[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2015/dla-{360,198}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2015/dla-198.wml	2016-04-07 03:47:55.000000000 +0500
+++ russian/security/2015/dla-198.wml	2016-06-01 23:42:11.854678706 +0500
@@ -1,35 +1,36 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>The following vulnerabilities were discovered in the Squeeze's Wireshark
- -version:</p>
+<p>Ð? веÑ?Ñ?ии Wireshark из Squeeze бÑ?ли обнаÑ?Ñ?женÑ? Ñ?ледÑ?Ñ?Ñ?ие
+Ñ?Ñ?звимоÑ?Ñ?и:</p>
 
 <ul>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-2188";>CVE-2015-2188</a> The WCP dissector could crash</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-0564";>CVE-2015-0564</a> Wireshark could crash while decypting TLS/SSL sessions</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-0562";>CVE-2015-0562</a> The DEC DNA Routing Protocol dissector could crash</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8714";>CVE-2014-8714</a> TN5250 infinite loops</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8713";>CVE-2014-8713</a> NCP crashes</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8712";>CVE-2014-8712</a> NCP crashes</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8711";>CVE-2014-8711</a> AMQP crash</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8710";>CVE-2014-8710</a> SigComp UDVM buffer overflow</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6432";>CVE-2014-6432</a> Sniffer file parser crash</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6431";>CVE-2014-6431</a> Sniffer file parser crash</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6430";>CVE-2014-6430</a> Sniffer file parser crash</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6429";>CVE-2014-6429</a> Sniffer file parser crash</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6428";>CVE-2014-6428</a> SES dissector crash</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6423";>CVE-2014-6423</a> MEGACO dissector infinite loop</li>
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6422";>CVE-2014-6422</a> RTP dissector crash</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-2188";>CVE-2015-2188</a> Ð?иÑ?Ñ?екÑ?оÑ? WCP можеÑ? аваÑ?ийно завеÑ?Ñ?иÑ?Ñ? Ñ?воÑ? Ñ?абоÑ?Ñ?</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-0564";>CVE-2015-0564</a> Wireshark можеÑ? аваÑ?ийно завеÑ?Ñ?иÑ?Ñ? Ñ?абоÑ?Ñ? пÑ?и Ñ?аÑ?Ñ?иÑ?Ñ?овке Ñ?еÑ?Ñ?ий TLS/SSL</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-0562";>CVE-2015-0562</a> Ð?иÑ?Ñ?екÑ?оÑ? DEC DNA Routing Protocol можеÑ? аваÑ?ийно завеÑ?Ñ?иÑ?Ñ? Ñ?воÑ? Ñ?абоÑ?Ñ?</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8714";>CVE-2014-8714</a> Ð?еÑ?конеÑ?нÑ?е Ñ?иклÑ? в TN5250</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8713";>CVE-2014-8713</a> Ð?ваÑ?ийнаÑ? оÑ?Ñ?ановка NCP</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8712";>CVE-2014-8712</a> Ð?ваÑ?ийнаÑ? оÑ?Ñ?ановка NCP</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8711";>CVE-2014-8711</a> Ð?ваÑ?ийнаÑ? оÑ?Ñ?ановка AMQP</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8710";>CVE-2014-8710</a> Ð?еÑ?еполнение бÑ?Ñ?еÑ?а в SigComp UDVM</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6432";>CVE-2014-6432</a> Ð?ваÑ?ийнаÑ? оÑ?Ñ?ановка кода длÑ? гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а Ñ?айлов в анализаÑ?оÑ?е</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6431";>CVE-2014-6431</a> Ð?ваÑ?ийнаÑ? оÑ?Ñ?ановка кода длÑ? гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а Ñ?айлов в анализаÑ?оÑ?е</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6430";>CVE-2014-6430</a> Ð?ваÑ?ийнаÑ? оÑ?Ñ?ановка кода длÑ? гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а Ñ?айлов в анализаÑ?оÑ?е</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6429";>CVE-2014-6429</a> Ð?ваÑ?ийнаÑ? оÑ?Ñ?ановка кода длÑ? гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а Ñ?айлов в анализаÑ?оÑ?е</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6428";>CVE-2014-6428</a> Ð?ваÑ?ийнаÑ? оÑ?Ñ?ановка диÑ?Ñ?екÑ?оÑ?а SES</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6423";>CVE-2014-6423</a> Ð?еÑ?конеÑ?нÑ?й Ñ?икл в диÑ?Ñ?екÑ?оÑ?е MEGACO</li>
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-6422";>CVE-2014-6422</a> Ð?ваÑ?ийнаÑ? оÑ?Ñ?ановка диÑ?Ñ?екÑ?оÑ?а RTP</li>
 </ul>
 
- -<p>Since back-porting upstream patches to 1.2.11-6+squeeze15 did not fix
- -all the outstanding issues and some issues are not even tracked publicly
- -the LTS Team decided to sync squeeze-lts's wireshark package with
- -wheezy-security to provide the best possible security support.</p>
+<p>С моменÑ?а адапÑ?аÑ?ии заплаÑ? из оÑ?новной веÑ?ки Ñ?азÑ?абоÑ?ки к веÑ?Ñ?ии 1.2.11-6+squeeze15 бÑ?ли иÑ?пÑ?авленÑ?
+не вÑ?е Ñ?еÑ?Ñ?Ñ?знÑ?е пÑ?облемÑ?, а некоÑ?оÑ?Ñ?е пÑ?облемÑ? даже не оÑ?Ñ?леживалиÑ?Ñ? пÑ?блиÑ?но,
+поÑ?Ñ?омÑ? команда долгоÑ?Ñ?оÑ?ной поддеÑ?жки Ñ?еÑ?ила Ñ?инÑ?Ñ?онизиÑ?оваÑ?Ñ? пакеÑ? в squeeze-lts Ñ?
+пакеÑ?ов в wheezy-security Ñ? Ñ?елÑ?Ñ? пÑ?едоÑ?Ñ?авлениÑ? лÑ?Ñ?Ñ?ей поддеÑ?жки безопаÑ?ноÑ?Ñ?и.</p>
 
- -<p>Note that upgrading Wireshark from 1.2.x to 1.8.x introduces
- -several backward-incompatible changes in package structure, shared
- -library API/ABI, availability of dissectors and in syntax of command
- -line parameters.</p>
+<p>Ð?амеÑ?Ñ?Ñ?е, Ñ?Ñ?о обновление Wireshark Ñ? веÑ?Ñ?ии 1.2.x до веÑ?Ñ?ии 1.8.x вноÑ?иÑ?
+неÑ?колÑ?ко неÑ?овмеÑ?Ñ?имÑ?Ñ? изменений в Ñ?Ñ?Ñ?Ñ?кÑ?Ñ?Ñ?е пакеÑ?а, API/ABI Ñ?азделÑ?емой
+библиоÑ?еки, доÑ?Ñ?Ñ?пноÑ?Ñ?и диÑ?Ñ?екÑ?оÑ?ов, а Ñ?акже в Ñ?инÑ?акÑ?иÑ?е паÑ?амеÑ?Ñ?ов
+командной Ñ?Ñ?Ñ?оки.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2015/dla-360.wml	2016-04-07 03:10:36.000000000 +0500
+++ russian/security/2015/dla-360.wml	2016-06-01 23:32:33.936692003 +0500
@@ -1,51 +1,52 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>This update fixes the CVEs described below.</p>
+<p>Ð? данном обновлении иÑ?пÑ?авленÑ? опиÑ?аннÑ?е ниже CVE.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2013-7446";>CVE-2013-7446</a>
 
- -    <p>Dmitry Vyukov discovered that a particular sequence of valid
- -    operations on local (AF_UNIX) sockets can result in a
- -    use-after-free.  This may be used to cause a denial of service
- -    (crash) or possibly for privilege escalation.</p></li>
+    <p>Ð?миÑ?Ñ?ий Ð?Ñ?Ñ?ков обнаÑ?Ñ?жил, Ñ?Ñ?о опÑ?еделÑ?ннаÑ? поÑ?ледоваÑ?елÑ?ноÑ?Ñ?Ñ? коÑ?Ñ?екÑ?нÑ?Ñ?
+    опеÑ?аÑ?ий над локалÑ?нÑ?ми (AF_UNIX) Ñ?океÑ?ами можеÑ? пÑ?ивеÑ?Ñ?и к
+    иÑ?полÑ?зованиÑ? Ñ?казаÑ?елей поÑ?ле оÑ?вобождениÑ? памÑ?Ñ?и.  ЭÑ?о можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? длÑ? вÑ?зова оÑ?каза в обÑ?лÑ?живании
+    (аваÑ?ийнаÑ? оÑ?Ñ?ановка) или возможного повÑ?Ñ?ениÑ? пÑ?ивилегий.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7799";>CVE-2015-7799</a>
 
- -    <p>é?­æ°¸å?? discovered that a user granted access to /dev/ppp can cause
- -    a denial of service (crash) by passing invalid parameters to the
- -    PPPIOCSMAXCID ioctl.  This also applies to ISDN PPP device nodes.</p></li>
+    <p>é?­æ°¸å?? обнаÑ?Ñ?жил, Ñ?Ñ?о полÑ?зоваÑ?елÑ?, имеÑ?Ñ?ий доÑ?Ñ?Ñ?п к /dev/ppp, можеÑ? вÑ?зваÑ?Ñ?
+    оÑ?каз в обÑ?лÑ?живании (аваÑ?ийнаÑ? оÑ?Ñ?ановка) пÑ?Ñ?Ñ?м пеÑ?едаÑ?и некоÑ?Ñ?екÑ?нÑ?Ñ? паÑ?амеÑ?Ñ?ов
+    PPPIOCSMAXCID ioctl.  Ð?Ñ?оме Ñ?ого, Ñ?Ñ?о каÑ?аеÑ?Ñ?Ñ? нод Ñ?Ñ?Ñ?Ñ?ойÑ?Ñ?в ISDN PPP.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7833";>CVE-2015-7833</a>
 
- -    <p>Sergej Schumilo, Hendrik Schwartke and Ralf Spenneberg discovered a
- -    flaw in the processing of certain USB device descriptors in the
- -    usbvision driver. An attacker with physical access to the system can
- -    use this flaw to crash the system.</p></li>
+    <p>СеÑ?гей ШÑ?мило, ХендÑ?ик ШваÑ?Ñ?ке и РалÑ?Ñ? ШпенненбеÑ?г обнаÑ?Ñ?жили
+    Ñ?Ñ?звимоÑ?Ñ?Ñ? в коде длÑ? обÑ?абоÑ?ки опÑ?еделÑ?ннÑ?Ñ? деÑ?кÑ?ипÑ?оÑ?ов USB-Ñ?Ñ?Ñ?Ñ?ойÑ?Ñ?в в
+    дÑ?айвеÑ?е usbvision. Ð?лоÑ?мÑ?Ñ?ленник, имеÑ?Ñ?ий Ñ?изиÑ?еÑ?кий доÑ?Ñ?Ñ?п к Ñ?иÑ?Ñ?еме, можеÑ?
+    иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? аваÑ?ийной оÑ?Ñ?ановки Ñ?иÑ?Ñ?емÑ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7990";>CVE-2015-7990</a>
 
- -    <p>It was discovered that the fix for <a href="https://security-tracker.debian.org/tracker/CVE-2015-6937";>CVE-2015-6937</a> was incomplete. A
- -    race condition when sending a message on unbound socket can still
- -    cause a NULL pointer dereference. A remote attacker might be able to
- -    cause a denial of service (crash) by sending a crafted packet.</p></li>
+    <p>Ð?Ñ?ло обнаÑ?Ñ?жно, Ñ?Ñ?о иÑ?пÑ?авление длÑ? <a href="https://security-tracker.debian.org/tracker/CVE-2015-6937";>CVE-2015-6937</a> неполно.
+    СоÑ?Ñ?оÑ?ние гонки пÑ?и оÑ?пÑ?авке Ñ?ообÑ?ениÑ? на непÑ?ивÑ?заннÑ?й Ñ?океÑ? можеÑ?
+    вÑ?зÑ?ваÑ?Ñ? Ñ?азÑ?менование NULL-Ñ?казаÑ?елÑ?. УдалÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? вÑ?зваÑ?Ñ?
+    оÑ?каз в обÑ?лÑ?живании (аваÑ?ийнаÑ? оÑ?Ñ?ановка) пÑ?Ñ?Ñ?м оÑ?пÑ?авки Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного пакеÑ?а.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8324";>CVE-2015-8324</a>
 
- -    <p><q>Valintinr</q> reported that an attempt to mount a corrupted ext4
- -    filesystem may result in a kernel panic.  A user permitted to
- -    mount filesystems could use this flaw to crash the system.</p></li>
+    <p><q>Valintinr</q> Ñ?ообÑ?ил, Ñ?Ñ?о попÑ?Ñ?ка Ñ?монÑ?иÑ?оваÑ?Ñ? повÑ?еждÑ?ннÑ?Ñ? Ñ?айловÑ?Ñ? Ñ?иÑ?Ñ?емÑ?
+    ext4 можеÑ? пÑ?иводиÑ?Ñ? к панике Ñ?дÑ?а.  Ð?олÑ?зоваÑ?елÑ?, обладаÑ?Ñ?ий пÑ?авами на
+    монÑ?иÑ?ование Ñ?айловÑ?ми Ñ?иÑ?Ñ?емами, можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? аваÑ?ийной оÑ?Ñ?ановки Ñ?иÑ?Ñ?емÑ?.</p></li>
 
 </ul>
 
- -<p>For the oldoldstable distribution (squeeze), these problems have been
- -fixed in version 2.6.32-48squeeze17.  We recommend that you upgrade your
- -linux-2.6 packages.</p>
- -
- -<p>For the oldstable (wheezy) and stable (jessie) distributions,
- -<a href="https://security-tracker.debian.org/tracker/CVE-2015-7833";>CVE-2015-7833</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2015-7990";>CVE-2015-7990</a> and <a href="https://security-tracker.debian.org/tracker/CVE-2015-8324";>CVE-2015-8324</a> have been fixed and the
- -other issues will be fixed soon.</p>
+<p>Ð? Ñ?Ñ?аÑ?ом пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли
+иÑ?пÑ?авленÑ? в веÑ?Ñ?ии 2.6.32-48squeeze17.  РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ?
+linux-2.6.</p>
+
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном (wheezy) и Ñ?Ñ?абилÑ?ном (jessie) вÑ?пÑ?Ñ?каÑ?
+<a href="https://security-tracker.debian.org/tracker/CVE-2015-7833";>CVE-2015-7833</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2015-7990";>CVE-2015-7990</a> и <a href="https://security-tracker.debian.org/tracker/CVE-2015-8324";>CVE-2015-8324</a> Ñ?же бÑ?ли иÑ?пÑ?авленÑ?, а оÑ?Ñ?алÑ?нÑ?е
+пÑ?облемÑ? бÑ?дÑ?Ñ? иÑ?пÑ?авленÑ? позже.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXTyyGAAoJEF7nbuICFtKl3nIP/j3uyJWtQllBDq+Z7WKdHG6r
20DjPul3r3ZOK+AZxG6W0lOwSq8lf/IO8+rGDSKlQllbs+FZLNq7/1atVqDEj1tc
jB5Ir6QGejuhFt5QanxeFznIJZ5yPxjG65aAxtLgC2po4u7ysrfGKzE1S5LFjAL+
HdIYB3EN3nHcdcWUXhJMbR3ci31lUf3EJtsQBgkFWSgBYXDyPVK4JH6N/ipZ2lkt
G0b12pBb9xCdFT/Is1usK6VFqHFhsQcrW7UXDScjVfugTIuBAHvczfxI0QFTfWnf
Jsr5NQ4ot7lglr9got/4Md0lXH+hP9enUppR/ObHqNZRimI9btRHVja6yM3ZVlqR
Qg26M+4j6iJ5rqHyrXjyUTD8wi4m2VLmiW0pZ5W94PUBCWlCyaZT36mEJJ2D1Kp3
fSfVqjs6aJv4KQATbHaqKxgykjXYWqbxcJ721LF65vcuD26KRPksnnJrcMhMmiEU
/Z3n8Is6OyC6x0ZoKdFD8VGI3gTTrp7DivElHqi/BfKCNWmbCieclNcP7sT4tKts
dqLmnYImQB2indwFmzd04XsS0cEE2eK99ew8OHy1yM/pQ6ETgRRm9YFkT2s7Etlr
pr//Ecg7VT4J3D245r7BJDVTSI2Ksulr1qRaEtsyWK2NAe9UNXJYJsFB2BRopHS0
ZSlEoMCgZny1du6xAjXm
=vB/w
-----END PGP SIGNATURE-----
Reply to: