[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://{security/2017/dsa-3942.wml}



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2017/dsa-3942.wml	2017-08-14 00:46:48.000000000 +0500
+++ russian/security/2017/dsa-3942.wml	2017-08-14 20:25:17.822983953 +0500
@@ -1,27 +1,29 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Calum Hutton reported that the XML-RPC server in supervisor, a system
- -for controlling process state, does not perform validation on requested
- -XML-RPC methods, allowing an authenticated client to send a malicious
- -XML-RPC request to supervisord that will run arbitrary shell commands on
- -the server as the same user as supervisord.</p>
+<p>Ð?олÑ?м ХаÑ?Ñ?он Ñ?ообÑ?ил, Ñ?Ñ?о Ñ?еÑ?веÑ? XML-RPC в supervisor, Ñ?иÑ?Ñ?еме длÑ?
+Ñ?пÑ?авлениÑ? Ñ?оÑ?Ñ?оÑ?ниÑ?ми пÑ?оÑ?еÑ?Ñ?ов, непÑ?авилÑ?но вÑ?полнÑ?еÑ? пÑ?овеÑ?кÑ? запÑ?аÑ?иваемÑ?Ñ?
+меÑ?одов XML-RPC, позволÑ?Ñ? аÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованномÑ? клиенÑ?Ñ? оÑ?пÑ?авлÑ?Ñ?Ñ? вÑ?едоноÑ?нÑ?е
+запÑ?оÑ?Ñ? XML-RPC Ñ?лÑ?жбе supervisord, Ñ?Ñ?о пÑ?иводиÑ? к запÑ?Ñ?кÑ? пÑ?оизволÑ?нÑ?Ñ? команд
+командной оболоÑ?ки на Ñ?еÑ?веÑ?е оÑ? лиÑ?а полÑ?зоваÑ?елÑ?, запÑ?Ñ?Ñ?ивÑ?его supervisord.</p>
 
- -<p>The vulnerability has been fixed by disabling nested namespace lookup
- -entirely. supervisord will now only call methods on the object
- -registered to handle XML-RPC requests and not any child objects it may
- -contain, possibly breaking existing setups. No publicly available
- -plugins are currently known that use nested namespaces. Plugins that use
- -a single namespace will continue to work as before. Details can be found
- -on the upstream issue at
+<p>ЭÑ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? бÑ?ла иÑ?пÑ?авлена пÑ?Ñ?Ñ?м полного оÑ?клÑ?Ñ?ениÑ? поиÑ?ка по вложеннÑ?м
+пÑ?оÑ?Ñ?Ñ?анÑ?Ñ?вам имÑ?н. СлÑ?жба supervisord бÑ?деÑ? вÑ?зÑ?ваÑ?Ñ? Ñ?олÑ?ко меÑ?одÑ?, заÑ?егиÑ?Ñ?Ñ?иÑ?ованнÑ?е
+на обÑ?екÑ?е длÑ? обÑ?абоÑ?ки запÑ?оÑ?ов XML-RPC, а не на лÑ?бом доÑ?еÑ?нем обÑ?екÑ?е, коÑ?оÑ?Ñ?й
+можеÑ? Ñ?одеÑ?жаÑ?Ñ?Ñ?Ñ? в нÑ?м. Ð?еÑ?оÑ?Ñ?но, Ñ?Ñ?о пÑ?оведÑ?Ñ? к поломке опÑ?еделÑ?ннÑ?Ñ? наÑ?Ñ?Ñ?оек. Ð? наÑ?Ñ?оÑ?Ñ?ее
+вÑ?емÑ? ниÑ?его не извеÑ?Ñ?но о дополнениÑ?Ñ?, иÑ?полÑ?зÑ?Ñ?Ñ?иÑ? вложеннÑ?е пÑ?оÑ?Ñ?Ñ?анÑ?Ñ?ва имÑ?н.
+Ð?ополнениÑ?, иÑ?полÑ?зÑ?Ñ?Ñ?ее одно пÑ?оÑ?Ñ?Ñ?анÑ?Ñ?во имÑ?н пÑ?одолжаÑ? Ñ?абоÑ?аÑ?Ñ? как и Ñ?анÑ?Ñ?е.
+Ð?одÑ?обноÑ?Ñ?и можно найÑ?и в Ñ?ообÑ?ении о пÑ?облеме в
+оÑ?новной веÑ?ке Ñ?азÑ?абоÑ?ки по адÑ?еÑ?Ñ?
 <a href="https://github.com/Supervisor/supervisor/issues/964";>https://github.com/Supervisor/supervisor/issues/964</a> .</p>
 
- -<p>For the oldstable distribution (jessie), this problem has been fixed
- -in version 3.0r1-1+deb8u1.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена
+в веÑ?Ñ?ии 3.0r1-1+deb8u1.</p>
 
- -<p>For the stable distribution (stretch), this problem has been fixed in
- -version 3.3.1-1+deb9u1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (stretch) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 3.3.1-1+deb9u1.</p>
 
- -<p>We recommend that you upgrade your supervisor packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? supervisor.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlmRwOAACgkQXudu4gIW
0qWyFA/9F0Ztohy9UeFTshFCqAxAdl9SK1JIv+4DxSDPdrAxv/+F6pIdT3bVH731
RUOAtwC8p1yozq08l6u5w45gaF39x18WA+eJSmE/LPUuYM+56fNPbt/HbhlDSYa3
DVkwm0ub2cHSxvqnWWnEa1Y6KlhxQ1tSve/h1p67D1P1rGfBblZULZ2NtgthRc8I
pdSzxjYMEw4xnNLSboRKzAUMlwem16zwGDn1VO4FBVUdsnpS5Kz+PSZOoZkzIPzr
r4ZAyKuuhbU+UCyfF61vrjnswtWT9kCa74UnzmE5/PqtJm0wZTVGpw+Ae7wUNh2n
xV+0O+6kci2DcW/9ZHUOazpqVdNTPv27Y6IQWMBs8uL0LW727UjlQQfZkDRFlgjS
8IPLGtxe8TCb1ndlfW7FEYGVmLeC5RFmGlQ4QS6nK6IlIbTggn5lyXbY6o4nrnFC
nirRRDg+j4I5wMy2FLzSz+32uAuyWzTPUq3V18QigHIXH8y9PUuwj3udh3BHkXF2
XSB+OFWH0N6RjmxHLN78LdkRNk100cqzijnq2q8dxhr8THbnsUR+gLnrcuK9qEtE
WRTbO5GYu5QX12DvK3iuQxqOVMV+EIJ+APgZjpk5QOpbjgY61285QBvc0JZh9HPr
3/fHBLED8pu3gIn72xKQCHXro/ZsKPG/3ud2PlVAYc8M7CjuMdU=
=1w+O
-----END PGP SIGNATURE-----


Reply to: