[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2016/{index,dsa-3433}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2016/dsa-3433.wml	2016-01-02 14:42:46.000000000 +0500
+++ russian/security/2016/dsa-3433.wml	2016-01-03 00:03:02.409153543 +0500
@@ -1,77 +1,77 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,
- -print, and login server for Unix. The Common Vulnerabilities and
- -Exposures project identifies the following issues:</p>
+<p>Ð? Samba, SMB/CIFS Ñ?айловом Ñ?еÑ?веÑ?е, Ñ?еÑ?веÑ?е пеÑ?аÑ?и и Ñ?еÑ?веÑ?е аÑ?Ñ?енÑ?иÑ?икаÑ?ии
+длÑ? Unix, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей. Ð?Ñ?оекÑ? Common Vulnerabilities and
+Exposures опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-3223";>CVE-2015-3223</a>
 
- -    <p>Thilo Uttendorfer of Linux Information Systems AG discovered that a
- -    malicious request can cause the Samba LDAP server to hang, spinning
- -    using CPU. A remote attacker can take advantage of this flaw to
- -    mount a denial of service.</p></li>
+    <p>Тила УÑ?Ñ?ендоÑ?Ñ?еÑ? из Linux Information Systems AG обнаÑ?Ñ?жил, Ñ?Ñ?о
+    некоÑ?Ñ?екÑ?нÑ?й запÑ?оÑ? можеÑ? вÑ?зваÑ?Ñ? завиÑ?ание LDAP-Ñ?еÑ?веÑ?а Samba из-за Ñ?Ñ?езмеÑ?ного
+    иÑ?полÑ?зованиÑ? Ñ?еÑ?Ñ?Ñ?Ñ?ов ЦÐ?. УдалÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ?
+    длÑ? вÑ?зова оÑ?каза в обÑ?лÑ?живании.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-5252";>CVE-2015-5252</a>
 
- -    <p>Jan <q>Yenya</q> Kasprzak and the Computer Systems Unit team at Faculty
- -    of Informatics, Masaryk University discovered that insufficient
- -    symlink verification could allow data access outside an exported
- -    share path.</p></li>
+    <p>Ян <q>Yenya</q> Ð?аÑ?пÑ?зак и команда Computer Systems Unit Ñ?акÑ?лÑ?Ñ?еÑ?а
+    инÑ?оÑ?маÑ?ики Ð?аÑ?аÑ?икова Ñ?нивеÑ?Ñ?иÑ?еÑ?е обнаÑ?Ñ?жили, Ñ?Ñ?о недоÑ?Ñ?аÑ?оÑ?наÑ? пÑ?овеÑ?ка
+    Ñ?имволÑ?нÑ?Ñ? Ñ?Ñ?Ñ?лок можеÑ? пÑ?ивеÑ?Ñ?и к полÑ?Ñ?ениÑ? доÑ?Ñ?Ñ?па к даннÑ?м за пÑ?еделами
+    Ñ?казанного пÑ?Ñ?и.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-5296";>CVE-2015-5296</a>
 
- -    <p>Stefan Metzmacher of SerNet discovered that Samba does not ensure
- -    that signing is negotiated when creating an encrypted client
- -    connection to a server. This allows a man-in-the-middle attacker to
- -    downgrade the connection and connect using the supplied credentials
- -    as an unsigned, unencrypted connection.</p></li>
+    <p>ШÑ?еÑ?ан Ð?еÑ?маÑ?еÑ? из SerNet обнаÑ?Ñ?жил, Ñ?Ñ?о Samba не гаÑ?анÑ?иÑ?Ñ?еÑ? Ñ?оглаÑ?ование
+    подпиÑ?и пÑ?и Ñ?оздании заÑ?иÑ?Ñ?ованного подклÑ?Ñ?ениÑ? клиенÑ?а к
+    Ñ?еÑ?веÑ?Ñ?. ЭÑ?о позволÑ?еÑ? вÑ?полнÑ?Ñ?Ñ? аÑ?аки по пÑ?инÑ?ипÑ? Ñ?еловек-в-Ñ?еÑ?едине Ñ? Ñ?елÑ?Ñ?
+    понижениÑ? Ñ?Ñ?овнÑ? Ñ?оединениÑ? и Ñ?оединениÑ? Ñ? иÑ?полÑ?зованием пеÑ?еданнÑ?Ñ? даннÑ?Ñ? Ñ?Ñ?Ñ?Ñ?ной
+    запиÑ?и как неподпиÑ?анного незаÑ?иÑ?Ñ?ованного Ñ?оединениÑ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-5299";>CVE-2015-5299</a>
 
- -    <p>It was discovered that a missing access control check in the VFS
- -    shadow_copy2 module could allow unauthorized users to access
- -    snapshots.</p></li>
+    <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вие пÑ?овеÑ?ки Ñ?пÑ?авлениÑ? доÑ?Ñ?Ñ?пом в модÑ?ле shadow_copy2
+    длÑ? VFS можеÑ? позволиÑ?Ñ? неавÑ?оÑ?изованнÑ?м полÑ?зоваÑ?елÑ?м полÑ?Ñ?иÑ?Ñ? доÑ?Ñ?Ñ?п
+    к Ñ?Ñ?езам.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-5330";>CVE-2015-5330</a>
 
- -    <p>Douglas Bagnall of Catalyst discovered that the Samba LDAP server
- -    is vulnerable to a remote memory read attack. A remote attacker can
- -    obtain sensitive information from daemon heap memory by sending
- -    crafted packets and then either read an error message, or a
- -    database value.</p></li>
+    <p>Ð?аглаÑ? Ð?егнал из Catalyst обнаÑ?Ñ?жил, Ñ?Ñ?о LDAP-Ñ?еÑ?веÑ? Samba
+    подвеÑ?жен Ñ?далÑ?нной аÑ?аке Ñ? Ñ?елÑ? Ñ?Ñ?ениÑ? Ñ?одеÑ?жимого памÑ?Ñ?и. УдалÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ?
+    полÑ?Ñ?иÑ?Ñ? Ñ?Ñ?вÑ?Ñ?виÑ?елÑ?нÑ?Ñ? инÑ?оÑ?маÑ?иÑ? из динамиÑ?еÑ?кой памÑ?Ñ?и Ñ?лÑ?жбÑ? пÑ?Ñ?Ñ?м оÑ?пÑ?авки
+    Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?Ñ? пакеÑ?ов, Ñ?Ñ?о пÑ?иводиÑ? к Ñ?Ñ?иÑ?Ñ?ваниÑ? либо Ñ?ообÑ?ениÑ? об оÑ?ибке, либо
+    знаÑ?ениÑ? базÑ? даннÑ?Ñ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7540";>CVE-2015-7540</a>
 
- -    <p>It was discovered that a malicious client can send packets that
- -    cause the LDAP server provided by the AD DC in the samba daemon
- -    process to consume unlimited memory and be terminated.</p></li>
+    <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о злоÑ?мÑ?Ñ?ленник можеÑ? оÑ?пÑ?авлÑ?Ñ?Ñ? пакеÑ?Ñ?, коÑ?оÑ?Ñ?е
+    пÑ?иводÑ?Ñ? к Ñ?омÑ?, Ñ?Ñ?о LDAP-Ñ?еÑ?веÑ?, пÑ?едоÑ?Ñ?авлÑ?емÑ?й AD DC пÑ?оÑ?еÑ?Ñ?ом Ñ?лÑ?жбÑ? samba,
+    наÑ?инаеÑ? поÑ?Ñ?еблÑ?Ñ?Ñ? неогÑ?аниÑ?енное колиÑ?еÑ?Ñ?во памÑ?Ñ?и и некоÑ?Ñ?екÑ?но завеÑ?Ñ?аеÑ? Ñ?воÑ? Ñ?абоÑ?Ñ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8467";>CVE-2015-8467</a>
 
- -    <p>Andrew Bartlett of the Samba Team and Catalyst discovered that a
- -    Samba server deployed as an AD DC can expose Windows DCs in the same
- -    domain to a denial of service via the creation of multiple machine
- -    accounts. This issue is related to the MS15-096 / <a href="https://security-tracker.debian.org/tracker/CVE-2015-2535";>CVE-2015-2535</a>
- -    security issue in Windows.</p></li>
+    <p>ЭндÑ?Ñ? Ð?аÑ?Ñ?леÑ? из Samba Team и Catalyst обнаÑ?Ñ?жил, Ñ?Ñ?о
+    Ñ?еÑ?веÑ? Samba, Ñ?азвÑ?Ñ?нÑ?Ñ?Ñ?й как AD DC, можеÑ? воздейÑ?Ñ?воваÑ?Ñ? на Windows DC в Ñ?ом
+    же домене, вÑ?зÑ?ваÑ? Ñ? ниÑ? оÑ?каз в обÑ?лÑ?живании пÑ?и помоÑ?и Ñ?озданиÑ? неÑ?колÑ?киÑ? маÑ?иннÑ?Ñ?
+    Ñ?Ñ?Ñ?Ñ?нÑ?Ñ? даннÑ?Ñ?. ЭÑ?а пÑ?облема Ñ?вÑ?зана Ñ? пÑ?облемой безопаÑ?ноÑ?Ñ?и в Windows: MS15-096 / <a href="https://security-tracker.debian.org/tracker/CVE-2015-2535";>CVE-2015-2535</a>.</p></li>
 
 </ul>
 
- -<p>For the oldstable distribution (wheezy), these problems have been fixed
- -in version 2:3.6.6-6+deb7u6. The oldstable distribution (wheezy) is only
- -affected by <a href="https://security-tracker.debian.org/tracker/CVE-2015-5252";>CVE-2015-5252</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2015-5296";>CVE-2015-5296</a> and <a href="https://security-tracker.debian.org/tracker/CVE-2015-5299";>CVE-2015-5299</a>.</p>
- -
- -<p>For the stable distribution (jessie), these problems have been fixed in
- -version 2:4.1.17+dfsg-2+deb8u1. The fixes for <a href="https://security-tracker.debian.org/tracker/CVE-2015-3223";>CVE-2015-3223</a> and
- -<a href="https://security-tracker.debian.org/tracker/CVE-2015-5330";>CVE-2015-5330</a> required an update to ldb 2:1.1.17-2+deb8u1 to correct the
- -defects.</p>
- -
- -<p>For the unstable distribution (sid), these problems have been fixed in
- -version 2:4.1.22+dfsg-1. The fixes for <a href="https://security-tracker.debian.org/tracker/CVE-2015-3223";>CVE-2015-3223</a> and <a href="https://security-tracker.debian.org/tracker/CVE-2015-5330";>CVE-2015-5330</a>
- -required an update to ldb 2:1.1.24-1 to correct the defects.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 2:3.6.6-6+deb7u6. Ð?Ñ?едÑ?дÑ?Ñ?ий Ñ?Ñ?абилÑ?нÑ?й вÑ?пÑ?Ñ?к (wheezy) подвеÑ?жен
+Ñ?олÑ?ко <a href="https://security-tracker.debian.org/tracker/CVE-2015-5252";>CVE-2015-5252</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2015-5296";>CVE-2015-5296</a> и <a href="https://security-tracker.debian.org/tracker/CVE-2015-5299";>CVE-2015-5299</a>.</p>
+
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2:4.1.17+dfsg-2+deb8u1. Ð?Ñ?пÑ?авлениÑ? длÑ? <a href="https://security-tracker.debian.org/tracker/CVE-2015-3223";>CVE-2015-3223</a> и
+<a href="https://security-tracker.debian.org/tracker/CVE-2015-5330";>CVE-2015-5330</a> Ñ?Ñ?ебÑ?Ñ?Ñ? обновлениÑ? до ldb 2:1.1.17-2+deb8u1 Ñ? Ñ?ем, Ñ?Ñ?обÑ? иÑ?пÑ?авиÑ?Ñ?
+Ñ?казаннÑ?е деÑ?екÑ?Ñ?.</p>
+
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2:4.1.22+dfsg-1. Ð?Ñ?пÑ?авлениÑ? длÑ? <a href="https://security-tracker.debian.org/tracker/CVE-2015-3223";>CVE-2015-3223</a> и <a href="https://security-tracker.debian.org/tracker/CVE-2015-5330";>CVE-2015-5330</a>
+Ñ?Ñ?ебÑ?Ñ?Ñ? обновлениÑ? до ldb 2:1.1.24-1 Ñ? Ñ?ем, Ñ?Ñ?обÑ? иÑ?пÑ?авиÑ?Ñ? Ñ?казаннÑ?е деÑ?екÑ?Ñ?.</p>
 
- -<p>We recommend that you upgrade your samba packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? samba.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2016/index.wml	2016-01-02 14:42:46.000000000 +0500
+++ russian/security/2016/index.wml	2016-01-02 23:35:40.457504231 +0500
@@ -1,11 +1,12 @@
- -<define-tag pagetitle>Security Advisories from 2016</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag pagetitle>РекомендаÑ?ии по безопаÑ?ноÑ?Ñ?и за 2016 год</define-tag>
 #use wml::debian::template title="<pagetitle>" GEN_TIME="yes"
 #use wml::debian::recent_list
 
 <:= get_recent_list ('.', '0', '$(ENGLISHDIR)/security/2016', '', 'dsa-\d+' ) :>
 
- -<p>You can get the latest Debian security advisories by subscribing to our
+<p>Ð?Ñ? можеÑ?е полÑ?Ñ?аÑ?Ñ? поÑ?ледние анонÑ?Ñ? о безопаÑ?ноÑ?Ñ?и Debian, подпиÑ?авÑ?иÑ?Ñ? на Ñ?пиÑ?ок Ñ?аÑ?Ñ?Ñ?лки
 <a href="https://lists.debian.org/debian-security-announce/";>\
- -<strong>debian-security-announce</strong></a> mailing list.
- -You can also <a href="https://lists.debian.org/debian-security-announce/debian-security-announce-2013/";>\
- -browse the archives</a> for the list.</p>
+<strong>debian-security-announce</strong></a>.
+Ð?Ñ?Ñ?ив Ñ?пиÑ?ка Ñ?аÑ?Ñ?Ñ?лки доÑ?Ñ?Ñ?пен <a href="https://lists.debian.org/debian-security-announce/debian-security-announce-2016/";>\
+здеÑ?Ñ?</a>.</p>
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJWiB9NAAoJEF7nbuICFtKlTX4P/ibq+8vNNcvnuk/QQAmL5m9s
4lq63mf+Izj0d+shyjUtRJfyafkVdueJ+0NvLqK8ejuRhcYvEeX+ZTI+YPPdpjNL
Ppro0XeGsTOIvjh50aSq3thq5TkmSYPQ6hRyLxmOQ6CbRXCoNJ5v1YAL39AJcMtI
yNehc/grtARh6zlTb0D6fswTNQZ71DjwGu/ee8qNxL+YJH961lFSNHGH9xIJASCU
JxGqgukX8lh3MK/3zMSzDKk/eI11xA7Et1F7AXnd8bsfIW51NxHd/D6dNGuHqzE5
TrAVD3Yei3vNC4Y2C/+L1gRVcVx0ey5Xyt3Cc5h59ZVmDmdfny8bdCoq+6LsYbd/
zMbjJoP0tBEsSnCmZeve3DQxRPnsiZtnyJUX+yfg0lBsGrFZMN79+1BUt+d75Cjt
fmOCSYCl6+Je21uF1OV+7KTVpIvGLsgxMyCECUfWPgI1eV7MpncmeymGpGrJ+djQ
pE7sTZ7LGGCWODL2wToMwmL4a1yv9zhz65SUveUDpju92PIe/kTJ+VpMkO/Ja/R6
c9WEokbxBs7MLpsCwe/HYyandIo4OLG8LpZ0PXFfmUOdaohKpXY2m/kf1R85xehM
2MKAHtomNoRZBNYvDVJ54DmVe0bMtZVL0vfvXesGvi9DbOKFjb16/TMk7oV9eanN
8x6PNjnqdxdYAkaLm1B2
=fomx
-----END PGP SIGNATURE-----
Reply to: