[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2017/dsa-386{6,7,8}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2017/dsa-3866.wml	2017-05-30 21:51:07.000000000 +0500
+++ russian/security/2017/dsa-3866.wml	2017-05-31 10:53:10.596893168 +0500
@@ -1,40 +1,41 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Two denial of service vulnerabilities were identified in strongSwan, an
- -IKE/IPsec suite, using Google's OSS-Fuzz fuzzing project.</p>
+<p>Ð? strongSwan, набоÑ?е IKE/IPsec, пÑ?и иÑ?полÑ?зовании OSS-Fuzz оÑ? Google
+бÑ?ли обнаÑ?Ñ?женÑ? два оÑ?каза в обÑ?лÑ?живании.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-9022";>CVE-2017-9022</a>
 
- -    <p>RSA public keys passed to the gmp plugin aren't validated sufficiently
- -    before attempting signature verification, so that invalid input might
- -    lead to a floating point exception and crash of the process.
- -    A certificate with an appropriately prepared public key sent by a peer
- -    could be used for a denial-of-service attack.</p></li>
+    <p>Ð?Ñ?кÑ?Ñ?Ñ?Ñ?е RSA-клÑ?Ñ?и, пеÑ?едаÑ?Ñ?иеÑ?Ñ? дополнениÑ? gmp, пÑ?овеÑ?Ñ?Ñ?Ñ?Ñ?Ñ? недоÑ?Ñ?аÑ?оÑ?нÑ?м
+    обÑ?азом до моменÑ?а пÑ?овеÑ?ки подпиÑ?и, поÑ?Ñ?омÑ? некоÑ?Ñ?екÑ?нÑ?е вÑ?однÑ?е даннÑ?е могÑ?Ñ?
+    пÑ?иводиÑ?Ñ? к иÑ?клÑ?Ñ?ениÑ? длÑ? Ñ?иÑ?ел Ñ? плаваÑ?Ñ?ей Ñ?оÑ?кой и аваÑ?ийной оÑ?Ñ?ановке пÑ?оÑ?еÑ?Ñ?а.
+    СеÑ?Ñ?иÑ?икаÑ? Ñ? подгоÑ?овленнÑ?м Ñ?ооÑ?веÑ?Ñ?Ñ?вÑ?Ñ?Ñ?им обÑ?азом оÑ?кÑ?Ñ?Ñ?Ñ?м клÑ?Ñ?ом, оÑ?пÑ?авленнÑ?й
+    дÑ?Ñ?гим Ñ?злом, можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? длÑ? вÑ?зова оÑ?каза в обÑ?лÑ?живании.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-9023";>CVE-2017-9023</a>
 
- -    <p>ASN.1 CHOICE types are not correctly handled by the ASN.1 parser when
- -    parsing X.509 certificates with extensions that use such types. This could
- -    lead to infinite looping of the thread parsing a specifically crafted
- -    certificate.</p></li>
+    <p>ТипÑ? ASN.1 CHOICE непÑ?авилÑ?но обÑ?абаÑ?Ñ?ваÑ?Ñ?Ñ?Ñ? в коде длÑ? вÑ?полнениÑ? гÑ?аммаÑ?иÑ?еÑ?кого
+    Ñ?азбоÑ?а ASN.1 в Ñ?лÑ?Ñ?ае гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а Ñ?еÑ?Ñ?иÑ?икаÑ?ов X.509 Ñ? Ñ?аÑ?Ñ?иÑ?ениÑ?ми,
+    иÑ?полÑ?зÑ?Ñ?Ñ?ими Ñ?казаннÑ?е Ñ?ипÑ?. ЭÑ?о можеÑ? пÑ?иводиÑ?Ñ? к беÑ?конеÑ?номÑ? Ñ?иклÑ?
+    пÑ?и вÑ?полнении гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного Ñ?еÑ?Ñ?иÑ?икаÑ?а.</p></li>
 
 </ul>
 
- -<p>A fix for a build failure was additionally included in the 5.2.1-6+deb8u4
- -revision of the strongSwan package.</p>
+<p>Ð?Ñ?оме Ñ?ого, в веÑ?Ñ?иÑ? 5.2.1-6+deb8u4 пакеÑ?а strongSwan бÑ?ло добавлено иÑ?пÑ?авление
+оÑ?ибок Ñ?боÑ?ки.</p>
 
- -<p>For the stable distribution (jessie), these problems have been fixed in
- -version 5.2.1-6+deb8u3.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 5.2.1-6+deb8u3.</p>
 
- -<p>For the upcoming stable distribution (stretch), these problems have been
- -fixed in version 5.5.1-4</p>
+<p>Ð? гоÑ?овÑ?Ñ?емÑ?Ñ? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (stretch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли
+иÑ?пÑ?авленÑ? в веÑ?Ñ?ии 5.5.1-4</p>
 
- -<p>For the unstable distribution (sid), these problems have been fixed in
- -version 5.5.1-4.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 5.5.1-4.</p>
 
- -<p>We recommend that you upgrade your strongswan packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? strongswan.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2017/dsa-3867.wml	2017-05-30 21:00:18.000000000 +0500
+++ russian/security/2017/dsa-3867.wml	2017-05-31 10:55:36.964875491 +0500
@@ -1,15 +1,16 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>The Qualys Security team discovered that sudo, a program designed to
- -provide limited super user privileges to specific users, does not
- -properly parse "/proc/[pid]/stat" to read the device number of the tty
- -from field 7 (tty_nr). A sudoers user can take advantage of this flaw on
- -an SELinux-enabled system to obtain full root privileges.</p>
+<p>Ð?оманда Qualys Security обнаÑ?Ñ?жила, Ñ?Ñ?о sudo, пÑ?огÑ?амма длÑ? пÑ?едоÑ?Ñ?авлениÑ?
+огÑ?аниÑ?еннÑ?Ñ? пÑ?ав доÑ?Ñ?Ñ?па Ñ?Ñ?пеÑ?полÑ?зоваÑ?елÑ? опÑ?еделÑ?ннÑ?м полÑ?зоваÑ?елÑ?м,
+непÑ?авилÑ?но вÑ?полнÑ?еÑ? гÑ?аммаÑ?иÑ?еÑ?кий Ñ?азбоÑ? "/proc/[pid]/stat" Ñ? Ñ?елÑ?Ñ? пÑ?оÑ?Ñ?ениÑ?
+номеÑ?а Ñ?Ñ?Ñ?Ñ?ойÑ?Ñ?ва tty из полÑ? 7 (tty_nr). Ð?олÑ?зоваÑ?елÑ? гÑ?Ñ?ппÑ? sudoers можеÑ? иÑ?полÑ?зоваÑ?Ñ?
+Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? в Ñ?иÑ?Ñ?емаÑ? Ñ? SELinux длÑ? полÑ?Ñ?ениÑ? полнÑ?Ñ? пÑ?ав Ñ?Ñ?пеÑ?полÑ?зоваÑ?елÑ?.</p>
 
- -<p>For the stable distribution (jessie), this problem has been fixed in
- -version 1.8.10p3-1+deb8u4.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1.8.10p3-1+deb8u4.</p>
 
- -<p>We recommend that you upgrade your sudo packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? sudo.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2017/dsa-3868.wml	2017-05-31 09:51:48.000000000 +0500
+++ russian/security/2017/dsa-3868.wml	2017-05-31 10:58:42.384240239 +0500
@@ -1,17 +1,18 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Karsten Heymann discovered that the OpenLDAP directory server can be
- -crashed by performing a paged search with a page size of 0, resulting in
- -denial of service. This vulnerability is limited to the MDB storage
- -backend.</p>
+<p>Ð?аÑ?Ñ?Ñ?ен Хейман обнаÑ?Ñ?жил, Ñ?Ñ?о Ñ?абоÑ?а Ñ?еÑ?веÑ?а каÑ?алогов OpenLDAP можеÑ?
+бÑ?Ñ?Ñ? аваÑ?ийно завеÑ?Ñ?ена из-за вÑ?полнениÑ? Ñ?Ñ?Ñ?аниÑ?ного поиÑ?ка Ñ? Ñ?азмеÑ?ом Ñ?Ñ?Ñ?аниÑ?Ñ?
+Ñ?авнÑ?м 0, Ñ?Ñ?о пÑ?иводиÑ? к оÑ?казÑ? в обÑ?лÑ?живании. Ð?аннаÑ? Ñ?Ñ?звимоÑ?Ñ?Ñ? каÑ?аеÑ?Ñ?Ñ? Ñ?олÑ?ко
+движка Ñ?Ñ?анилиÑ? MDB.</p>
 
- -<p>For the stable distribution (jessie), this problem has been fixed in
- -version 2.4.40+dfsg-1+deb8u3.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 2.4.40+dfsg-1+deb8u3.</p>
 
- -<p>For the unstable distribution (sid), this problem has been fixed in
- -version 2.4.44+dfsg-5.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 2.4.44+dfsg-5.</p>
 
- -<p>We recommend that you upgrade your openldap packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? openldap.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlkuW5YACgkQXudu4gIW
0qXIYA//aVr9Yf0AIsCVPL5HwqTGIzgh62lZPLWcGw6cWjOMhH5zCztX2b5tmRsY
0VjvjbcVbObRXOPHUzIAebE8FA7BJaOtnIWgS9OP++2thOGB0U/moVyAOxYdRMOD
fQMbwEbIN8qZrBxJw8cmrN8aNaGPUaIjKDbpjh2pfm8dE8XJfA4wI/oRNbPA6YKr
lOg/2KFpdDHeXplpcTgupXSSv9gT8UpGksSJA4Rv5Wcm4SvxJDTF90Roh7wv9ZJb
ENkwQBx6j1XZck3S94N9xxfKDtYoXms1RyH2OTOZzhWgVPpeWz4HberTxXnDjLtt
k5RuqI9HYpaevcEtpgPQcHiEVBlO/AKs/aoDiS9Ovw4MPLrFfu6hmy8vsZ6N6uL8
awaGdq8Ighs/6FbapnKVXLAZlyQLrCFRWvMWvJiyK9zcSpGrdVGqjpFdDNmFVcYB
DZvcm73YeinK3qH9ZLhIkzuJJRPD8ra3MVwxBcJbYq5pLw69K7GIFcRlwtYddU7t
JB3mJ1GIKUhuhN39ITCF/IiLyvo0iFQe3PhY6grR1c6eJJkMjCBeq7CgWWE7qCvk
hotTlCmxqRTF464+uzJ8LJkPva9u7UNsstUzy2ZeBAkjtlGakwpcxTGLkl0elQ73
3jgd8So+BIq81SGwruNMpjm4Xnqvd1uoPV/oX1ITo9oXKPU1EdM=
=WfiW
-----END PGP SIGNATURE-----
Reply to: