[DONE] wml://{security/2017/dsa-3945.wml}
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- --- english/security/2017/dsa-3945.wml 2017-08-18 00:51:59.000000000 +0500
+++ russian/security/2017/dsa-3945.wml 2017-08-18 11:52:51.377451569 +0500
@@ -1,98 +1,98 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
<define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in the Linux kernel that
- -may lead to a privilege escalation, denial of service or information
- -leaks.</p>
+<p>Ð? Ñ?дÑ?е Linux бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей,
+коÑ?оÑ?Ñ?е могÑ?Ñ? пÑ?иводиÑ?Ñ? к повÑ?Ñ?ениÑ? пÑ?ивилегий, оÑ?казÑ? в обÑ?лÑ?живании или
+Ñ?Ñ?еÑ?кам инÑ?оÑ?маÑ?ии.</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9940">CVE-2014-9940</a>
- - <p>A use-after-free flaw in the voltage and current regulator driver
- - could allow a local user to cause a denial of service or potentially
- - escalate privileges.</p></li>
+ <p>Ð?Ñ?полÑ?зование Ñ?казаÑ?елей поÑ?ле оÑ?вобождениÑ? памÑ?Ñ?и в дÑ?айвеÑ?е Ñ?егÑ?лÑ?Ñ?оÑ?а
+ напÑ?Ñ?жениÑ? и Ñ?ока можеÑ? позволиÑ?Ñ? локалÑ?номÑ? полÑ?зоваÑ?елÑ? вÑ?зваÑ?Ñ? оÑ?каз
+ в обÑ?лÑ?живании или поÑ?енÑ?иалÑ?но повÑ?Ñ?иÑ?Ñ? пÑ?ивилегии.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-7346">CVE-2017-7346</a>
- - <p>Li Qiang discovered that the DRM driver for VMware virtual GPUs does
- - not properly check user-controlled values in the
- - vmw_surface_define_ioctl() functions for upper limits. A local user
- - can take advantage of this flaw to cause a denial of service.</p></li>
+ <p>Ð?и ЦÑ?н обнаÑ?Ñ?жил, Ñ?Ñ?о дÑ?айвеÑ? DRM длÑ? виÑ?Ñ?Ñ?алÑ?нÑ?й видеокаÑ?Ñ? VMware
+ непÑ?авилÑ?но вÑ?полнÑ?еÑ? пÑ?овеÑ?кÑ? изменÑ?емÑ?Ñ? полÑ?зоваÑ?елÑ?ми знаÑ?ений в
+ Ñ?Ñ?нкÑ?иÑ?Ñ? vmw_surface_define_ioctl() на пÑ?едмеÑ? пÑ?евÑ?Ñ?ениÑ? веÑ?Ñ?ниÑ? гÑ?аниÑ?. Ð?окалÑ?нÑ?й
+ полÑ?зоваÑ?елÑ? можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? вÑ?зова оÑ?каза в обÑ?лÑ?живании.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-7482">CVE-2017-7482</a>
- - <p>Shi Lei discovered that RxRPC Kerberos 5 ticket handling code does
- - not properly verify metadata, leading to information disclosure,
- - denial of service or potentially execution of arbitrary code.</p></li>
+ <p>Ши Ð?Ñ?й обнаÑ?Ñ?жил, Ñ?Ñ?о код обÑ?абоÑ?ки билеÑ?ов RxRPC Kerberos 5 непÑ?авилÑ?но
+ вÑ?полнÑ?еÑ? пÑ?овеÑ?кÑ? меÑ?аданнÑ?Ñ?, Ñ?Ñ?о пÑ?иводиÑ? к Ñ?аÑ?кÑ?Ñ?Ñ?иÑ? инÑ?оÑ?маÑ?ии,
+ оÑ?казÑ? в обÑ?лÑ?живании или поÑ?енÑ?иалÑ?номÑ? вÑ?полнениÑ? пÑ?оизволÑ?ного кода.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-7533">CVE-2017-7533</a>
- - <p>Fan Wu and Shixiong Zhao discovered a race condition between inotify
- - events and VFS rename operations allowing an unprivileged local
- - attacker to cause a denial of service or escalate privileges.</p></li>
+ <p>ФанÑ? У и ШиÑ?Ñ?н Чжао обнаÑ?Ñ?жили Ñ?оÑ?Ñ?оÑ?ние гонки междÑ? Ñ?обÑ?Ñ?иÑ?ми inotify
+ и опеÑ?аÑ?иÑ?ми пеÑ?еименованиÑ? VFS, позволÑ?Ñ?Ñ?ее непÑ?ивилегиÑ?ованномÑ? локалÑ?номÑ?
+ злоÑ?мÑ?Ñ?ленникÑ? вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании или повÑ?Ñ?ение пÑ?ивилегий.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-7541">CVE-2017-7541</a>
- - <p>A buffer overflow flaw in the Broadcom IEEE802.11n PCIe SoftMAC WLAN
- - driver could allow a local user to cause kernel memory corruption,
- - leading to a denial of service or potentially privilege escalation.</p></li>
+ <p>Ð?еÑ?еполнение бÑ?Ñ?еÑ?а в дÑ?айвеÑ?е Broadcom IEEE802.11n PCIe SoftMAC WLAN
+ можеÑ? позволиÑ?Ñ? локалÑ?номÑ? полÑ?зоваÑ?елÑ? вÑ?зваÑ?Ñ? повÑ?еждение Ñ?одеÑ?жимого памÑ?Ñ?и Ñ?дÑ?а,
+ Ñ?Ñ?о пÑ?иводиÑ? к оÑ?казÑ? в обÑ?лÑ?живании или поÑ?енÑ?иалÑ?номÑ? повÑ?Ñ?ениÑ? пÑ?ивилегий.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-7542">CVE-2017-7542</a>
- - <p>An integer overflow vulnerability in the ip6_find_1stfragopt()
- - function was found allowing a local attacker with privileges to open
- - raw sockets to cause a denial of service.</p></li>
+ <p>Ð?Ñ?ло обнаÑ?Ñ?жено пеÑ?еполнение Ñ?елÑ?Ñ? Ñ?иÑ?ле в Ñ?Ñ?нкÑ?ии ip6_find_1stfragopt(),
+ позволÑ?Ñ?Ñ?ее локалÑ?номÑ? злоÑ?мÑ?Ñ?ленникÑ?, имеÑ?Ñ?емÑ? пÑ?ава на оÑ?кÑ?Ñ?Ñ?ие Ñ?Ñ?Ñ?Ñ?Ñ?
+ Ñ?океÑ?ов, вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-7889">CVE-2017-7889</a>
- - <p>Tommi Rantala and Brad Spengler reported that the mm subsystem does
- - not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism,
- - allowing a local attacker with access to /dev/mem to obtain
- - sensitive information or potentially execute arbitrary code.</p></li>
+ <p>Томми РанÑ?ала и Ð?Ñ?Ñ?д СпенглеÑ? Ñ?ообÑ?или, Ñ?Ñ?о подÑ?иÑ?Ñ?ема mm непÑ?авилÑ?но
+ обеÑ?пеÑ?иваеÑ? вÑ?полнение меÑ?анизма заÑ?иÑ?Ñ? CONFIG_STRICT_DEVMEM,
+ позволÑ?Ñ? локалÑ?номÑ? злоÑ?мÑ?Ñ?ленникÑ?, имеÑ?Ñ?емÑ? доÑ?Ñ?Ñ?п к /dev/mem, полÑ?Ñ?аÑ?Ñ?
+ Ñ?Ñ?вÑ?Ñ?виÑ?елÑ?нÑ?Ñ? инÑ?оÑ?маÑ?иÑ? или поÑ?енÑ?иалÑ?но вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-9605">CVE-2017-9605</a>
- - <p>Murray McAllister discovered that the DRM driver for VMware virtual
- - GPUs does not properly initialize memory, potentially allowing a
- - local attacker to obtain sensitive information from uninitialized
- - kernel memory via a crafted ioctl call.</p></li>
+ <p>Ð?Ñ?Ñ?Ñ?ей Ð?акалиÑ?Ñ?еÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о дÑ?айвеÑ? DRM длÑ? виÑ?Ñ?Ñ?алÑ?нÑ?й видеокаÑ?Ñ? VMware
+ непÑ?авилÑ?но вÑ?полнÑ?еÑ? иниÑ?иализаÑ?иÑ? памÑ?Ñ?и, поÑ?енÑ?иалÑ?но позволÑ?Ñ? локалÑ?номÑ?
+ злоÑ?мÑ?Ñ?ленникÑ? полÑ?Ñ?аÑ?Ñ? Ñ?Ñ?вÑ?Ñ?виÑ?елÑ?нÑ?Ñ? инÑ?оÑ?маÑ?иÑ? из неиниÑ?иализиÑ?ованной памÑ?Ñ?и
+ Ñ?дÑ?а пÑ?и помоÑ?и Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного вÑ?зова ioctl.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-10911">CVE-2017-10911</a>
<p>/ XSA-216</p>
- - <p>Anthony Perard of Citrix discovered an information leak flaw in Xen
- - blkif response handling, allowing a malicious unprivileged guest to
- - obtain sensitive information from the host or other guests.</p></li>
+ <p>ÐнÑ?они Ð?еÑ?аÑ? из Citrix обнаÑ?Ñ?жил Ñ?Ñ?еÑ?кÑ? инÑ?оÑ?маÑ?ии в коде обÑ?абоÑ?ки blkif-оÑ?веÑ?ов в
+ Xen, позволÑ?Ñ?Ñ?Ñ?Ñ? непÑ?ивилегиÑ?ованномÑ? полÑ?зоваÑ?елÑ? гоÑ?Ñ?евой Ñ?иÑ?Ñ?емÑ? полÑ?Ñ?аÑ?Ñ?
+ Ñ?Ñ?вÑ?Ñ?виÑ?елÑ?нÑ?Ñ? инÑ?оÑ?маÑ?иÑ? из оÑ?новной Ñ?иÑ?Ñ?емÑ? и дÑ?Ñ?гиÑ? гоÑ?Ñ?евÑ?Ñ? Ñ?иÑ?Ñ?ем.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-11176">CVE-2017-11176</a>
- - <p>It was discovered that the mq_notify() function does not set the
- - sock pointer to NULL upon entry into the retry logic. An attacker
- - can take advantage of this flaw during a userspace close of a
- - Netlink socket to cause a denial of service or potentially cause
- - other impact.</p></li>
+ <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о Ñ?Ñ?нкÑ?иÑ? mq_notify() не Ñ?Ñ?Ñ?анавливаеÑ? sock-Ñ?казаÑ?елÑ?
+ в NULL-знаÑ?ение пÑ?и вÑ?оде в логикÑ? повÑ?оÑ?а. Ð?лоÑ?мÑ?Ñ?ленник можеÑ?
+ иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? во вÑ?емÑ? закÑ?Ñ?Ñ?иÑ? Ñ?океÑ?а Netlink в полÑ?зоваÑ?елÑ?Ñ?ком
+ пÑ?оÑ?Ñ?Ñ?анÑ?Ñ?ве длÑ? вÑ?зова оÑ?каза в обÑ?лÑ?живании или поÑ?енÑ?иалÑ?ного
+ оказаниÑ? дÑ?Ñ?гого воздейÑ?Ñ?виÑ? на безопаÑ?ноÑ?Ñ?Ñ? Ñ?иÑ?Ñ?емÑ?.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-1000363">CVE-2017-1000363</a>
- - <p>Roee Hay reported that the lp driver does not properly bounds-check
- - passed arguments, allowing a local attacker with write access to the
- - kernel command line arguments to execute arbitrary code.</p></li>
+ <p>Рои Ð?Ñ?й Ñ?ообÑ?ил, Ñ?Ñ?о дÑ?айвеÑ? lp непÑ?авилÑ?но вÑ?полнÑ?еÑ? пÑ?овеÑ?кÑ? гÑ?аниÑ? Ñ?
+ пеÑ?едаваемÑ?Ñ? аÑ?гÑ?менÑ?ов, позволÑ?Ñ? локалÑ?номÑ? злоÑ?мÑ?Ñ?ленникÑ?, имеÑ?Ñ?емÑ? пÑ?ава на запиÑ?Ñ? в
+ аÑ?гÑ?менÑ?Ñ? командной Ñ?Ñ?Ñ?оки Ñ?дÑ?а, вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-1000365">CVE-2017-1000365</a>
- - <p>It was discovered that argument and environment pointers are not
- - taken properly into account to the imposed size restrictions on
- - arguments and environmental strings passed through
- - RLIMIT_STACK/RLIMIT_INFINITY. A local attacker can take advantage of
- - this flaw in conjunction with other flaws to execute arbitrary code.</p></li>
+ <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о Ñ?казаÑ?ели аÑ?гÑ?менÑ?а и окÑ?Ñ?жениÑ? Ñ?Ñ?иÑ?Ñ?ваÑ?Ñ?Ñ?Ñ? непÑ?авилÑ?но
+ пÑ?и Ñ?Ñ?Ñ?ановке огÑ?аниÑ?ений Ñ?азмеÑ?а Ñ?Ñ?Ñ?ок аÑ?гÑ?менÑ?ов и окÑ?Ñ?жениÑ?, пеÑ?едаваемÑ?Ñ?
+ Ñ?еÑ?ез RLIMIT_STACK/RLIMIT_INFINITY. Ð?окалÑ?нÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? иÑ?полÑ?зоваÑ?Ñ?
+ Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? вмеÑ?Ñ?е Ñ? дÑ?Ñ?гими Ñ?Ñ?звимоÑ?Ñ?Ñ?ми длÑ? вÑ?полнениÑ? пÑ?оизволÑ?ного кода.</p></li>
</ul>
- -<p>For the oldstable distribution (jessie), these problems have been fixed
- -in version 3.16.43-2+deb8u3.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 3.16.43-2+deb8u3.</p>
- -<p>We recommend that you upgrade your linux packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? linux.</p>
</define-tag>
# do not modify the following line
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlmWjtEACgkQXudu4gIW
0qU5bBAAi5dDk2p0JBF3zEgFWfoawEwVkKLeNbNby6d3ANXM+Uh3oXTG6fqLgWKs
wxX8M0QNkdZkmR1QZa/LJVHb1kdXRp2LdssdIYFjDgP/veYGJO02a7iF3KHh6fze
89MvjwnthAHT0/Gs18tO9JBoAHW3sQ2Ha95ARNQGNKJ+mroKBSqH+Qv0eW49X6ZJ
PW558peoNQakEk2POBenybQ1y2uVLIFJcpTkVNuJuX2g2AeqlmbPb6iP7wmn75xv
8OzxrTVRhr6YeC4G/C/V+nTvT7PJAMv9D4IyvMcZkSXLOtaUd5pCZkLClLWFqb1r
8o4CTKQHPdJxV8cBH1tqg7hQtxHNjbRCeo6OKbtqDPaK4rorA7uBLv+FHC6sUAWu
CWiwJD+cGBpoUldmDuI8M+1gbopo7HjVOvK/J5Ylc3azr9TReQncdzwYw4iwGrhK
UpUS13qJVUJkfa1nHdO7/P/c6S8s4jhgEjNC5oawilXQzEWnleWjCYxhCACzcSFD
Z49EqngaFwemXIDoF69pWVKQC3OhK7p3Sy+qusmq3VIw9HUTy5WNhYignhyiqxkB
czeUWN/X/5NcgHfevXvufBP2EUVLi13lNV5HIqYAGmTdOAgqvf/GdyfCxLT2J3KJ
7dYQkaRlAH3P4YbZ1a26kvOZ6ewY1O6tCaOIF8Vr7F6LqJTIp2U=
=MXL3
-----END PGP SIGNATURE-----
Reply to: