--- ../../english/security/2018/dsa-4208.wml 2018-05-23 09:34:58.000000000 +0500 +++ 2018/dsa-4208.wml 2018-05-23 09:43:29.071616405 +0500 @@ -1,55 +1,56 @@ -<define-tag description>security update</define-tag> +#use wml::debian::translation-check translation="1.1" mindelta="1" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи</define-tag> <define-tag moreinfo> -<p>The Qualys Research Labs discovered multiple vulnerabilities in procps, -a set of command line and full screen utilities for browsing procfs. The -Common Vulnerabilities and Exposures project identifies the following -problems:</p> +<p>СоÑÑÑдники Qualys Research Labs обнаÑÑжили многоÑиÑленнÑе ÑÑзвимоÑÑи в procps, +набоÑе ÑÑÐ¸Ð»Ð¸Ñ ÐºÐ¾Ð¼Ð°Ð½Ð´Ð½Ð¾Ð¹ ÑÑÑоки Ð´Ð»Ñ Ð¿ÑоÑмоÑÑа procfs. ÐÑÐ¾ÐµÐºÑ +Common Vulnerabilities and Exposures опÑеделÑÐµÑ ÑледÑÑÑие +пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2018-1122">CVE-2018-1122</a> - <p>top read its configuration from the current working directory if no - $HOME was configured. If top were started from a directory writable - by the attacker (such as /tmp) this could result in local privilege - escalation.</p></li> + <p>УÑилиÑа top ÑиÑÐ°ÐµÑ Ñвои наÑÑÑойки из ÑекÑÑего ÑабоÑего каÑалога в Ñом ÑлÑÑае, еÑли + не наÑÑÑоена пеÑÐµÐ¼ÐµÐ½Ð½Ð°Ñ $HOME. ÐÑли top запÑÑÑиÑÑ Ð¸Ð· каÑалога, Ð´Ð»Ñ ÐºÐ¾ÑоÑого Ñ Ð·Ð»Ð¾ÑмÑÑленника + имеÑÑÑÑ Ð¿Ñава на запиÑÑ (напÑимеÑ, /tmp), Ñо ÑÑо пÑиведÑÑ Ðº локалÑÐ½Ð¾Ð¼Ñ Ð¿Ð¾Ð²ÑÑÐµÐ½Ð¸Ñ + пÑивилегий.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2018-1123">CVE-2018-1123</a> - <p>Denial of service against the ps invocation of another user.</p></li> + <p>ÐÑказ в обÑлÑживании пÑи вÑзове ps дÑÑгим полÑзоваÑелем.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2018-1124">CVE-2018-1124</a> - <p>An integer overflow in the file2strvec() function of libprocps could - result in local privilege escalation.</p></li> + <p>ÐеÑеполнение ÑелÑÑ ÑиÑел в ÑÑнкÑии file2strvec() из libprocps Ð¼Ð¾Ð¶ÐµÑ + пÑиводиÑÑ Ðº локалÑÐ½Ð¾Ð¼Ñ Ð¿Ð¾Ð²ÑÑÐµÐ½Ð¸Ñ Ð¿Ñивилегий.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2018-1125">CVE-2018-1125</a> - <p>A stack-based buffer overflow in pgrep could result in denial - of service for a user using pgrep for inspecting a specially - crafted process.</p></li> + <p>ÐеÑеполнение бÑÑеÑа в pgrep Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании + Ð´Ð»Ñ Ð¿Ð¾Ð»ÑзоваÑелÑ, иÑполÑзÑÑÑего pgrep Ð´Ð»Ñ Ð¿ÑоÑмоÑÑа ÑпеÑиалÑно + ÑÑоÑмиÑованнÑÑ Ð¿ÑоÑеÑÑов.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2018-1126">CVE-2018-1126</a> - <p>Incorrect integer size parameters used in wrappers for standard C - allocators could cause integer truncation and lead to integer - overflow issues.</p></li> + <p>ÐекоÑÑекÑнÑе паÑамеÑÑа ÑазмеÑа ÑелÑÑ ÑиÑел, иÑполÑзÑемÑе в обÑÑÑÐºÐ°Ñ ÑÑандаÑÑнÑÑ + ÑÑнкÑий ÑзÑка C Ð´Ð»Ñ Ð²ÑÐ´ÐµÐ»ÐµÐ½Ð¸Ñ Ð¿Ð°Ð¼ÑÑи могÑÑ Ð²ÑзÑваÑÑ ÑÑеÑение ÑелÑÑ ÑиÑел + и пÑиводиÑÑ Ðº пеÑеполнениÑм ÑелÑÑ ÑиÑел.</p></li> </ul> -<p>For the oldstable distribution (jessie), these problems have been fixed -in version 2:3.3.9-9+deb8u1.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (jessie) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ +в веÑÑии 2:3.3.9-9+deb8u1.</p> -<p>For the stable distribution (stretch), these problems have been fixed in -version 2:3.3.12-3+deb9u1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (stretch) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 2:3.3.12-3+deb9u1.</p> -<p>We recommend that you upgrade your procps packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ procps.</p> -<p>For the detailed security status of procps please refer to its -security tracker page at: <a href="https://security-tracker.debian.org/tracker/procps">\ +<p>С подÑобнÑм ÑÑаÑÑÑом поддеÑжки безопаÑноÑÑи procps можно ознакомиÑÑÑÑ Ð½Ð° +ÑооÑвеÑÑÑвÑÑÑей ÑÑÑаниÑе оÑÑÐ»ÐµÐ¶Ð¸Ð²Ð°Ð½Ð¸Ñ Ð±ÐµÐ·Ð¾Ð¿Ð°ÑноÑÑи по адÑеÑÑ +<a href="https://security-tracker.debian.org/tracker/procps">\ https://security-tracker.debian.org/tracker/procps</a></p> </define-tag> # do not modify the following line #include "$(ENGLISHDIR)/security/2018/dsa-4208.data" -# $Id: dsa-4208.wml,v 1.1 2018/05/23 04:34:58 dogsleg Exp $