Re: [DONE] wml://security/2021/dsa-5015.wml

To: debian-l10n-russian@lists.debian.org
Subject: Re: [DONE] wml://security/2021/dsa-5015.wml
From: Lev Lamberov <dogsleg@debian.org>
Date: Fri, 03 Dec 2021 20:38:38 +0500
Message-id: <[🔎] 87ilw5zojl.fsf@localhost>
In-reply-to: <[🔎] fdaea2e6da297e007cc04a89e09d4e2e80282c1f.camel@yandex.ru>
References: <E1ms5kD-000X8Q-JY@shakva> <[🔎] fdaea2e6da297e007cc04a89e09d4e2e80282c1f.camel@yandex.ru>

Пт 03 дек 2021 @ 17:25 Galina Anikina <merilaga@yandex.ru>:

> On Tue, 2021-11-30 at 21:12 +0500, Lev Lamberov wrote:
>> --- ../../english/security/2021/dsa-5015.wml    2021-11-30
>> 20:18:13.568247162 +0500
>> +++ 2021/dsa-5015.wml   2021-11-30 21:11:52.145603416 +0500
>> @@ -1,33 +1,40 @@
>> -<define-tag description>security update</define-tag>
>> +#use wml::debian::translation-check
>> translation="021ca29ce4441965338f6b5b1369a60cf47bb0b9" mindelta="1"
>> maintainer="Lev Lamberov"
>> +<define-tag description>обновление безопасности</define-tag>
>>  <define-tag moreinfo>
>> -<p>Andrew Bartlett discovered that Samba, a SMB/CIFS file, print,
>> and login
>> -server for Unix, may map domain users to local users in an undesired
>> -way. This could allow a user in an AD domain to potentially become
>> root
>> -on domain members.</p>
>> -
>> -<p>A new parameter <q>min domain uid</q> (default 1000) has been
>> added to
>> -specify the minimum uid allowed when mapping a local account to a
>> domain
>> -account.</p>
>> -
>> -<p>Further details and workarounds can be found in the upstream
>> advisory
>> -<a
>> href="https://www.samba.org/samba/security/";>https://www.samba.org/samba/security/
>> </a><a
>> href="https://security-tracker.debian.org/tracker/CVE-2020-25717";>CVE
>> -2020-25717</a>.html</p>
>> -
>> -<p>For the oldstable distribution (buster), this problem has been
>> fixed
>> -in version 2:4.9.5+dfsg-5+deb10u2. Additionally the update mitigates
>> -<a
>> href="https://security-tracker.debian.org/tracker/CVE-2020-25722";>CVE
>> -2020-25722</a>. Unfortunately the changes required to fix additional
>> -CVEs affecting Samba as an AD-compatible domain controller are too
>> -invasive to be backported. Thus users using Samba as an AD-
>> compatible
>> -domain controller are encouraged to migrate to Debian bullseye. From
>> -this point onwards AD domain controller setups are no longer
>> supported
>> -in Debian oldstable.</p>
>> -
>> -<p>We recommend that you upgrade your samba packages.</p>
>> -
>> -<p>For the detailed security status of samba please refer to its
>> security
>> -tracker page at:
>> -<a
>> href="https://security-tracker.debian.org/tracker/samba";>https://security-tracker.debian.org/tracker/samba
>> </a></p>
>> +<p>Эндрю Бартлет сообщил, что Samba, файловый сервер, сервер
>> +печати и входа SMB/CIFS для Unix, может преобразовывать
>> пользователей
>> +домена в локальных пользователей нежелательным образом Это может
>> +позволить пользователю в AD-домене потенциально стать
>> суперпользователей
>> +на машинах домена.</p>
>
> Это  потенциально даёт возможность пользователю в AD-домене стать
> суперпользователЕМ ...
> ?

Исправил. Спасибо!

Reply to:

References:
- Re: [DONE] wml://security/2021/dsa-5015.wml
  - From: Galina Anikina <merilaga@yandex.ru>

Prev by Date: Re: [DONE] wml://security/2021/dsa-5013.wml
Next by Date: Re: [DONE] wml://security/2021/dsa-5013.wml
Previous by thread: Re: [DONE] wml://security/2021/dsa-5015.wml
Next by thread: Re: [DONE] wml://security/2021/dsa-5013.wml
Index(es):
- Date
- Thread