[DONE] wml://{security/2011/dsa-2323.wml}
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- --- english/security/2011/dsa-2323.wml 2017-11-01 10:11:10.287841867 +0500
+++ russian/security/2011/dsa-2323.wml 2018-02-12 13:00:43.943962172 +0500
@@ -1,49 +1,50 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
<define-tag moreinfo>
- -<p>Multiple security issues were discovered by Vasiliy Kulikov in radvd, an
- -IPv6 Router Advertisement daemon:</p>
+<p>Ð?аÑ?илий Ð?Ñ?ликов обнаÑ?Ñ?жил многоÑ?иÑ?леннÑ?е пÑ?облемÑ? безопаÑ?ноÑ?Ñ?и в radvd, Ñ?лÑ?жбе
+обÑ?Ñ?влениÑ? маÑ?Ñ?Ñ?Ñ?Ñ?изаÑ?оÑ?а IPv6:</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2011-3602">CVE-2011-3602</a>
- - <p>set_interface_var() function doesn't check the interface name, which is
- - chosen by an unprivileged user. This could lead to an arbitrary file
- - overwrite if the attacker has local access, or specific files overwrites
- - otherwise.</p></li>
+ <p>ФÑ?нкÑ?иÑ? set_interface_var() не вÑ?полнÑ?еÑ? пÑ?овеÑ?кÑ? имени инÑ?еÑ?Ñ?ейÑ?а, коÑ?оÑ?ое
+ вÑ?биÑ?аеÑ?Ñ?Ñ? непÑ?ивилегиÑ?ованнÑ?м полÑ?зоваÑ?елем. ÐÑ?о можеÑ? пÑ?иводиÑ?Ñ? к пеÑ?езапиÑ?и пÑ?оизволÑ?ного
+ Ñ?айла в Ñ?лÑ?Ñ?ае, еÑ?ли злоÑ?мÑ?Ñ?ленник имееÑ? локалÑ?нÑ?й доÑ?Ñ?Ñ?п, в пÑ?оÑ?ивном Ñ?лÑ?Ñ?ае пеÑ?езапиÑ?Ñ?ваÑ?Ñ?Ñ?Ñ?
+ опÑ?еделÑ?ннÑ?е Ñ?айлÑ?.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2011-3604">CVE-2011-3604</a>
- - <p>process_ra() function lacks multiple buffer length checks which could
- - lead to memory reads outside the stack, causing a crash of the daemon.</p></li>
+ <p>Ð? Ñ?Ñ?нкÑ?ии process_ra() оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вÑ?Ñ?Ñ? пÑ?овеÑ?ки длинÑ? бÑ?Ñ?еÑ?а, Ñ?Ñ?о можеÑ? пÑ?иводиÑ?Ñ? к
+ Ñ?Ñ?ениÑ?м Ñ?одеÑ?жимого памÑ?Ñ?и за пÑ?еделами Ñ?Ñ?ека, вÑ?зÑ?ваÑ? аваÑ?ийнÑ?Ñ? оÑ?Ñ?ановкÑ? Ñ?лÑ?жбÑ?.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2011-3605">CVE-2011-3605</a>
- - <p>process_rs() function calls mdelay() (a function to wait for a defined
- - time) unconditionnally when running in unicast-only mode. As this call
- - is in the main thread, that means all request processing is delayed (for
- - a time up to MAX_RA_DELAY_TIME, 500 ms by default). An attacker could
- - flood the daemon with router solicitations in order to fill the input
- - queue, causing a temporary denial of service (processing would be
- - stopped during all the mdelay() calls).
+ <p>ФÑ?нкÑ?иÑ? process_rs() вÑ?зÑ?ваеÑ? mdelay() (Ñ?Ñ?нкÑ?иÑ? длÑ? ожиданиÑ? опÑ?еделÑ?нного
+ вÑ?емени) без огÑ?аниÑ?ений какими-либо Ñ?Ñ?ловиÑ?ми пÑ?и запÑ?Ñ?ке в Ñ?ежиме адÑ?еÑ?аÑ?ии по
+ конкÑ?еÑ?номÑ? Ñ?Ñ?Ñ?Ñ?ойÑ?Ñ?вÑ?. Ð?оÑ?колÑ?кÑ? Ñ?Ñ?оÑ? вÑ?зов наÑ?одиÑ?Ñ?Ñ? в оÑ?новом поÑ?оке, Ñ?о Ñ?Ñ?о ознаÑ?аеÑ?, Ñ?Ñ?о
+ вÑ?Ñ? обÑ?абоÑ?ка запÑ?оÑ?ов задеÑ?живаеÑ?Ñ?Ñ? (на вÑ?емÑ? до MAX_RA_DELAY_TIME, по Ñ?молÑ?аниÑ? 500 мÑ?). Ð?лоÑ?мÑ?Ñ?ленник
+ можеÑ? пеÑ?еполниÑ?Ñ? Ñ?лÑ?жбÑ? вÑ?зовами маÑ?Ñ?Ñ?Ñ?Ñ?изаÑ?оÑ?а Ñ? Ñ?елÑ?Ñ? заполнениÑ? оÑ?еÑ?еди
+ вÑ?однÑ?Ñ? даннÑ?Ñ?, Ñ?Ñ?о пÑ?иводиÑ? к вÑ?еменномÑ? оÑ?казÑ? в обÑ?лÑ?живании (обÑ?абоÑ?ка оÑ?Ñ?анавливаеÑ?Ñ?Ñ?
+ во вÑ?емÑ? вÑ?еÑ? вÑ?зовов mdelay()).
<br/>
- - Note: upstream and Debian default is to use anycast mode.</p></li>
+ Ð?амеÑ?Ñ?Ñ?е: по Ñ?молÑ?аниÑ? в оÑ?новной веÑ?ке Ñ?азÑ?абоÑ?ки и в Debian иÑ?полÑ?зÑ?еÑ?Ñ?Ñ? Ñ?ежим адÑ?еÑ?аÑ?ии по лÑ?бомÑ? Ñ?Ñ?Ñ?Ñ?ойÑ?Ñ?вÑ?.</p></li>
</ul>
- -<p>For the oldstable distribution (lenny), this problem has been fixed in
- -version 1:1.1-3.1.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1:1.1-3.1.</p>
- -<p>For the stable distribution (squeeze), this problem has been fixed in
- -version 1:1.6-1.1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1:1.6-1.1.</p>
- -<p>For the testing distribution (wheezy), this problem has been fixed in
- -version 1:1.8-1.2.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1:1.8-1.2.</p>
- -<p>For the unstable distribution (sid), this problem has been fixed in
- -version 1:1.8-1.2.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1:1.8-1.2.</p>
- -<p>We recommend that you upgrade your radvd packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? radvd.</p>
</define-tag>
# do not modify the following line
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlqBSbEACgkQXudu4gIW
0qXOVg/+MXiutEOGXrvJi891vuayLOUXrrDJhAH5pQiRWKsK50I2zjZragDRu/Ia
V5dSgpqYfXq5d5Du2FBphprBv8B6Akaom4WnE4kJ3//dgu09+FrY2cww2VGjMGrX
RxCdm24ciEm9kPVHzW5Er80aGj6IiRw9r3lkI/vZ9lfA65kLooeJv2bhRjrInEzI
iaI/ETYC9QkagmoNikyXrGtl6PXVyKGQ/CcfGKcUWBpJaqjDA2LNLO/kl84u52k6
lE80R+qGOSsv6K1wNsXQlwCi0eu2Gspjr7+L4Jc6n39i6M6fD7P1CXDRGWwd7Vyc
zDoAu+0l+/Fe/bZi3Y0LHIsgCJ4pXKBTaNGE03T02t6rrJwGb9A8tZcPr4DZnobw
Oye9OOL9uvTGb52ioSdpLOyAfkY7PmJZiE2kP5iuJxX9WW/yahf1FW86DQaooTtX
IBAFLgr2rEv7oi2LGwgnMDD4y3uHLfZR3kv3gZxLkxRGVMLhz4iktt8MkOzXF+lb
Cy8OQNPmKygPMXT2x2bMf5tT8SJnMcxdAEKL/zukYWi42Yb5wv/1DjWQ9hqm2aDz
f+tJubz27tPoTcxsV5TzjUw5XOuU/ovh9kb//fxC5cf6wNW52fCTZV0sAwR9Bjk3
+IP4gjUIeHBPN5DFaNJv0TYvcxSi3um94sf4KkkJylsWD8a0q2w=
=yuLN
-----END PGP SIGNATURE-----
Reply to: