[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://{security/2016/dsa-3729.wml}

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2016/dsa-3729.wml	2016-12-08 11:56:24.000000000 +0500
+++ russian/security/2016/dsa-3729.wml	2016-12-08 12:57:31.400769477 +0500
@@ -1,69 +1,70 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Multiple vulnerabilities have been discovered in the Xen hypervisor. The
- -Common Vulnerabilities and Exposures project identifies the following
- -problems:</p>
+<p>Ð? гипеÑ?визоÑ?е Xen бÑ?ли обнаÑ?Ñ?женÑ? многоÑ?иÑ?леннÑ?е Ñ?Ñ?звимоÑ?Ñ?и. Ð?Ñ?оекÑ?
+Common Vulnerabilities and Exposures опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие
+пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-7777";>CVE-2016-7777</a>
     (XSA-190)
 
- -    <p>Jan Beulich from SUSE discovered that Xen does not properly honor
- -    CR0.TS and CR0.EM for x86 HVM guests, potentially allowing guest
- -    users to read or modify FPU, MMX, or XMM register state information
- -    belonging to arbitrary tasks on the guest by modifying an
- -    instruction while the hypervisor is preparing to emulate it.</p></li>
+    <p>Ян Ð?Ñ?лиÑ? из SUSE обнаÑ?Ñ?жил, Ñ?Ñ?о Xen непÑ?авилÑ?но Ñ?облÑ?даеÑ?
+    CR0.TS и CR0.EM длÑ? гоÑ?Ñ?евÑ?Ñ? Ñ?иÑ?Ñ?ем HVM аÑ?Ñ?иÑ?екÑ?Ñ?Ñ?Ñ? x86, поÑ?енÑ?иалÑ?но позволÑ?Ñ? полÑ?зоваÑ?елÑ?м
+    гоÑ?Ñ?евой Ñ?иÑ?Ñ?емÑ? Ñ?Ñ?иÑ?Ñ?ваÑ?Ñ? или изменÑ?Ñ?Ñ? инÑ?оÑ?маÑ?иÑ? о Ñ?оÑ?Ñ?оÑ?нии Ñ?егиÑ?Ñ?Ñ?ов FPU, MMX или XMM,
+    оÑ?ноÑ?Ñ?Ñ?Ñ?Ñ?Ñ?Ñ? к пÑ?оизволÑ?нÑ?м задаÑ?ам гоÑ?Ñ?евой Ñ?иÑ?Ñ?емÑ? пÑ?Ñ?Ñ?м изменениÑ?
+    инÑ?Ñ?Ñ?Ñ?кÑ?ии в Ñ?оÑ? моменÑ?, когда гипеÑ?визоÑ? гоÑ?овиÑ?Ñ?Ñ? к еÑ? Ñ?мÑ?лÑ?Ñ?ии.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-9379";>CVE-2016-9379</a>,
     <a href="https://security-tracker.debian.org/tracker/CVE-2016-9380";>CVE-2016-9380</a> (XSA-198)
 
- -    <p>Daniel Richman and Gabor Szarka of the Cambridge University
- -    Student-Run Computing Facility discovered that pygrub, the boot
- -    loader emulator, fails to quote (or sanity check) its results when
- -    reporting them to its caller. A malicious guest administrator can
- -    take advantage of this flaw to cause an information leak or denial
- -    of service.</p></li>
+    <p>Ð?аниелÑ? РиÑ?мн и Ð?абоÑ? СзаÑ?ка из Ñ?Ñ?Ñ?денÑ?еÑ?кого вÑ?Ñ?иÑ?лиÑ?елÑ?ного Ñ?енÑ?Ñ?а Ð?ембÑ?иджÑ?кого
+    Ñ?нивеÑ?Ñ?иÑ?еÑ?а обнаÑ?Ñ?жили, Ñ?Ñ?о pygrub, Ñ?мÑ?лÑ?Ñ?оÑ? загÑ?Ñ?зÑ?ика,
+    не заклÑ?Ñ?аеÑ? в кавÑ?Ñ?ки (и не вÑ?полнÑ?еÑ? пÑ?овеÑ?кÑ? Ñ?иÑ?Ñ?оÑ?Ñ?) Ñ?езÑ?лÑ?Ñ?аÑ? Ñ?воей Ñ?абоÑ?Ñ? пÑ?и
+    Ñ?ообÑ?ении его вÑ?зÑ?ваÑ?Ñ?ей Ñ?Ñ?нкÑ?ии. Ð?дминиÑ?Ñ?Ñ?аÑ?оÑ? гоÑ?Ñ?евой Ñ?иÑ?Ñ?емÑ? можеÑ?
+    иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? вÑ?зова Ñ?Ñ?еÑ?ки инÑ?оÑ?маÑ?ии или оÑ?каза
+    в обÑ?лÑ?живании.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-9382";>CVE-2016-9382</a>
     (XSA-192)
 
- -    <p>Jan Beulich of SUSE discovered that Xen does not properly handle x86
- -    task switches to VM86 mode. A unprivileged guest process can take
- -    advantage of this flaw to crash the guest or, escalate its
- -    privileges to that of the guest operating system.</p></li>
+    <p>Ян Ð?Ñ?лиÑ? из SUSE обнаÑ?Ñ?жил, Ñ?Ñ?о Xen непÑ?авилÑ?но обÑ?абаÑ?Ñ?ваеÑ? пеÑ?еклÑ?Ñ?ение задаÑ? x86
+    в Ñ?ежим VM86. Ð?епÑ?ивилегиÑ?ованнÑ?й гоÑ?Ñ?евой пÑ?оÑ?еÑ?Ñ? можеÑ? иÑ?полÑ?зоваÑ?Ñ?
+    Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? аваÑ?ийной оÑ?Ñ?ановки гоÑ?Ñ?евой Ñ?иÑ?Ñ?емÑ? или повÑ?Ñ?ениÑ? пÑ?ивилегий
+    до Ñ?Ñ?овнÑ? опеÑ?аÑ?ионной Ñ?иÑ?Ñ?емÑ? на гоÑ?Ñ?евой маÑ?ине.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-9383";>CVE-2016-9383</a>
     (XSA-195)
 
- -    <p>George Dunlap of Citrix discovered that the Xen x86 64-bit bit test
- -    instruction emulation is broken. A malicious guest can take
- -    advantage of this flaw to modify arbitrary memory, allowing for
- -    arbitrary code execution, denial of service (host crash), or
- -    information leaks.</p></li>
+    <p>Ð?жоÑ?дж Ð?анлÑ?п из Citrix обнаÑ?Ñ?жил, Ñ?Ñ?о Ñ?мÑ?лÑ?Ñ?иÑ? 64-биÑ?нÑ?Ñ? x86 инÑ?Ñ?Ñ?Ñ?кÑ?ий конÑ?Ñ?олÑ?
+    биÑ?ов Ñ?ломана. Ð?лоÑ?мÑ?Ñ?ленник из гоÑ?Ñ?евой Ñ?иÑ?Ñ?емÑ? можеÑ? иÑ?полÑ?зоваÑ?Ñ?
+    Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? изменениÑ? пÑ?оизволÑ?ной облаÑ?Ñ?и памÑ?Ñ?и, Ñ?Ñ?о позволÑ?еÑ? вÑ?зваÑ?Ñ?
+    вÑ?полнение пÑ?оизволÑ?ного кода, оÑ?каз в обÑ?лÑ?живании (аваÑ?ийнаÑ? оÑ?Ñ?ановка главной Ñ?иÑ?Ñ?емÑ?)
+    или Ñ?Ñ?еÑ?кÑ? инÑ?оÑ?маÑ?ии.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-9385";>CVE-2016-9385</a>
     (XSA-193)
 
- -    <p>Andrew Cooper of Citrix discovered that Xen's x86 segment base write
- -    emulation lacks canonical address checks. A malicious guest
- -    administrator can take advantage of this flaw to crash the host,
- -    leading to a denial of service.</p></li>
+    <p>ЭндÑ?Ñ? Ð?Ñ?пеÑ? из Citrix обнаÑ?Ñ?жил, Ñ?Ñ?о в Ñ?мÑ?лÑ?Ñ?ии запиÑ?Ñ? наÑ?ала Ñ?егменÑ?а
+    оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вÑ?Ñ?Ñ? пÑ?овеÑ?ки канониÑ?еÑ?кого адÑ?еÑ?а. Ð?дминиÑ?Ñ?Ñ?аÑ?оÑ? гоÑ?Ñ?евой Ñ?иÑ?Ñ?емÑ?
+    можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? аваÑ?ийной оÑ?Ñ?ановки оÑ?новной Ñ?иÑ?Ñ?емÑ?,
+    Ñ?Ñ?о пÑ?иводиÑ? к оÑ?казÑ? в обÑ?лÑ?живании.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-9386";>CVE-2016-9386</a>
     (XSA-191)
 
- -    <p>Andrew Cooper of Citrix discovered that x86 null segments are not
- -    always treated as unusable. An unprivileged guest user program
- -    may be able to elevate its privilege to that of the guest
- -    operating system.</p></li>
+    <p>ЭндÑ?Ñ? Ð?Ñ?пеÑ? из Citrix обнаÑ?Ñ?жил, Ñ?Ñ?о null-Ñ?егменÑ?Ñ? на аÑ?Ñ?иÑ?екÑ?Ñ?Ñ?е x86 не
+    вÑ?егда Ñ?Ñ?иÑ?аÑ?Ñ?Ñ?Ñ? неиÑ?полÑ?зÑ?емÑ?ми. Ð?епÑ?ивилегиÑ?ованнаÑ? полÑ?зоваÑ?елÑ?Ñ?каÑ? пÑ?огÑ?амма в
+    гоÑ?Ñ?евой Ñ?иÑ?Ñ?еме можеÑ? поднÑ?Ñ?Ñ? Ñ?вои пÑ?ивилегии до Ñ?Ñ?овнÑ? опеÑ?аÑ?ионной Ñ?иÑ?Ñ?емÑ?
+    гоÑ?Ñ?евой маÑ?инÑ?.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (jessie), these problems have been fixed in
- -version 4.4.1-9+deb8u8.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 4.4.1-9+deb8u8.</p>
 
- -<p>We recommend that you upgrade your xen packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? xen.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlhJEnMACgkQXudu4gIW
0qWRORAAmOFiDt1SCTOa5dBU2lIiDRtCe048k1qsqmPdR0IMHE74BCqId8xF2QxA
ZLuIy17qg9WDf1SV8I6kBndAEmt/Ce8ZNxfWmlHlsU3GoGF7lBe5H+JTWHA7wGVh
K4V9Dth7KvKoLE5PycmYX96BcJO9zXzKtqAvPOSzKOM1XsRKaJ5/EBAYZX6HHIhz
oG8x7HitCeFQQAjXdKK4Xm8etUPI4WByTQEnIiSPrtL2p88XTte9ay+Cr7a6pZu2
QIY0nv9/JBCg5F+PJdDqhoeI9LbjGKdvb509fTR0Z6dkRLkWNdjJ+jbbuKJs9hYM
x86Fc+UTZjGikZwLEaws4P9pqU68ZRLLCUkHhtGuY7nOlKcUmc1EpPC56+ZVHLVK
OwVz2aAcb8AEsgXYyMKauQ1fS1HqvY1PArLKk64QoJ1xiyDLihpqNPgmy8aa/TkU
7aFMTz0nlULjAj85+nrqD4VgD+FQj7NodM1zxo4lvaQYA2FGtDL4xfrnRWu2uPtI
E7HddXRorFlvhHW9tOvsTuHdUH3Hgeo0LZF1gCXE/M7WXwymnCSCBqMet5m9sxbZ
4ToxHV9ytNcSqSEtz/+s1kmWBgdKW2pK8SM+OEdeLECkTcY5eh2cHIcz2u5GJvIY
EJV8/X8MUoKzWkCQkLHCUhqKeOz7xiK4VlORRB5lcF5tvrQKrVc=
=Zi3i
-----END PGP SIGNATURE-----
Reply to: