[DONE] wml://security/2015/dla-{360,198}.wml
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- --- english/security/2015/dla-198.wml 2016-04-07 03:47:55.000000000 +0500
+++ russian/security/2015/dla-198.wml 2016-06-01 23:42:11.854678706 +0500
@@ -1,35 +1,36 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
<define-tag moreinfo>
- -<p>The following vulnerabilities were discovered in the Squeeze's Wireshark
- -version:</p>
+<p>Ð? веÑ?Ñ?ии Wireshark из Squeeze бÑ?ли обнаÑ?Ñ?женÑ? Ñ?ледÑ?Ñ?Ñ?ие
+Ñ?Ñ?звимоÑ?Ñ?и:</p>
<ul>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-2188">CVE-2015-2188</a> The WCP dissector could crash</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-0564">CVE-2015-0564</a> Wireshark could crash while decypting TLS/SSL sessions</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-0562">CVE-2015-0562</a> The DEC DNA Routing Protocol dissector could crash</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8714">CVE-2014-8714</a> TN5250 infinite loops</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8713">CVE-2014-8713</a> NCP crashes</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8712">CVE-2014-8712</a> NCP crashes</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8711">CVE-2014-8711</a> AMQP crash</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8710">CVE-2014-8710</a> SigComp UDVM buffer overflow</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6432">CVE-2014-6432</a> Sniffer file parser crash</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6431">CVE-2014-6431</a> Sniffer file parser crash</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6430">CVE-2014-6430</a> Sniffer file parser crash</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6429">CVE-2014-6429</a> Sniffer file parser crash</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6428">CVE-2014-6428</a> SES dissector crash</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6423">CVE-2014-6423</a> MEGACO dissector infinite loop</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6422">CVE-2014-6422</a> RTP dissector crash</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-2188">CVE-2015-2188</a> Ð?иÑ?Ñ?екÑ?оÑ? WCP можеÑ? аваÑ?ийно завеÑ?Ñ?иÑ?Ñ? Ñ?воÑ? Ñ?абоÑ?Ñ?</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-0564">CVE-2015-0564</a> Wireshark можеÑ? аваÑ?ийно завеÑ?Ñ?иÑ?Ñ? Ñ?абоÑ?Ñ? пÑ?и Ñ?аÑ?Ñ?иÑ?Ñ?овке Ñ?еÑ?Ñ?ий TLS/SSL</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-0562">CVE-2015-0562</a> Ð?иÑ?Ñ?екÑ?оÑ? DEC DNA Routing Protocol можеÑ? аваÑ?ийно завеÑ?Ñ?иÑ?Ñ? Ñ?воÑ? Ñ?абоÑ?Ñ?</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8714">CVE-2014-8714</a> Ð?еÑ?конеÑ?нÑ?е Ñ?иклÑ? в TN5250</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8713">CVE-2014-8713</a> Ð?ваÑ?ийнаÑ? оÑ?Ñ?ановка NCP</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8712">CVE-2014-8712</a> Ð?ваÑ?ийнаÑ? оÑ?Ñ?ановка NCP</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8711">CVE-2014-8711</a> Ð?ваÑ?ийнаÑ? оÑ?Ñ?ановка AMQP</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8710">CVE-2014-8710</a> Ð?еÑ?еполнение бÑ?Ñ?еÑ?а в SigComp UDVM</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6432">CVE-2014-6432</a> Ð?ваÑ?ийнаÑ? оÑ?Ñ?ановка кода длÑ? гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а Ñ?айлов в анализаÑ?оÑ?е</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6431">CVE-2014-6431</a> Ð?ваÑ?ийнаÑ? оÑ?Ñ?ановка кода длÑ? гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а Ñ?айлов в анализаÑ?оÑ?е</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6430">CVE-2014-6430</a> Ð?ваÑ?ийнаÑ? оÑ?Ñ?ановка кода длÑ? гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а Ñ?айлов в анализаÑ?оÑ?е</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6429">CVE-2014-6429</a> Ð?ваÑ?ийнаÑ? оÑ?Ñ?ановка кода длÑ? гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а Ñ?айлов в анализаÑ?оÑ?е</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6428">CVE-2014-6428</a> Ð?ваÑ?ийнаÑ? оÑ?Ñ?ановка диÑ?Ñ?екÑ?оÑ?а SES</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6423">CVE-2014-6423</a> Ð?еÑ?конеÑ?нÑ?й Ñ?икл в диÑ?Ñ?екÑ?оÑ?е MEGACO</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6422">CVE-2014-6422</a> Ð?ваÑ?ийнаÑ? оÑ?Ñ?ановка диÑ?Ñ?екÑ?оÑ?а RTP</li>
</ul>
- -<p>Since back-porting upstream patches to 1.2.11-6+squeeze15 did not fix
- -all the outstanding issues and some issues are not even tracked publicly
- -the LTS Team decided to sync squeeze-lts's wireshark package with
- -wheezy-security to provide the best possible security support.</p>
+<p>С моменÑ?а адапÑ?аÑ?ии заплаÑ? из оÑ?новной веÑ?ки Ñ?азÑ?абоÑ?ки к веÑ?Ñ?ии 1.2.11-6+squeeze15 бÑ?ли иÑ?пÑ?авленÑ?
+не вÑ?е Ñ?еÑ?Ñ?Ñ?знÑ?е пÑ?облемÑ?, а некоÑ?оÑ?Ñ?е пÑ?облемÑ? даже не оÑ?Ñ?леживалиÑ?Ñ? пÑ?блиÑ?но,
+поÑ?Ñ?омÑ? команда долгоÑ?Ñ?оÑ?ной поддеÑ?жки Ñ?еÑ?ила Ñ?инÑ?Ñ?онизиÑ?оваÑ?Ñ? пакеÑ? в squeeze-lts Ñ?
+пакеÑ?ов в wheezy-security Ñ? Ñ?елÑ?Ñ? пÑ?едоÑ?Ñ?авлениÑ? лÑ?Ñ?Ñ?ей поддеÑ?жки безопаÑ?ноÑ?Ñ?и.</p>
- -<p>Note that upgrading Wireshark from 1.2.x to 1.8.x introduces
- -several backward-incompatible changes in package structure, shared
- -library API/ABI, availability of dissectors and in syntax of command
- -line parameters.</p>
+<p>Ð?амеÑ?Ñ?Ñ?е, Ñ?Ñ?о обновление Wireshark Ñ? веÑ?Ñ?ии 1.2.x до веÑ?Ñ?ии 1.8.x вноÑ?иÑ?
+неÑ?колÑ?ко неÑ?овмеÑ?Ñ?имÑ?Ñ? изменений в Ñ?Ñ?Ñ?Ñ?кÑ?Ñ?Ñ?е пакеÑ?а, API/ABI Ñ?азделÑ?емой
+библиоÑ?еки, доÑ?Ñ?Ñ?пноÑ?Ñ?и диÑ?Ñ?екÑ?оÑ?ов, а Ñ?акже в Ñ?инÑ?акÑ?иÑ?е паÑ?амеÑ?Ñ?ов
+командной Ñ?Ñ?Ñ?оки.</p>
</define-tag>
# do not modify the following line
- --- english/security/2015/dla-360.wml 2016-04-07 03:10:36.000000000 +0500
+++ russian/security/2015/dla-360.wml 2016-06-01 23:32:33.936692003 +0500
@@ -1,51 +1,52 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
<define-tag moreinfo>
- -<p>This update fixes the CVEs described below.</p>
+<p>Ð? данном обновлении иÑ?пÑ?авленÑ? опиÑ?аннÑ?е ниже CVE.</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2013-7446">CVE-2013-7446</a>
- - <p>Dmitry Vyukov discovered that a particular sequence of valid
- - operations on local (AF_UNIX) sockets can result in a
- - use-after-free. This may be used to cause a denial of service
- - (crash) or possibly for privilege escalation.</p></li>
+ <p>Ð?миÑ?Ñ?ий Ð?Ñ?Ñ?ков обнаÑ?Ñ?жил, Ñ?Ñ?о опÑ?еделÑ?ннаÑ? поÑ?ледоваÑ?елÑ?ноÑ?Ñ?Ñ? коÑ?Ñ?екÑ?нÑ?Ñ?
+ опеÑ?аÑ?ий над локалÑ?нÑ?ми (AF_UNIX) Ñ?океÑ?ами можеÑ? пÑ?ивеÑ?Ñ?и к
+ иÑ?полÑ?зованиÑ? Ñ?казаÑ?елей поÑ?ле оÑ?вобождениÑ? памÑ?Ñ?и. ÐÑ?о можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? длÑ? вÑ?зова оÑ?каза в обÑ?лÑ?живании
+ (аваÑ?ийнаÑ? оÑ?Ñ?ановка) или возможного повÑ?Ñ?ениÑ? пÑ?ивилегий.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7799">CVE-2015-7799</a>
- - <p>é?æ°¸å?? discovered that a user granted access to /dev/ppp can cause
- - a denial of service (crash) by passing invalid parameters to the
- - PPPIOCSMAXCID ioctl. This also applies to ISDN PPP device nodes.</p></li>
+ <p>é?æ°¸å?? обнаÑ?Ñ?жил, Ñ?Ñ?о полÑ?зоваÑ?елÑ?, имеÑ?Ñ?ий доÑ?Ñ?Ñ?п к /dev/ppp, можеÑ? вÑ?зваÑ?Ñ?
+ оÑ?каз в обÑ?лÑ?живании (аваÑ?ийнаÑ? оÑ?Ñ?ановка) пÑ?Ñ?Ñ?м пеÑ?едаÑ?и некоÑ?Ñ?екÑ?нÑ?Ñ? паÑ?амеÑ?Ñ?ов
+ PPPIOCSMAXCID ioctl. Ð?Ñ?оме Ñ?ого, Ñ?Ñ?о каÑ?аеÑ?Ñ?Ñ? нод Ñ?Ñ?Ñ?Ñ?ойÑ?Ñ?в ISDN PPP.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7833">CVE-2015-7833</a>
- - <p>Sergej Schumilo, Hendrik Schwartke and Ralf Spenneberg discovered a
- - flaw in the processing of certain USB device descriptors in the
- - usbvision driver. An attacker with physical access to the system can
- - use this flaw to crash the system.</p></li>
+ <p>СеÑ?гей ШÑ?мило, ХендÑ?ик ШваÑ?Ñ?ке и РалÑ?Ñ? ШпенненбеÑ?г обнаÑ?Ñ?жили
+ Ñ?Ñ?звимоÑ?Ñ?Ñ? в коде длÑ? обÑ?абоÑ?ки опÑ?еделÑ?ннÑ?Ñ? деÑ?кÑ?ипÑ?оÑ?ов USB-Ñ?Ñ?Ñ?Ñ?ойÑ?Ñ?в в
+ дÑ?айвеÑ?е usbvision. Ð?лоÑ?мÑ?Ñ?ленник, имеÑ?Ñ?ий Ñ?изиÑ?еÑ?кий доÑ?Ñ?Ñ?п к Ñ?иÑ?Ñ?еме, можеÑ?
+ иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? аваÑ?ийной оÑ?Ñ?ановки Ñ?иÑ?Ñ?емÑ?.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7990">CVE-2015-7990</a>
- - <p>It was discovered that the fix for <a href="https://security-tracker.debian.org/tracker/CVE-2015-6937">CVE-2015-6937</a> was incomplete. A
- - race condition when sending a message on unbound socket can still
- - cause a NULL pointer dereference. A remote attacker might be able to
- - cause a denial of service (crash) by sending a crafted packet.</p></li>
+ <p>Ð?Ñ?ло обнаÑ?Ñ?жно, Ñ?Ñ?о иÑ?пÑ?авление длÑ? <a href="https://security-tracker.debian.org/tracker/CVE-2015-6937">CVE-2015-6937</a> неполно.
+ СоÑ?Ñ?оÑ?ние гонки пÑ?и оÑ?пÑ?авке Ñ?ообÑ?ениÑ? на непÑ?ивÑ?заннÑ?й Ñ?океÑ? можеÑ?
+ вÑ?зÑ?ваÑ?Ñ? Ñ?азÑ?менование NULL-Ñ?казаÑ?елÑ?. УдалÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? вÑ?зваÑ?Ñ?
+ оÑ?каз в обÑ?лÑ?живании (аваÑ?ийнаÑ? оÑ?Ñ?ановка) пÑ?Ñ?Ñ?м оÑ?пÑ?авки Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного пакеÑ?а.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8324">CVE-2015-8324</a>
- - <p><q>Valintinr</q> reported that an attempt to mount a corrupted ext4
- - filesystem may result in a kernel panic. A user permitted to
- - mount filesystems could use this flaw to crash the system.</p></li>
+ <p><q>Valintinr</q> Ñ?ообÑ?ил, Ñ?Ñ?о попÑ?Ñ?ка Ñ?монÑ?иÑ?оваÑ?Ñ? повÑ?еждÑ?ннÑ?Ñ? Ñ?айловÑ?Ñ? Ñ?иÑ?Ñ?емÑ?
+ ext4 можеÑ? пÑ?иводиÑ?Ñ? к панике Ñ?дÑ?а. Ð?олÑ?зоваÑ?елÑ?, обладаÑ?Ñ?ий пÑ?авами на
+ монÑ?иÑ?ование Ñ?айловÑ?ми Ñ?иÑ?Ñ?емами, можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? аваÑ?ийной оÑ?Ñ?ановки Ñ?иÑ?Ñ?емÑ?.</p></li>
</ul>
- -<p>For the oldoldstable distribution (squeeze), these problems have been
- -fixed in version 2.6.32-48squeeze17. We recommend that you upgrade your
- -linux-2.6 packages.</p>
- -
- -<p>For the oldstable (wheezy) and stable (jessie) distributions,
- -<a href="https://security-tracker.debian.org/tracker/CVE-2015-7833">CVE-2015-7833</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2015-7990">CVE-2015-7990</a> and <a href="https://security-tracker.debian.org/tracker/CVE-2015-8324">CVE-2015-8324</a> have been fixed and the
- -other issues will be fixed soon.</p>
+<p>Ð? Ñ?Ñ?аÑ?ом пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли
+иÑ?пÑ?авленÑ? в веÑ?Ñ?ии 2.6.32-48squeeze17. РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ?
+linux-2.6.</p>
+
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном (wheezy) и Ñ?Ñ?абилÑ?ном (jessie) вÑ?пÑ?Ñ?каÑ?
+<a href="https://security-tracker.debian.org/tracker/CVE-2015-7833">CVE-2015-7833</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2015-7990">CVE-2015-7990</a> и <a href="https://security-tracker.debian.org/tracker/CVE-2015-8324">CVE-2015-8324</a> Ñ?же бÑ?ли иÑ?пÑ?авленÑ?, а оÑ?Ñ?алÑ?нÑ?е
+пÑ?облемÑ? бÑ?дÑ?Ñ? иÑ?пÑ?авленÑ? позже.</p>
</define-tag>
# do not modify the following line
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXTyyGAAoJEF7nbuICFtKl3nIP/j3uyJWtQllBDq+Z7WKdHG6r
20DjPul3r3ZOK+AZxG6W0lOwSq8lf/IO8+rGDSKlQllbs+FZLNq7/1atVqDEj1tc
jB5Ir6QGejuhFt5QanxeFznIJZ5yPxjG65aAxtLgC2po4u7ysrfGKzE1S5LFjAL+
HdIYB3EN3nHcdcWUXhJMbR3ci31lUf3EJtsQBgkFWSgBYXDyPVK4JH6N/ipZ2lkt
G0b12pBb9xCdFT/Is1usK6VFqHFhsQcrW7UXDScjVfugTIuBAHvczfxI0QFTfWnf
Jsr5NQ4ot7lglr9got/4Md0lXH+hP9enUppR/ObHqNZRimI9btRHVja6yM3ZVlqR
Qg26M+4j6iJ5rqHyrXjyUTD8wi4m2VLmiW0pZ5W94PUBCWlCyaZT36mEJJ2D1Kp3
fSfVqjs6aJv4KQATbHaqKxgykjXYWqbxcJ721LF65vcuD26KRPksnnJrcMhMmiEU
/Z3n8Is6OyC6x0ZoKdFD8VGI3gTTrp7DivElHqi/BfKCNWmbCieclNcP7sT4tKts
dqLmnYImQB2indwFmzd04XsS0cEE2eK99ew8OHy1yM/pQ6ETgRRm9YFkT2s7Etlr
pr//Ecg7VT4J3D245r7BJDVTSI2Ksulr1qRaEtsyWK2NAe9UNXJYJsFB2BRopHS0
ZSlEoMCgZny1du6xAjXm
=vB/w
-----END PGP SIGNATURE-----
Reply to: