[DONE] wml://security/2018/dsa-4157.wml
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- --- ../../english/security/2018/dsa-4157.wml 2018-03-30 03:49:48.000000000 +0500
+++ 2018/dsa-4157.wml 2018-03-30 12:59:10.522386957 +0500
@@ -1,42 +1,43 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" mindelta="1"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
<define-tag moreinfo>
- -<p>Multiple vulnerabilities have been discovered in OpenSSL, a Secure
- -Sockets Layer toolkit. The Common Vulnerabilities and Exposures project
- -identifies the following issues:</p>
+<p>Ð? OpenSSL, набоÑ?е инÑ?Ñ?Ñ?Ñ?менÑ?ов Secure Sockets Layer, бÑ?ли обнаÑ?Ñ?женÑ?
+многоÑ?иÑ?леннÑ?е Ñ?Ñ?звимоÑ?Ñ?и. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-3738">CVE-2017-3738</a>
- - <p>David Benjamin of Google reported an overflow bug in the AVX2
- - Montgomery multiplication procedure used in exponentiation with
- - 1024-bit moduli.</p></li>
+ <p>Ð?Ñ?вид Ð?енджамин из Google Ñ?ообÑ?ил о пеÑ?еполнении бÑ?Ñ?еÑ?а в пÑ?оÑ?едÑ?Ñ?е, Ñ?еализÑ?Ñ?Ñ?ей алгоÑ?иÑ?м
+ Ð?онÑ?гомеÑ?и AVX2, иÑ?полÑ?зÑ?емой пÑ?и возведении в Ñ?Ñ?епенÑ? Ñ?о 1024-биÑ?нÑ?ми модÑ?лÑ?ми.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2018-0739">CVE-2018-0739</a>
- - <p>It was discovered that constructed ASN.1 types with a recursive
- - definition could exceed the stack, potentially leading to a denial
- - of service.</p>
- -
- -<p>Details can be found in the upstream advisory:
- -<a href="https://www.openssl.org/news/secadv/20180327.txt">https://www.openssl.org/news/secadv/20180327.txt</a></p></li>
+ <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о Ñ?ложнÑ?е Ñ?ипÑ? ASN.1 Ñ? Ñ?екÑ?Ñ?Ñ?ивнÑ?ми опÑ?еделениÑ?ми
+ могÑ?Ñ? вÑ?зваÑ?Ñ? пеÑ?еполнение Ñ?Ñ?ека, поÑ?енÑ?иалÑ?но пÑ?иводÑ?Ñ?ее к оÑ?казÑ?
+ в обÑ?лÑ?живании.</p>
+
+<p>Ð?одÑ?обноÑ?Ñ?и можно найÑ?и в Ñ?екомендаÑ?ии оÑ?новной веÑ?ки Ñ?азÑ?абоÑ?ки:
+<a href="https://www.openssl.org/news/secadv/20180327.txt">\
+https://www.openssl.org/news/secadv/20180327.txt</a></p></li>
</ul>
- -<p>For the oldstable distribution (jessie), these problems have been fixed
- -in version 1.0.1t-1+deb8u8. The oldstable distribution is not affected
- -by <a href="https://security-tracker.debian.org/tracker/CVE-2017-3738">CVE-2017-3738</a>.</p>
- -
- -<p>For the stable distribution (stretch), these problems have been fixed in
- -version 1.1.0f-3+deb9u2.</p>
- -
- -<p>We recommend that you upgrade your openssl packages.</p>
- -
- -<p>For the detailed security status of openssl please refer to its security
- -tracker page at:
- -<a href="https://security-tracker.debian.org/tracker/openssl">https://security-tracker.debian.org/tracker/openssl</a></p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 1.0.1t-1+deb8u8. Ð?Ñ?едÑ?дÑ?Ñ?ий Ñ?Ñ?абилÑ?нÑ?й вÑ?пÑ?Ñ?к не подвеÑ?жен
+<a href="https://security-tracker.debian.org/tracker/CVE-2017-3738">CVE-2017-3738</a>.</p>
+
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (stretch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.1.0f-3+deb9u2.</p>
+
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? openssl.</p>
+
+<p>С подÑ?обнÑ?м Ñ?Ñ?аÑ?Ñ?Ñ?ом поддеÑ?жки безопаÑ?ноÑ?Ñ?и openssl можно ознакомиÑ?Ñ?Ñ?Ñ? на
+Ñ?ооÑ?веÑ?Ñ?Ñ?вÑ?Ñ?Ñ?ей Ñ?Ñ?Ñ?аниÑ?е оÑ?Ñ?леживаниÑ? безопаÑ?ноÑ?Ñ?и по адÑ?еÑ?Ñ?
+<a href="https://security-tracker.debian.org/tracker/openssl">\
+https://security-tracker.debian.org/tracker/openssl</a></p>
</define-tag>
# do not modify the following line
#include "$(ENGLISHDIR)/security/2018/dsa-4157.data"
- -# $Id: dsa-4157.wml,v 1.1 2018/03/29 22:49:48 tvincent Exp $
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlq97lsACgkQXudu4gIW
0qVgyA/5AR9TTWFiGfk2GBZ9ef2XsiKjj7BBXokuU7LSpUy3L9zPNkJJDmLCKin6
GELAtTwOWo3H4f78f+B283KKxvD2uALo0stf3ksOSptG2JTUlWTsxfNOF1PbHkDE
15yaAH008KEWuYam2GihyqqGcKe45zV2DHEov5DZTErrrsYrAzZPEVU/yw1QwrbL
azElAD3ppsImbb7mc8uiJMNPtB9Y3vfjQdHByBfObIQs1mHnBNhUdNZewoKB+nCs
ZTtKBuFIeYti+/G41oiO8aUh9mHLW0+cu72ZYrY6P2yQWJI8kbiD9AWsVCvQKCqg
3w7GQgZBLiMtDwRT7upQqfsHQjeyDnEN3IQVCnD41CtdrzrmZTT1rnnJYyyvXksO
B/uwdYVrrrdutO0/Hco/J38Z0H9yMEdN9F2CyDFO0cSbFAQxkLBBnhKBHJTn8TrI
O5Sb6uxmWEH95eUqWk4u8vyes/TAm21Tw7QuKly2dT+tZrJNX7RkvzVSgcd9KIKm
1zY+qHOBJajpmcNapMNDfhK6k9KjYSPgkJn467xAag5hsZWcjlI06uNkRqlA8IUF
jDLzKk8REXlfpfQrCn3T+sxKiQ5yS/BVApMMldqQFEe4s019o07uN5OL2Wfhr0xW
ou5WUHOgkYvdyg+BAP5RtWusY8OTwJu8vN46bvcUs8p+JC8uKIA=
=aSng
-----END PGP SIGNATURE-----
Reply to: