[DONE] wml://security/2008/dsa-15{65,16}.wml

[Lev Lamberov <dogsleg@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2008/dsa-1516.wml	2014-04-30 13:16:15.000000000 +0600
+++ russian/security/2008/dsa-1516.wml	2016-10-29 23:50:55.532614422 +0500
@@ -1,35 +1,36 @@
- -<define-tag description>privilege escalation</define-tag>
+#use wml::debian::translation-check translation="1.5" maintainer="Lev Lamberov"
+<define-tag description>повÑ?Ñ?ение пÑ?ивилегий</define-tag>
 <define-tag moreinfo>
- -<p>Prior to this update, the default configuration for Dovecot used by
- -Debian runs the server daemons with group mail privileges.  This means
- -that users with write access to their mail directory on the server
- -(for example, through an SSH login) could read and also delete via a symbolic link mailboxes owned by
- -other users for which they do not have direct access
- -(<a href="https://security-tracker.debian.org/tracker/CVE-2008-1199";>CVE-2008-1199</a>).  In addition, an internal interpretation conflict in
- -password handling has been addressed proactively, even though it is
- -not known to be exploitable (<a href="https://security-tracker.debian.org/tracker/CVE-2008-1218";>CVE-2008-1218</a>).</p>
- -
- -<p>Note that applying this update requires manual action: The
- -configuration setting <q>mail_extra_groups = mail</q> has been replaced
- -with <q>mail_privileged_group = mail</q>.  The update will show a
- -configuration file conflict in /etc/dovecot/dovecot.conf.  It is
- -recommended that you keep the currently installed configuration file,
- -and change the affected line.  For your reference, the sample
- -configuration (without your local changes) will have been written to
+<p>Ð?о данного обновлениÑ? наÑ?Ñ?Ñ?ойки Dovecot, иÑ?полÑ?зÑ?емÑ?е в Debian по Ñ?молÑ?аниÑ?,
+запÑ?Ñ?кали Ñ?еÑ?веÑ?нÑ?е Ñ?лÑ?жбÑ? Ñ? пÑ?авами гÑ?Ñ?ппÑ? mail.  ЭÑ?о ознаÑ?аеÑ?, Ñ?Ñ?о
+полÑ?зоваÑ?ели Ñ? пÑ?авом на запиÑ?Ñ? в Ñ?вой поÑ?Ñ?овÑ?й каÑ?алог на Ñ?еÑ?веÑ?е
+(напÑ?имеÑ?, Ñ?еÑ?ез SSH) могÑ?Ñ? Ñ?Ñ?иÑ?Ñ?ваÑ?Ñ? и Ñ?далÑ?Ñ?Ñ? Ñ? помоÑ?Ñ?Ñ? Ñ?имволÑ?нÑ?Ñ? Ñ?Ñ?Ñ?лок поÑ?Ñ?Ñ? дÑ?Ñ?гиÑ?
+полÑ?зоваÑ?елей, к коÑ?оÑ?ой пеÑ?вÑ?е не имеÑ?Ñ? непоÑ?Ñ?едÑ?Ñ?венного доÑ?Ñ?Ñ?па
+(<a href="https://security-tracker.debian.org/tracker/CVE-2008-1199";>CVE-2008-1199</a>).  Ð?Ñ?оме Ñ?ого, пÑ?едÑ?Ñ?моÑ?Ñ?иÑ?елÑ?но
+иÑ?пÑ?авлен внÑ?Ñ?Ñ?енний конÑ?ликÑ? инÑ?еÑ?пÑ?еÑ?аÑ?ий в коде обÑ?абоÑ?ки паÑ?олей, Ñ?оÑ?Ñ?
+и неÑ? Ñ?ведений о Ñ?ом, Ñ?Ñ?о он иÑ?полÑ?зÑ?еÑ?Ñ?Ñ? злоÑ?мÑ?Ñ?ленниками (<a href="https://security-tracker.debian.org/tracker/CVE-2008-1218";>CVE-2008-1218</a>).</p>
+
+<p>Ð?амеÑ?Ñ?Ñ?е, Ñ?Ñ?о данное обновление Ñ?Ñ?ебÑ?еÑ? вÑ?полнениÑ? Ñ?Ñ?да дейÑ?Ñ?вий вÑ?Ñ?Ñ?нÑ?Ñ?.
+Ð?иÑ?екÑ?ива наÑ?Ñ?Ñ?ойки <q>mail_extra_groups = mail</q> бÑ?л заменÑ?н на
+<q>mail_privileged_group = mail</q>.  Ð?анное обновление покажеÑ?
+конÑ?ликÑ? в Ñ?айле наÑ?Ñ?Ñ?ойки в /etc/dovecot/dovecot.conf.  РекомендÑ?еÑ?Ñ?Ñ?
+Ñ?оÑ?Ñ?аниÑ?Ñ? Ñ?Ñ?Ñ?ановленнÑ?й в наÑ?Ñ?оÑ?Ñ?ее вÑ?емÑ? Ñ?айл наÑ?Ñ?Ñ?оек
+и измениÑ?Ñ? в нÑ?м Ñ?Ñ?Ñ? Ñ?Ñ?Ñ?окÑ?.  Ð?лÑ? Ñ?пÑ?авки пÑ?имеÑ? Ñ?айла наÑ?Ñ?Ñ?ойки
+(без ваÑ?иÑ? локалÑ?нÑ?Ñ? изменений) бÑ?деÑ? Ñ?оÑ?Ñ?анÑ?н как
 /etc/dovecot/dovecot.conf.dpkg-new.</p>
 
- -<p>If your current configuration uses <code>mail_extra_groups</code> with a value
- -different from <q>mail</q>, you may have to resort to the
- -<code>mail_access_groups</code> configuration directive.</p>
+<p>Ð?Ñ?ли ваÑ?и Ñ?екÑ?Ñ?ие наÑ?Ñ?Ñ?ойки иÑ?полÑ?зÑ?Ñ?Ñ? <code>mail_extra_groups</code> Ñ?о знаÑ?ением,
+оÑ?лиÑ?нÑ?м оÑ? <q>mail</q>, Ñ?о вам Ñ?ледÑ?еÑ? иÑ?полÑ?зоваÑ?Ñ?
+диÑ?екÑ?ивÑ? <code>mail_access_groups</code>.</p>
 
- -<p>For the old stable distribution (sarge), no updates are provided.
- -We recommend that you consider upgrading to the stable distribution.</p>
+<p>Ð?лÑ? пÑ?едÑ?дÑ?Ñ?его Ñ?Ñ?абилÑ?ного вÑ?пÑ?Ñ?ка (sarge) обновлениÑ? не пÑ?едоÑ?Ñ?авлÑ?Ñ?Ñ?Ñ?Ñ?.
+РекомендÑ?еÑ?Ñ?Ñ? вÑ?полниÑ?Ñ? обновление до Ñ?Ñ?абилÑ?ного вÑ?пÑ?Ñ?ка.</p>
 
- -<p>For the stable distribution (etch), these problems have been fixed in
- -version 1.0.rc15-2etch4.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.0.rc15-2etch4.</p>
 
- -<p>For the unstable distribution (sid), these problems have been fixed in
- -version 1.0.13-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.0.13-1.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2008/dsa-1565.wml	2014-04-30 13:16:15.000000000 +0600
+++ russian/security/2008/dsa-1565.wml	2016-10-29 23:37:51.272288441 +0500
@@ -1,45 +1,46 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several local vulnerabilities have been discovered in the Linux kernel
- -that may lead to a denial of service or the execution of arbitrary
- -code. The Common Vulnerabilities and Exposures project identifies the
- -following problems:</p>
+<p>Ð? Ñ?дÑ?е Linux бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко локалÑ?нÑ?Ñ? Ñ?Ñ?звимоÑ?Ñ?ей, коÑ?оÑ?Ñ?е
+могÑ?Ñ? пÑ?иводиÑ?Ñ? к оÑ?казÑ? в обÑ?лÑ?живании или вÑ?полнениÑ? пÑ?оизволÑ?ного
+кода. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures опÑ?еделÑ?еÑ?
+Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-6694";>CVE-2007-6694</a>
 
- -    <p>Cyrill Gorcunov reported a NULL pointer dereference in code specific
- -    to the CHRP PowerPC platforms. Local users could exploit this issue
- -    to achieve a Denial of Service (DoS).</p></li>
+    <p>Ð?иÑ?илл Ð?оÑ?кÑ?нов Ñ?ообÑ?ил о Ñ?азÑ?меновании NULL-Ñ?казаÑ?елÑ? в коде, Ñ?пеÑ?иÑ?иÑ?ном
+    длÑ? плаÑ?Ñ?оÑ?м CHRP PowerPC. Ð?окалÑ?нÑ?е полÑ?зоваÑ?ели могÑ?Ñ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? пÑ?облемÑ?
+    длÑ? вÑ?зова оÑ?каза в обÑ?лÑ?живании (DoS).</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-0007";>CVE-2008-0007</a>
 
- -    <p>Nick Piggin of SuSE discovered a number of issues in subsystems which
- -    register a fault handler for memory mapped areas. This issue can be
- -    exploited by local users to achieve a Denial of Service (DoS) and possibly
- -    execute arbitrary code.</p></li>
+    <p>Ð?ик Ð?иггин из SuSE обнаÑ?Ñ?жил Ñ?Ñ?д пÑ?облем в подÑ?иÑ?Ñ?емаÑ?, коÑ?оÑ?Ñ?е
+    Ñ?егиÑ?Ñ?Ñ?иÑ?Ñ?Ñ?Ñ? обÑ?абоÑ?Ñ?ик оÑ?казов длÑ? оÑ?обÑ?ажаемÑ?Ñ? облаÑ?Ñ?ей памÑ?Ñ?и. ЭÑ?а пÑ?облема можеÑ?
+    иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? локалÑ?нÑ?ми полÑ?зоваÑ?елÑ?ми длÑ? вÑ?зова оÑ?каза в обÑ?лÑ?живании (DoS) и возможного
+    вÑ?полнениÑ? пÑ?оизволÑ?ного кода.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-1294";>CVE-2008-1294</a>
 
- -    <p>David Peer discovered that users could escape administrator imposed cpu
- -    time limitations (RLIMIT_CPU) by setting a limit of 0.</p></li>
+    <p>Ð?Ñ?вид Ð?иÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о полÑ?зоваÑ?ели могÑ?Ñ? вÑ?йÑ?и за Ñ?Ñ?Ñ?ановленнÑ?е админиÑ?Ñ?Ñ?аÑ?оÑ?ом
+    огÑ?аниÑ?ениÑ? на вÑ?емÑ? ЦÐ? (RLIMIT_CPU), Ñ?Ñ?Ñ?ановив пÑ?едел в знаÑ?ение 0.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-1375";>CVE-2008-1375</a>
 
- -    <p>Alexander Viro discovered a race condition in the directory notification
- -    subsystem that allows local users to cause a Denial of Service (oops)
- -    and possibly result in an escalation of privileges.</p></li>
+    <p>Ð?лекÑ?андÑ? Ð?иÑ?о обнаÑ?Ñ?жил Ñ?оÑ?Ñ?оÑ?ние гонки в подÑ?иÑ?Ñ?еме Ñ?ведомлениÑ? каÑ?алогов,
+    коÑ?оÑ?ое позволÑ?еÑ? локалÑ?нÑ?м полÑ?зоваÑ?елÑ?м вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании (oops)
+    и можеÑ? пÑ?иводиÑ?Ñ? к повÑ?Ñ?ениÑ? пÑ?ивилегий.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (etch), these problems have been fixed in version
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии
 2.6.18.dfsg.1-18etch3.</p>
 
- -<p>The unstable (sid) and testing distributions will be fixed soon.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном (sid) и Ñ?еÑ?Ñ?иÑ?Ñ?емом вÑ?пÑ?Ñ?каÑ? Ñ?Ñ?и пÑ?облемÑ? бÑ?дÑ?Ñ? иÑ?пÑ?авленÑ? позже.</p>
 
- -<p>We recommend that you upgrade your linux-2.6, fai-kernels, and
- -user-mode-linux packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? linux-2.6, fai-kernels и
+user-mode-linux.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJYFO+TAAoJEF7nbuICFtKljzkP/2EdjmixAcVg3zrjY3am0u0f
nLGdnd9wT0T2Uk/E4cxuI7gXYqSLfhtUcMvq0jUN8QZ1wxb4V65XTdbOsAhOqroi
BEjWor4zf6X1O5b2XOYSst2YceDy7kDoMYXjGMPQB9S1zuybuyUyLuQKANOdKX0B
ZrkOtbNgMNFcYXLG6PS23RZGf6LF+4phHRem2fHAxbOdpjZvgKj3/1LlK4uKYNs1
/FMZ8wk2Nyl7xVFFCjZ2rIzUSEhCZxILRBvevEvmFiGXWtc0CZemDgf5QEJmGBGa
+C6YRe0DqDJsVhvFWkstfvkPWF7AgVVRBo8dUzT85YDMaN46jtiMRIsIWxzoaHiw
RGY+KftapVlfi5VkVrN0um80fASdpigK6qHT6DkzsjgWBb+zC6AxZ6PiXaynkH1+
yCDYg44ksF1Cz89HZ6ADwHIYO2a60c/BcIR3bq/3qLECozRf9GrqkyzYpq1s3SmA
nMyHKCIeOt4R/j8iTeQRKJJSdi6aPB3flvxwwbMxtN5mpLzcUSS3ZyEYY0G4BNXZ
3Ubu7ghtllw01xZLxSCy8xz8yE9aHpfZN8QRU36ecUQ5ik15E9ZbGccJPud+8e99
jL/y/KzdGhwven7/6fFI6wcugrB0i1KdjUQ7ZmTP5GywCxXOD9e4LL4bBtuOqFmd
kZJUKYbBrnnMf1+nT58j
=YAUa
-----END PGP SIGNATURE-----