[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2016/dsa-348{0,1}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2016/dsa-3480.wml	2016-02-16 19:48:50.000000000 +0500
+++ russian/security/2016/dsa-3480.wml	2016-02-16 22:20:09.951723871 +0500
@@ -1,99 +1,100 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been fixed in the GNU C Library, eglibc.</p>
+<p>Ð? библиоÑ?еке GNU C Library, eglibc, бÑ?ло обнаÑ?Ñ?жено и иÑ?пÑ?авлено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей.</p>
 
- -<p>The <a href="https://security-tracker.debian.org/tracker/CVE-2015-7547";>CVE-2015-7547</a> vulnerability listed below is considered to have
- -critical impact.</p>
+<p>УÑ?звимоÑ?Ñ?Ñ? <a href="https://security-tracker.debian.org/tracker/CVE-2015-7547";>CVE-2015-7547</a>, Ñ?казаннаÑ? ниже, Ñ?Ñ?иÑ?аеÑ?Ñ?Ñ?
+кÑ?иÑ?иÑ?еÑ?кой.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8121";>CVE-2014-8121</a>
 
- -    <p>Robin Hack discovered that the nss_files database did not
- -    correctly implement enumeration interleaved with name-based or
- -    ID-based lookups.  This could cause the enumeration enter an
- -    endless loop, leading to a denial of service.</p></li>
+    <p>Робин Ð¥Ñ?к обнаÑ?Ñ?жил, Ñ?Ñ?о база даннÑ?Ñ? nss_files непÑ?авилÑ?но
+    Ñ?еализÑ?еÑ? пеÑ?еÑ?иÑ?ление, пеÑ?емежаÑ?Ñ?ееÑ?Ñ? Ñ? поиÑ?ком на оÑ?нове имени или
+    иденÑ?иÑ?икаÑ?оÑ?а.  ЭÑ?о можеÑ? пÑ?иводиÑ?Ñ? к Ñ?омÑ?, Ñ?Ñ?о пеÑ?еÑ?иÑ?ление войдÑ?Ñ? в
+    беÑ?конеÑ?нÑ?й Ñ?икл, Ñ?Ñ?о пÑ?иводиÑ? к оÑ?казÑ? в обÑ?лÑ?живании.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-1781";>CVE-2015-1781</a>
 
- -    <p>Arjun Shankar discovered that the _r variants of host name
- -    resolution functions (like gethostbyname_r), when performing DNS
- -    name resolution, suffered from a buffer overflow if a misaligned
- -    buffer was supplied by the applications, leading to a crash or,
- -    potentially, arbitrary code execution.  Most applications are not
- -    affected by this vulnerability because they use aligned buffers.</p></li>
+    <p>Ð?Ñ?джÑ?н ШанкаÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о ваÑ?ианÑ?Ñ? Ñ?Ñ?нкÑ?ий Ñ?азÑ?еÑ?ениÑ? имÑ?н Ñ?злов
+    Ñ? _r (напÑ?имеÑ?, gethostbyname_r) пÑ?и вÑ?полнении Ñ?азÑ?еÑ?ениÑ? имÑ?н Ñ?еÑ?ез
+    DNS подвеÑ?женÑ? пеÑ?еполнениÑ? бÑ?Ñ?еÑ?а в Ñ?ом Ñ?лÑ?Ñ?ае, еÑ?ли пÑ?иложением бÑ?л
+    пеÑ?едан невÑ?Ñ?овненнÑ?й бÑ?Ñ?еÑ?, Ñ?Ñ?о пÑ?иводиÑ? к аваÑ?ийной оÑ?Ñ?ановке или
+    к поÑ?енÑ?иалÑ?номÑ? вÑ?полнениÑ? пÑ?оизволÑ?ного кода.  Ð?олÑ?Ñ?инÑ?Ñ?во пÑ?иложений
+    не подвеÑ?женÑ? данной Ñ?Ñ?звимоÑ?Ñ?и, Ñ?ак как они иÑ?полÑ?зÑ?Ñ?Ñ? вÑ?Ñ?овненнÑ?е бÑ?Ñ?еÑ?Ñ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7547";>CVE-2015-7547</a>
 
- -    <p>The Google Security Team and Red Hat discovered that the eglibc
- -    host name resolver function, getaddrinfo, when processing
- -    AF_UNSPEC queries (for dual A/AAAA lookups), could mismanage its
- -    internal buffers, leading to a stack-based buffer overflow and
- -    arbitrary code execution.  This vulnerability affects most
- -    applications which perform host name resolution using getaddrinfo,
- -    including system services.</p></li>
+    <p>ЧленÑ? Ð?омандÑ? безопаÑ?ноÑ?Ñ?и Google и Ñ?оÑ?Ñ?Ñ?дники Red Hat обнаÑ?Ñ?жили, Ñ?Ñ?о Ñ?Ñ?нкÑ?иÑ?
+    Ñ?азÑ?еÑ?ениÑ? имÑ?н Ñ?злов eglibc, getaddrinfo, пÑ?и обÑ?абоÑ?ке
+    запÑ?оÑ?ов AF_UNSPEC (длÑ? двойного поиÑ?ка A/AAAA) можеÑ? непÑ?авилÑ?но иÑ?полÑ?зоваÑ?Ñ?
+    Ñ?вои внÑ?Ñ?Ñ?енние бÑ?Ñ?еÑ?Ñ?, Ñ?Ñ?о пÑ?иводиÑ? к пеÑ?еполнениÑ? бÑ?Ñ?еÑ?а и
+    вÑ?полнениÑ? пÑ?оизволÑ?ного кода.  Ð?аннаÑ? Ñ?Ñ?звимоÑ?Ñ?Ñ? каÑ?аеÑ?Ñ?Ñ? болÑ?Ñ?инÑ?Ñ?ва
+    пÑ?иложений, вÑ?полнÑ?Ñ?Ñ?иÑ? Ñ?азÑ?еÑ?ение имÑ?н Ñ?злов Ñ? помоÑ?Ñ?Ñ? getaddrinfo,
+    вклÑ?Ñ?аÑ? Ñ?иÑ?Ñ?емнÑ?е Ñ?лÑ?жбÑ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8776";>CVE-2015-8776</a>
 
- -    <p>Adam Nielsen discovered that if an invalid separated time value
- -    is passed to strftime, the strftime function could crash or leak
- -    information.  Applications normally pass only valid time
- -    information to strftime; no affected applications are known.</p></li>
+    <p>Ð?дам Ð?илÑ?Ñ?ен обнаÑ?Ñ?жил, Ñ?Ñ?о еÑ?ли непÑ?авилÑ?но Ñ?азделÑ?нное знаÑ?ение, обознаÑ?аÑ?Ñ?ее вÑ?емÑ?,
+    пеÑ?едаÑ?Ñ?Ñ?Ñ? strftime, Ñ?о Ñ?Ñ?нкÑ?иÑ? strftime можеÑ? аваÑ?ийно завеÑ?Ñ?иÑ?Ñ? Ñ?абоÑ?Ñ?, либо можеÑ? пÑ?оизойÑ?и
+    Ñ?Ñ?еÑ?ка инÑ?оÑ?маÑ?ии.  Ð?Ñ?иложениÑ? обÑ?Ñ?но пеÑ?едаÑ?Ñ? Ñ?олÑ?ко коÑ?Ñ?екÑ?нÑ?Ñ? инÑ?оÑ?маÑ?иÑ?
+    о вÑ?емени Ñ?Ñ?нкÑ?ии strftime; подвеÑ?женнÑ?е данной пÑ?облеме пÑ?иложениÑ? не извеÑ?Ñ?нÑ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8777";>CVE-2015-8777</a>
 
- -    <p>Hector Marco-Gisbert reported that LD_POINTER_GUARD was not
- -    ignored for SUID programs, enabling an unintended bypass of a
- -    security feature.  This update causes eglibc to always ignore the
- -    LD_POINTER_GUARD environment variable.</p></li>
+    <p>Ð?екÑ?оÑ? Ð?аÑ?ко-Ð?иÑ?беÑ?Ñ? Ñ?ообÑ?ил, Ñ?Ñ?о LD_POINTER_GUARD не игноÑ?иÑ?Ñ?еÑ?Ñ?Ñ?
+    длÑ? пÑ?огÑ?амм Ñ? Ñ?лагом пÑ?ав доÑ?Ñ?Ñ?па, позволÑ?Ñ?Ñ?им запÑ?Ñ?Ñ?иÑ?Ñ? Ñ?Ñ?и пÑ?огÑ?аммÑ? оÑ? лиÑ?а владелÑ?Ñ?а, Ñ?Ñ?о позволÑ?еÑ?
+    ненамеÑ?енно обÑ?одиÑ?Ñ? Ñ?Ñ?едÑ?Ñ?ва безопаÑ?ноÑ?Ñ?и.  Ð?анное обновление Ñ?Ñ?ебÑ?еÑ?, Ñ?Ñ?обÑ? eglibc вÑ?егда игноÑ?иÑ?овало
+    пеÑ?еменнÑ?Ñ? окÑ?Ñ?жениÑ? LD_POINTER_GUARD.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8778";>CVE-2015-8778</a>
 
- -    <p>Szabolcs Nagy reported that the rarely-used hcreate and hcreate_r
- -    functions did not check the size argument properly, leading to a
- -    crash (denial of service) for certain arguments.  No impacted
- -    applications are known at this time.</p></li>
+    <p>СаболÑ?Ñ? Ð?аги Ñ?ообÑ?ил, Ñ?Ñ?о Ñ?едко иÑ?полÑ?зÑ?емÑ?е Ñ?Ñ?нкÑ?ии hcreate и hcreate_r
+    непÑ?авилÑ?но вÑ?полнÑ?Ñ?Ñ? пÑ?овеÑ?кÑ? Ñ?азмеÑ?а аÑ?гÑ?менÑ?а, Ñ?Ñ?о пÑ?иводиÑ? к
+    аваÑ?ийной оÑ?Ñ?ановке (оÑ?каз в обÑ?лÑ?живании) в Ñ?лÑ?Ñ?ае иÑ?полÑ?зованиÑ? опÑ?еделÑ?ннÑ?Ñ? аÑ?гÑ?менÑ?ов.  Ð?ока
+    ниÑ?его не извеÑ?Ñ?но о пÑ?иложениÑ?Ñ?, подвеÑ?женнÑ?Ñ? данной пÑ?облеме.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8779";>CVE-2015-8779</a>
 
- -    <p>The catopen function contains several unbound stack allocations
- -    (stack overflows), causing it the crash the process (denial of
- -    service).  No applications where this issue has a security impact
- -    are currently known.</p>
- -
- -<p>The following fixed vulnerabilities currently lack CVE assignment:</p>
- -
- -    <p>Joseph Myers reported discovered that an integer overflow in the
- -    strxfrm can lead to heap-based buffer overflow, possibly allowing
- -    arbitrary code execution.  In addition, a fallback path in strxfrm
- -    uses an unbounded stack allocation (stack overflow), leading to a
- -    crash or erroneous application behavior.</p>
- -
- -    <p>Kostya Serebryany reported that the fnmatch function could skip
- -    over the terminating NUL character of a malformed pattern, causing
- -    an application calling fnmatch to crash (denial of service).</p>
- -
- -    <p>Joseph Myers reported that the IO_wstr_overflow function,
- -    internally used by wide-oriented character streams, suffered from
- -    an integer overflow, leading to a heap-based buffer overflow.  On
- -    GNU/Linux systems, wide-oriented character streams are rarely
- -    used, and no affected applications are known.</p>
- -
- -    <p>Andreas Schwab reported a memory leak (memory allocation without a
- -    matching deallocation) while processing certain DNS answers in
- -    getaddrinfo, related to the _nss_dns_gethostbyname4_r function.
- -    This vulnerability could lead to a denial of service.</p>
- -
- -<p>While it is only necessary to ensure that all processes are not using
- -the old eglibc anymore, it is recommended to reboot the machines after
- -applying the security upgrade.</p></li>
+    <p>ФÑ?нкÑ?иÑ? catopen Ñ?одеÑ?жиÑ? неÑ?колÑ?ко неогÑ?аниÑ?еннÑ?Ñ? вÑ?делений Ñ?Ñ?Ñ?ка
+    (пеÑ?еполнение Ñ?Ñ?Ñ?ка), Ñ?Ñ?о пÑ?иводиÑ? к аваÑ?ийной оÑ?Ñ?ановке пÑ?оÑ?еÑ?Ñ?а (оÑ?каз в
+    обÑ?лÑ?живании).  Ð?ока ниÑ?его не извеÑ?Ñ?но о пÑ?иложениÑ?Ñ?, подвеÑ?женнÑ?Ñ?
+    данной пÑ?облеме.</p>
+
+<p>У Ñ?ледÑ?Ñ?Ñ?иÑ? Ñ?Ñ?звимоÑ?Ñ?ей пока оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вÑ?Ñ?Ñ? иденÑ?иÑ?икаÑ?оÑ?Ñ? CVE:</p>
+
+    <p>Ð?жозеÑ? Ð?айеÑ? Ñ?ообÑ?ил, Ñ?Ñ?о пеÑ?еполнение Ñ?елÑ?Ñ? Ñ?иÑ?ел в
+    strxfrm можеÑ? пÑ?иводиÑ?Ñ? к пеÑ?еполнениÑ? динамиÑ?еÑ?кой памÑ?Ñ?и, Ñ?Ñ?о веÑ?оÑ?Ñ?но
+    позволÑ?еÑ? вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код.  Ð?Ñ?оме Ñ?ого, пеÑ?еÑ?од на аваÑ?ийнÑ?й Ñ?ежим
+    в strxfrm иÑ?полÑ?зÑ?еÑ? неогÑ?аниÑ?енное вÑ?деление Ñ?Ñ?Ñ?ка (пеÑ?еполнение Ñ?Ñ?Ñ?ка), Ñ?Ñ?о пÑ?иводиÑ?
+    к аваÑ?ийной оÑ?Ñ?ановке или некоÑ?Ñ?екÑ?номÑ? поведениÑ? пÑ?иложениÑ?.</p>
+
+    <p>Ð?оÑ?Ñ?Ñ? СеÑ?ебÑ?нÑ?й Ñ?ообÑ?ил, Ñ?Ñ?о Ñ?Ñ?нкÑ?иÑ? fnmatch можеÑ? пÑ?опÑ?Ñ?Ñ?иÑ?Ñ?
+    завеÑ?Ñ?аÑ?Ñ?ий NUL-Ñ?имвол в некоÑ?Ñ?екÑ?ном Ñ?аблоне, Ñ?Ñ?о пÑ?иводиÑ?
+    к Ñ?омÑ?, Ñ?Ñ?о пÑ?иложение, вÑ?зÑ?ваÑ?Ñ?ее fnmatch, аваÑ?ийно оÑ?Ñ?анавливаеÑ?Ñ?Ñ? (оÑ?каз в обÑ?лÑ?живании).</p>
+
+    <p>Ð?жозеÑ? Ð?айеÑ? Ñ?ообÑ?ил, Ñ?Ñ?о Ñ?Ñ?нкÑ?иÑ? IO_wstr_overflow,
+    внÑ?Ñ?Ñ?енне иÑ?полÑ?зÑ?емаÑ? Ñ?имволÑ?нÑ?ми поÑ?оками, Ñ?одеÑ?жиÑ?
+    пеÑ?еполнение Ñ?елÑ?Ñ? Ñ?иÑ?ел, Ñ?Ñ?о пÑ?иводиÑ? к пеÑ?еполнениÑ? динамиÑ?еÑ?кой памÑ?Ñ?и.  Ð?
+    Ñ?иÑ?Ñ?емаÑ? GNU/Linux, Ñ?акие Ñ?имволÑ?нÑ?е поÑ?оки Ñ?едко
+    иÑ?полÑ?зÑ?Ñ?Ñ?Ñ?Ñ?, а подвеÑ?женнÑ?е Ñ?Ñ?ой Ñ?Ñ?звимоÑ?Ñ?и пÑ?иложениÑ? не извеÑ?Ñ?нÑ?.</p>
+
+    <p>Ð?ндÑ?еаÑ? Шваб Ñ?ообÑ?ил об Ñ?Ñ?еÑ?ке памÑ?Ñ?и (вÑ?деление памÑ?Ñ?и без
+    Ñ?ооÑ?веÑ?Ñ?Ñ?вÑ?Ñ?Ñ?его оÑ?вобождениÑ?) пÑ?и обÑ?абоÑ?ке опÑ?еделÑ?ннÑ?Ñ? оÑ?веÑ?ов DNS в
+    getaddrinfo, Ñ?вÑ?занной Ñ? _nss_dns_gethostbyname4_r Ñ?Ñ?нкÑ?ией.
+    Ð?аннаÑ? Ñ?Ñ?звимоÑ?Ñ?Ñ? можеÑ? пÑ?иводиÑ?Ñ? к оÑ?казÑ? в обÑ?лÑ?живании.</p>
+
+<p>ХоÑ?Ñ? Ñ?Ñ?ебÑ?еÑ?Ñ?Ñ? лиÑ?Ñ? Ñ?бедиÑ?Ñ?Ñ?Ñ?, Ñ?Ñ?о ни один пÑ?оÑ?еÑ?Ñ? более не иÑ?полÑ?зÑ?еÑ?
+Ñ?Ñ?аÑ?Ñ?Ñ? библиоÑ?екÑ? eglibc, Ñ?екомендÑ?еÑ?Ñ?Ñ? пеÑ?езагÑ?Ñ?зиÑ?Ñ? маÑ?инÑ? поÑ?ле
+пÑ?именениÑ? данного обновление безопаÑ?ноÑ?Ñ?и.</p></li>
 
 </ul>
 
- -<p>For the oldstable distribution (wheezy), these problems have been fixed
- -in version 2.13-38+deb7u10.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 2.13-38+deb7u10.</p>
 
- -<p>We recommend that you upgrade your eglibc packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? eglibc.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2016/dsa-3481.wml	2016-02-16 19:49:12.000000000 +0500
+++ russian/security/2016/dsa-3481.wml	2016-02-16 22:25:49.658313068 +0500
@@ -1,56 +1,57 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been fixed in the GNU C Library, glibc.                              </p>
+<p>Ð? библиоÑ?еке GNU C, glibc, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей.</p>
 
- -<p>The first vulnerability listed below is considered to have critical
- -impact.</p>
+<p>Ð?еÑ?ваÑ? Ñ?Ñ?звимоÑ?Ñ?Ñ?, Ñ?казаннаÑ? ниже, Ñ?Ñ?иÑ?аеÑ?Ñ?Ñ?
+кÑ?иÑ?иÑ?еÑ?кой.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7547";>CVE-2015-7547</a>
 
- -    <p>The Google Security Team and Red Hat discovered that the glibc
- -    host name resolver function, getaddrinfo, when processing
- -    AF_UNSPEC queries (for dual A/AAAA lookups), could mismanage its
- -    internal buffers, leading to a stack-based buffer overflow and
- -    arbitrary code execution.  This vulnerability affects most
- -    applications which perform host name resolution using getaddrinfo,
- -    including system services.</p></li>
+    <p>ЧленÑ? Ð?омандÑ? безопаÑ?ноÑ?Ñ?и Google и Ñ?оÑ?Ñ?Ñ?дники Red Hat обнаÑ?Ñ?жили, Ñ?Ñ?о Ñ?Ñ?нкÑ?иÑ?
+    Ñ?азÑ?еÑ?ениÑ? имÑ?н Ñ?злов eglibc, getaddrinfo, пÑ?и обÑ?абоÑ?ке
+    запÑ?оÑ?ов AF_UNSPEC (длÑ? двойного поиÑ?ка A/AAAA) можеÑ? непÑ?авилÑ?но иÑ?полÑ?зоваÑ?Ñ?
+    Ñ?вои внÑ?Ñ?Ñ?енние бÑ?Ñ?еÑ?Ñ?, Ñ?Ñ?о пÑ?иводиÑ? к пеÑ?еполнениÑ? бÑ?Ñ?еÑ?а и
+    вÑ?полнениÑ? пÑ?оизволÑ?ного кода.  Ð?аннаÑ? Ñ?Ñ?звимоÑ?Ñ?Ñ? каÑ?аеÑ?Ñ?Ñ? болÑ?Ñ?инÑ?Ñ?ва
+    пÑ?иложений, вÑ?полнÑ?Ñ?Ñ?иÑ? Ñ?азÑ?еÑ?ение имÑ?н Ñ?злов Ñ? помоÑ?Ñ?Ñ? getaddrinfo,
+    вклÑ?Ñ?аÑ? Ñ?иÑ?Ñ?емнÑ?е Ñ?лÑ?жбÑ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8776";>CVE-2015-8776</a>
 
- -    <p>Adam Nielsen discovered that if an invalid separated time value
- -    is passed to strftime, the strftime function could crash or leak
- -    information.  Applications normally pass only valid time
- -    information to strftime; no affected applications are known.</p></li>
+    <p>Ð?дам Ð?илÑ?Ñ?ен обнаÑ?Ñ?жил, Ñ?Ñ?о еÑ?ли непÑ?авилÑ?но Ñ?азделÑ?нное знаÑ?ение, обознаÑ?аÑ?Ñ?ее вÑ?емÑ?,
+    пеÑ?едаÑ?Ñ?Ñ?Ñ? strftime, Ñ?о Ñ?Ñ?нкÑ?иÑ? strftime можеÑ? аваÑ?ийно завеÑ?Ñ?иÑ?Ñ? Ñ?абоÑ?Ñ?, либо можеÑ? пÑ?оизойÑ?и
+    Ñ?Ñ?еÑ?ка инÑ?оÑ?маÑ?ии.  Ð?Ñ?иложениÑ? обÑ?Ñ?но пеÑ?едаÑ?Ñ? Ñ?олÑ?ко коÑ?Ñ?екÑ?нÑ?Ñ? инÑ?оÑ?маÑ?иÑ?
+    о вÑ?емени Ñ?Ñ?нкÑ?ии strftime; подвеÑ?женнÑ?е данной пÑ?облеме пÑ?иложениÑ? не извеÑ?Ñ?нÑ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8778";>CVE-2015-8778</a>
 
- -    <p>Szabolcs Nagy reported that the rarely-used hcreate and hcreate_r
- -    functions did not check the size argument properly, leading to a
- -    crash (denial of service) for certain arguments.  No impacted
- -    applications are known at this time.</p></li>
+    <p>СаболÑ?Ñ? Ð?аги Ñ?ообÑ?ил, Ñ?Ñ?о Ñ?едко иÑ?полÑ?зÑ?емÑ?е Ñ?Ñ?нкÑ?ии hcreate и hcreate_r
+    непÑ?авилÑ?но вÑ?полнÑ?Ñ?Ñ? пÑ?овеÑ?кÑ? Ñ?азмеÑ?а аÑ?гÑ?менÑ?а, Ñ?Ñ?о пÑ?иводиÑ? к
+    аваÑ?ийной оÑ?Ñ?ановке (оÑ?каз в обÑ?лÑ?живании) в Ñ?лÑ?Ñ?ае иÑ?полÑ?зованиÑ? опÑ?еделÑ?ннÑ?Ñ? аÑ?гÑ?менÑ?ов.  Ð?ока
+    ниÑ?его не извеÑ?Ñ?но о пÑ?иложениÑ?Ñ?, подвеÑ?женнÑ?Ñ? данной пÑ?облеме.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8779";>CVE-2015-8779</a>
 
- -    <p>The catopen function contains several unbound stack allocations
- -    (stack overflows), causing it the crash the process (denial of
- -    service).  No applications where this issue has a security impact
- -    are currently known.</p>
- -
- -<p>While it is only necessary to ensure that all processes are not using
- -the old glibc anymore, it is recommended to reboot the machines after
- -applying the security upgrade.</p></li>
+    <p>ФÑ?нкÑ?иÑ? catopen Ñ?одеÑ?жиÑ? неÑ?колÑ?ко неогÑ?аниÑ?еннÑ?Ñ? вÑ?делений Ñ?Ñ?Ñ?ка
+    (пеÑ?еполнение Ñ?Ñ?Ñ?ка), Ñ?Ñ?о пÑ?иводиÑ? к аваÑ?ийной оÑ?Ñ?ановке пÑ?оÑ?еÑ?Ñ?а (оÑ?каз в
+    обÑ?лÑ?живании).  Ð?ока ниÑ?его не извеÑ?Ñ?но о пÑ?иложениÑ?Ñ?, подвеÑ?женнÑ?Ñ?
+    данной пÑ?облеме.</p>
+
+<p>ХоÑ?Ñ? Ñ?Ñ?ебÑ?еÑ?Ñ?Ñ? лиÑ?Ñ? Ñ?бедиÑ?Ñ?Ñ?Ñ?, Ñ?Ñ?о ни один пÑ?оÑ?еÑ?Ñ? более не иÑ?полÑ?зÑ?еÑ?
+Ñ?Ñ?аÑ?Ñ?Ñ? библиоÑ?екÑ? glibc, Ñ?екомендÑ?еÑ?Ñ?Ñ? пеÑ?езагÑ?Ñ?зиÑ?Ñ? маÑ?инÑ? поÑ?ле
+пÑ?именениÑ? данного обновление безопаÑ?ноÑ?Ñ?и.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (jessie), these problems have been fixed in
- -version 2.19-18+deb8u3.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2.19-18+deb8u3.</p>
 
- -<p>For the unstable distribution (sid), these problems will be fixed in
- -version 2.21-8.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?дÑ?Ñ? иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2.21-8.</p>
 
- -<p>We recommend that you upgrade your glibc packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? glibc.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJWw1vsAAoJEF7nbuICFtKlaf8P/1cProOOpctRW2mw0z7ucdPQ
cjQL1IvqNArmo3JHGGKxcf65eHl44GNByBxbn5xYPPHh1BxEK+Darj4fTUNHoNx1
jz7Cs7BaEi0YNP13P5km5Fht/oOi05v+Y3L5veDVObVpVtSDU4w/O5ou2928zkC1
h8NluQ0SuN35t/BybpLdqPYhftLsJT9lX69g7RyO3ZhzEJdygOKcvxHJ/I17A77Y
GQ9HV8ng2pmGcVbA4HTs6oFP4tv67Mg/UVyJfTwukyqgNGT/VJ4UmFBSXr2MDyFi
9Bw3O0cWnkEKGtBKnGHZPPeZjcP3NF/7U++VYVbGSFbWbyTURaueAVF6abCnIgk7
YcSHSKg7Cev/rnQmnuYuJ6C5tHQOXFCA5/1dOlygXcsdNdRuHROkta9jetf8teIg
Kk5XBGZgo7R5lwi2ofriYe2/DDOXdWp3snA7LZ3r0Qnmrv90obbXVFZ/8kFbxWH5
hSGYJFdp70EPt32CxVhy0TNADA8PTk3fVxcmUSevJL0YYee5QEawGvNKIjMTZZPp
2HVQY1Ykl1uXKKXxnTdzDUBGnjjT/dcdl36dzKA0i1e2U5shSXMEPEKmuToFpibE
b5RrkG/IuvoOLwEHESbyZ5HqI3NX32nlH4+Cu5YWLu04t9c5FVdL2QWDFwPqvEUx
j+ABJDdGNADuIBCeL3vF
=xMm9
-----END PGP SIGNATURE-----
Reply to: