[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2011/dsa-2305.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- ../../english/security/2011/dsa-2305.wml	2017-11-01 10:11:10.279841345 +0500
+++ 2011/dsa-2305.wml	2018-03-31 21:32:27.156355140 +0500
@@ -1,49 +1,49 @@
- -<define-tag description>denial of service</define-tag>
+#use wml::debian::translation-check translation="1.3" mindelta="1"
+<define-tag description>оÑ?каз в обÑ?лÑ?живании</define-tag>
 <define-tag moreinfo>
- -<p>Two security issue have been discovered that affect vsftpd, a lightweight,
- -efficient FTP server written for security.</p>
+<p>Ð? vsftpd, Ñ?пÑ?оÑ?Ñ?нномÑ? Ñ?Ñ?Ñ?екÑ?ивном FTP-Ñ?еÑ?веÑ?е, напиÑ?анном Ñ? Ñ?елÑ?Ñ? обеÑ?пеÑ?ениÑ?
+вÑ?Ñ?окой безопаÑ?ноÑ?Ñ?и, бÑ?ли обнаÑ?Ñ?женÑ? две пÑ?облемÑ? безопаÑ?ноÑ?Ñ?и.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-2189";>CVE-2011-2189</a>
 
- -    <p>It was discovered that Linux kernels &lt; 2.6.35 are considerably slower in
- -    releasing than in the creation of network namespaces.  As a result of this
- -    and because vsftpd is using this feature as a security enhancement to
- -    provide network isolation for connections, it is possible to cause denial
- -    of service conditions due to excessive memory allocations by the kernel.
- -    This is technically no vsftpd flaw, but a kernel issue.  However, this
- -    feature has legitimate use cases and backporting the specific kernel patch
- -    is too intrusive.  Additionally, a local attacker requires the CAP_SYS_ADMIN
- -    capability to abuse this functionality.  Therefore, as a fix, a kernel
- -    version check has been added to vsftpd in order to disable this feature
- -    for kernels &lt; 2.6.35.</p></li>
+    <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о Ñ?дÑ?а Linux &lt; 2.6.35 знаÑ?иÑ?елÑ?но медленнее пÑ?и вÑ?полнении
+    оÑ?вобождениÑ? Ñ?еÑ?евÑ?Ñ? пÑ?оÑ?Ñ?Ñ?анÑ?Ñ?в имÑ?н, Ñ?ем пÑ?и иÑ? Ñ?оздании. Ð? Ñ?езÑ?лÑ?Ñ?аÑ?е Ñ?Ñ?ого,
+    а Ñ?акже поÑ?омÑ?, Ñ?Ñ?о vsftpd иÑ?полÑ?зÑ?еÑ? Ñ?казаннÑ?Ñ? возможноÑ?Ñ?Ñ? длÑ? Ñ?лÑ?Ñ?Ñ?ениÑ? безопаÑ?ноÑ?Ñ?и
+    Ñ? Ñ?елÑ?Ñ? пÑ?едоÑ?Ñ?авлениÑ? Ñ?еÑ?евой изолÑ?Ñ?ии длÑ? Ñ?оединений, можно вÑ?зваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании
+    из-за вÑ?делениÑ? Ñ?дÑ?ом Ñ?Ñ?езмеÑ?ного колиÑ?еÑ?Ñ?ва памÑ?Ñ?и.
+    ТеÑ?ниÑ?еÑ?ки Ñ?Ñ?о не Ñ?влÑ?еÑ?Ñ?Ñ? оÑ?ибкой в vsftpd, Ñ?Ñ?о пÑ?облема Ñ?дÑ?а. Тем не менее, даннаÑ?
+    Ñ?Ñ?нкÑ?ионалÑ?ноÑ?Ñ?Ñ? имееÑ? вполне легиÑ?имнÑ?е Ñ?Ñ?енаÑ?ии иÑ?полÑ?зованиÑ?, а обÑ?аÑ?нÑ?й пеÑ?еноÑ? заплаÑ?Ñ?
+    Ñ?дÑ?а Ñ?влÑ?еÑ?Ñ?Ñ? Ñ?еÑ?еÑ?Ñ?Ñ?Ñ? Ñ?ложнÑ?м. Ð?Ñ?оме Ñ?ого, локалÑ?номÑ? злоÑ?мÑ?Ñ?ленникÑ? Ñ?Ñ?ебÑ?Ñ?Ñ?Ñ?Ñ? пÑ?ава на
+    CAP_SYS_ADMIN длÑ? иÑ?полÑ?зованиÑ? Ñ?казанной Ñ?Ñ?нкÑ?ионалÑ?ноÑ?Ñ?и. СледоваÑ?елÑ?но, длÑ? иÑ?пÑ?авлениÑ?
+    пÑ?облемÑ? в vsftpd бÑ?ла добавлена Ñ?пеÑ?иалÑ?наÑ? пÑ?овеÑ?ка веÑ?Ñ?ии Ñ?дÑ?а, Ñ?Ñ?обÑ? даннаÑ?
+    Ñ?Ñ?нкÑ?ионалÑ?ноÑ?Ñ?Ñ? оÑ?клÑ?Ñ?алаÑ?Ñ? длÑ? Ñ?деÑ? &lt; 2.6.35.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-0762";>CVE-2011-0762</a>
 
- -    <p>Maksymilian Arciemowicz discovered that vsftpd is incorrectly handling
- -    certain glob expressions in STAT commands.  This allows a remote authenticated
- -    attacker to conduct denial of service attacks (excessive CPU and process
- -    slot exhaustion) via crafted STAT commands.</p></li>
+    <p>Ð?акÑ?имилиан Ð?Ñ?Ñ?емовиÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о vsftpd непÑ?авилÑ?но обÑ?абаÑ?Ñ?ваеÑ?
+    опÑ?еделÑ?ннÑ?е маÑ?ки в командаÑ? STAT. ЭÑ?о позволÑ?еÑ? Ñ?далÑ?нномÑ? аÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованномÑ?
+    злоÑ?мÑ?Ñ?ленникÑ? вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании (Ñ?Ñ?езмеÑ?ное поÑ?Ñ?ебление Ñ?еÑ?Ñ?Ñ?Ñ?ов ЦÐ?
+    и памÑ?Ñ?и) Ñ? помоÑ?Ñ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?Ñ? STAT-команд.</p></li>
 
 </ul>
 
- -<p>For the oldstable distribution (lenny), this problem has been fixed in
- -version 2.0.7-1+lenny1.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 2.0.7-1+lenny1.</p>
 
- -<p>For the stable distribution (squeeze), this problem has been fixed in
- -version 2.3.2-3+squeeze2.  Please note that 
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 2.3.2-3+squeeze2. Ð?бÑ?аÑ?иÑ?е внимание, Ñ?Ñ?о
 <a href="https://security-tracker.debian.org/tracker/CVE-2011-2189";>\
- -CVE-2011-2189</a> does not affect the lenny version.</p>
+CVE-2011-2189</a> не каÑ?аеÑ?Ñ?Ñ? веÑ?Ñ?ии в lenny.</p>
 
- -<p>For the testing distribution (wheezy), this problem will be fixed soon.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?а пÑ?облема бÑ?деÑ? иÑ?пÑ?авлена позже.</p>
 
- -<p>For the unstable distribution (sid), this problem has been fixed in
- -version 2.3.4-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid), Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 2.3.4-1.</p>
 
- -<p>We recommend that you upgrade your vsftpd packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? vsftpd.</p>
 </define-tag>
 
 # do not modify the following line
 #include "$(ENGLISHDIR)/security/2011/dsa-2305.data"
- -# $Id: dsa-2305.wml,v 1.3 2014/04/30 07:16:25 pabs Exp $
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlq/uDUACgkQXudu4gIW
0qVEthAAiPM9Rnld8Y7aaok3dEnPsiW1OzXb5ZSA1TMzDV/j1YjM7Ww76ZQ/GD4E
V/PjcA4UfcJdRTNIgjxRzWSh9oTgb7+IL+5eUfjfoCl1XIwXsZcmUn85ecmXoM6B
3u0iDgVUBwoGarecMCJJLKMuFVz07061648CAK8vpfxUIrh91gbbHKismdA2RuOq
ih2shWzE00zzKnUFpIQDBSZyCYnOBfKOZa5zSuZ17FH5enhbm56HtOGcUCtqVX+Q
fDkg61yjtVLv3yhqLbtYLqvLLcpp8U+1ENLyfxBj3RCb7Ha7gWSu3DRTbBq1idUU
qHIxFt2nkS4AFIBpk+zBCWv2MqcS4lCyhQJEuj63nOfpArMGTRiN7Pm5Q3eQsytR
+iAjrQMNawOyXRnqMl+RDuK1ottYqDD4RAE1h1a0oK3mxJNDJ8n01Sjb3FPcUBK2
TVeEF1oAKsqRczlsG5Umsnsbv2gL6xxnuSIFjUlCWKDbFRd6w0jk1rs0BVtgMHqE
y/uPo7DUeiMh6st2zT9QMHe4iHIVmW8piv9j/7qlMpR3O51XpEmcLaK+HySmy5Ly
NoIM9FiVfIhIc5bd2huDu9nDwoWns94R5DdS9TuwhfaOJC3LYrpFyi7ILCFj7+Cw
J/mPAq6wig/Czd3tjZHF6Q/+tVTeUVqFm25C//iaV5SglCtDB04=
=n00h
-----END PGP SIGNATURE-----
Reply to: