[DONE] wml://{security/2017/dsa-3945.wml}

[Lev Lamberov <dogsleg@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2017/dsa-3945.wml	2017-08-18 00:51:59.000000000 +0500
+++ russian/security/2017/dsa-3945.wml	2017-08-18 11:52:51.377451569 +0500
@@ -1,98 +1,98 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in the Linux kernel that
- -may lead to a privilege escalation, denial of service or information
- -leaks.</p>
+<p>Ð? Ñ?дÑ?е Linux бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей,
+коÑ?оÑ?Ñ?е могÑ?Ñ? пÑ?иводиÑ?Ñ? к повÑ?Ñ?ениÑ? пÑ?ивилегий, оÑ?казÑ? в обÑ?лÑ?живании или
+Ñ?Ñ?еÑ?кам инÑ?оÑ?маÑ?ии.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9940";>CVE-2014-9940</a>
 
- -    <p>A use-after-free flaw in the voltage and current regulator driver
- -    could allow a local user to cause a denial of service or potentially
- -    escalate privileges.</p></li>
+    <p>Ð?Ñ?полÑ?зование Ñ?казаÑ?елей поÑ?ле оÑ?вобождениÑ? памÑ?Ñ?и в дÑ?айвеÑ?е Ñ?егÑ?лÑ?Ñ?оÑ?а
+    напÑ?Ñ?жениÑ? и Ñ?ока можеÑ? позволиÑ?Ñ? локалÑ?номÑ? полÑ?зоваÑ?елÑ? вÑ?зваÑ?Ñ? оÑ?каз
+    в обÑ?лÑ?живании или поÑ?енÑ?иалÑ?но повÑ?Ñ?иÑ?Ñ? пÑ?ивилегии.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-7346";>CVE-2017-7346</a>
 
- -    <p>Li Qiang discovered that the DRM driver for VMware virtual GPUs does
- -    not properly check user-controlled values in the
- -    vmw_surface_define_ioctl() functions for upper limits. A local user
- -    can take advantage of this flaw to cause a denial of service.</p></li>
+    <p>Ð?и ЦÑ?н обнаÑ?Ñ?жил, Ñ?Ñ?о дÑ?айвеÑ? DRM длÑ? виÑ?Ñ?Ñ?алÑ?нÑ?й видеокаÑ?Ñ? VMware
+    непÑ?авилÑ?но вÑ?полнÑ?еÑ? пÑ?овеÑ?кÑ? изменÑ?емÑ?Ñ? полÑ?зоваÑ?елÑ?ми знаÑ?ений в
+    Ñ?Ñ?нкÑ?иÑ?Ñ? vmw_surface_define_ioctl() на пÑ?едмеÑ? пÑ?евÑ?Ñ?ениÑ? веÑ?Ñ?ниÑ? гÑ?аниÑ?. Ð?окалÑ?нÑ?й
+    полÑ?зоваÑ?елÑ? можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? вÑ?зова оÑ?каза в обÑ?лÑ?живании.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-7482";>CVE-2017-7482</a>
 
- -    <p>Shi Lei discovered that RxRPC Kerberos 5 ticket handling code does
- -    not properly verify metadata, leading to information disclosure,
- -    denial of service or potentially execution of arbitrary code.</p></li>
+    <p>Ши Ð?Ñ?й обнаÑ?Ñ?жил, Ñ?Ñ?о код обÑ?абоÑ?ки билеÑ?ов RxRPC Kerberos 5 непÑ?авилÑ?но
+    вÑ?полнÑ?еÑ? пÑ?овеÑ?кÑ? меÑ?аданнÑ?Ñ?, Ñ?Ñ?о пÑ?иводиÑ? к Ñ?аÑ?кÑ?Ñ?Ñ?иÑ? инÑ?оÑ?маÑ?ии,
+    оÑ?казÑ? в обÑ?лÑ?живании или поÑ?енÑ?иалÑ?номÑ? вÑ?полнениÑ? пÑ?оизволÑ?ного кода.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-7533";>CVE-2017-7533</a>
 
- -    <p>Fan Wu and Shixiong Zhao discovered a race condition between inotify
- -    events and VFS rename operations allowing an unprivileged local
- -    attacker to cause a denial of service or escalate privileges.</p></li>
+    <p>ФанÑ? У и ШиÑ?Ñ?н Чжао обнаÑ?Ñ?жили Ñ?оÑ?Ñ?оÑ?ние гонки междÑ? Ñ?обÑ?Ñ?иÑ?ми inotify
+    и опеÑ?аÑ?иÑ?ми пеÑ?еименованиÑ? VFS, позволÑ?Ñ?Ñ?ее непÑ?ивилегиÑ?ованномÑ? локалÑ?номÑ?
+    злоÑ?мÑ?Ñ?ленникÑ? вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании или повÑ?Ñ?ение пÑ?ивилегий.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-7541";>CVE-2017-7541</a>
 
- -    <p>A buffer overflow flaw in the Broadcom IEEE802.11n PCIe SoftMAC WLAN
- -    driver could allow a local user to cause kernel memory corruption,
- -    leading to a denial of service or potentially privilege escalation.</p></li>
+    <p>Ð?еÑ?еполнение бÑ?Ñ?еÑ?а в дÑ?айвеÑ?е Broadcom IEEE802.11n PCIe SoftMAC WLAN
+    можеÑ? позволиÑ?Ñ? локалÑ?номÑ? полÑ?зоваÑ?елÑ? вÑ?зваÑ?Ñ? повÑ?еждение Ñ?одеÑ?жимого памÑ?Ñ?и Ñ?дÑ?а,
+    Ñ?Ñ?о пÑ?иводиÑ? к оÑ?казÑ? в обÑ?лÑ?живании или поÑ?енÑ?иалÑ?номÑ? повÑ?Ñ?ениÑ? пÑ?ивилегий.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-7542";>CVE-2017-7542</a>
 
- -    <p>An integer overflow vulnerability in the ip6_find_1stfragopt()
- -    function was found allowing a local attacker with privileges to open
- -    raw sockets to cause a denial of service.</p></li>
+    <p>Ð?Ñ?ло обнаÑ?Ñ?жено пеÑ?еполнение Ñ?елÑ?Ñ? Ñ?иÑ?ле в Ñ?Ñ?нкÑ?ии ip6_find_1stfragopt(),
+    позволÑ?Ñ?Ñ?ее локалÑ?номÑ? злоÑ?мÑ?Ñ?ленникÑ?, имеÑ?Ñ?емÑ? пÑ?ава на оÑ?кÑ?Ñ?Ñ?ие Ñ?Ñ?Ñ?Ñ?Ñ?
+    Ñ?океÑ?ов, вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-7889";>CVE-2017-7889</a>
 
- -    <p>Tommi Rantala and Brad Spengler reported that the mm subsystem does
- -    not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism,
- -    allowing a local attacker with access to /dev/mem to obtain
- -    sensitive information or potentially execute arbitrary code.</p></li>
+    <p>Томми РанÑ?ала и Ð?Ñ?Ñ?д СпенглеÑ? Ñ?ообÑ?или, Ñ?Ñ?о подÑ?иÑ?Ñ?ема mm непÑ?авилÑ?но
+    обеÑ?пеÑ?иваеÑ? вÑ?полнение меÑ?анизма заÑ?иÑ?Ñ? CONFIG_STRICT_DEVMEM,
+    позволÑ?Ñ? локалÑ?номÑ? злоÑ?мÑ?Ñ?ленникÑ?, имеÑ?Ñ?емÑ? доÑ?Ñ?Ñ?п к /dev/mem, полÑ?Ñ?аÑ?Ñ?
+    Ñ?Ñ?вÑ?Ñ?виÑ?елÑ?нÑ?Ñ? инÑ?оÑ?маÑ?иÑ? или поÑ?енÑ?иалÑ?но вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-9605";>CVE-2017-9605</a>
 
- -    <p>Murray McAllister discovered that the DRM driver for VMware virtual
- -    GPUs does not properly initialize memory, potentially allowing a
- -    local attacker to obtain sensitive information from uninitialized
- -    kernel memory via a crafted ioctl call.</p></li>
+    <p>Ð?Ñ?Ñ?Ñ?ей Ð?акалиÑ?Ñ?еÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о дÑ?айвеÑ? DRM длÑ? виÑ?Ñ?Ñ?алÑ?нÑ?й видеокаÑ?Ñ? VMware
+    непÑ?авилÑ?но вÑ?полнÑ?еÑ? иниÑ?иализаÑ?иÑ? памÑ?Ñ?и, поÑ?енÑ?иалÑ?но позволÑ?Ñ? локалÑ?номÑ?
+    злоÑ?мÑ?Ñ?ленникÑ? полÑ?Ñ?аÑ?Ñ? Ñ?Ñ?вÑ?Ñ?виÑ?елÑ?нÑ?Ñ? инÑ?оÑ?маÑ?иÑ? из неиниÑ?иализиÑ?ованной памÑ?Ñ?и
+    Ñ?дÑ?а пÑ?и помоÑ?и Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного вÑ?зова ioctl.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-10911";>CVE-2017-10911</a>
 
 <p>/ XSA-216</p>
 
- -    <p>Anthony Perard of Citrix discovered an information leak flaw in Xen
- -    blkif response handling, allowing a malicious unprivileged guest to
- -    obtain sensitive information from the host or other guests.</p></li>
+    <p>ЭнÑ?они Ð?еÑ?аÑ? из Citrix обнаÑ?Ñ?жил Ñ?Ñ?еÑ?кÑ? инÑ?оÑ?маÑ?ии в коде обÑ?абоÑ?ки blkif-оÑ?веÑ?ов в
+    Xen, позволÑ?Ñ?Ñ?Ñ?Ñ? непÑ?ивилегиÑ?ованномÑ? полÑ?зоваÑ?елÑ? гоÑ?Ñ?евой Ñ?иÑ?Ñ?емÑ? полÑ?Ñ?аÑ?Ñ?
+    Ñ?Ñ?вÑ?Ñ?виÑ?елÑ?нÑ?Ñ? инÑ?оÑ?маÑ?иÑ? из оÑ?новной Ñ?иÑ?Ñ?емÑ? и дÑ?Ñ?гиÑ? гоÑ?Ñ?евÑ?Ñ? Ñ?иÑ?Ñ?ем.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-11176";>CVE-2017-11176</a>
 
- -    <p>It was discovered that the mq_notify() function does not set the
- -    sock pointer to NULL upon entry into the retry logic. An attacker
- -    can take advantage of this flaw during a userspace close of a
- -    Netlink socket to cause a denial of service or potentially cause
- -    other impact.</p></li>
+    <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о Ñ?Ñ?нкÑ?иÑ? mq_notify() не Ñ?Ñ?Ñ?анавливаеÑ? sock-Ñ?казаÑ?елÑ?
+    в NULL-знаÑ?ение пÑ?и вÑ?оде в логикÑ? повÑ?оÑ?а. Ð?лоÑ?мÑ?Ñ?ленник можеÑ?
+    иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? во вÑ?емÑ? закÑ?Ñ?Ñ?иÑ? Ñ?океÑ?а Netlink в полÑ?зоваÑ?елÑ?Ñ?ком
+    пÑ?оÑ?Ñ?Ñ?анÑ?Ñ?ве длÑ? вÑ?зова оÑ?каза в обÑ?лÑ?живании или поÑ?енÑ?иалÑ?ного
+    оказаниÑ? дÑ?Ñ?гого воздейÑ?Ñ?виÑ? на безопаÑ?ноÑ?Ñ?Ñ? Ñ?иÑ?Ñ?емÑ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-1000363";>CVE-2017-1000363</a>
 
- -    <p>Roee Hay reported that the lp driver does not properly bounds-check
- -    passed arguments, allowing a local attacker with write access to the
- -    kernel command line arguments to execute arbitrary code.</p></li>
+    <p>Рои Ð?Ñ?й Ñ?ообÑ?ил, Ñ?Ñ?о дÑ?айвеÑ? lp непÑ?авилÑ?но вÑ?полнÑ?еÑ? пÑ?овеÑ?кÑ? гÑ?аниÑ? Ñ?
+    пеÑ?едаваемÑ?Ñ? аÑ?гÑ?менÑ?ов, позволÑ?Ñ? локалÑ?номÑ? злоÑ?мÑ?Ñ?ленникÑ?, имеÑ?Ñ?емÑ? пÑ?ава на запиÑ?Ñ? в
+    аÑ?гÑ?менÑ?Ñ? командной Ñ?Ñ?Ñ?оки Ñ?дÑ?а, вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-1000365";>CVE-2017-1000365</a>
 
- -    <p>It was discovered that argument and environment pointers are not
- -    taken properly into account to the imposed size restrictions on
- -    arguments and environmental strings passed through
- -    RLIMIT_STACK/RLIMIT_INFINITY. A local attacker can take advantage of
- -    this flaw in conjunction with other flaws to execute arbitrary code.</p></li>
+    <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о Ñ?казаÑ?ели аÑ?гÑ?менÑ?а и окÑ?Ñ?жениÑ? Ñ?Ñ?иÑ?Ñ?ваÑ?Ñ?Ñ?Ñ? непÑ?авилÑ?но
+    пÑ?и Ñ?Ñ?Ñ?ановке огÑ?аниÑ?ений Ñ?азмеÑ?а Ñ?Ñ?Ñ?ок аÑ?гÑ?менÑ?ов и окÑ?Ñ?жениÑ?, пеÑ?едаваемÑ?Ñ?
+    Ñ?еÑ?ез RLIMIT_STACK/RLIMIT_INFINITY. Ð?окалÑ?нÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? иÑ?полÑ?зоваÑ?Ñ?
+    Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? вмеÑ?Ñ?е Ñ? дÑ?Ñ?гими Ñ?Ñ?звимоÑ?Ñ?Ñ?ми длÑ? вÑ?полнениÑ? пÑ?оизволÑ?ного кода.</p></li>
 
 </ul>
 
- -<p>For the oldstable distribution (jessie), these problems have been fixed
- -in version 3.16.43-2+deb8u3.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 3.16.43-2+deb8u3.</p>
 
- -<p>We recommend that you upgrade your linux packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? linux.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlmWjtEACgkQXudu4gIW
0qU5bBAAi5dDk2p0JBF3zEgFWfoawEwVkKLeNbNby6d3ANXM+Uh3oXTG6fqLgWKs
wxX8M0QNkdZkmR1QZa/LJVHb1kdXRp2LdssdIYFjDgP/veYGJO02a7iF3KHh6fze
89MvjwnthAHT0/Gs18tO9JBoAHW3sQ2Ha95ARNQGNKJ+mroKBSqH+Qv0eW49X6ZJ
PW558peoNQakEk2POBenybQ1y2uVLIFJcpTkVNuJuX2g2AeqlmbPb6iP7wmn75xv
8OzxrTVRhr6YeC4G/C/V+nTvT7PJAMv9D4IyvMcZkSXLOtaUd5pCZkLClLWFqb1r
8o4CTKQHPdJxV8cBH1tqg7hQtxHNjbRCeo6OKbtqDPaK4rorA7uBLv+FHC6sUAWu
CWiwJD+cGBpoUldmDuI8M+1gbopo7HjVOvK/J5Ylc3azr9TReQncdzwYw4iwGrhK
UpUS13qJVUJkfa1nHdO7/P/c6S8s4jhgEjNC5oawilXQzEWnleWjCYxhCACzcSFD
Z49EqngaFwemXIDoF69pWVKQC3OhK7p3Sy+qusmq3VIw9HUTy5WNhYignhyiqxkB
czeUWN/X/5NcgHfevXvufBP2EUVLi13lNV5HIqYAGmTdOAgqvf/GdyfCxLT2J3KJ
7dYQkaRlAH3P4YbZ1a26kvOZ6ewY1O6tCaOIF8Vr7F6LqJTIp2U=
=MXL3
-----END PGP SIGNATURE-----