Re: [DONE] wml://security/2021/dsa-5015.wml

To: Lev Lamberov <dogsleg@debian.org>, debian-l10n-russian@lists.debian.org
Subject: Re: [DONE] wml://security/2021/dsa-5015.wml
From: Galina Anikina <merilaga@yandex.ru>
Date: Fri, 03 Dec 2021 17:25:20 +0300
Message-id: <[🔎] fdaea2e6da297e007cc04a89e09d4e2e80282c1f.camel@yandex.ru>
In-reply-to: <E1ms5kD-000X8Q-JY@shakva>
References: <E1ms5kD-000X8Q-JY@shakva>

On Tue, 2021-11-30 at 21:12 +0500, Lev Lamberov wrote:
> --- ../../english/security/2021/dsa-5015.wml    2021-11-30
> 20:18:13.568247162 +0500
> +++ 2021/dsa-5015.wml   2021-11-30 21:11:52.145603416 +0500
> @@ -1,33 +1,40 @@
> -<define-tag description>security update</define-tag>
> +#use wml::debian::translation-check
> translation="021ca29ce4441965338f6b5b1369a60cf47bb0b9" mindelta="1"
> maintainer="Lev Lamberov"
> +<define-tag description>обновление безопасности</define-tag>
>  <define-tag moreinfo>
> -<p>Andrew Bartlett discovered that Samba, a SMB/CIFS file, print,
> and login
> -server for Unix, may map domain users to local users in an undesired
> -way. This could allow a user in an AD domain to potentially become
> root
> -on domain members.</p>
> -
> -<p>A new parameter <q>min domain uid</q> (default 1000) has been
> added to
> -specify the minimum uid allowed when mapping a local account to a
> domain
> -account.</p>
> -
> -<p>Further details and workarounds can be found in the upstream
> advisory
> -<a
> href="https://www.samba.org/samba/security/";>https://www.samba.org/samba/security/
> </a><a
> href="https://security-tracker.debian.org/tracker/CVE-2020-25717";>CVE
> -2020-25717</a>.html</p>
> -
> -<p>For the oldstable distribution (buster), this problem has been
> fixed
> -in version 2:4.9.5+dfsg-5+deb10u2. Additionally the update mitigates
> -<a
> href="https://security-tracker.debian.org/tracker/CVE-2020-25722";>CVE
> -2020-25722</a>. Unfortunately the changes required to fix additional
> -CVEs affecting Samba as an AD-compatible domain controller are too
> -invasive to be backported. Thus users using Samba as an AD-
> compatible
> -domain controller are encouraged to migrate to Debian bullseye. From
> -this point onwards AD domain controller setups are no longer
> supported
> -in Debian oldstable.</p>
> -
> -<p>We recommend that you upgrade your samba packages.</p>
> -
> -<p>For the detailed security status of samba please refer to its
> security
> -tracker page at:
> -<a
> href="https://security-tracker.debian.org/tracker/samba";>https://security-tracker.debian.org/tracker/samba
> </a></p>
> +<p>Эндрю Бартлет сообщил, что Samba, файловый сервер, сервер
> +печати и входа SMB/CIFS для Unix, может преобразовывать
> пользователей
> +домена в локальных пользователей нежелательным образом Это может
> +позволить пользователю в AD-домене потенциально стать
> суперпользователей
> +на машинах домена.</p>

Это  потенциально даёт возможность пользователю в AD-домене стать
суперпользователЕМ ...
?

Reply to:

Follow-Ups:
- Re: [DONE] wml://security/2021/dsa-5015.wml
  - From: Lev Lamberov <dogsleg@debian.org>

Prev by Date: [DONE] wml://security/2021/dsa-5016.wml
Next by Date: Re: [DONE] wml://security/2021/dsa-5013.wml
Previous by thread: [DONE] wml://security/2021/dsa-5016.wml
Next by thread: Re: [DONE] wml://security/2021/dsa-5015.wml
Index(es):
- Date
- Thread