[DONE] wml://security/2015/dla-{132,203}.wml
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- --- english/security/2015/dla-132.wml 2016-04-09 01:32:23.000000000 +0500
+++ russian/security/2015/dla-132.wml 2016-05-16 22:43:52.155484886 +0500
@@ -1,51 +1,52 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
<define-tag moreinfo>
- -<p>Multiple vulnerabilities have been discovered in OpenSSL, a Secure
- -Sockets Layer toolkit. The Common Vulnerabilities and Exposures project
- -identifies the following issues:</p>
+<p>Ð? OpenSSL, набоÑ?е инÑ?Ñ?Ñ?Ñ?менÑ?ов Secure Sockets Layer, бÑ?ли обнаÑ?Ñ?женÑ?
+многоÑ?иÑ?леннÑ?е Ñ?Ñ?звимоÑ?Ñ?и. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-3570">CVE-2014-3570</a>
- - <p>Pieter Wuille of Blockstream reported that the bignum squaring
- - (BN_sqr) may produce incorrect results on some platforms, which
- - might make it easier for remote attackers to defeat cryptographic
- - protection mechanisms.</p></li>
+ <p>Ð?иÑ?еÑ? Ð?Ñ?иллÑ? из Blockstream Ñ?ообÑ?ил, Ñ?Ñ?о возведение в квадÑ?аÑ? Ñ?веÑ?Ñ?болÑ?Ñ?иÑ?
+ Ñ?иÑ?ел (BN_sqr) можеÑ? на некоÑ?оÑ?Ñ?Ñ? плаÑ?Ñ?оÑ?маÑ? вÑ?даваÑ?Ñ? непÑ?авилÑ?нÑ?е Ñ?езÑ?лÑ?Ñ?аÑ?Ñ?, Ñ?Ñ?о
+ облегÑ?аеÑ? Ñ?далÑ?ннÑ?м полÑ?зоваÑ?елÑ?м обойÑ?и меÑ?анизмÑ? кÑ?ипÑ?огÑ?аÑ?иÑ?еÑ?кой
+ заÑ?иÑ?Ñ?.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-3571">CVE-2014-3571</a>
- - <p>Markus Stenberg of Cisco Systems, Inc. reported that a carefully
- - crafted DTLS message can cause a segmentation fault in OpenSSL due
- - to a NULL pointer dereference. A remote attacker could use this flaw
- - to mount a denial of service attack.</p></li>
+ <p>Ð?аÑ?кÑ?Ñ? ШÑ?енбеÑ?г из Cisco Systems, Inc. Ñ?ообÑ?ил, Ñ?Ñ?о Ñ?пеÑ?иалÑ?но
+ Ñ?Ñ?оÑ?миÑ?ованное Ñ?ообÑ?ение DTLS можеÑ? вÑ?зÑ?ваÑ?Ñ? оÑ?ибкÑ? Ñ?егменÑ?иÑ?ованиÑ? в OpenSSL из-за
+ Ñ?азÑ?менованиÑ? NULL-Ñ?казаÑ?елÑ?. УдалÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? иÑ?полÑ?зоваÑ?Ñ? даннÑ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ?
+ длÑ? вÑ?зова оÑ?каза в обÑ?лÑ?живании.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-3572">CVE-2014-3572</a>
- - <p>Karthikeyan Bhargavan of the PROSECCO team at INRIA reported that an
- - OpenSSL client would accept a handshake using an ephemeral ECDH
- - ciphersuite if the server key exchange message is omitted. This
- - allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks
- - and trigger a loss of forward secrecy.</p></li>
+ <p>Ð?аÑ?Ñ?икеÑ?н Ð?Ñ?аÑ?гаван из командÑ? PROSECCO из INRIA Ñ?ообÑ?ил, Ñ?Ñ?о
+ клиенÑ? OpenSSL пÑ?инимаеÑ? Ñ?Ñ?копожаÑ?ие, иÑ?полÑ?зÑ?Ñ? недолговеÑ?нÑ?й набоÑ? Ñ?иÑ?Ñ?ов
+ ECDH в Ñ?лÑ?Ñ?ае, еÑ?ли пÑ?опÑ?Ñ?ено Ñ?ообÑ?ение Ñ?еÑ?веÑ?а по обменÑ? клÑ?Ñ?ей. ÐÑ?о
+ позволÑ?еÑ? Ñ?далÑ?ннÑ?м SSL-Ñ?еÑ?веÑ?ам вÑ?полнÑ?Ñ?Ñ? аÑ?аки по Ñ?нижениÑ? Ñ?Ñ?овнÑ? заÑ?иÑ?Ñ? ECDHE до ECDH
+ и вÑ?зÑ?ваÑ?Ñ? поÑ?еÑ?Ñ? заÑ?иÑ?Ñ?нноÑ?Ñ?и.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8275">CVE-2014-8275</a>
- - <p>Antti Karjalainen and Tuomo Untinen of the Codenomicon CROSS project
- - and Konrad Kraszewski of Google reported various certificate
- - fingerprint issues, which allow remote attackers to defeat a
- - fingerprint-based certificate-blacklist protection mechanism.</p></li>
+ <p>Ð?нÑ?Ñ?и Ð?аÑ?Ñ?лаинен и ТÑ?омо УнÑ?инен из пÑ?оекÑ?а Codenomicon CROSS
+ и Ð?онÑ?ад Ð?Ñ?аÑ?евÑ?ки из Google Ñ?ообÑ?или о Ñ?азлиÑ?нÑ?Ñ? пÑ?облемаÑ? Ñ? оÑ?пеÑ?аÑ?ками
+ Ñ?еÑ?Ñ?иÑ?икаÑ?а, коÑ?оÑ?Ñ?е могÑ?Ñ? позволиÑ?Ñ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам обойÑ?и
+ меÑ?анизмÑ? заÑ?иÑ?Ñ? на оÑ?нове Ñ?Ñ?Ñ?ного Ñ?пиÑ?ка Ñ?еÑ?Ñ?иÑ?икаÑ?ов, Ñ?одеÑ?жаÑ?его оÑ?пеÑ?аÑ?ки.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-0204">CVE-2015-0204</a>
- - <p>Karthikeyan Bhargavan of the PROSECCO team at INRIA reported that
- - an OpenSSL client will accept the use of an ephemeral RSA key in a
- - non-export RSA key exchange ciphersuite, violating the TLS
- - standard. This allows remote SSL servers to downgrade the security
- - of the session.</p></li>
+ <p>Ð?аÑ?Ñ?икеÑ?н Ð?Ñ?аÑ?гаван из командÑ? PROSECCO из INRIA Ñ?ообÑ?ил, Ñ?Ñ?о
+ клиенÑ? OpenSSL пÑ?инимаеÑ? иÑ?полÑ?зование недолговеÑ?ного клÑ?Ñ?а RSA в
+ неÑ?кÑ?поÑ?Ñ?ном набоÑ?е Ñ?иÑ?Ñ?ов длÑ? обмена клÑ?Ñ?ами RSA, наÑ?Ñ?Ñ?аÑ? Ñ?Ñ?андаÑ?Ñ?
+ TLS. ÐÑ?о позволÑ?еÑ? Ñ?далÑ?ннÑ?м SSL-Ñ?еÑ?веÑ?ам Ñ?нижаÑ?Ñ? Ñ?Ñ?овенÑ? заÑ?иÑ?Ñ?нноÑ?Ñ?и
+ Ñ?еÑ?Ñ?ии.</p></li>
</ul>
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in openssl version 0.9.8o-4squeeze19</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в openssl веÑ?Ñ?ии 0.9.8o-4squeeze19</p>
</define-tag>
# do not modify the following line
- --- english/security/2015/dla-203.wml 2016-04-07 03:47:55.000000000 +0500
+++ russian/security/2015/dla-203.wml 2016-05-16 23:24:22.845963718 +0500
@@ -1,52 +1,53 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
<define-tag moreinfo>
- -<p>Multiple vulnerabilities were found in OpenLDAP, a free implementation
- -of the Lightweight Directory Access Protocol.</p>
+<p>Ð? OpenLDAP, Ñ?вободной Ñ?еализаÑ?ии пÑ?оÑ?окола LDAP, бÑ?ли обнаÑ?Ñ?женÑ?
+многоÑ?иÑ?леннÑ?е Ñ?Ñ?звимоÑ?Ñ?и.</p>
- -<p>Please carefully check whether you are affected by <a href="https://security-tracker.debian.org/tracker/CVE-2014-9713">CVE-2014-9713</a>: if you
- -are, you will need to manually upgrade your configuration! See below for
- -more details on this. Just upgrading the packages might not be enough!</p>
+<p>Ð?нимаÑ?елÑ?но пÑ?овеÑ?Ñ?Ñ?е, подвеÑ?женÑ? ли ваÑ?и Ñ?иÑ?Ñ?емÑ? <a href="https://security-tracker.debian.org/tracker/CVE-2014-9713">CVE-2014-9713</a>: еÑ?ли
+да, Ñ?о вам Ñ?ледÑ?еÑ? вÑ?Ñ?Ñ?нÑ?Ñ? обновиÑ?Ñ? ваÑ?и наÑ?Ñ?Ñ?ойки! Ð?одÑ?обноÑ?Ñ?и по Ñ?Ñ?омÑ? поводÑ?
+Ñ?м. ниже. Ð?бÑ?Ñ?ного обновлениÑ? пакеÑ?ов не доÑ?Ñ?аÑ?оÑ?но!</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2012-1164">CVE-2012-1164</a>
- - <p>Fix a crash when doing an attrsOnly search of a database configured
- - with both the rwm and translucent overlays.</p></li>
+ <p>Ð?Ñ?пÑ?авление аваÑ?ийной оÑ?Ñ?ановке пÑ?и вÑ?полнении поиÑ?ка attrsOnly из базÑ? даннÑ?Ñ?, наÑ?Ñ?Ñ?оенной
+ Ñ? овеÑ?леÑ?ми rwm и translucent.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2013-4449">CVE-2013-4449</a>
- - <p>Michael Vishchers from Seven Principles AG discovered a denial of
- - service vulnerability in slapd, the directory server implementation.
- - When the server is configured to used the RWM overlay, an attacker
- - can make it crash by unbinding just after connecting, because of an
- - issue with reference counting.</p></li>
+ <p>Ð?иÑ?аÑ?лÑ? ФиÑ?еÑ?Ñ? из Seven Principles AG обнаÑ?Ñ?жил оÑ?каз в
+ обÑ?лÑ?живании в slapd, Ñ?еализаÑ?ии Ñ?еÑ?веÑ?а каÑ?алогов.
+ Ð?Ñ?ли Ñ?еÑ?веÑ? наÑ?Ñ?Ñ?оен на иÑ?полÑ?зование овеÑ?леÑ? RWM, Ñ?о злоÑ?мÑ?Ñ?ленник
+ можеÑ? аваÑ?ийно завеÑ?Ñ?иÑ?Ñ? его Ñ?абоÑ?Ñ? пÑ?Ñ?Ñ?м оÑ?менÑ? пÑ?ивÑ?зки поÑ?ле подклÑ?Ñ?ениÑ?, Ñ?Ñ?о пÑ?оиÑ?Ñ?одиÑ? из-за
+ пÑ?облемÑ? Ñ? подÑ?Ñ?Ñ?Ñ?ом Ñ?Ñ?Ñ?лок.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9713">CVE-2014-9713</a>
- - <p>The default Debian configuration of the directory database allows
- - every users to edit their own attributes. When LDAP directories are
- - used for access control, and this is done using user attributes, an
- - authenticated user can leverage this to gain access to unauthorized
- - resources.</p>
- -
- - <p>Please note this is a Debian specific vulnerability.</p>
- -
- - <p>The new package won't use the unsafe access control rule for new
- - databases, but existing configurations won't be automatically
- - modified. Administrators are incited to look at the README.Debian
- - file provided by the updated package if they need to fix the access
- - control rule.</p></li>
+ <p>Ð?аÑ?Ñ?Ñ?ойки базÑ? даннÑ?Ñ? каÑ?алогов в Debian по Ñ?молÑ?аниÑ? позволÑ?Ñ?Ñ?
+ каждомÑ? полÑ?зоваÑ?елÑ? Ñ?едакÑ?иÑ?оваÑ?Ñ? Ñ?обÑ?Ñ?веннÑ?е аÑ?Ñ?ибÑ?Ñ?Ñ?. Ð?Ñ?ли каÑ?алоги LDAP
+ иÑ?полÑ?зÑ?Ñ?Ñ?Ñ?Ñ? длÑ? Ñ?пÑ?авлениÑ? доÑ?Ñ?Ñ?пом, и Ñ?Ñ?о Ñ?делано Ñ?еÑ?ез полÑ?зоваÑ?елÑ?Ñ?кие аÑ?Ñ?ибÑ?Ñ?Ñ?,
+ Ñ?о аÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованнÑ?й полÑ?зоваÑ?елÑ? можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?о длÑ? полÑ?Ñ?ениÑ? доÑ?Ñ?Ñ?па к неавÑ?оÑ?изованнÑ?м
+ Ñ?еÑ?Ñ?Ñ?Ñ?ам.</p>
+
+ <p>Ð?амеÑ?Ñ?Ñ?е, Ñ?Ñ?о Ñ?Ñ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? каÑ?аеÑ?Ñ?Ñ? конкÑ?еÑ?но Debian.</p>
+
+ <p>Ð?овÑ?й пакеÑ? не иÑ?полÑ?зÑ?еÑ?Ñ?Ñ? небезопаÑ?ное пÑ?авило Ñ?пÑ?авлениÑ? доÑ?Ñ?Ñ?пом длÑ? новÑ?Ñ?
+ баз даннÑ?Ñ?, но Ñ?Ñ?Ñ?еÑ?Ñ?вÑ?Ñ?Ñ?ие наÑ?Ñ?Ñ?ойки не бÑ?дÑ?Ñ? измененÑ?
+ авÑ?омаÑ?иÑ?еÑ?ки. Ð?дминиÑ?Ñ?Ñ?аÑ?оÑ?ам Ñ?екомендÑ?еÑ?Ñ?Ñ? ознакомиÑ?Ñ?Ñ?Ñ? Ñ? Ñ?айлом README.Debian,
+ Ñ?одеÑ?жаÑ?емÑ?Ñ? в обновлÑ?нном пакеÑ?е в Ñ?ом Ñ?лÑ?Ñ?ае, еÑ?ли им Ñ?ледÑ?еÑ? иÑ?пÑ?авиÑ?Ñ? пÑ?авило
+ Ñ?пÑ?авлениÑ? доÑ?Ñ?Ñ?пом.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-1545">CVE-2015-1545</a>
- - <p>Ryan Tandy discovered a denial of service vulnerability in slapd.
- - When using the deref overlay, providing an empty attribute list in
- - a query makes the daemon crashes.</p></li>
+ <p>Райан ТÑ?нди обнаÑ?Ñ?жил оÑ?каз в обÑ?лÑ?живании в slapd.
+ Ð?Ñ?и иÑ?полÑ?зовании овеÑ?леÑ? deref пеÑ?едаÑ?а пÑ?Ñ?Ñ?ого Ñ?пиÑ?ка аÑ?Ñ?ибÑ?Ñ?ов в
+ запÑ?оÑ?е пÑ?иводиÑ? к аваÑ?ийной оÑ?Ñ?ановке Ñ?лÑ?жбÑ?.</p></li>
</ul>
- -<p>Thanks to Ryan Tandy for preparing this update.</p>
+<p>Ð?Ñ?Ñ?ажаем благодаÑ?ноÑ?Ñ?Ñ? РайанÑ? ТÑ?нди за подгоÑ?овкÑ? данного обновлениÑ?.</p>
</define-tag>
# do not modify the following line
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXOhBZAAoJEF7nbuICFtKlLhwQAJ1yxCVCRgui0p5TOn/4kg2y
J/sfkFbEzPJsUGDNTX6utLLvYtD8eVJQGBulBrOjD6+N1hMkp9FeirUecB4Xn6tk
KyMk1vRrD0Wk17wme9imAG1yizuwjhLKPQG0TBbN/mPdcXUvhrCVrI96PewwkBEa
YIfPg/mQ73b331DQYwIP5x76zACN73TpPxjCP/3NjWYzzkc/05nQmf+q/i4j7y/G
+Q/fbEyANdGYT7fDsbej7854qSFSo+WoMz4amy+siwwK9rsQFjTc8ovr0yYfDxWF
/gkQ7q9Pp+TeE4eKDwTq6td3Y5tBReTQ2XtilRsXTbFQjgaLjmnt5e1MQw+wugac
qJucN8S2oL4snmZsDNO0EuFY+JuFbxfumb/GwGbVQn83fgy3UTAqCoVHiIee9Ska
Dkqc22MJHqhqYRhZPe61YQzscW6e9V74abTE2nk8INGSuY/3X6Stur8oDmCiuqbI
oGd7uJEsIEcFGzs9XjiXTx5SMnmmHxKGB7/+7XiRzR1aihS42Cm3Ycyv7QKKHiYq
LFnyk3U0zAhikG0wCKd09abXi7GEuAMl7B1SCbWct6jsCEreN9VWkFnIkxdJ3qyK
nBl+Aq0oOvxKZqU+p3poCa/lQzmXsYlCe0dDc/S+W56zTmgt5ZjFfi8nPomU6AoH
Y/jRMzOJ6BiQqZ+P4Rnf
=TxiR
-----END PGP SIGNATURE-----
Reply to: