[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://{security/2006/dsa-946.wml}

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2006/dsa-946.wml	2017-11-01 10:11:09.655800661 +0500
+++ russian/security/2006/dsa-946.wml	2018-02-09 12:08:11.617906581 +0500
@@ -1,45 +1,46 @@
- -<define-tag description>missing input sanitising</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вие оÑ?иÑ?Ñ?ки вÑ?однÑ?Ñ? даннÑ?Ñ?</define-tag>
 <define-tag moreinfo>
- -<p>The former correction to vulnerabilities in the sudo package worked
- -fine but were too strict for some environments.  Therefore we have
- -reviewed the changes again and allowed some environment variables to
- -go back into the privileged execution environment.  Hence, this
- -update.</p>
+<p>Ð?Ñ?едÑ?дÑ?Ñ?ее иÑ?пÑ?авление Ñ?Ñ?звимоÑ?Ñ?ей в пакеÑ?е sudo Ñ?абоÑ?ало вполне
+Ñ?оÑ?оÑ?о, но длÑ? некоÑ?оÑ?Ñ?Ñ? окÑ?Ñ?жений оказалоÑ?Ñ? Ñ?лиÑ?ком огÑ?аниÑ?иÑ?елÑ?нÑ?м. Ð? Ñ?вÑ?зи
+Ñ? Ñ?Ñ?им внеÑ?Ñ?ннÑ?е изменениÑ? бÑ?ли пеÑ?еÑ?моÑ?Ñ?енÑ?, и бÑ?ло Ñ?еÑ?ено веÑ?нÑ?Ñ?Ñ? некоÑ?оÑ?Ñ?е пеÑ?еменнÑ?е
+окÑ?Ñ?жениÑ? в пÑ?ивилегиÑ?ованнÑ?й конÑ?екÑ?Ñ?. Ð?оÑ?Ñ?омÑ? вÑ?пÑ?Ñ?каем данное
+обновление.</p>
 
- -<p>The configuration option "env_reset" is now activated by default.
- -It will preserve only the environment variables HOME, LOGNAME, PATH,
+<p>Ð?пÑ?иÑ? наÑ?Ñ?Ñ?ойки "env_reset" Ñ?епеÑ?Ñ? вклÑ?Ñ?ена по Ñ?молÑ?аниÑ?.
+Ð?на Ñ?оÑ?Ñ?анÑ?еÑ? Ñ?олÑ?ко Ñ?ледÑ?Ñ?Ñ?ие пеÑ?еменнÑ?е окÑ?Ñ?жениÑ?: HOME, LOGNAME, PATH,
 SHELL, TERM, DISPLAY, XAUTHORITY, XAUTHORIZATION, LANG, LANGUAGE,
- -LC_*, and USER in addition to the separate SUDO_* variables.</p>
+LC_* и USER, а Ñ?акже оÑ?делÑ?нÑ?е пеÑ?еменнÑ?е SUDO_*.</p>
 
- -<p>For completeness please find below the original advisory text:</p>
+<p>Ð?лÑ? полноÑ?Ñ? ниже пÑ?иводиÑ?Ñ?Ñ? Ñ?екÑ?Ñ? изнаÑ?алÑ?ной Ñ?екомендаÑ?ии:</p>
 
 <blockquote>
- -<p>It has been discovered that sudo, a privileged program, that provides
- -limited super user privileges to specific users, passes several
- -environment variables to the program that runs with elevated
- -privileges.  In the case of include paths (e.g. for Perl, Python, Ruby
- -or other scripting languages) this can cause arbitrary code to be
- -executed as privileged user if the attacker points to a manipulated
- -version of a system library.</p>
- -
- -<p>This update alters the former behaviour of sudo and limits the number
- -of supported environment variables to LC_*, LANG, LANGUAGE and TERM.
- -Additional variables are only passed through when set as env_check in
- -/etc/sudoers, which might be required for some scripts to continue to
- -work.</p>
+<p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о sudo, пÑ?ивилегиÑ?ованнаÑ? пÑ?огÑ?амма, пÑ?едоÑ?Ñ?авлÑ?Ñ?Ñ?аÑ?
+огÑ?аниÑ?еннÑ?е пÑ?ава Ñ?Ñ?пеÑ?полÑ?зоваÑ?елÑ? Ñ?пеÑ?иалÑ?но опÑ?еделÑ?ннÑ?м полÑ?зоваÑ?елÑ?м, пеÑ?едаÑ?Ñ?
+некоÑ?оÑ?Ñ?е пеÑ?еменнÑ?е окÑ?Ñ?жениÑ? пÑ?огÑ?амме, запÑ?Ñ?енной Ñ? повÑ?Ñ?еннÑ?ми
+пÑ?авами доÑ?Ñ?Ñ?па. Ð? Ñ?лÑ?Ñ?аÑ?Ñ? изменениÑ? пÑ?Ñ?ей (напÑ?., длÑ? Perl, Python, Ruby
+или дÑ?Ñ?гиÑ? Ñ?зÑ?ков Ñ?Ñ?енаÑ?иев) Ñ?Ñ?о можеÑ? пÑ?иводиÑ?Ñ? к вÑ?полнениÑ? пÑ?оизволÑ?ного
+кода оÑ? лиÑ?а пÑ?ивилегиÑ?ованного полÑ?зоваÑ?елÑ?, еÑ?ли злоÑ?мÑ?Ñ?ленник иÑ?полÑ?зÑ?еÑ?
+в Ñ?Ñ?енаÑ?ии изменÑ?ннÑ?Ñ? веÑ?Ñ?иÑ? Ñ?иÑ?Ñ?емной библиоÑ?еки.</p>
+
+<p>Ð?анное обновление изменÑ?еÑ? поведение sudo и огÑ?аниÑ?иваеÑ? Ñ?иÑ?ло
+поддеÑ?живаемÑ?Ñ? пеÑ?еменнÑ?Ñ? окÑ?Ñ?жениÑ? Ñ?ледÑ?Ñ?Ñ?ими пеÑ?еменнÑ?ми: LC_*, LANG, LANGUAGE и TERM.
+Ð?ополниÑ?елÑ?нÑ?е пеÑ?еменнÑ?е могÑ?Ñ? бÑ?Ñ?Ñ? пеÑ?еданÑ? Ñ?олÑ?ко Ñ?еÑ?ез опÑ?иÑ? env_check в
+/etc/sudoers, Ñ?Ñ?о можеÑ? поÑ?Ñ?ебоваÑ?Ñ?Ñ?Ñ? длÑ? обеÑ?пеÑ?ениÑ? Ñ?абоÑ?Ñ? некоÑ?оÑ?Ñ?Ñ?
+Ñ?Ñ?енаÑ?иев.</p>
 </blockquote>
 
- -<p>For the old stable distribution (woody) this problem has been fixed in
- -version 1.6.6-1.6.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (woody) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1.6.6-1.6.</p>
 
- -<p>For the stable distribution (sarge) this problem has been fixed in
- -version 1.6.8p7-1.4.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sarge) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1.6.8p7-1.4.</p>
 
- -<p>For the unstable distribution (sid) the same behaviour will be
- -implemented soon.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?о же поведение бÑ?деÑ? Ñ?еализовано
+позже.</p>
 
- -<p>We recommend that you upgrade your sudo package.  For unstable
- -"Defaults = env_reset" need to be added to /etc/sudoers manually.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? sudo. Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке Ñ?ледÑ?еÑ?
+вÑ?Ñ?Ñ?нÑ?Ñ? добавиÑ?Ñ? диÑ?екÑ?ивÑ? "Defaults = env_reset" в Ñ?айл /etc/sudoers.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlp9SOAACgkQXudu4gIW
0qVkOhAAnwaGkaKTgC2kSTYyLz7agNHbtGFRo+51UMzkxS+kbcy2f+nldFwbqB5c
gyr7bWC1T3rQ5frQuAXS1Jrjojqw4+Nyr6MlQbdnUR+Qqvn6IgcIUW3ZI+fPn+5A
Ghc0mgu+c7oMwbiiD0di1YyBfbrFMlQRh2xRDg38MnopCoe3MQ8Ai8Pu+1D+gZsH
vW81dYj9/WiAbU5v7ytIslos/TLRovYIk3j/Ui/LqPvaJB+iEE8vHlnP1foZp+SC
mf1B6v1FEFGBk2e1GYpYDDJEi0/7OUJ1sWYJqDmq79xOaIRoNe65xnNvd0qO4Y7L
k7NYDu9T3OUnuyyIW0EbnCa404Kf0ErKNp2VHNQqWeXxYf01W4f75mN+n18To8LD
QLmf77/QhX3BmrUTmp+olqj9FFu8UnVQ/jvsOQ0T9r1bLCCieCKUZfOasZVNGNGc
5+/xk6+joEIl7kzBGLt3pXQosSBmElCyjFbobE+YRmL4DBjHMIvRDSoDvxoKnB8N
03/RSwmvvDq3REWz9ZePoFXoc3JUkNAwA2qQLNufnwZar7/whhzaYQp6VN+4ff7C
SkvHeO9BPbjejp1g3lPmNwBkr8pPTZ42QsXfTu90MLftktwZNbDM6E2z6jNg7NlU
nUPfHo9G0k5G2f91rG89QFeNbHtY5lKT9FE6GN72RAAToJSswA4=
=O9Cm
-----END PGP SIGNATURE-----
Reply to: