[DONE] wml://security/2016/dsa-368{7,8}.wml

[Lev Lamberov <dogsleg@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2016/dsa-3687.wml	2016-10-06 10:05:02.000000000 +0500
+++ russian/security/2016/dsa-3687.wml	2016-10-07 00:17:08.390886251 +0500
@@ -1,35 +1,36 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Two vulnerabilities were reported in NSPR, a library to abstract over
- -operating system interfaces developed by the Mozilla project.</p>
+<p>Ð? NSPR, библиоÑ?еке длÑ? абÑ?Ñ?Ñ?агиÑ?ованиÑ? оÑ? инÑ?еÑ?Ñ?ейÑ?ов опеÑ?аÑ?ионной Ñ?иÑ?Ñ?емÑ?, Ñ?азÑ?абоÑ?аннаÑ?
+пÑ?оекÑ?ом Mozilla, бÑ?ли обнаÑ?Ñ?женÑ? две Ñ?Ñ?звимоÑ?Ñ?и.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-1951";>CVE-2016-1951</a>
 
- -    <p>q1 reported that the NSPR implementation of sprintf-style string
- -    formatting function miscomputed memory allocation sizes,
- -    potentially leading to heap-based buffer overflows</p></li>
+    <p>q1 Ñ?ообÑ?ил, Ñ?Ñ?о Ñ?еализаÑ?иÑ? NSPR Ñ?Ñ?нкÑ?ии Ñ?оÑ?маÑ?иÑ?ованиÑ? Ñ?Ñ?Ñ?оки в
+    Ñ?Ñ?иле sprintf непÑ?авилÑ?но вÑ?Ñ?иÑ?лÑ?еÑ? Ñ?азмеÑ? вÑ?делениÑ? памÑ?Ñ?и,
+    Ñ?Ñ?о поÑ?енÑ?иалÑ?но пÑ?иводиÑ? к пеÑ?еполнениÑ? динамиÑ?еÑ?кой памÑ?Ñ?и</p></li>
 
 </ul>
 
- -<p>The second issue concerns environment variable processing in NSPR.
- -The library did not ignore environment variables used to configuring
- -logging and tracing in processes which underwent a SUID/SGID/AT_SECURE
- -transition at process start.  In certain system configurations, this
- -allowed local users to escalate their privileges.</p>
- -
- -<p>In addition, this nspr update contains further stability and
- -correctness fixes and contains support code for an upcoming nss
- -update.</p>
+<p>Ð?Ñ?оÑ?аÑ? пÑ?облема каÑ?аеÑ?Ñ?Ñ? обÑ?абоÑ?ки в NSPR пеÑ?еменнÑ?Ñ? окÑ?Ñ?жениÑ?.
+Ð?иблиоÑ?ека не игноÑ?иÑ?Ñ?еÑ? пеÑ?еменнÑ?е окÑ?Ñ?жениÑ?, иÑ?полÑ?зÑ?емÑ?е длÑ? наÑ?Ñ?Ñ?ойки
+жÑ?Ñ?налиÑ?ованиÑ? и Ñ?Ñ?аÑ?Ñ?иÑ?овки в пÑ?оÑ?еÑ?Ñ?аÑ?, вÑ?полнÑ?Ñ?Ñ? пеÑ?еÑ?од SUID/SGID/AT_SECURE
+во вÑ?емÑ? запÑ?Ñ?ка пÑ?оÑ?еÑ?Ñ?а.  Ð?Ñ?и опÑ?еделÑ?ннÑ?Ñ? наÑ?Ñ?Ñ?ойкаÑ? Ñ?иÑ?Ñ?емÑ? Ñ?Ñ?о
+позволÑ?еÑ? локалÑ?нÑ?м полÑ?зоваÑ?елÑ?м повÑ?Ñ?аÑ?Ñ? пÑ?ивилегии.</p>
+
+<p>Ð?Ñ?оме Ñ?ого, данное обновление nspr Ñ?одеÑ?жиÑ? дополниÑ?елÑ?нÑ?е иÑ?пÑ?авлениÑ?
+Ñ?Ñ?абилÑ?ноÑ?Ñ?и и коÑ?Ñ?екÑ?ноÑ?Ñ?и, а Ñ?акже поддеÑ?жкÑ? гоÑ?овÑ?Ñ?егоÑ?Ñ?
+обновлениÑ? nss.</p>
 
- -<p>For the stable distribution (jessie), these problems have been fixed
- -in version 2:4.12-1+debu8u1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 2:4.12-1+debu8u1.</p>
 
- -<p>For the unstable distribution (sid), these problems have been fixed in
- -version 2:4.12-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2:4.12-1.</p>
 
- -<p>We recommend that you upgrade your nspr packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? nspr.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2016/dsa-3688.wml	2016-10-06 10:05:46.000000000 +0500
+++ russian/security/2016/dsa-3688.wml	2016-10-07 00:29:22.884788209 +0500
@@ -1,73 +1,74 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities were discovered in NSS, the cryptography
- -library developed by the Mozilla project.</p>
+<p>Ð? NSS, кÑ?ипÑ?огÑ?аÑ?иÑ?еÑ?кой библиоÑ?еке, Ñ?азÑ?абоÑ?анной пÑ?оекÑ?ом Mozilla,
+бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-4000";>CVE-2015-4000</a>
 
- -    <p>David Adrian et al. reported that it may be feasible to attack
- -    Diffie-Hellman-based cipher suites in certain circumstances,
- -    compromising the confidentiality and integrity of data encrypted
- -    with Transport Layer Security (TLS).</p></li>
+    <p>Ð?авид Ð?дÑ?иан и дÑ?. Ñ?ообÑ?или, Ñ?Ñ?о пÑ?и опÑ?еделÑ?ннÑ?Ñ? обÑ?Ñ?оÑ?Ñ?елÑ?Ñ?Ñ?ваÑ? веÑ?оÑ?Ñ?но
+    можно аÑ?аковаÑ?Ñ? набоÑ?Ñ? Ñ?иÑ?Ñ?ов на оÑ?нове пÑ?оÑ?окола Ð?иÑ?Ñ?и-Хеллмана,
+    компÑ?омеÑ?иÑ?Ñ?Ñ? конÑ?иденÑ?иалÑ?ноÑ?Ñ?Ñ? и Ñ?елоÑ?Ñ?ноÑ?Ñ?Ñ? даннÑ?Ñ?, заÑ?иÑ?Ñ?ованнÑ?Ñ?
+    Ñ? помоÑ?Ñ?Ñ? Transport Layer Security (TLS).</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7181";>CVE-2015-7181</a>
     <a href="https://security-tracker.debian.org/tracker/CVE-2015-7182";>CVE-2015-7182</a>
     <a href="https://security-tracker.debian.org/tracker/CVE-2016-1950";>CVE-2016-1950</a>
 
- -    <p>Tyson Smith, David Keeler, and Francis Gabriel discovered
- -    heap-based buffer overflows in the ASN.1 DER parser, potentially
- -    leading to arbitrary code execution.</p></li>
+    <p>ТайÑ?он СмиÑ?, Ð?Ñ?вид Ð?илеÑ? и ФÑ?анÑ?Ñ?а Ð?абÑ?иÑ?лÑ? обнаÑ?Ñ?жили
+    пеÑ?еполнениÑ? динамиÑ?еÑ?кой памÑ?Ñ?и в коде длÑ? гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а ASN.1 DER, коÑ?оÑ?Ñ?е
+    поÑ?енÑ?иалÑ?но пÑ?иводÑ?Ñ? к вÑ?полнениÑ? пÑ?оизволÑ?ного кода.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7575";>CVE-2015-7575</a>
 
- -    <p>Karthikeyan Bhargavan discovered that TLS client implementation
- -    accepted MD5-based signatures for TLS 1.2 connections with forward
- -    secrecy, weakening the intended security strength of TLS
- -    connections.</p></li>
+    <p>Ð?аÑ?Ñ?икеÑ?н Ð?Ñ?аÑ?гаван обнаÑ?Ñ?жил, Ñ?Ñ?о Ñ?еализаÑ?иÑ? в TLS-клиенÑ?е
+    пÑ?инÑ?Ñ?иÑ? подпиÑ?ей на оÑ?нове MD5 длÑ? Ñ?оединений TLS 1.2 Ñ? пÑ?Ñ?мой
+    Ñ?екÑ?еÑ?ноÑ?Ñ?Ñ?Ñ?, оÑ?лаблÑ?еÑ? пÑ?едполагаемÑ?Ñ? Ñ?Ñ?ойкоÑ?Ñ?Ñ? Ñ?оединений
+    TLS.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-1938";>CVE-2016-1938</a>
 
- -    <p>Hanno Boeck discovered that NSS miscomputed the result of integer
- -    division for certain inputs.  This could weaken the cryptographic
- -    protections provided by NSS.  However, NSS implements RSA-CRT leak
- -    hardening, so RSA private keys are not directly disclosed by this
- -    issue.</p></li>
+    <p>Ханно Ð?Ñ?к обнаÑ?Ñ?жил, Ñ?Ñ?о NSS непÑ?авилÑ?но вÑ?Ñ?иÑ?лÑ?еÑ? Ñ?езÑ?лÑ?Ñ?аÑ? делениÑ?
+    Ñ?елÑ?Ñ? Ñ?иÑ?ел пÑ?и полÑ?Ñ?ении опÑ?еделÑ?ннÑ?Ñ? вÑ?однÑ?Ñ? даннÑ?Ñ?.  ЭÑ?о можеÑ? оÑ?лабиÑ?Ñ? кÑ?ипÑ?огÑ?аÑ?иÑ?еÑ?кÑ?Ñ?
+    заÑ?иÑ?Ñ?, пÑ?едоÑ?Ñ?авлÑ?емÑ?Ñ? NSS.  Тем не менее, NSS Ñ?еализÑ?ем заÑ?иÑ?Ñ? оÑ? Ñ?Ñ?еÑ?ек
+    RSA-CRT, поÑ?Ñ?омÑ? закÑ?Ñ?Ñ?Ñ?е RSA-клÑ?Ñ?и из-за Ñ?Ñ?ой пÑ?облемÑ? не
+    Ñ?аÑ?кÑ?Ñ?ваÑ?Ñ?Ñ?Ñ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-1978";>CVE-2016-1978</a>
 
- -    <p>Eric Rescorla discovered a user-after-free vulnerability in the
- -    implementation of ECDH-based TLS handshakes, with unknown
- -    consequences.</p></li>
+    <p>ЭÑ?ик РеÑ?коÑ?ла обнаÑ?Ñ?жил иÑ?полÑ?зование Ñ?казаÑ?елей поÑ?ле оÑ?вобождениÑ? памÑ?Ñ?и в
+    Ñ?еализаÑ?ии TLS-Ñ?Ñ?копожаÑ?ий на оÑ?нове ECDH, коÑ?оÑ?ое имееÑ? неизвеÑ?Ñ?нÑ?е
+    поÑ?ледÑ?Ñ?виÑ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-1979";>CVE-2016-1979</a>
 
- -    <p>Tim Taubert discovered a use-after-free vulnerability in ASN.1 DER
- -    processing, with application-specific impact.</p></li>
+    <p>Тим ТаÑ?беÑ?Ñ? обнаÑ?Ñ?жил иÑ?полÑ?зование Ñ?казаÑ?елей поÑ?ле оÑ?вобождениÑ? памÑ?Ñ?и в коде
+    обÑ?абоÑ?ки ASN.1 DER, коÑ?оÑ?ое оказÑ?ваеÑ? Ñ?азное влиÑ?ние в завиÑ?имоÑ?Ñ?и оÑ? пÑ?иложениÑ?, иÑ?полÑ?зÑ?Ñ?Ñ?его NSS.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-2834";>CVE-2016-2834</a>
 
- -    <p>Tyson Smith and Jed Davis discovered unspecified memory-safety
- -    bugs in NSS.</p></li>
+    <p>ТайÑ?он СмиÑ? и Ð?жед Ð?Ñ?виÑ? обнаÑ?Ñ?жили в NSS оÑ?ибки Ñ?елоÑ?Ñ?ноÑ?Ñ?и Ñ?одеÑ?жимого
+    памÑ?Ñ?и.</p></li>
 
 </ul>
 
- -<p>In addition, the NSS library did not ignore environment variables in
- -processes which underwent a SUID/SGID/AT_SECURE transition at process
- -start.  In certain system configurations, this allowed local users to
- -escalate their privileges.</p>
+<p>Ð?Ñ?оме Ñ?ого, библиоÑ?ека NSS не игноÑ?иÑ?Ñ?еÑ? пеÑ?еменнÑ?е окÑ?Ñ?жениÑ? в
+пÑ?оÑ?еÑ?Ñ?аÑ?, вÑ?полнÑ?Ñ?Ñ? пеÑ?еÑ?од SUID/SGID/AT_SECURE
+во вÑ?емÑ? запÑ?Ñ?ка пÑ?оÑ?еÑ?Ñ?а.  Ð?Ñ?и опÑ?еделÑ?ннÑ?Ñ? наÑ?Ñ?Ñ?ойкаÑ? Ñ?иÑ?Ñ?емÑ? Ñ?Ñ?о
+позволÑ?еÑ? локалÑ?нÑ?м полÑ?зоваÑ?елÑ?м повÑ?Ñ?аÑ?Ñ? пÑ?ивилегии.</p>
 
- -<p>This update contains further correctness and stability fixes without
- -immediate security impact.</p></li>
+<p>Ð?анное обновление Ñ?одеÑ?жиÑ? дополниÑ?елÑ?нÑ?е иÑ?пÑ?авлениÑ? коÑ?Ñ?екÑ?ноÑ?Ñ?и и Ñ?Ñ?абилÑ?ноÑ?Ñ?и,
+коÑ?оÑ?Ñ?е не имеÑ?Ñ? непоÑ?Ñ?едÑ?Ñ?венного влиÑ?ниÑ? на безопаÑ?ноÑ?Ñ?и.</p></li>
 
- -<p>For the stable distribution (jessie), these problems have been fixed in
- -version 2:3.26-1+debu8u1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2:3.26-1+debu8u1.</p>
 
- -<p>For the unstable distribution (sid), these problems have been fixed in
- -version 2:3.23-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2:3.23-1.</p>
 
- -<p>We recommend that you upgrade your nss packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? nss.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJX9qYZAAoJEF7nbuICFtKlfBIP/indwrNi29dk3ZMMPrvo8cKe
I+Mxn0HbjjZJiOOYl8Tt43Qf1skXEyNUGhC+Cu0Cv43f3EhXzOrsBNUT6vjo8doK
TJoB9/LtUd/yZWfHgeEWGYQP3ajnBSqTd4xbUtxr/VHgwBrJ2uaalVxEI7AWvgXN
5v25T0Ekc2ZAyZ5n7HJGKK3ae6B6hf+YZRnAfpBbMzfbWqLOVEL6U3PFXihV8YhK
yKdTTg541LD2qPh6KaXL2p7q6Inn+n2V7m6cOOKsnFFFSZdJVDFYnSAputNfQa+y
zjqt0f8tevd9zGMXDeBpjPSny/JTPjGoPjcUxPuNzvMHmVZp0t7bDAwPP8VFyONF
kwNg0nQQhpDKy+GH2hd21Fje2wKomnxkklkf4W0VXqgZ4eMZLJ3xq4raTwlxi2mQ
K74My9aHCWro8dQPZTY87SkksNHwHnRteA5+DYSEw1FdXYEotLWDTvfsLluQx3gi
uvc7XlX4OHtibeVdrlUcm1wfrNXdoK3WCGf9Q7UCL8ubMkb/iezAhrPCmNIoI33l
Y6BAXN1mRx83dOV5XFYqcErLCSjK4vy3cWgm9BRQcK2lz85KUQV/1J+9/+ECTWh3
H/ezFmL9h88eJksykKQ4ZNCmirIXOe2C6ne6iLgHxcAOSqla9au8Rcq3YqOGH4xO
2iWKcLEmpN7NjmuQ6xUo
=riUj
-----END PGP SIGNATURE-----