[DONE] wml://{security/2010/dsa-1992.wml}
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- --- english/security/2010/dsa-1992.wml 2017-11-01 10:11:10.135831955 +0500
+++ russian/security/2010/dsa-1992.wml 2018-03-21 11:42:43.998388975 +0500
@@ -1,48 +1,49 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
<define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in chrony, a pair of programs
- -which are used to maintain the accuracy of the system clock on a computer.
- -This issues are similar to the NTP security flaw <a href="https://security-tracker.debian.org/tracker/CVE-2009-3563">CVE-2009-3563</a>. The Common
- -Vulnerabilities and Exposures project identifies the following problems:</p>
+<p>Ð? chrony, паÑ?е пÑ?огÑ?амм, иÑ?полÑ?зÑ?емÑ?Ñ? длÑ? конÑ?Ñ?олÑ? Ñ?оÑ?ноÑ?Ñ?и Ñ?иÑ?Ñ?емнÑ?Ñ? Ñ?аÑ?ов
+компÑ?Ñ?Ñ?еÑ?а, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей.
+ÐÑ?и Ñ?Ñ?звимоÑ?Ñ?и Ñ?Ñ?ожи Ñ? пÑ?облемами безопаÑ?ноÑ?Ñ?и NTP <a href="https://security-tracker.debian.org/tracker/CVE-2009-3563">CVE-2009-3563</a>. Ð?Ñ?оекÑ? Common
+Vulnerabilities and Exposures опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2010-0292">CVE-2010-0292</a>
- - <p>chronyd replies to all cmdmon packets with NOHOSTACCESS messages even for
- - unauthorized hosts. An attacker can abuse this behaviour to force two
- - chronyd instances to play packet ping-pong by sending such a packet with
- - spoofed source address and port. This results in high CPU and network
- - usage and thus denial of service conditions.</p></li>
+ <p>chronyd оÑ?веÑ?аеÑ? на вÑ?е cmdmon-пакеÑ?Ñ? Ñ? Ñ?ообÑ?ениÑ?ми NOHOSTACCESS, даже оÑ?
+ неавÑ?оÑ?изованнÑ?Ñ? Ñ?злов. Ð?лоÑ?мÑ?Ñ?ленник можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?о поведение длÑ? Ñ?озданиÑ?
+ Ñ?иÑ?Ñ?аÑ?ии, в коÑ?оÑ?ой неÑ?колÑ?ко Ñ?кземплÑ?Ñ?ов chronyd оÑ?пÑ?авлÑ?Ñ?Ñ? дÑ?Ñ?г дÑ?Ñ?гÑ? пакеÑ? Ñ? Ñ?казаннÑ?ми
+ Ñ?аÑ?акÑ?еÑ?иÑ?Ñ?иками Ñ? подделÑ?нÑ?м адÑ?еÑ?ом и поÑ?Ñ?ом иÑ?Ñ?оÑ?ника. ÐÑ?о пÑ?иводиÑ? к вÑ?Ñ?окомÑ? поÑ?Ñ?еблениÑ?
+ Ñ?еÑ?Ñ?Ñ?Ñ?ов ЦÐ? и пÑ?опÑ?Ñ?кной Ñ?поÑ?обноÑ?Ñ?и Ñ?еÑ?и, а поÑ?омÑ? к оÑ?казÑ? в обÑ?лÑ?живании.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2010-0293">CVE-2010-0293</a>
- - <p>The client logging facility of chronyd doesn't limit memory that is used
- - to store client information. An attacker can cause chronyd to allocate
- - large amounts of memory by sending NTP or cmdmon packets with spoofed
- - source addresses resulting in memory exhaustion.</p></li>
+ <p>СÑ?едÑ?Ñ?ва ведениÑ? жÑ?Ñ?нала на клиенÑ?е chronyd не огÑ?аниÑ?иваÑ?Ñ? поÑ?Ñ?ебление памÑ?Ñ?и, иÑ?полÑ?зÑ?емой
+ длÑ? Ñ?Ñ?анениÑ? клиенÑ?Ñ?кой инÑ?оÑ?маÑ?ии. Ð?лоÑ?мÑ?Ñ?ленник можеÑ? вÑ?зваÑ?Ñ? Ñ?иÑ?Ñ?аÑ?иÑ?, в коÑ?оÑ?ой chronyd вÑ?делиÑ?
+ болÑ?Ñ?ой обÑ?Ñ?м памÑ?Ñ?и, пÑ?Ñ?Ñ?м оÑ?пÑ?авки NTP или cmdmon-пакеÑ?ов Ñ? подделÑ?нÑ?ми
+ адÑ?еÑ?ами иÑ?Ñ?оÑ?ника, Ñ?Ñ?о пÑ?иводиÑ? к иÑ?Ñ?еÑ?паниÑ? памÑ?Ñ?и.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2010-0294">CVE-2010-0294</a>
- - <p>chronyd lacks of a rate limit control to the syslog facility when logging
- - received packets from unauthorized hosts. This allows an attacker to
- - cause denial of service conditions via filling up the logs and thus disk
- - space by repeatedly sending invalid cmdmon packets.</p></li>
+ <p>Ð? chronyd оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вÑ?еÑ? Ñ?пÑ?авление огÑ?аниÑ?ением Ñ?коÑ?оÑ?Ñ?и пеÑ?едаÑ?и даннÑ?Ñ? syslog пÑ?и
+ жÑ?Ñ?налиÑ?овании полÑ?Ñ?аемÑ?Ñ? пакеÑ?ов оÑ? неавÑ?оÑ?изованнÑ?Ñ? Ñ?злов. ÐÑ?о позволÑ?еÑ? злоÑ?мÑ?Ñ?ленникÑ?
+ вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании из-за заполнениÑ? жÑ?Ñ?налов, а Ñ?аким обÑ?азом и диÑ?кового
+ пÑ?оÑ?Ñ?Ñ?анÑ?Ñ?ва, пÑ?Ñ?Ñ?м повÑ?оÑ?Ñ?Ñ?Ñ?ейÑ?Ñ? оÑ?пÑ?авки некоÑ?Ñ?екÑ?нÑ?Ñ? cmdmon-пакеÑ?ов.</p></li>
</ul>
- -<p>For the oldstable distribution (etch), this problem has been fixed in
- -version 1.21z-5+etch1.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1.21z-5+etch1.</p>
- -<p>For the stable distribution (lenny), this problem has been fixed in
- -version 1.23-6+lenny1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1.23-6+lenny1.</p>
- -<p>For the testing (squeeze) and unstable (sid) distribution, this problem
- -will be fixed soon.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом (squeeze) и неÑ?Ñ?абилÑ?ном (sid) вÑ?пÑ?Ñ?каÑ? Ñ?Ñ?а пÑ?облема
+бÑ?деÑ? иÑ?пÑ?авлена позже.</p>
- -<p>We recommend that you upgrade your chrony packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? chrony.</p>
</define-tag>
# do not modify the following line
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlqx/vAACgkQXudu4gIW
0qV6IBAAhdC4GBnQHTW1CXW/cY0OuK2mpZQZqUCPhK6ORPACxVj3zcCCcxBcIowz
WiRO+HsaymAPoxDsHfFuUOUSV0tpzQPgMZZy7yjXCupZRk+mjAiwxN13e4yynQ+2
IjYzYE4/1j00lQvfmhkqsfOUZlTJKi6w5DmxPg1poPakyhaBgUEyWcfbleI4LjbE
P35KOHvH8QL66zanaTFXiRpPzCr9v1asJ/BXC5IJX0nAivOInFS8Bj33dTPY9lKN
XaFgOFXRh+5F5azfEXhwKzwm6pgbQPD7nP60ZkXnPSSCkLvEQl95EE6A43Nly51f
1k03lyjD4+PBQPKW/2DCzsqeBL41sjnPabpNjDsYAnQoT+RMnTMUSNr5JYOodnIY
RTJANSNVvGNE1ZoQl/KIbHszq/9q3j2uSHbFmDyJdbnPf6JVTLuWdrnDC5uOIysV
COrgOyp7Kdsokjhxo8OBaSXoT5+90nm8WXYazw5BJmx6H4wWwjpZsnLzcc0+vGDv
uUxHarLD+Kk7C2OjNpcArn9XKDN1VUai1A6FXjcftEYoTFUhvK58Wlhtfuf3KQlo
bnQMoU+KAZFsYkWNaJOhbkoLm3t7W0ir/XMx7vbRjM/enmrfnQ6ZGQDEsQZQPLHy
IlXKggNDoluVZHax1jSQjCX5JZg4Euz5fT1sQjxu23E2buzqPdw=
=uMl7
-----END PGP SIGNATURE-----
Reply to: