[DONE] wml://security/2018/dsa-4243.wml
--- ../../english/security/2018/dsa-4243.wml 2018-07-11 21:04:32.920313426 +0500
+++ 2018/dsa-4243.wml 2018-07-11 21:14:07.209997247 +0500
@@ -1,58 +1,59 @@
-<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="07b675fd002929e3c7b095ccf3c2d7ee18953a49" mindelta="1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
<define-tag moreinfo>
-<p>Several vulnerabilities were discovered in CUPS, the Common UNIX Printing
-System. These issues have been identified with the following CVE ids:</p>
+<p>Ð? CUPS, обÑ?ей Ñ?иÑ?Ñ?еме пеÑ?аÑ?и UNIX, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко
+Ñ?Ñ?звимоÑ?Ñ?ей. ÐÑ?и Ñ?Ñ?звимоÑ?Ñ?и полÑ?Ñ?или Ñ?ледÑ?Ñ?Ñ?ие иденÑ?иÑ?икаÑ?оÑ?Ñ? CVE:</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-15400">CVE-2017-15400</a>
- <p>Rory McNamara discovered that an attacker is able to execute arbitrary
- commands (with the privilege of the CUPS daemon) by setting a
- malicious IPP server with a crafted PPD file.</p></li>
+ <p>РоÑ?и Ð?акÐ?амаÑ?а обнаÑ?Ñ?жил, Ñ?Ñ?о злоÑ?мÑ?Ñ?ленник Ñ?поÑ?обен вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?е
+ командÑ? (Ñ? пÑ?авами Ñ?лÑ?жбÑ? CUPS), вÑ?биÑ?аÑ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?й PPD-Ñ?айл
+ длÑ? вÑ?едоноÑ?ного IPP-Ñ?еÑ?веÑ?а.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2018-4180">CVE-2018-4180</a>
- <p>Dan Bastone of Gotham Digital Science discovered that a local
- attacker with access to cupsctl could escalate privileges by setting
- an environment variable. </p></li>
+ <p>Ð?Ñ?н Ð?Ñ?Ñ?Ñ?оÑ?н из Gotham Digital Science обнаÑ?Ñ?жил, Ñ?Ñ?о локалÑ?нÑ?й
+ злоÑ?мÑ?Ñ?ленник, имеÑ?Ñ?ий доÑ?Ñ?Ñ?п к cupsctl, можеÑ? повÑ?Ñ?иÑ?Ñ? Ñ?вои пÑ?ава доÑ?Ñ?Ñ?па, Ñ?Ñ?Ñ?ановив
+ пеÑ?еменнÑ?Ñ? окÑ?Ñ?жениÑ?. </p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2018-4181">CVE-2018-4181</a>
- <p>Eric Rafaloff and John Dunlap of Gotham Digital Science discovered
- that a local attacker can perform limited reads of arbitrary files
- as root by manipulating cupsd.conf.</p></li>
+ <p>ÐÑ?ик Ð Ñ?Ñ?Ñ?лоÑ?Ñ? и Ð?жон Ð?анлÑ?п из Gotham Digital Science обнаÑ?Ñ?жил,
+ Ñ?Ñ?о локалÑ?нÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? вÑ?полнÑ?Ñ?Ñ? огÑ?аниÑ?еннÑ?е Ñ?Ñ?ениÑ? пÑ?оизволÑ?нÑ?Ñ? Ñ?айлов
+ оÑ? лиÑ?а Ñ?Ñ?пеÑ?полÑ?зоваÑ?елÑ?, изменÑ?Ñ? cupsd.conf.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2018-4182">CVE-2018-4182</a>
- <p>Dan Bastone of Gotham Digital Science discovered that an attacker
- with sandboxed root access can execute backends without a sandbox
- profile by provoking an error in CUPS' profile creation.</p></li>
+ <p>Ð?Ñ?н Ð?Ñ?Ñ?Ñ?оÑ?н из Gotham Digital Science обнаÑ?Ñ?жил, Ñ?Ñ?о злоÑ?мÑ?Ñ?ленник Ñ?
+ огÑ?аниÑ?еннÑ?ми пеÑ?оÑ?ниÑ?ей пÑ?авами Ñ?Ñ?пеÑ?полÑ?зоваÑ?елÑ? можеÑ? запÑ?Ñ?каÑ?Ñ? движки без
+ иÑ?полÑ?зованиÑ? пÑ?оÑ?илÑ? пеÑ?оÑ?ниÑ?Ñ?, иÑ?полÑ?зÑ?Ñ? оÑ?ибкÑ? в коде Ñ?озданиÑ? пÑ?оÑ?илÑ? CUPS.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2018-4183">CVE-2018-4183</a>
- <p>Dan Bastone and Eric Rafaloff of Gotham Digital Science discovered
- that an attacker with sandboxed root access can execute arbitrary
- commands as unsandboxed root by modifying /etc/cups/cups-files.conf</p></li>
+ <p>Ð?Ñ?н Ð?Ñ?Ñ?Ñ?оÑ?н и ÐÑ?ик Ð Ñ?Ñ?Ñ?лоÑ?Ñ? из Gotham Digital Science обнаÑ?Ñ?жили, Ñ?Ñ?о злоÑ?мÑ?Ñ?ленник
+ Ñ? огÑ?аниÑ?еннÑ?ми пеÑ?оÑ?ниÑ?ей пÑ?авами Ñ?Ñ?пеÑ?полÑ?зоваÑ?елÑ? можеÑ? вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?е командÑ?
+ оÑ? лиÑ?а Ñ?Ñ?пеÑ?полÑ?зоваÑ?елÑ? без огÑ?аниÑ?ений пеÑ?оÑ?ниÑ?Ñ?, изменÑ?Ñ? /etc/cups/cups-files.conf</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2018-6553">CVE-2018-6553</a>
- <p>Dan Bastone of Gotham Digital Science discovered that an attacker
- can bypass the AppArmor cupsd sandbox by invoking the dnssd backend
- using an alternate name that has been hard linked to dnssd.</p></li>
+ <p>Ð?Ñ?н Ð?Ñ?Ñ?Ñ?оÑ?н из Gotham Digital Science обнаÑ?Ñ?жил, Ñ?Ñ?о злоÑ?мÑ?Ñ?ленник можеÑ?
+ обойÑ?и пеÑ?оÑ?ниÑ?Ñ? AppArmor длÑ? cupsd, запÑ?Ñ?Ñ?ив движок dnssd Ñ? помоÑ?Ñ?Ñ?
+ изменÑ?нного имени по жÑ?Ñ?Ñ?кой Ñ?Ñ?Ñ?лке на dnssd.</p></li>
</ul>
-<p>For the stable distribution (stretch), these problems have been fixed in
-version 2.2.1-8+deb9u2.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (stretch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2.2.1-8+deb9u2.</p>
-<p>We recommend that you upgrade your cups packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? cups.</p>
-<p>For the detailed security status of cups please refer to
-its security tracker page at:
-<a href="https://security-tracker.debian.org/tracker/cups">https://security-tracker.debian.org/tracker/cups</a></p>
+<p>С подÑ?обнÑ?м Ñ?Ñ?аÑ?Ñ?Ñ?ом поддеÑ?жки безопаÑ?ноÑ?Ñ?и cups можно ознакомиÑ?Ñ?Ñ?Ñ? на
+Ñ?ооÑ?веÑ?Ñ?Ñ?вÑ?Ñ?Ñ?ей Ñ?Ñ?Ñ?аниÑ?е оÑ?Ñ?леживаниÑ? безопаÑ?ноÑ?Ñ?и по адÑ?еÑ?Ñ?
+<a href="https://security-tracker.debian.org/tracker/cups">\
+https://security-tracker.debian.org/tracker/cups</a></p>
</define-tag>
# do not modify the following line
#include "$(ENGLISHDIR)/security/2018/dsa-4243.data"
-# $Id: $
Reply to: