[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2014/dla-1{18,03}.wml



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2014/dla-103.wml	2016-04-09 01:32:21.000000000 +0500
+++ russian/security/2014/dla-103.wml	2016-06-28 13:43:46.846245762 +0500
@@ -1,76 +1,77 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>This security upload has been prepared in cooperation of the Debian Kernel,
- -Security and LTS Teams and features the upstream stable release 2.6.32.64 (see
- -<a href="https://lkml.org/lkml/2014/11/23/181";>https://lkml.org/lkml/2014/11/23/181</a> for more information for that). It fixes
- -the CVEs described below.
- -<p><b>Note</b>: if you are using the openvz flavors, please consider three things: a.)
- -we haven't got any feedback on them (while we have for all other flavors) b.)
- -so do your test before deploying them and c.) once you have done so, please
- -give feedback to debian-lts@lists.debian.org.</p>
+<p>Ð?анное иÑ?пÑ?авление безопаÑ?ноÑ?Ñ?и бÑ?ло Ñ?овмеÑ?Ñ?но подгоÑ?овлено командами Debian Kernel,
+Security и LTS, оно Ñ?одеÑ?жиÑ? Ñ?Ñ?абилÑ?нÑ?й вÑ?пÑ?Ñ?к оÑ?новной веÑ?ки Ñ?азÑ?абоÑ?ки, 2.6.32.64 (дополниÑ?елÑ?нÑ?Ñ?
+инÑ?оÑ?маÑ?иÑ? Ñ?моÑ?Ñ?иÑ?е по адÑ?еÑ?Ñ? <a href="https://lkml.org/lkml/2014/11/23/181";>https://lkml.org/lkml/2014/11/23/181</a>). Ð?но иÑ?пÑ?авлÑ?еÑ?
+опиÑ?аннÑ?е ниже CVE.
+<p><b>Ð?нимание</b>: еÑ?ли вÑ? иÑ?полÑ?зÑ?еÑ?е ваÑ?ианÑ?Ñ? Ñ?дÑ?а длÑ? openvz, Ñ?о Ñ?Ñ?Ñ?иÑ?е Ñ?ледÑ?Ñ?Ñ?ее: a)
+мÑ? не полÑ?Ñ?или никакого оÑ?клика о ниÑ? (Ñ?оÑ?Ñ? мÑ? полÑ?Ñ?или оÑ?клики длÑ? вÑ?еÑ? оÑ?Ñ?алÑ?нÑ?Ñ? ваÑ?ианÑ?ов) b)
+поÑ?Ñ?омÑ? до Ñ?азвÑ?Ñ?Ñ?Ñ?ваниÑ? Ñ?дÑ?а вам Ñ?ледÑ?еÑ? его пÑ?оÑ?еÑ?Ñ?иÑ?оваÑ?Ñ?, а Ñ?акже c) когда вÑ? вÑ?полниÑ?е Ñ?еÑ?Ñ?иÑ?ование,
+Ñ?ообÑ?иÑ?е о его Ñ?езÑ?лÑ?Ñ?аÑ?аÑ? в Ñ?пиÑ?ок Ñ?аÑ?Ñ?Ñ?лки debian-lts@lists.debian.org.</p>
 
- -<p>If you are not using openvz flavors, please still consider b+c :-)</p>
+<p>Ð?Ñ?ли вÑ? не иÑ?полÑ?зÑ?еÑ?е ваÑ?ианÑ?Ñ? Ñ?дÑ?а длÑ? openvz, Ñ?о вÑ?Ñ? Ñ?авно Ñ?Ñ?Ñ?иÑ?е пÑ?нкÑ?Ñ? b+c :-)</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-6657";>CVE-2012-6657</a>
 
- -<p>Fix the sock_setsockopt function to prevent local users from being able to
- -cause a denial of service (system crash) attack.</p></li>
+<p>Ð?Ñ?пÑ?авление Ñ?Ñ?нкÑ?ии sock_setsockopt, Ñ?Ñ?обÑ? локалÑ?нÑ?е полÑ?зоваÑ?ели не могли
+вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании (аваÑ?ийнаÑ? оÑ?Ñ?ановка Ñ?иÑ?Ñ?емÑ?).</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2013-0228";>CVE-2013-0228</a>
 
- -<p>Fix a XEN priviledge escalation, which allowed guest OS users to gain guest OS
- -priviledges.</p></li>
+<p>Ð?Ñ?пÑ?авление повÑ?Ñ?ениÑ? пÑ?ивилегий XEN, Ñ?Ñ?о позволÑ?еÑ? полÑ?зоваÑ?елÑ?м гоÑ?Ñ?евÑ?Ñ? Ñ?иÑ?Ñ?ем полÑ?Ñ?аÑ?Ñ? пÑ?ава
+гоÑ?Ñ?евÑ?Ñ? Ñ?иÑ?Ñ?ем.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2013-7266";>CVE-2013-7266</a>
 
- -<p>Fix the mISDN_sock_recvmsg function to prevent local users from obtaining
- -sensitive information from kernel memory.</p></li>
+<p>Ð?Ñ?пÑ?авление Ñ?Ñ?нкÑ?ии mISDN_sock_recvmsg, Ñ?Ñ?обÑ? локалÑ?нÑ?е полÑ?зоваÑ?ели не могли полÑ?Ñ?иÑ?Ñ?
+Ñ?Ñ?вÑ?Ñ?виÑ?елÑ?нÑ?Ñ? инÑ?оÑ?маÑ?иÑ? из памÑ?Ñ?и Ñ?дÑ?а.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-4157";>CVE-2014-4157</a>
 
- -<p>MIPS platform: prevent local users from bypassing intended PR_SET_SECCOMP
- -restrictions.</p></li>
+<p>Ð?лаÑ?Ñ?оÑ?ма MIPS: иÑ?пÑ?авление, Ñ?Ñ?обÑ? локалÑ?нÑ?е полÑ?зоваÑ?ели не могли обÑ?одиÑ?Ñ? огÑ?аниÑ?ениÑ?
+PR_SET_SECCOMP.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-4508";>CVE-2014-4508</a>
 
- -<p>Prevent local users from causing a denial of service (OOPS and system crash)
- -when syscall auditing is enabled .</p></li>
+<p>Ð?Ñ?пÑ?авление, Ñ?Ñ?обÑ? локалÑ?нÑ?е полÑ?зоваÑ?ели не могли вÑ?зваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании (OOPS и аваÑ?ийнаÑ? оÑ?Ñ?ановка Ñ?иÑ?Ñ?емÑ?)
+в Ñ?ом Ñ?лÑ?Ñ?ае, когда вклÑ?Ñ?енÑ? аÑ?диÑ? Ñ?иÑ?Ñ?емнÑ?Ñ? вÑ?зовов.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-4653";>CVE-2014-4653</a>
 
 <p><a href="https://security-tracker.debian.org/tracker/CVE-2014-4654";>CVE-2014-4654</a>
 <a href="https://security-tracker.debian.org/tracker/CVE-2014-4655";>CVE-2014-4655</a></p>
 
- -<p>Fix the ALSA control implementation to prevent local users from causing a
- -denial of service attack and from obtaining sensitive information from kernel
- -memory.</p></li>
+<p>Ð?Ñ?пÑ?авление Ñ?еализаÑ?ии Ñ?пÑ?авлениÑ? ALSA, Ñ?Ñ?обÑ? локалÑ?нÑ?е полÑ?зоваÑ?ели не могли вÑ?зваÑ?Ñ?
+оÑ?каз в обÑ?лÑ?живании и полÑ?Ñ?аÑ?Ñ? Ñ?Ñ?вÑ?Ñ?виÑ?елÑ?нÑ?Ñ? инÑ?оÑ?маÑ?иÑ? из памÑ?Ñ?и
+Ñ?дÑ?а.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-4943";>CVE-2014-4943</a>
 
- -<p>Fix PPPoL2TP feature to prevent local users to from gaining privileges.</p></li>
+<p>Ð?Ñ?пÑ?авление PPPoL2TP, Ñ?Ñ?обÑ? локалÑ?нÑ?е полÑ?зоваÑ?ели не могли повÑ?Ñ?аÑ?Ñ? Ñ?вои пÑ?ивилегии.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-5077";>CVE-2014-5077</a>
 
- -<p>Prevent remote attackers from causing a denial of service attack involving
- -SCTP.</p></li>
+<p>Ð?Ñ?пÑ?авление, Ñ?Ñ?обÑ? Ñ?далÑ?ннÑ?е полÑ?зоваÑ?ели не могли вÑ?зваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании пÑ?Ñ?Ñ?м
+иÑ?полÑ?зованиÑ? SCTP.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-5471";>CVE-2014-5471</a>
 
 <p><a href="https://security-tracker.debian.org/tracker/CVE-2014-5472";>CVE-2014-5472</a></p>
 
- -<p>Fix the parse_rock_ridge_inode_internal function to prevent local users from
- -causing a denial of service attack via a crafted iso9660 images.</p></li>
+<p>Ð?Ñ?пÑ?авление Ñ?Ñ?нкÑ?ии parse_rock_ridge_inode_internal, Ñ?Ñ?обÑ? локалÑ?нÑ?е полÑ?зоваÑ?ели не могли
+вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании Ñ? помоÑ?Ñ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?Ñ? обÑ?азов в Ñ?оÑ?маÑ?е iso9660.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9090";>CVE-2014-9090</a>
 
- -<p>Fix the do_double_fault function to prevent local users from causing a denial
- -of service (panic) attack.</p></li>
+<p>Ð?Ñ?пÑ?авление Ñ?Ñ?нкÑ?ии do_double_fault, Ñ?Ñ?обÑ? локалÑ?нÑ?е полÑ?зоваÑ?ели не могли вÑ?зÑ?ваÑ?Ñ? оÑ?каз
+в обÑ?лÑ?живании (паника).</p></li>
 
 </ul>
 
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in linux-2.6 version 2.6.32-48squeeze9</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в пакеÑ?е linux-2.6 веÑ?Ñ?ии 2.6.32-48squeeze9</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2014/dla-118.wml	2016-04-06 03:02:53.000000000 +0500
+++ russian/security/2014/dla-118.wml	2016-06-28 13:32:39.203268583 +0500
@@ -1,41 +1,42 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Non-maintainer upload by the Squeeze LTS and Kernel Teams.</p>
+<p>Ð?агÑ?Ñ?зка вÑ?полнена не Ñ?опÑ?овождаÑ?Ñ?им, а командами Squeeze LTS и Kernel.</p>
 
- -<p>New upstream stable release 2.6.32.65, see
- -<a href="http://lkml.org/lkml/2014/12/13/81";>http://lkml.org/lkml/2014/12/13/81</a> for more information.</p>
+<p>Ð?овÑ?й Ñ?Ñ?абилÑ?нÑ?й вÑ?пÑ?Ñ?к оÑ?новной веÑ?ки Ñ?азÑ?абоÑ?ки, 2.6.32.65, дополниÑ?елÑ?нÑ?Ñ? инÑ?оÑ?маÑ?иÑ?
+Ñ?моÑ?Ñ?иÑ?е по адÑ?еÑ?Ñ? <a href="http://lkml.org/lkml/2014/12/13/81";>http://lkml.org/lkml/2014/12/13/81</a>.</p>
 
- -<p>The stable release 2.6.32.65 includes the following new commits compared
- -to the previous 2.6.32-48squeeze9 package:</p>
+<p>СÑ?абилÑ?нÑ?й вÑ?пÑ?Ñ?к 2.6.32.65 вклÑ?Ñ?аеÑ? в Ñ?ебÑ? Ñ?ледÑ?Ñ?Ñ?ие новÑ?е коммиÑ?Ñ? по Ñ?Ñ?авнениÑ?
+Ñ? пÑ?едÑ?дÑ?Ñ?им пакеÑ?ом 2.6.32-48squeeze9:</p>
 
 <ul>
- - <li>USB: whiteheat: Added bounds checking for bulk command response
+ <li>USB: whiteheat: добавление пÑ?овеÑ?ок гÑ?аниÑ? маÑ?Ñ?ива длÑ? оÑ?веÑ?а командÑ? bulk
    (<a href="https://security-tracker.debian.org/tracker/CVE-2014-3185";>CVE-2014-3185</a>)</li>
- - <li>net: sctp: fix panic on duplicate ASCONF chunks (<a href="https://security-tracker.debian.org/tracker/CVE-2014-3687";>CVE-2014-3687</a>)</li>
- - <li>net: sctp: fix remote memory pressure from excessive queueing
+ <li>net: sctp: иÑ?пÑ?авление паники пÑ?и дÑ?блиÑ?Ñ?Ñ?Ñ?иÑ? поÑ?Ñ?иÑ?Ñ? ASCONF (<a href="https://security-tracker.debian.org/tracker/CVE-2014-3687";>CVE-2014-3687</a>)</li>
+ <li>net: sctp: иÑ?пÑ?авление Ñ?далÑ?нного Ñ?Ñ?езмеÑ?ного поÑ?Ñ?еблениÑ? памÑ?Ñ?и из-за болÑ?Ñ?иÑ? оÑ?еÑ?едей
    (<a href="https://security-tracker.debian.org/tracker/CVE-2014-3688";>CVE-2014-3688</a>)</li>
- - <li>udf: Avoid infinite loop when processing indirect ICBs (<a href="https://security-tracker.debian.org/tracker/CVE-2014-6410";>CVE-2014-6410</a>)</li>
- - <li>net: sctp: fix NULL pointer dereference in af->from_addr_param on
- -   malformed packet (<a href="https://security-tracker.debian.org/tracker/CVE-2014-7841";>CVE-2014-7841</a>)</li>
- - <li>mac80211: fix fragmentation code, particularly for encryption
+ <li>udf: избегание беÑ?конеÑ?ного Ñ?икла пÑ?и обÑ?абоÑ?ке непÑ?Ñ?мÑ?Ñ? ICB (<a href="https://security-tracker.debian.org/tracker/CVE-2014-6410";>CVE-2014-6410</a>)</li>
+ <li>net: sctp: иÑ?пÑ?авление Ñ?азÑ?менованиÑ? NULL-Ñ?казаÑ?елÑ? в af->from_addr_param пÑ?и
+   полÑ?Ñ?ении некоÑ?Ñ?екÑ?ного пакеÑ?а (<a href="https://security-tracker.debian.org/tracker/CVE-2014-7841";>CVE-2014-7841</a>)</li>
+ <li>mac80211: иÑ?пÑ?авление Ñ?Ñ?агменÑ?аÑ?ии кода, оÑ?обенно длÑ? Ñ?иÑ?Ñ?ованиÑ?
    (<a href="https://security-tracker.debian.org/tracker/CVE-2014-8709";>CVE-2014-8709</a>)</li>
- - <li>ttusb-dec: buffer overflow in ioctl (<a href="https://security-tracker.debian.org/tracker/CVE-2014-8884";>CVE-2014-8884</a>)</li>
+ <li>ttusb-dec: пеÑ?еполнение бÑ?Ñ?еÑ?а в ioctl (<a href="https://security-tracker.debian.org/tracker/CVE-2014-8884";>CVE-2014-8884</a>)</li>
 </ul>
 
- -<p>We recommend that you upgrade your linux-2.6 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? linux-2.6.</p>
 
- -<p>We apologize for a minor cosmetic glitch:</p>
+<p>Ð?Ñ?иноÑ?им извинениÑ? за неболÑ?Ñ?ой коÑ?меÑ?иÑ?еÑ?кий деÑ?екÑ?:</p>
 
- -<p>The following commits were already included in 2.6.32-48squeeze9 despite
- -claims in debian/changelog they were only fixed in 2.6.32-48squeez10:</p>
+<p>СледÑ?Ñ?Ñ?ие коммиÑ?Ñ? Ñ?же вклÑ?Ñ?енÑ? в 2.6.32-48squeeze9, Ñ?оÑ?Ñ?
+в Ñ?айле debian/changelog Ñ?казано, Ñ?Ñ?о они иÑ?пÑ?авленÑ? Ñ?олÑ?ко в 2.6.32-48squeez10:</p>
 
 <ul>
- - <li>vlan: Don't propagate flag changes on down interfaces.</li>
- - <li>sctp: Fix double-free introduced by bad backport in 2.6.32.62</li>
- - <li>md/raid6: Fix misapplied backport in 2.6.32.64</li>
- - <li>block: add missing blk_queue_dead() checks</li>
- - <li>block: Fix blk_execute_rq_nowait() dead queue handling</li>
- - <li>proc connector: Delete spurious memset in proc_exit_connector()</li>
+ <li>vlan: не пеÑ?едаваÑ?Ñ? изменениÑ? Ñ?лагов по инÑ?еÑ?Ñ?ейÑ?ам.</li>
+ <li>sctp: иÑ?пÑ?авление двойного оÑ?вобождениÑ? памÑ?Ñ?и, поÑ?вивÑ?егоÑ?Ñ? из-за непÑ?авилÑ?ной адапÑ?аÑ?ии иÑ?пÑ?авлениÑ? в 2.6.32.62</li>
+ <li>md/raid6: иÑ?пÑ?авление непÑ?авилÑ?но пÑ?именÑ?нной заплаÑ?Ñ? в 2.6.32.64</li>
+ <li>block: добавление оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вÑ?Ñ?Ñ?иÑ? пÑ?овеÑ?ок blk_queue_dead()</li>
+ <li>block: иÑ?пÑ?авление обÑ?абоÑ?ки Ñ?Ñ?нкÑ?ией blk_execute_rq_nowait() <q>мÑ?Ñ?Ñ?вÑ?Ñ?</q> оÑ?еÑ?едей</li>
+ <li>proc connector: Ñ?даление Ñ?икÑ?ивного знаÑ?ениÑ? memset в proc_exit_connector()</li>
 </ul>
 </define-tag>
 
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXcjjFAAoJEF7nbuICFtKlprQQAK16qxryghp6Fhub2BDZvYXa
NI+7q9X3J9qh2IN34QJ7DC0fRxUeUBMKnRRcJlgj+aSH3D2ahadP0ZcYxHCn6M50
/sfwmjzHQO8zmiY+wa2++RcQCI/18kXlJxMa2uhhJTbxAqIZitrRqFjn373wL5yQ
bEjWfE2r6pso6iI3AtIpjSC0R8om/F28gVwYoEYM6AQWP+CCLwJa3Ae4YGEm5SXv
6e1xVROyTwoYvr1kiSYJ2VO9PRkf75O2t1/HSaIGvLUpKJs7qErf82DmwA+jFJS0
msC7zNzG3UvPO8uNKADKj5tJtGoCHjizUImF2IXwSVw8KxDsjXjEICykkXiDCqud
nd4PpI9kiUkJ3azJ/QL6ilM43atXfo/N9sCPALh9Ik9r/TBkrFKgcfbnpneS9/iQ
L5U9eeguJ132XU1k+kpFljiDbHLgRVxPNUt0xO9eJ4wdmUaLyMr74CYdNqcR/nNJ
SkyhG0H0ih6Mbf0zfhfRWOwWV0KhIMFejHg4TlNd0rdIjcsycuXCDqqVvJyfnEJP
WAWZYt8GYFs4aSzSWGcnZfnPhnq3qfxW8mVMxXynfg7VhedbHBBInrT8aiHzwzbh
GxAZd/ld2ms/nb7ySvXICQ3K6RBTmRgj7CG+hBUcEVV88xUJbJxtU7IcQijGmkXI
vh6A/GV2wk1KQrkzZXpi
=r8f4
-----END PGP SIGNATURE-----


Reply to: