[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2017/dsa-376{3,4,5}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2017/dsa-3763.wml	2017-01-14 04:57:02.000000000 +0500
+++ russian/security/2017/dsa-3763.wml	2017-01-14 22:56:22.347024597 +0500
@@ -1,16 +1,17 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Florian Heinz and Martin Kluge reported that pdns-recursor, a recursive
- -DNS server, parses all records present in a query regardless of whether
- -they are needed or even legitimate, allowing a remote, unauthenticated
- -attacker to cause an abnormal CPU usage load on the pdns server,
- -resulting in a partial denial of service if the system becomes
- -overloaded.</p>
+<p>ФлоÑ?иан ХайнÑ? и Ð?аÑ?Ñ?ин Ð?лÑ?ге Ñ?ообÑ?или, Ñ?Ñ?о pdns-recursor, Ñ?екÑ?Ñ?Ñ?ивнÑ?й
+DNS-Ñ?еÑ?веÑ?, вÑ?полнÑ?еÑ? гÑ?аммаÑ?иÑ?еÑ?кий Ñ?азбоÑ? вÑ?еÑ? запиÑ?ей из запÑ?оÑ?а вне завиÑ?имоÑ?Ñ?и оÑ?
+Ñ?ого, нÑ?жнÑ? они или неÑ?, и даже вне завиÑ?имоÑ?Ñ?и оÑ? Ñ?ого, коÑ?Ñ?екÑ?нÑ? ли они, Ñ?Ñ?о позволÑ?еÑ?
+Ñ?далÑ?нномÑ? неаÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованномÑ? злоÑ?мÑ?Ñ?ленникÑ? вÑ?зÑ?ваÑ?Ñ? неноÑ?малÑ?нÑ?Ñ? нагÑ?Ñ?зкÑ? на ЦÐ? на
+Ñ?еÑ?веÑ?е pdns, Ñ?Ñ?о пÑ?иводиÑ? к Ñ?аÑ?Ñ?иÑ?номÑ? оÑ?казÑ? в обÑ?лÑ?живании в Ñ?лÑ?Ñ?ае, еÑ?ли Ñ?иÑ?Ñ?ема оказÑ?ваеÑ?Ñ?Ñ?
+пеÑ?егÑ?Ñ?жена.</p>
 
- -<p>For the stable distribution (jessie), this problem has been fixed in
- -version 3.6.2-2+deb8u3.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 3.6.2-2+deb8u3.</p>
 
- -<p>We recommend that you upgrade your pdns-recursor packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? pdns-recursor.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2017/dsa-3764.wml	2017-01-14 04:57:19.000000000 +0500
+++ russian/security/2017/dsa-3764.wml	2017-01-14 23:06:58.631927038 +0500
@@ -1,49 +1,51 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Multiple vulnerabilities have been discovered in pdns, an authoritative
- -DNS server. The Common Vulnerabilities and Exposures project identifies
- -the following problems:</p>
+<p>Ð? pdns, авÑ?оÑ?иÑ?еÑ?ном DNS-Ñ?еÑ?веÑ?е, бÑ?ли обнаÑ?Ñ?женÑ? многоÑ?иÑ?леннÑ?е Ñ?Ñ?звимоÑ?Ñ?и.
+Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures опÑ?еделÑ?еÑ?
+Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-2120";>CVE-2016-2120</a>
 
- -    <p>Mathieu Lafon discovered that pdns does not properly validate
- -    records in zones. An authorized user can take advantage of this flaw
- -    to crash server by inserting a specially crafted record in a zone
- -    under their control and then sending a DNS query for that record.</p></li>
+    <p>Ð?аÑ?Ñ?Ñ? Ð?аÑ?он обнаÑ?Ñ?жил, Ñ?Ñ?о pdns непÑ?авилÑ?но вÑ?полнÑ?еÑ? пÑ?овеÑ?кÑ?
+    запиÑ?ей в зонаÑ?. Ð?вÑ?оÑ?изованнÑ?й полÑ?зоваÑ?елÑ? можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ?
+    длÑ? аваÑ?ийной оÑ?Ñ?ановки Ñ?еÑ?веÑ?а пÑ?Ñ?Ñ?м вÑ?Ñ?авки Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованной запиÑ?и в зонÑ?,
+    наÑ?одÑ?Ñ?Ñ?Ñ?Ñ?Ñ? под Ñ?пÑ?авлением Ñ?Ñ?ого полÑ?зоваÑ?елÑ?, и оÑ?пÑ?авки DNS-запÑ?оÑ?а об Ñ?Ñ?ой запиÑ?и.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-7068";>CVE-2016-7068</a>
 
- -    <p>Florian Heinz and Martin Kluge reported that pdns parses all records
- -    present in a query regardless of whether they are needed or even
- -    legitimate, allowing a remote, unauthenticated attacker to cause an
- -    abnormal CPU usage load on the pdns server, resulting in a partial
- -    denial of service if the system becomes overloaded.</p></li>
+    <p>ФлоÑ?иан ХайнÑ? и Ð?аÑ?Ñ?ин Ð?лÑ?ге Ñ?ообÑ?или, Ñ?Ñ?о pdns-recursor, Ñ?екÑ?Ñ?Ñ?ивнÑ?й
+    DNS-Ñ?еÑ?веÑ?, вÑ?полнÑ?еÑ? гÑ?аммаÑ?иÑ?еÑ?кий Ñ?азбоÑ? вÑ?еÑ? запиÑ?ей из запÑ?оÑ?а вне завиÑ?имоÑ?Ñ?и оÑ?
+    Ñ?ого, нÑ?жнÑ? они или неÑ?, и даже вне завиÑ?имоÑ?Ñ?и оÑ? Ñ?ого, коÑ?Ñ?екÑ?нÑ? ли они, Ñ?Ñ?о позволÑ?еÑ?
+    Ñ?далÑ?нномÑ? неаÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованномÑ? злоÑ?мÑ?Ñ?ленникÑ? вÑ?зÑ?ваÑ?Ñ? неноÑ?малÑ?нÑ?Ñ? нагÑ?Ñ?зкÑ? на ЦÐ? на
+    Ñ?еÑ?веÑ?е pdns, Ñ?Ñ?о пÑ?иводиÑ? к Ñ?аÑ?Ñ?иÑ?номÑ? оÑ?казÑ? в обÑ?лÑ?живании в Ñ?лÑ?Ñ?ае, еÑ?ли Ñ?иÑ?Ñ?ема оказÑ?ваеÑ?Ñ?Ñ?
+    пеÑ?егÑ?Ñ?жена.</p>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-7072";>CVE-2016-7072</a>
 
- -    <p>Mongo discovered that the webserver in pdns is susceptible to a
- -    denial-of-service vulnerability. A remote, unauthenticated attacker
- -    to cause a denial of service by opening a large number of f TCP
- -    connections to the web server.</p></li>
+    <p>Mongo обнаÑ?Ñ?жил, Ñ?Ñ?о веб-Ñ?еÑ?веÑ? в pdns подвеÑ?жен оÑ?казÑ?
+    в обÑ?лÑ?живании. УдалÑ?ннÑ?й неаÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованнÑ?й злоÑ?мÑ?Ñ?ленник
+    можеÑ? вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании пÑ?Ñ?Ñ?м оÑ?кÑ?Ñ?Ñ?иÑ? болÑ?Ñ?ого Ñ?иÑ?ле
+    TCP-Ñ?оединений к веб-Ñ?еÑ?веÑ?Ñ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-7073";>CVE-2016-7073</a> /
     <a href="https://security-tracker.debian.org/tracker/CVE-2016-7074";>CVE-2016-7074</a>
 
- -    <p>Mongo discovered that pdns does not sufficiently validate TSIG
- -    signatures, allowing an attacker in position of man-in-the-middle to
- -    alter the content of an AXFR.</p></li>
+    <p>Mongo обнаÑ?Ñ?жил, Ñ?Ñ?о pdns вÑ?полнÑ?еÑ? недоÑ?Ñ?аÑ?оÑ?нÑ?Ñ? пÑ?овеÑ?кÑ? подпиÑ?ей TSIG,
+    позволÑ?Ñ? злоÑ?мÑ?Ñ?ленникÑ?, иÑ?полÑ?зÑ?Ñ?Ñ?емÑ? аÑ?акÑ? по пÑ?инÑ?ипÑ? Ñ?еловек-в-Ñ?еÑ?едине,
+    изменÑ?Ñ?Ñ? Ñ?одеÑ?жимое AXFR.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (jessie), these problems have been fixed in
- -version 3.4.1-4+deb8u7.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 3.4.1-4+deb8u7.</p>
 
- -<p>For the unstable distribution (sid), these problems have been fixed in
- -version 4.0.2-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 4.0.2-1.</p>
 
- -<p>We recommend that you upgrade your pdns packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? pdns.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2017/dsa-3765.wml	2017-01-14 15:48:58.000000000 +0500
+++ russian/security/2017/dsa-3765.wml	2017-01-14 23:10:03.164658986 +0500
@@ -1,20 +1,21 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Several programming errors in the wrestool tool of icoutils, a suite
- -of tools to create and extract MS Windows icons and cursors, allow
- -denial of service or the execution of arbitrary code if a malformed
- -binary is parsed.</p>
+<p>Ð? инÑ?Ñ?Ñ?Ñ?менÑ?е wrestool из Ñ?оÑ?Ñ?ава icoutils, набоÑ?а инÑ?Ñ?Ñ?Ñ?менÑ?ов длÑ? Ñ?озданиÑ? и
+Ñ?аÑ?паковки иконок и кÑ?Ñ?Ñ?оÑ?ов длÑ? MS Windows, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко оÑ?ибок
+пÑ?огÑ?аммиÑ?ованиÑ?, коÑ?оÑ?Ñ?е позволÑ?Ñ?Ñ? вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании или вÑ?полнение
+пÑ?оизволÑ?ного кода в Ñ?лÑ?Ñ?ае вÑ?полнениÑ? гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а некоÑ?Ñ?екÑ?ного двоиÑ?ного Ñ?айла.</p>
 
- -<p>For the stable distribution (jessie), these problems have been fixed in
- -version 0.31.0-2+deb8u2.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 0.31.0-2+deb8u2.</p>
 
- -<p>For the testing distribution (stretch), these problems have been fixed
- -in version 0.31.1-1.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом вÑ?пÑ?Ñ?ке (stretch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 0.31.1-1.</p>
 
- -<p>For the unstable distribution (sid), these problems have been fixed in
- -version 0.31.1-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 0.31.1-1.</p>
 
- -<p>We recommend that you upgrade your icoutils packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? icoutils.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlh6aYQACgkQXudu4gIW
0qWVHg/+OM0SC+EIqq/oEL3o1TC5t0cgRAtbKWMXLeOAydqWSy5fDM9wJT/Tq3+v
s2HnGQUkTFQicBsN/UathgSD2ASnDgTX550GNcB/FPmQ8ORQJNC9qam+bJIw2EkF
klP8L3hPNpnNllTL/RSBKg/LnkmD008gI0vwy0Z4W1yAto17JjqmrpKy8Xcgyc5Y
H9qxyFbnPVuonyQIKevogkqwwtOLh29LwWOt0EKCiiVYzdFqLZH6WmBjQKJHygjz
UOFIQaq1+gqcMszZFeTyDqnIceBCzWYU8I8WHsrUh+Mx2le6O7+ekv9ll4fvm9FF
2dNGswXI8MthmTpjNCIuy3YumzIGLbQwdxwMpjhsoTt0EFgXqb2KcDvIpYiD3t3y
QIyQs8LhhY8OlTrw4rv5OK70CpuykJGcJB/5FRb7IUNoCuc6a59BTPEEmWXM8Qcm
bnwf++A7iDDB63Y48hBWrK6s7VcJimZ5jy0wZrcHW8e/ldFXMsnZ8IaYS9wOnUc8
Hct2yfvikNWWkiVF2QJS550zOGRhyLyJlQaGkzVYkYRgGxHWx/PLRIlnjyHx1NQc
JITLHVlz79Vpoz5/omZ20NtCveu9vUDsxumu8BuhLZar/K2We7HH9CVcgiv77004
Xo3w6kDF805AuXD2DaPC9RQdCLtOnHnvdHSCVqrxJ0+YS4i1VTI=
=DEZf
-----END PGP SIGNATURE-----
Reply to: