[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://{security/2017/dsa-3904.wml}

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2017/dsa-3904.wml	2017-07-08 21:02:11.000000000 +0500
+++ russian/security/2017/dsa-3904.wml	2017-07-08 22:31:20.308870023 +0500
@@ -1,41 +1,42 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Clément Berthaux from Synaktiv discovered two vulnerabilities in BIND, a DNS
- -server implementation. They allow an attacker to bypass TSIG authentication by
- -sending crafted DNS packets to a server.</p>
+<p>Ð?леман Ð?еÑ?Ñ?о из Synaktiv обнаÑ?Ñ?жил две Ñ?Ñ?звимоÑ?Ñ?и в BIND, Ñ?еализаÑ?ии
+DNS-Ñ?еÑ?веÑ?а. Ð?ни позволÑ?Ñ?Ñ? злоÑ?мÑ?Ñ?ленникÑ? обÑ?одиÑ? TSIG-аÑ?Ñ?енÑ?иÑ?икаÑ?иÑ?
+пÑ?Ñ?Ñ?м оÑ?пÑ?авки на Ñ?еÑ?веÑ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?Ñ? DNS-пакеÑ?ов.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-3142";>CVE-2017-3142</a>
 
- -    <p>An attacker who is able to send and receive messages to an authoritative
- -    DNS server and who has knowledge of a valid TSIG key name may be able to
- -    circumvent TSIG authentication of AXFR requests via a carefully constructed
- -    request packet. A server that relies solely on TSIG keys for protection
- -    with no other ACL protection could be manipulated into:
+    <p>Ð?лоÑ?мÑ?Ñ?ленник, Ñ?поÑ?обнÑ?й оÑ?пÑ?авлÑ?Ñ?Ñ? Ñ?ообÑ?ениÑ? авÑ?оÑ?иÑ?еÑ?номÑ? DNS-Ñ?еÑ?веÑ?Ñ? и
+    полÑ?Ñ?аÑ?Ñ? его оÑ?веÑ?Ñ?, а Ñ?акже знаÑ?Ñ?ий имÑ? коÑ?Ñ?екÑ?ного TSIG-клÑ?Ñ?а, можеÑ?
+    обойÑ?и TSIG-аÑ?Ñ?енÑ?иÑ?икаÑ?иÑ? AXFR-запÑ?оÑ?ов Ñ? помоÑ?Ñ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного
+    пакеÑ?а запÑ?оÑ?а. СеÑ?веÑ?, иÑ?полÑ?зÑ?Ñ?Ñ?ий длÑ? заÑ?иÑ?Ñ? Ñ?олÑ?ко TSIG-клÑ?Ñ?и
+    без какого-либо дополниÑ?елÑ?ного Ñ?пиÑ?ка конÑ?Ñ?олÑ? доÑ?Ñ?Ñ?па, можеÑ?
 	</p>
 	<ul>
- -    <li>providing an AXFR of a zone to an unauthorized recipient</li>
- -    <li>accepting bogus NOTIFY packets</li>
+    <li>пÑ?едоÑ?Ñ?авиÑ?Ñ? AXFR зонÑ? неавÑ?оÑ?изованномÑ? полÑ?Ñ?аÑ?елÑ?</li>
+    <li>пÑ?инÑ?Ñ?Ñ? подделÑ?нÑ?е NOTIFY-пакеÑ?Ñ?</li>
 	</ul>
 	</li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-3143";>CVE-2017-3143</a>
 
- -    <p>An attacker who is able to send and receive messages to an authoritative
- -    DNS server and who has knowledge of a valid TSIG key name for the zone and
- -    service being targeted may be able to manipulate BIND into accepting an
- -    unauthorized dynamic update. </p></li>
+    <p>Ð?лоÑ?мÑ?Ñ?ленник, Ñ?поÑ?обнÑ?й оÑ?пÑ?авиÑ?Ñ? Ñ?ообÑ?ениÑ? авÑ?оÑ?иÑ?еÑ?номÑ? DNS-Ñ?еÑ?веÑ?Ñ? и полÑ?Ñ?аÑ?Ñ?
+    его оÑ?веÑ?Ñ?, а Ñ?акже знаÑ?Ñ?ий имÑ? коÑ?Ñ?екÑ?ного TSIG-клÑ?Ñ?а длÑ? зонÑ? и избÑ?анной в каÑ?еÑ?Ñ?ве
+    Ñ?ели Ñ?лÑ?жбÑ?, можеÑ? вÑ?зваÑ?Ñ? Ñ?иÑ?Ñ?аÑ?иÑ?, пÑ?и коÑ?оÑ?ой BIND пÑ?имеÑ?
+    неавÑ?оÑ?изованное динамиÑ?еÑ?кое обновление. </p></li>
 
 </ul>
 
- -<p>For the oldstable distribution (jessie), these problems have been fixed
- -in version 1:9.9.5.dfsg-9+deb8u12.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 1:9.9.5.dfsg-9+deb8u12.</p>
 
- -<p>For the stable distribution (stretch), these problems have been fixed in
- -version 1:9.10.3.dfsg.P4-12.4.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (stretch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1:9.10.3.dfsg.P4-12.4.</p>
 
- -<p>We recommend that you upgrade your bind9 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? bind9.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAllhFusACgkQXudu4gIW
0qUabxAAk5EqICfIL7qA9t1P6+EYu0aJTo+jYE5rTCxzT9zb5m4sRmvEZBQzmXTB
VPss9sbDHIV4acpOA6DHV5V5bm9SOAtLBi49LOY4iRliBX70bR4b/htRdNJuiuaE
sEel1C0la+YvTsKsr7DJX8JB2eqcKntQ5CtDZ53M1h1DrqsD3AiFdhe4f90nOeYK
VXtZOhtGU4orx/NEXUsV22SpaTEJOOF8prLt/UyIEIkXV3mP7+faV6HDM0q6cCUy
shDEM83BU8ZSNrusPqtjtMpXWUgvwhgas13oNS2ZrRWFfEjJZSmKIcpxgfUmnbJx
OlX5aP4LsSa+rKZCbGhgnT99IOmg1z4NbyMB7sWppI7UyQUg1meIUt+PMZpi4G0W
PG7cAHuwSqG5NfWx5uDwLVTFFkrisJ7NH6dbPP6tqkXlGs0Ari+Qnr5TpldowywN
3EAN9Bjrgo/kfv8ug3hhQyUj1u8CwNgJTwCELORMP+ZQyLYbv/U176RMwVaRsz6U
s+8+y3AlDk76dd2VDdiGUm2wDViQ/QvdOsHass+vj6zBPQBPNDmpQKSmCPHMw+Hw
Qo93+FpkJH/RhVfnN6MEYKJj5/A5TLm0LBRPUvUDwm70HhdlBa1be0lebusvkve3
SLFh/wFlRlfnSkqmbGMIvnEcCEXnWEnWYieW6gizU+gjIolt2kc=
=cmqy
-----END PGP SIGNATURE-----
Reply to: