhK0CR8uWcV17Ai0uMHBIDJHhiwktxn9f6UWx9bbtOJVpN+/z
k10j09p3KxubF9EQzWLdWPmvSCWLe+GkISKeEE9pLPMBDPKN1VhJA/XvcEqzgJ2H
OeuJRl+fWyXuR8eumwWpUZWxA1xCR35FTS2nRBSxdwKAjKa1rYM53laIJldRh3xL
xsut5NWE6Z9zPi5D4jga+bfrvMK8zzmBVcbrX5kWUIoefkk/jDaWTrI4I4SB5xIT
A57ntWKJf596+lp61DCTcEEdJdmhqJVsoMlLL8yj6HccdJVH7n8bA5Ot/YeziqpA
j9SkRgQj2IXf+uGlNRY5pIYXTsPrjCr9FfBiOBe+yki3/y4LAIWnEpPtqtfstG6Y
Dv5Ci2LyJOEnEk1h1b0bISzcDTctxMnpr20XOGCMmFCudKPALnX13CUZ1QU4ONgj
pih4MXDl/MuhGg+U8kSVuJhNCPu+hoDC/qAmVKJowFMdyyUFJYfFmPF8ePWSKZcb
BTT9KugpgfbVqDWEn+zl
=dtW3
-----END PGP SIGNATURE-----
Reply to: