[DONE] wml://security/2016/dla-{378,416,432}.wml

[Lev Lamberov <dogsleg@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2016/dla-378.wml	2016-04-08 01:54:44.000000000 +0500
+++ russian/security/2016/dla-378.wml	2016-04-14 00:02:45.674922142 +0500
@@ -1,43 +1,44 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>This update fixes the CVEs described below.</p>
+<p>Ð?анное обновление иÑ?пÑ?авлÑ?еÑ? CVE, опиÑ?аннÑ?е ниже.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7550";>CVE-2015-7550</a>
 
- -    <p>Dmitry Vyukov discovered a race condition in the keyring subsystem
- -    that allows a local user to cause a denial of service (crash).</p></li>
+    <p>Ð?миÑ?Ñ?ий Ð?Ñ?Ñ?ков обнаÑ?Ñ?жил Ñ?оÑ?Ñ?оÑ?ние гонки в подÑ?иÑ?Ñ?еме бÑ?елоков клÑ?Ñ?ей,
+    позволÑ?Ñ?Ñ?ее локалÑ?номÑ? полÑ?зоваÑ?елÑ? вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании (аваÑ?ийнаÑ? оÑ?Ñ?ановка).</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8543";>CVE-2015-8543</a>
 
- -    <p>It was discovered that a local user permitted to create raw sockets
- -    could cause a denial-of-service by specifying an invalid protocol
- -    number for the socket. The attacker must have the CAP_NET_RAW
- -    capability.</p></li>
+    <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о локалÑ?нÑ?й полÑ?зоваÑ?елÑ?, Ñ?поÑ?обнÑ?й Ñ?оздаваÑ?Ñ? Ñ?Ñ?Ñ?Ñ?е Ñ?океÑ?Ñ?,
+    можеÑ? вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании пÑ?Ñ?Ñ?м Ñ?казаниÑ? некоÑ?Ñ?екÑ?ного номеÑ?а пÑ?оÑ?окола
+    длÑ? Ñ?океÑ?а. Ð?лоÑ?мÑ?Ñ?ленник должен обладаÑ?Ñ? пÑ?авами на
+    CAP_NET_RAW.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8575";>CVE-2015-8575</a>
 
- -    <p>David Miller discovered a flaw in the Bluetooth SCO sockets
- -    implementation that leads to an information leak to local users.</p></li>
+    <p>Ð?Ñ?вид Ð?иллеÑ? обнаÑ?Ñ?жил Ñ?Ñ?звимоÑ?Ñ?Ñ? в Ñ?еализаÑ?ии Ñ?океÑ?ов Bluetooth SCO,
+    коÑ?оÑ?аÑ? пÑ?иводиÑ? к Ñ?Ñ?еÑ?ке инÑ?оÑ?маÑ?ии локалÑ?нÑ?м полÑ?зоваÑ?елÑ?м.</p></li>
 
 </ul>
 
- -<p>In addition, this update fixes a regression in the previous update:</p>
+<p>Ð?Ñ?оме Ñ?ого, данное обновление иÑ?пÑ?авлÑ?еÑ? Ñ?егÑ?еÑ?Ñ? в пÑ?едÑ?дÑ?Ñ?ем обновлении:</p>
 
 <p>#808293</p>
 
- -    <p>A regression in the UDP implementation prevented freeradius and
- -    some other applications from receiving data.</p>
+    <p>РегÑ?еÑ?Ñ? в Ñ?еализаÑ?ии UDP не позволÑ?еÑ? freeradius и
+    некоÑ?оÑ?Ñ?м дÑ?Ñ?гим пÑ?иложениÑ?ми полÑ?Ñ?аÑ?Ñ? даннÑ?е.</p>
 
- -<p>For the oldoldstable distribution (squeeze), these problems have been
- -fixed in version 2.6.32-48squeeze18.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?аÑ?ом Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли
+иÑ?пÑ?авленÑ? в веÑ?Ñ?ии 2.6.32-48squeeze18.</p>
 
- -<p>For the oldstable distribution (wheezy), these problems have been
- -fixed in version 3.2.73-2+deb7u2.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли
+иÑ?пÑ?авленÑ? в веÑ?Ñ?ии 3.2.73-2+deb7u2.</p>
 
- -<p>For the stable distribution (jessie), these problems have been fixed
- -in version 3.16.7-ckt20-1+deb8u2 or earlier.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 3.16.7-ckt20-1+deb8u2 или более Ñ?анниÑ?.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2016/dla-416.wml	2016-04-08 01:54:44.000000000 +0500
+++ russian/security/2016/dla-416.wml	2016-04-14 00:09:43.301348621 +0500
@@ -1,39 +1,40 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been fixed in the Debian GNU C Library,
- -eglibc:</p>
+<p>Ð? eglibc, библиоÑ?еке GNU C длÑ? Debian, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко
+Ñ?Ñ?звимоÑ?Ñ?ей:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7547";>CVE-2015-7547</a>
 
- -    <p>The Google Security Team and Red Hat discovered that the glibc
- -    host name resolver function, getaddrinfo, when processing
- -    AF_UNSPEC queries (for dual A/AAAA lookups), could mismange its
- -    internal buffers, leading to a stack-based buffer overflow and
- -    arbitrary code execution.  This vulnerability affects most
- -    applications which perform host name resolution using getaddrinfo,
- -    including system services.</p>
+    <p>Ð?оманда безопаÑ?ноÑ?Ñ?и Google и Ñ?оÑ?Ñ?Ñ?дники Red Hat обнаÑ?Ñ?жили, Ñ?Ñ?о Ñ?Ñ?нкÑ?иÑ?
+    Ñ?азÑ?еÑ?ениÑ? имÑ?н Ñ?злов в glibc, getaddrinfo, пÑ?и обÑ?абоÑ?ке запÑ?оÑ?ов
+    AF_UNSPEC (длÑ? двойного поиÑ?ка A/AAAA) можеÑ? непÑ?авилÑ?но Ñ?пÑ?авлÑ?Ñ?Ñ?
+    внÑ?Ñ?Ñ?енними бÑ?Ñ?еÑ?ами, Ñ?Ñ?о пÑ?иводиÑ? к пеÑ?еполнениÑ? бÑ?Ñ?еÑ?а и
+    вÑ?полнениÑ? пÑ?оизволÑ?ного кода.  ЭÑ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? каÑ?аеÑ?Ñ?Ñ? болÑ?Ñ?инÑ?Ñ?ва
+    пÑ?иложений, коÑ?оÑ?Ñ?е вÑ?полнÑ?Ñ?Ñ? Ñ?азÑ?еÑ?ение имÑ?н Ñ?злов Ñ? помоÑ?Ñ?Ñ? getaddrinfo,
+    вклÑ?Ñ?аÑ? Ñ?иÑ?Ñ?емнÑ?е Ñ?лÑ?жбÑ?.</p>
 
 <p>The following fixed vulnerabilities currently lack CVE assignment:</p>
 
- -    <p>Andreas Schwab reported a memory leak (memory allocation without a
- -    matching deallocation) while processing certain DNS answers in
- -    getaddrinfo, related to the _nss_dns_gethostbyname4_r function.
- -    This vulnerability could lead to a denial of service.</p></li>
+    <p>Ð?ндÑ?еаÑ? Шваб Ñ?ообÑ?ил об Ñ?Ñ?еÑ?ке памÑ?Ñ?и (вÑ?деление бÑ?Ñ?еÑ?а памÑ?Ñ?и без
+    Ñ?ооÑ?веÑ?Ñ?Ñ?вÑ?Ñ?Ñ?его оÑ?вобождениÑ?) пÑ?и обÑ?абоÑ?ке опÑ?еделÑ?ннÑ?Ñ? оÑ?веÑ?ов DNS в
+    getaddrinfo, Ñ?вÑ?занное Ñ? Ñ?Ñ?нкÑ?ией _nss_dns_gethostbyname4_r.
+    ЭÑ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? можеÑ? пÑ?иводиÑ?Ñ? к оÑ?казÑ? в обÑ?лÑ?живании.</p></li>
 
 </ul>
 
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in eglibc version
- -eglibc_2.11.3-4+deb6u11. In addition this version corrects the fix for
- -<a href="https://security-tracker.debian.org/tracker/CVE-2014-9761";>CVE-2014-9761</a> in Squeeze, which have wrongly marked a few symbols as
- -public instead of private.</p>
- -
- -<p>While it is only necessary to ensure that all processes are not using
- -the old eglibc anymore, it is recommended to reboot the machines after
- -applying the security upgrade.</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в eglibc веÑ?Ñ?ии
+eglibc_2.11.3-4+deb6u11. Ð?Ñ?оме Ñ?ого, Ñ?Ñ?а веÑ?Ñ?иÑ? коÑ?Ñ?екÑ?иÑ?Ñ?еÑ? иÑ?пÑ?авление длÑ?
+<a href="https://security-tracker.debian.org/tracker/CVE-2014-9761";>CVE-2014-9761</a> в Squeeze, коÑ?оÑ?ое оÑ?ибоÑ?но оÑ?меÑ?ало неÑ?колÑ?ко Ñ?имволов в каÑ?еÑ?Ñ?ве
+оÑ?кÑ?Ñ?Ñ?Ñ?Ñ?, а не закÑ?Ñ?Ñ?Ñ?Ñ?.</p>
+
+<p>ХоÑ?Ñ? Ñ?Ñ?ебÑ?еÑ?Ñ?Ñ? Ñ?олÑ?ко Ñ?бедиÑ?Ñ?Ñ?Ñ?, Ñ?Ñ?о вÑ?е пÑ?оÑ?еÑ?Ñ?Ñ? более не иÑ?полÑ?зÑ?Ñ?Ñ?
+Ñ?Ñ?аÑ?Ñ?Ñ? веÑ?Ñ?иÑ? eglibc, Ñ?екомендÑ?еÑ?Ñ?Ñ? пеÑ?езапÑ?Ñ?Ñ?иÑ?Ñ? маÑ?инÑ? поÑ?ле
+пÑ?именениÑ? данного обновление безопаÑ?ноÑ?Ñ?и.</p>
 
- -<p>We recommend you to upgrade your eglibc packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? eglibc.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2016/dla-432.wml	2016-04-08 01:54:44.000000000 +0500
+++ russian/security/2016/dla-432.wml	2016-04-14 00:22:29.643345407 +0500
@@ -1,39 +1,40 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Several bugs were discovered in PostgreSQL, a relational database server
- -system.  The 8.4 branch is EOLed upstream, but still present in Debian squeeze.
- -This new LTS minor version contains fixes that were applied upstream to the
- -9.1.20 version, backported to 8.4.22 which was the last version officially
- -released by the PostgreSQL developers.  This LTS effort for squeeze-lts is a
- -community project sponsored by credativ GmbH.</p>
+<p>Ð? PostgreSQL, Ñ?еÑ?веÑ?ной Ñ?иÑ?Ñ?еме Ñ?елÑ?Ñ?ионнÑ?Ñ? баз даннÑ?Ñ?, бÑ?ло обнаÑ?Ñ?жено
+неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей.  Ð?еÑ?ка 8.4 в оÑ?новой веÑ?ке Ñ?азÑ?абоÑ?ки более не поддеÑ?живаеÑ?Ñ?Ñ?, но она вÑ?Ñ? еÑ?Ñ? имееÑ?Ñ?Ñ? в Debian squeeze.
+Ð?овÑ?й малÑ?й номеÑ? веÑ?Ñ?ии LTS Ñ?одеÑ?жиÑ? иÑ?пÑ?авлениÑ?, добавленнÑ?е в оÑ?новной веÑ?ке Ñ?азÑ?абоÑ?ки в
+веÑ?Ñ?иÑ? 9.1.20, коÑ?оÑ?Ñ?е бÑ?ли пеÑ?енеÑ?енÑ? в веÑ?Ñ?иÑ? 8.4.22, коÑ?оÑ?аÑ?, в Ñ?воÑ? оÑ?еÑ?едÑ?, Ñ?влÑ?еÑ?Ñ?Ñ? поÑ?ледней веÑ?Ñ?ией, оÑ?иÑ?иалÑ?но
+вÑ?пÑ?Ñ?енной Ñ?азÑ?абоÑ?Ñ?иками PostgreSQL.  ЭÑ?а Ñ?абоÑ?а командÑ? LTS длÑ? squeeze-lts
+Ñ?влÑ?еÑ?Ñ?Ñ? пÑ?оекÑ?ом Ñ?ообÑ?еÑ?Ñ?ва и Ñ?понÑ?иÑ?Ñ?еÑ?Ñ?Ñ? credativ GmbH.</p>
 
- -<p>This release is the last LTS update for PostgreSQL 8.4. Users should
- -migrate to a newer PostgreSQL at the earliest opportunity.</p>
+<p>Ð?аннÑ?й вÑ?пÑ?Ñ?к Ñ?влÑ?еÑ?Ñ?Ñ? поÑ?ледним обновлением LTS длÑ? PostgreSQL 8.4. Ð?олÑ?зоваÑ?елÑ?м
+Ñ?ледÑ?еÑ? пеÑ?ейÑ?и на более новÑ?Ñ? веÑ?Ñ?иÑ? PostgreSQL как можно Ñ?коÑ?ее.</p>
 
- -<h3>Migration to Version 8.4.22lts6</h3>
+<h3>Ð?еÑ?еÑ?од на веÑ?Ñ?иÑ? 8.4.22lts6</h3>
 
- -<p>A dump/restore is not required for those running 8.4.X.  However, if you are
- -upgrading from a version earlier than 8.4.22, see the relevant release notes.</p>
+<p>Ð?лÑ? запÑ?Ñ?ка 8.4.X не Ñ?Ñ?ебÑ?еÑ?Ñ?Ñ? делаÑ?Ñ? дамп/воÑ?Ñ?Ñ?ановление.  Тем не менее, еÑ?ли вÑ?
+вÑ?полнÑ?еÑ?е обновление Ñ? веÑ?Ñ?ии, вÑ?пÑ?Ñ?енной до веÑ?Ñ?ии 8.4.22, Ñ?о обÑ?аÑ?иÑ?еÑ?Ñ? к Ñ?ооÑ?веÑ?Ñ?Ñ?вÑ?Ñ?Ñ?ей инÑ?оÑ?маÑ?ии о вÑ?пÑ?Ñ?ке.</p>
 
- -<h3>Fixes</h3>
+<h3>Ð?Ñ?пÑ?авлениÑ?</h3>
 
- -<p>Fix infinite loops and buffer-overrun problems in regular expressions
- -(Tom Lane)</p>
+<p>Ð?Ñ?пÑ?авление беÑ?конеÑ?нÑ?Ñ? Ñ?иклов и пÑ?облем Ñ? пеÑ?еполнением бÑ?Ñ?еÑ?а в Ñ?егÑ?лÑ?Ñ?нÑ?Ñ? вÑ?Ñ?ажениÑ?Ñ?
+(Том Ð?Ñ?йн)</p>
 
- -  <p>Very large character ranges in bracket expressions could cause
- -  infinite loops in some cases, and memory overwrites in other cases.
+  <p>СлиÑ?ком длиннÑ?е инÑ?еÑ?валÑ? Ñ?имволов в Ñ?кобкаÑ? могÑ?Ñ? пÑ?иводиÑ?Ñ? в некоÑ?оÑ?Ñ?Ñ? Ñ?лÑ?Ñ?аÑ?Ñ? к
+  беÑ?конеÑ?нÑ?м Ñ?иклам, а в дÑ?Ñ?гиÑ? Ñ?лÑ?Ñ?аÑ?Ñ? к пеÑ?езапиÑ?Ñ?м памÑ?Ñ?и.
   (<a href="https://security-tracker.debian.org/tracker/CVE-2016-0773";>CVE-2016-0773</a>)</p>
 
- -<p>Perform an immediate shutdown if the postmaster.pid file is removed
- -(Tom Lane)</p>
+<p>Ð?Ñ?полнение внезапного оÑ?клÑ?Ñ?ениÑ? пÑ?и Ñ?далении Ñ?айла postmaster.pid
+(Том Ð?Ñ?йн)</p>
 
- -  <p>The postmaster now checks every minute or so that postmaster.pid is
- -  still there and still contains its own PID. If not, it performs an
- -  immediate shutdown, as though it had received SIGQUIT. The main
- -  motivation for this change is to ensure that failed buildfarm runs
- -  will get cleaned up without manual intervention; but it also serves
- -  to limit the bad effects if a DBA forcibly removes postmaster.pid
- -  and then starts a new postmaster.</p>
+  <p>ТепеÑ?Ñ? postmaster каждÑ?Ñ? минÑ?Ñ?Ñ? вÑ?полнÑ?еÑ? пÑ?овеÑ?кÑ? Ñ?ого, Ñ?Ñ?о Ñ?айл postmaster.pid
+  вÑ?Ñ? еÑ?Ñ? имееÑ?Ñ?Ñ? и Ñ?одеÑ?жиÑ? Ñ?ооÑ?веÑ?Ñ?Ñ?вÑ?Ñ?Ñ?ий PID. Ð?Ñ?ли же неÑ?, Ñ?о он вÑ?полнÑ?еÑ?
+  внезапное оÑ?клÑ?Ñ?ение, как бÑ?дÑ?о бÑ? он полÑ?Ñ?ил Ñ?игнал SIGQUIT. Ð?Ñ?новнаÑ?
+  моÑ?иваÑ?иÑ? Ñ?Ñ?о Ñ?Ñ?ого изменениÑ? Ñ?оÑ?Ñ?оиÑ? в Ñ?ом, Ñ?Ñ?о необÑ?одимо пÑ?овеÑ?Ñ?Ñ?Ñ?, Ñ?Ñ?обÑ? вÑ?полнÑ?лаÑ?Ñ? оÑ?иÑ?Ñ?ка
+  неÑ?даÑ?нÑ?Ñ? запÑ?Ñ?ков Ñ?боÑ?оÑ?ной Ñ?еÑ?мÑ? без какого-либо Ñ?Ñ?Ñ?ного вмеÑ?аÑ?елÑ?Ñ?Ñ?ва; но Ñ?Ñ?о Ñ?акже Ñ?лÑ?жиÑ?
+  и длÑ? огÑ?аниÑ?ениÑ? нежелаÑ?елÑ?нÑ?Ñ? Ñ?Ñ?Ñ?екÑ?ов в Ñ?ом Ñ?лÑ?Ñ?ае, еÑ?ли DBA пÑ?инÑ?диÑ?елÑ?но Ñ?далÑ?еÑ? postmaster.pid
+  и заÑ?ем запÑ?Ñ?ка новÑ?й postmaster.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXDpyAAAoJEF7nbuICFtKlCzoP/1XqEztPgEyTu+o6XeRqjcIY
PoW2q2H0ev+iF56DyzZ8NYbM/p/9QPNrKkJ/eI0+4/DLCholC0Io1uNHESl5oVIp
UAirNIwkzYuutRuZwptzsU39LBPGmcO5S1sawew21XgNX3HnVmrejK9C0dpRqH8L
kNfV4NlF46zMfRlyku/VWO2sMb3PfPE862qNG0YG9IUOXKSIcSqw1+7TOIqWdz8K
jXB9jCPgnNOsmC0dGeAdFVDyCF/Sh3vel4mEzLFH1V7kXZZXN+8SBfYhYBNOWiVG
NS8A1Np+f5mdpcd4taz89OPwCjldc5W8pJwRuaAlD/BRvMPqVix5QgkzZ3GbO9Lp
A0YyY+ddxtiN7QVXGdyhmTmIGY4f/gaTE14rraGbuc75/C83SxoOan15p7NpHxS2
lR3WkthrBD6lGcgb7zLUTn3B2Yzz5PR7A4tV0Z90Gk6Z57yTNMic3nlWjyoKSOdJ
ICN9F9Pza1EmFHbv64dyw3w45FloZFWqUcf42u+SqpgX/8qnP95q308B1agplZUe
r0XB/djt4BShPLSNyR/jti+wva/8uv093Hx13golGmITqJxDydxE9cbLNfSyxVZF
eGpDRQQk7xmpOpU8KrP3+RA6e5o37q6hZePSpzgwAhtFowMxVEIQZhLCgy1hyU+T
oBPBjsuLeK+GJk2x8MrY
=CQB8
-----END PGP SIGNATURE-----