[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://{security/2015/dla-335.wml}

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2015/dla-335.wml	2016-04-08 01:24:54.000000000 +0500
+++ russian/security/2015/dla-335.wml	2016-06-08 23:22:32.308602334 +0500
@@ -1,148 +1,150 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Several security issues where found in ntp:</p>
+<p>Ð? ntp бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко пÑ?облем безопаÑ?ноÑ?Ñ?и:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-5146";>CVE-2015-5146</a>
 
- -   <p>A flaw was found in the way ntpd processed certain remote
- -   configuration packets. An attacker could use a specially crafted
- -   package to cause ntpd to crash if:</p>
+   <p>Ð?Ñ?ла обнаÑ?Ñ?жена Ñ?Ñ?звимоÑ?Ñ?Ñ? в Ñ?поÑ?обе, иÑ?полÑ?зÑ?емом ntpd длÑ? обÑ?абоÑ?ки опÑ?еделÑ?ннÑ?Ñ?
+   пакеÑ?ов Ñ?далÑ?нной наÑ?Ñ?Ñ?ойки. Ð?лоÑ?мÑ?Ñ?ленник можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?й
+   пакеÑ? длÑ? вÑ?зова аваÑ?ийной оÑ?Ñ?ановки ntpd в Ñ?лÑ?Ñ?ае, еÑ?ли вÑ?полненÑ? Ñ?ледÑ?Ñ?Ñ?ие Ñ?Ñ?ловиÑ?:</p>
    <ul>
- -   <li>ntpd enabled remote configuration</li>
- -   <li>The attacker had the knowledge of the configuration password</li>
- -   <li>The attacker had access to a computer entrusted to perform remote
- -     configuration</li>
+   <li>в ntpd вклÑ?Ñ?ена Ñ?далÑ?ннаÑ? наÑ?Ñ?Ñ?ойка,</li>
+   <li>злоÑ?мÑ?Ñ?ленник знаеÑ? паÑ?олÑ? длÑ? наÑ?Ñ?Ñ?ойки,</li>
+   <li>злоÑ?мÑ?Ñ?ленник имееÑ? доÑ?Ñ?Ñ?п к компÑ?Ñ?Ñ?еÑ?Ñ?, вÑ?одÑ?Ñ?емÑ? в Ñ?пиÑ?ок довеÑ?еннÑ?Ñ? компÑ?Ñ?Ñ?еÑ?ов, Ñ? коÑ?оÑ?Ñ?Ñ?
+     можно вÑ?полнÑ?Ñ?Ñ? Ñ?далÑ?ннÑ?Ñ? наÑ?Ñ?Ñ?ойкÑ?.</li>
    </ul>
 
- -   <p>Note that remote configuration is disabled by default in NTP.</p></li>
+   <p>Ð?амеÑ?Ñ?Ñ?е, Ñ?Ñ?о Ñ?далÑ?ннаÑ? наÑ?Ñ?Ñ?ойка по Ñ?молÑ?аниÑ? оÑ?клÑ?Ñ?ена в NTP.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-5194";>CVE-2015-5194</a>
 
- -    <p>It was found that ntpd could crash due to an uninitialized variable
- -    when processing malformed logconfig configuration commands.</p></li>
+    <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о ntpd аваÑ?ийно завеÑ?Ñ?аеÑ? Ñ?воÑ? Ñ?абоÑ?Ñ? из-за неиниÑ?иализиÑ?ованной пеÑ?еменной
+    пÑ?и обÑ?абоÑ?ке некоÑ?Ñ?екÑ?нÑ?Ñ? команд наÑ?Ñ?Ñ?ойки logconfig.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-5195";>CVE-2015-5195</a>
 
- -    <p>It was found that ntpd exits with a segmentation fault when a
- -    statistics type that was not enabled during compilation (e.g.
- -    timingstats) is referenced by the statistics or filegen
- -    configuration command</p></li>
+    <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о ntpd завеÑ?Ñ?аеÑ?Ñ?Ñ? Ñ? оÑ?ибкой Ñ?егменÑ?иÑ?ованиÑ? в Ñ?ом Ñ?лÑ?Ñ?ае,
+    еÑ?ли Ñ?ип Ñ?Ñ?аÑ?иÑ?Ñ?ики, коÑ?оÑ?Ñ?й не бÑ?л вклÑ?Ñ?ен в Ñ?оде компилÑ?Ñ?ии (напÑ?имеÑ?,
+    timingstats) Ñ?казÑ?ваеÑ?Ñ?Ñ? к команде наÑ?Ñ?Ñ?ойки statistics или
+    filegen</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-5219";>CVE-2015-5219</a>
 
- -    <p>It was discovered that sntp program would hang in an infinite loop when
- -    a crafted NTP packet was received, related to the conversion of the
- -    precision value in the packet to double.</p></li>
+    <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о пÑ?огÑ?амма sntp вÑ?одиÑ? в беÑ?конеÑ?нÑ?й Ñ?икл пÑ?и
+    полÑ?Ñ?ении Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного пакеÑ?а NTP. ЭÑ?а пÑ?облема Ñ?вÑ?зана Ñ? пÑ?еобÑ?азованием
+    Ñ?оÑ?ного знаÑ?ениÑ? в пакеÑ?е в веÑ?еÑ?Ñ?венное Ñ?иÑ?ло двойной Ñ?оÑ?ноÑ?Ñ?и.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-5300";>CVE-2015-5300</a>
 
- -    <p>It was found that ntpd did not correctly implement the -g option:</p>
+    <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о в ntpd непÑ?авилÑ?но Ñ?еализована опÑ?иÑ? -g:</p>
 
- -    <p>Normally, ntpd exits with a message to the system log if the offset
- -    exceeds the panic threshold, which is 1000 s by default. This
- -    option allows the time to be set to any value without restriction;
- -    however, this can happen only once. If the threshold is exceeded
- -    after that, ntpd will exit with a message to the system log. This
- -    option can be used with the -q and -x options.</p>
- -
- -    <p>ntpd could actually step the clock multiple times by more than the
- -    panic threshold if its clock discipline doesn't have enough time to
- -    reach the sync state and stay there for at least one update. If a
- -    man-in-the-middle attacker can control the NTP traffic since ntpd
- -    was started (or maybe up to 15-30 minutes after that), they can
- -    prevent the client from reaching the sync state and force it to step
- -    its clock by any amount any number of times, which can be used by
- -    attackers to expire certificates, etc.</p>
- -
- -    <p>This is contrary to what the documentation says. Normally, the
- -    assumption is that an MITM attacker can step the clock more than the
- -    panic threshold only once when ntpd starts and to make a larger
- -    adjustment the attacker has to divide it into multiple smaller
- -    steps, each taking 15 minutes, which is slow.</p></li>
+    <p>Ð?Ñ?и обÑ?Ñ?нÑ?Ñ? обÑ?Ñ?оÑ?Ñ?елÑ?Ñ?Ñ?ваÑ? ntpd завеÑ?Ñ?аеÑ?Ñ?Ñ? Ñ? Ñ?ообÑ?ением в Ñ?иÑ?Ñ?емнÑ?й жÑ?Ñ?нал в Ñ?ом Ñ?лÑ?Ñ?ае, еÑ?ли
+    оÑ?Ñ?Ñ?Ñ?п пÑ?евÑ?Ñ?аеÑ? пÑ?еделÑ?нÑ?Ñ? длÑ? паники велиÑ?инÑ?, коÑ?оÑ?аÑ? по Ñ?молÑ?аниÑ? Ñ?авна 1000 Ñ?екÑ?нд. ЭÑ?а
+    опÑ?иÑ? позволÑ?еÑ? Ñ?Ñ?Ñ?анавливаÑ?Ñ? вÑ?емÑ? в лÑ?бое знаÑ?ение без огÑ?аниÑ?ений.
+    Тем не менее, Ñ?Ñ?о пÑ?оиÑ?Ñ?одиÑ? Ñ?олÑ?ко один Ñ?аз. Ð?Ñ?ли поÑ?ле Ñ?Ñ?ого пÑ?евÑ?Ñ?аеÑ?Ñ?Ñ?
+    пÑ?еделÑ?наÑ? велиÑ?ина, Ñ?о ntpd завеÑ?Ñ?аеÑ?Ñ?Ñ? Ñ? Ñ?ообÑ?ением в Ñ?иÑ?Ñ?емнÑ?й жÑ?Ñ?нал. ЭÑ?а
+    опÑ?иÑ? можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? Ñ? опÑ?иÑ?ми -q и -x.</p>
+
+    <p>ФакÑ?иÑ?еÑ?ки, ntpd должен изменÑ?Ñ?Ñ? вÑ?емÑ? неÑ?колÑ?ко Ñ?аз на более, Ñ?ем
+    пÑ?еделÑ?нÑ?Ñ? длÑ? паники велиÑ?инÑ? в Ñ?ом Ñ?лÑ?Ñ?ае, еÑ?ли поÑ?Ñ?док обÑ?лÑ?живаниÑ? Ñ?аÑ?ов не имееÑ? доÑ?Ñ?аÑ?оÑ?ного
+    колиÑ?еÑ?Ñ?ва вÑ?емени длÑ? доÑ?Ñ?ижениÑ? Ñ?оÑ?Ñ?оÑ?ниÑ? Ñ?инÑ?Ñ?онизаÑ?ии и оÑ?Ñ?аÑ?Ñ?Ñ?Ñ?
+    в Ñ?аком Ñ?оÑ?Ñ?оÑ?нии по менÑ?Ñ?ей меÑ?е одно обновление. Ð?Ñ?ли
+    злоÑ?мÑ?Ñ?ленник можеÑ? Ñ?пÑ?авлÑ?Ñ?Ñ? Ñ?Ñ?аÑ?иком NTP Ñ? моменÑ?а запÑ?Ñ?ка ntpd
+    (или вплоÑ?Ñ? до 15-30 минÑ?Ñ? поÑ?ле), Ñ?о он можеÑ?
+    не даÑ?Ñ? клиенÑ?Ñ? доÑ?Ñ?иÑ?Ñ? Ñ?оÑ?Ñ?оÑ?ниÑ? Ñ?инÑ?Ñ?онизаÑ?ии и заÑ?Ñ?авиÑ?Ñ? его пеÑ?евеÑ?Ñ?и
+    Ñ?аÑ?Ñ? на лÑ?бое колиÑ?еÑ?Ñ?во вÑ?емени лÑ?бое колиÑ?еÑ?Ñ?во Ñ?аз, Ñ?Ñ?о можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ?
+    злоÑ?мÑ?Ñ?ленниками длÑ? иÑ?кÑ?Ñ?Ñ?Ñ?венного оконÑ?аниÑ? дейÑ?Ñ?виÑ? Ñ?еÑ?Ñ?иÑ?икаÑ?ов и Ñ?. д.</p>
+
+    <p>ЭÑ?о поведение не Ñ?ооÑ?веÑ?Ñ?Ñ?вÑ?еÑ? Ñ?омÑ?, Ñ?Ñ?о напиÑ?ано в докÑ?менÑ?аÑ?ии. Ð?бÑ?Ñ?но
+    допÑ?Ñ?ение заклÑ?Ñ?аеÑ?Ñ?Ñ? в Ñ?ом, Ñ?Ñ?о MITM-злоÑ?мÑ?Ñ?ленник можеÑ? пеÑ?евеÑ?Ñ?и Ñ?аÑ?Ñ? на болÑ?Ñ?ее колиÑ?еÑ?Ñ?во
+    вÑ?емени за пÑ?еделÑ?нÑ?Ñ? длÑ? паники велиÑ?инÑ? Ñ?олÑ?ко один Ñ?аз в моменÑ? запÑ?Ñ?ка ntpd, и длÑ? Ñ?ого, Ñ?Ñ?обÑ? измениÑ?Ñ?
+    вÑ?емÑ? на какое-либо болÑ?Ñ?ое знаÑ?ение, злоÑ?мÑ?Ñ?ленникÑ? Ñ?ледÑ?еÑ? Ñ?азделиÑ?Ñ? Ñ?Ñ?о дейÑ?Ñ?вие на неÑ?колÑ?ко неболÑ?Ñ?иÑ?
+    Ñ?агов, каждÑ?й из коÑ?оÑ?Ñ?Ñ? занимаеÑ? 15 минÑ?Ñ?, Ñ?Ñ?о доволÑ?но медленно.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7691";>CVE-2015-7691</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2015-7692";>CVE-2015-7692</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2015-7702";>CVE-2015-7702</a>
 
- -    <p>It was found that the fix for <a href="https://security-tracker.debian.org/tracker/CVE-2014-9750";>CVE-2014-9750</a> was incomplete: three
- -    issues were found in the value length checks in ntp_crypto.c, where
- -    a packet with particular autokey operations that contained malicious
- -    data was not always being completely validated. Receipt of these
- -    packets can cause ntpd to crash.</p></li>
+    <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о иÑ?пÑ?авление длÑ? <a href="https://security-tracker.debian.org/tracker/CVE-2014-9750";>CVE-2014-9750</a> неполно: бÑ?ли
+    обнаÑ?Ñ?женÑ? пÑ?облемÑ? в пÑ?овеÑ?ке длинÑ? знаÑ?ениÑ? в ntp_crypto.c, где
+    пакеÑ? Ñ? опÑ?еделÑ?ннÑ?ми авÑ?оклÑ?Ñ?евÑ?ми опеÑ?аÑ?иÑ?ми, Ñ?одеÑ?жаÑ?ими некоÑ?Ñ?екÑ?нÑ?е
+    даннÑ?е, не вÑ?егда пÑ?овеÑ?Ñ?лÑ?Ñ? полноÑ?Ñ?Ñ?Ñ?. Ð?олÑ?Ñ?ение Ñ?Ñ?иÑ?
+    пакеÑ?ов пÑ?иводиÑ? к аваÑ?ийной оÑ?Ñ?ановке ntpd.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7701";>CVE-2015-7701</a>
 
- -    <p>A memory leak flaw was found in ntpd's CRYPTO_ASSOC. If ntpd is
- -    configured to use autokey authentication, an attacker could send
- -    packets to ntpd that would, after several days of ongoing attack,
- -    cause it to run out of memory.</p></li>
+    <p>Ð? CRYPTO_ASSOC в ntpd бÑ?ла обнаÑ?Ñ?жена Ñ?Ñ?еÑ?ка памÑ?Ñ?и. Ð?Ñ?ли ntpd
+    наÑ?Ñ?Ñ?оен на иÑ?полÑ?зование авÑ?оклÑ?Ñ?евой аÑ?Ñ?енÑ?иÑ?икаÑ?ии, Ñ?о злоÑ?мÑ?Ñ?ленник можеÑ? оÑ?пÑ?авлÑ?Ñ?Ñ?
+    пакеÑ?Ñ? ntpd, коÑ?оÑ?Ñ?е по иÑ?Ñ?еÑ?ениÑ? неÑ?колÑ?киÑ? дней пÑ?одолжаÑ?Ñ?ей аÑ?аки
+    пÑ?иведÑ?Ñ? к иÑ?Ñ?оÑ?ениÑ? памÑ?Ñ?и.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7703";>CVE-2015-7703</a>
 
- -    <p>Miroslav Lichvár of Red Hat found that the :config command can be
- -    used to set the pidfile and driftfile paths without any
- -    restrictions. A remote attacker could use this flaw to overwrite a
- -    file on the file system with a file containing the pid of the ntpd
- -    process (immediately) or the current estimated drift of the system
- -    clock (in hourly intervals). For example:</p>
+    <p>Ð?иÑ?оÑ?лав Ð?иÑ?ваÑ? из Red Hat обнаÑ?Ñ?жил, Ñ?Ñ?о команда :config можеÑ?
+    иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? длÑ? Ñ?Ñ?Ñ?ановки пÑ?Ñ?ей к pid-Ñ?айлÑ? и drift-Ñ?айлÑ? без
+    какиÑ?-либо огÑ?аниÑ?ений. УдалÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? пеÑ?езапиÑ?и
+    Ñ?айла в Ñ?айловой Ñ?иÑ?Ñ?еме Ñ?айлом, Ñ?одеÑ?жаÑ?им pid пÑ?оÑ?еÑ?Ñ?а ntpd
+    или Ñ?екÑ?Ñ?ее оÑ?ениваемое Ñ?меÑ?ение Ñ?иÑ?Ñ?емнÑ?Ñ?
+    Ñ?аÑ?ов (в Ñ?аÑ?овÑ?Ñ? инÑ?еÑ?валаÑ?). Ð?апÑ?имеÑ?:</p>
 <pre>
     ntpq -c ':config pidfile /tmp/ntp.pid'
     ntpq -c ':config driftfile /tmp/ntp.drift'
 </pre>
- -    <p>In Debian ntpd is configured to drop root privileges, which limits
- -    the impact of this issue.</p></li>
+    <p>Ð? Debian ntpd наÑ?Ñ?Ñ?оен Ñ?ак, Ñ?Ñ?обÑ? Ñ?бÑ?аÑ?Ñ?ваÑ?Ñ? пÑ?ивилегии Ñ?Ñ?пеÑ?полÑ?зоваÑ?елÑ?, Ñ?Ñ?о огÑ?аниÑ?иваеÑ?
+    влиÑ?ние Ñ?Ñ?ой пÑ?облемÑ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7704";>CVE-2015-7704</a>
 
- -    <p>When ntpd as an NTP client receives a Kiss-of-Death (KoD) packet
- -    from the server to reduce its polling rate, it doesn't check if the
- -    originate timestamp in the reply matches the transmit timestamp from
- -    its request. An off-path attacker can send a crafted KoD packet to
- -    the client, which will increase the client's polling interval to a
- -    large value and effectively disable synchronization with the server.</p></li>
+    <p>Ð?огда ntpd в каÑ?еÑ?Ñ?ве NTP-клиенÑ?а полÑ?Ñ?аеÑ? KoD-пакеÑ? (поÑ?елÑ?й Ñ?меÑ?Ñ?и)
+    оÑ? Ñ?еÑ?веÑ?а длÑ? Ñ?нижениÑ? Ñ?аÑ?Ñ?оÑ?Ñ? опÑ?оÑ?а, он не вÑ?полнÑ?еÑ? пÑ?овеÑ?кÑ? Ñ?ого, Ñ?овпадаеÑ?
+    иниÑ?ииÑ?ованнаÑ? вÑ?еменнаÑ? оÑ?меÑ?ка в оÑ?веÑ?е Ñ? вÑ?еменной оÑ?меÑ?кой пеÑ?едаÑ?и из
+    запÑ?оÑ?а. Ð?лоÑ?мÑ?Ñ?ленник можеÑ? оÑ?пÑ?авиÑ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?й KoD-пакеÑ?
+    клиенÑ?Ñ?, коÑ?оÑ?Ñ?й Ñ?велиÑ?иÑ? инÑ?еÑ?вал опÑ?оÑ?а клиенÑ?а
+    до болÑ?Ñ?ого знаÑ?ениÑ? и пÑ?иведÑ?Ñ? к оÑ?клÑ?Ñ?ениÑ? Ñ?инÑ?Ñ?онизаÑ?ии Ñ? Ñ?еÑ?веÑ?ом.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7850";>CVE-2015-7850</a>
 
- -    <p>An exploitable denial of service vulnerability exists in the remote
- -    configuration functionality of the Network Time Protocol. A
- -    specially crafted configuration file could cause an endless loop
- -    resulting in a denial of service.  An attacker could provide a the
- -    malicious configuration file to trigger this vulnerability.</p></li>
+    <p>Ð? Ñ?далÑ?нной наÑ?Ñ?Ñ?ойке NTP имееÑ?Ñ?Ñ? оÑ?каз в обÑ?лÑ?живании, коÑ?оÑ?Ñ?й
+    можеÑ? иÑ?полÑ?зоваÑ?Ñ? злоÑ?мÑ?Ñ?ленниками. СпеÑ?иалÑ?но
+    Ñ?Ñ?оÑ?миÑ?ованнÑ?й Ñ?айл наÑ?Ñ?Ñ?ойки можеÑ? вÑ?зваÑ?Ñ? беÑ?конеÑ?нÑ?й Ñ?икл,
+    пÑ?иводÑ?Ñ?ий к оÑ?казÑ? в обÑ?лÑ?живании.  Ð?лоÑ?мÑ?Ñ?ленник можеÑ? пеÑ?едаÑ?Ñ?
+    некоÑ?Ñ?екÑ?нÑ?й Ñ?айл наÑ?Ñ?Ñ?ойки Ñ? Ñ?елÑ?Ñ? вÑ?зова Ñ?казанной Ñ?Ñ?звимоÑ?Ñ?и.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7851";>CVE-2015-7851</a>
 
- -    <p>A potential path traversal vulnerability exists in the config file
- -    saving of ntpd on VMS. A specially crafted path could cause a path
- -    traversal potentially resulting in files being overwritten. An
- -    attacker could provide a malicious path to trigger this
- -    vulnerability.</p>
+    <p>Ð? коде Ñ?оÑ?Ñ?анениÑ? Ñ?айла наÑ?Ñ?Ñ?ойки ntpd на VMS имееÑ?Ñ?Ñ? поÑ?енÑ?иалÑ?наÑ?
+    возможноÑ?Ñ?Ñ? обойÑ?и пÑ?Ñ?Ñ?. СпеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?й пÑ?Ñ?Ñ? можеÑ? пÑ?иводиÑ?Ñ? к обÑ?одÑ?
+    пÑ?Ñ?и, Ñ?Ñ?о поÑ?енÑ?иалÑ?но пÑ?иводиÑ? к пеÑ?езапиÑ?и Ñ?айлов. Ð?лоÑ?мÑ?Ñ?ленник
+    можеÑ? пеÑ?едаÑ?Ñ? некоÑ?Ñ?екÑ?нÑ?й пÑ?Ñ?Ñ? Ñ? Ñ?елÑ?Ñ? вÑ?зова Ñ?казанной
+    Ñ?Ñ?звимоÑ?Ñ?и.</p>
 
- -    <p>This issue does not affect Debian.</p></li>
+    <p>Ð?аннаÑ? Ñ?Ñ?звимоÑ?Ñ?Ñ? не каÑ?аеÑ?Ñ?Ñ? Debian.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7852";>CVE-2015-7852</a>
 
- -    <p>A potential off by one vulnerability exists in the cookedprint
- -    functionality of ntpq. A specially crafted buffer could cause a
- -    buffer overflow potentially resulting in null byte being written out
- -    of bounds.</p></li>
+    <p>Ð? cookedprint в ntpq имееÑ?Ñ?Ñ? поÑ?енÑ?иалÑ?наÑ? оÑ?ибка на
+    единиÑ?Ñ?. СпеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?й бÑ?Ñ?еÑ? можеÑ? вÑ?зваÑ?Ñ?
+    пеÑ?еполнение бÑ?Ñ?еÑ?а, поÑ?енÑ?иалÑ?но пÑ?иводÑ?Ñ?ее к запиÑ?и null-байÑ?а за
+    пÑ?еделами вÑ?деленного бÑ?Ñ?еÑ?а памÑ?Ñ?и.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7855";>CVE-2015-7855</a>
 
- -    <p>It was found that NTP's decodenetnum() would abort with an assertion
- -    failure when processing a mode 6 or mode 7 packet containing an
- -    unusually long data value where a network address was expected. This
- -    could allow an authenticated attacker to crash ntpd.</p></li>
+    <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о Ñ?Ñ?нкÑ?иÑ? decodenetnum() в NTP пÑ?еÑ?Ñ?ваеÑ? Ñ?абоÑ?Ñ? Ñ?
+    оÑ?ибкой Ñ?Ñ?веÑ?ждениÑ? в Ñ?оде обÑ?абоÑ?ки пакеÑ?а Ñ?ежима 6 или Ñ?ежима 7, Ñ?одеÑ?жаÑ?его
+    необÑ?Ñ?но длинное знаÑ?ение даннÑ?Ñ? в меÑ?Ñ?е, где ожидаеÑ?Ñ?Ñ? Ñ?еÑ?евой адÑ?еÑ?. ЭÑ?о
+    можеÑ? позволиÑ?Ñ? аÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованномÑ? злоÑ?мÑ?Ñ?ленникÑ? аваÑ?ийно завеÑ?Ñ?иÑ?Ñ? ntpd.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7871";>CVE-2015-7871</a>
 
- -    <p>An error handling logic error exists within ntpd that manifests due
- -    to improper error condition handling associated with certain
- -    crypto-NAK packets. An unauthenticated, off-path attacker can force
- -    ntpd processes on targeted servers to peer with time sources of the
- -    attacker's choosing by transmitting symmetric active crypto-NAK
- -    packets to ntpd. This attack bypasses the authentication typically
- -    required to establish a peer association and allows an attacker to
- -    make arbitrary changes to system time.</p></li>
+    <p>Ð? ntpd имееÑ?Ñ?Ñ? оÑ?ибка в логике обÑ?абоÑ?ки оÑ?ибок, коÑ?оÑ?аÑ? пÑ?оÑ?влÑ?еÑ?Ñ?Ñ? из-за
+    некоÑ?Ñ?екÑ?ной обÑ?абоÑ?ки Ñ?оÑ?Ñ?оÑ?ниÑ? оÑ?ибки, Ñ?вÑ?занного Ñ? опÑ?еделÑ?ннÑ?ми
+    crypto-NAK пакеÑ?ов. Ð?еаÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованнÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? заÑ?Ñ?авиÑ?Ñ?
+    пÑ?оÑ?еÑ?Ñ? ntpd на Ñ?елевÑ?Ñ? Ñ?еÑ?веÑ?аÑ? обÑ?аÑ?иÑ?Ñ?Ñ?Ñ? к иÑ?Ñ?оÑ?никам вÑ?емени,
+    вÑ?бÑ?аннÑ?м злоÑ?мÑ?Ñ?ленникам, пÑ?Ñ?Ñ?м пеÑ?едаÑ?и ntpd Ñ?иммеÑ?Ñ?иÑ?нÑ?Ñ? акÑ?ивнÑ?Ñ? crypto-NAK
+    пакеÑ?ов. Ð?аннаÑ? аÑ?ака позволÑ?еÑ? обойÑ?и аÑ?Ñ?енÑ?иÑ?икаÑ?иÑ?, коÑ?оÑ?аÑ? обÑ?Ñ?но
+    Ñ?Ñ?ебÑ?еÑ?Ñ?Ñ? длÑ? Ñ?Ñ?Ñ?ановлениÑ? Ñ?оединениÑ?, Ñ?Ñ?о позволÑ?еÑ? злоÑ?мÑ?Ñ?ленникÑ?
+    пÑ?оизволÑ?но менÑ?Ñ?Ñ? Ñ?иÑ?Ñ?емное вÑ?емÑ?.</p></li>
 
 </ul>
 </define-tag>
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXWGJrAAoJEF7nbuICFtKl/zIQAJTfMAQRIocGn6R7XDP255Qy
ZpLtzIFlmeG4E0oqNNLiY/0I4kXigsBHW5bOIWiKAke7f/Myt+ABTslTwvFJuCzS
Xa2ZavWAYHV8IVcetb2nHkPWgfXVT9AVyxTc9cbztVlOFxSus3jwNoL42JIBfmMh
gQRrcC/3sC8HIA6B1DYIaZFDM1GqTFhcrtFyE0UJnLna914tPMpmuxS3zDiAgFiy
GgOenK+zWjcx0zRRo2GNipPFvv/DTXi3MeohvlFmPstZxI/9VeSjcFgmhdBgxGsD
AaxyZdn6eYTW5hFHvJDH5JjCEU0uzAGQZPq8j7p5qjKN9UkwuTIKWjajCx+Aj3wn
5I6Og4xswSDV6b5j9qiJhBIw6JtXONhfJBDX4dd7+r8BRJcIRewfIbuuxQiz2/DG
fFAC9iIJ0THmJVZcKGLL2JNvaeaWXYazLfZV8NVyrREJkmbHYQruc04TFSmTV4wt
nTbBarUlLX2XLhGx7hwvouT/rExeRdaHrNwTGN7p7d+6ryFspU30gGfJVvsj3/Uk
MMC8utpEhC9I3Fi7Iex8asdOV9MHJugIDLA4JFdVjBbQ9rMl3qhmLeFH/TDK5GkW
clb6/wZkodqCW5QyErrvF/vYHVlhJZwvms0ok3YMm9D84A9kajuxX5RIvwVVrpte
zeULNkcMPKcNMYE1U2Hf
=HIRp
-----END PGP SIGNATURE-----
Reply to: