dsa-4218.wml

Lev Lamberov Sun, 10 Jun 2018 20:51:58 -0700
--- ../../english/security/2018/dsa-4218.wml    2018-06-07 12:59:29.532625032 
+0500
+++ 2018/dsa-4218.wml   2018-06-07 13:07:54.893475015 +0500
@@ -1,50 +1,51 @@
-<define-tag description>security update</define-tag>
+#use wml::debian::translation-check 
translation="4ebfdd503e9e85f67ec7fcf9034b307c4969a337" mindelta="1" 
maintainer="Lev Lamberov"
+<define-tag description>Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ðµ 
Ð±ÐµÐ·Ð¾Ð¿Ð°ÑÐ½Ð¾ÑÑÐ¸</define-tag>
 <define-tag moreinfo>
-<p>Several vulnerabilities were discovered in memcached, a high-performance
-memory object caching system. The Common Vulnerabilities and Exposures
-project identifies the following problems:</p>
+<p>Ð memcached, Ð²ÑÑÐ¾ÐºÐ¾Ð¿ÑÐ¾Ð¸Ð·Ð²Ð¾Ð´Ð¸ÑÐµÐ»ÑÐ½Ð¾Ð¹ ÑÐ¸ÑÑÐµÐ¼Ðµ 
ÐºÑÑÐ¸ÑÐ¾Ð²Ð°Ð½Ð¸Ñ, Ð±ÑÐ»Ð¾ Ð¾Ð±Ð½Ð°ÑÑÐ¶ÐµÐ½Ð¾
+Ð½ÐµÑÐºÐ¾Ð»ÑÐºÐ¾ ÑÑÐ·Ð²Ð¸Ð¼Ð¾ÑÑÐµÐ¹. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities 
and Exposures
+Ð¾Ð¿ÑÐµÐ´ÐµÐ»ÑÐµÑ ÑÐ»ÐµÐ´ÑÑÑÐ¸Ðµ Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ñ:</p>
 
 <ul>
 
 <li><a 
href="https://security-tracker.debian.org/tracker/CVE-2017-9951";>CVE-2017-9951</a>
 
-    <p>Daniel Shapira reported a heap-based buffer over-read in memcached
-    (resulting from an incomplete fix for <a 
href="https://security-tracker.debian.org/tracker/CVE-2016-8705";>CVE-2016-8705</a>)
 triggered by
-    specially crafted requests to add/set a key and allowing a remote
-    attacker to cause a denial of service.</p></li>
+    <p>ÐÑÐ½Ð¸ÐµÐ»Ñ Ð¨Ð°Ð¿Ð¸ÑÐ° ÑÐ¾Ð¾Ð±ÑÐ¸Ð» Ð¾ ÑÑÐµÐ½Ð¸Ð¸ Ð·Ð° 
Ð¿ÑÐµÐ´ÐµÐ»Ð°Ð¼Ð¸ Ð²ÑÐ´ÐµÐ»ÐµÐ½Ð½Ð¾Ð³Ð¾ Ð±ÑÑÐµÑÐ° Ð´Ð¸Ð½Ð°Ð¼Ð¸ÑÐµÑÐºÐ¾Ð¹ 
Ð¿Ð°Ð¼ÑÑÐ¸ Ð² memcached
+    (Ð¸Ð·-Ð·Ð° Ð½ÐµÐ¿Ð¾Ð»Ð½Ð¾Ð³Ð¾ Ð¸ÑÐ¿ÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ <a 
href="https://security-tracker.debian.org/tracker/CVE-2016-8705";>\
+    CVE-2016-8705</a>), Ð²ÑÐ·ÑÐ²Ð°ÐµÐ¼Ð¾Ð¼ ÑÐ¿ÐµÑÐ¸Ð°Ð»ÑÐ½Ð¾ 
ÑÑÐ¾ÑÐ¼Ð¸ÑÐ¾Ð²Ð°Ð½Ð½ÑÐ¼Ð¸ Ð·Ð°Ð¿ÑÐ¾ÑÐ°Ð¼Ð¸ Ð½Ð° 
Ð´Ð¾Ð±Ð°Ð²Ð»ÐµÐ½Ð¸Ðµ/ÑÑÑÐ°Ð½Ð¾Ð²ÐºÑ
+    ÐºÐ»ÑÑÐ° Ð¸ Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÑÑÐµÐ¼ ÑÐ´Ð°Ð»ÑÐ½Ð½Ð¾Ð¼Ñ 
Ð·Ð»Ð¾ÑÐ¼ÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÑ Ð²ÑÐ·ÑÐ²Ð°ÑÑ Ð¾ÑÐºÐ°Ð· Ð² 
Ð¾Ð±ÑÐ»ÑÐ¶Ð¸Ð²Ð°Ð½Ð¸Ð¸.</p></li>
 
 <li><a 
href="https://security-tracker.debian.org/tracker/CVE-2018-1000115";>CVE-2018-1000115</a>
 
-    <p>It was reported that memcached listens to UDP by default. A remote
-    attacker can take advantage of it to use the memcached service as a
-    DDoS amplifier.</p>
-
-    <p>Default installations of memcached in Debian are not affected by
-    this issue as the installation defaults to listen only on localhost.
-    This update disables the UDP port by default. Listening on the UDP
-    can be re-enabled in the /etc/memcached.conf (cf.
+    <p>ÐÑÐ»Ð¾ ÑÐ¾Ð¾Ð±ÑÐµÐ½Ð¾, ÑÑÐ¾ memcached Ð¿Ð¾ ÑÐ¼Ð¾Ð»ÑÐ°Ð½Ð¸Ñ 
Ð¿ÑÐ¾ÑÐ»ÑÑÐ¸Ð²Ð°ÐµÑ UDP. Ð£Ð´Ð°Ð»ÑÐ½Ð½ÑÐ¹
+    Ð·Ð»Ð¾ÑÐ¼ÑÑÐ»ÐµÐ½Ð½Ð¸Ðº Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑÐ¿Ð¾Ð»ÑÐ·Ð¾Ð²Ð°ÑÑ ÑÑÐ¾ 
Ð¾Ð±ÑÑÐ¾ÑÑÐµÐ»ÑÑÑÐ²Ð¾ Ð´Ð»Ñ Ð¸ÑÐ¿ÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ ÑÐ»ÑÐ¶Ð±Ñ 
memcached
+    Ñ ÑÐµÐ»ÑÑ ÑÑÐ¸Ð»ÐµÐ½Ð¸Ñ ÑÐ°ÑÐ¿ÑÐµÐ´ÐµÐ»ÑÐ½Ð½Ð¾Ð¹ Ð°ÑÐ°ÐºÐ¸ 
Ð¿Ð¾ Ð²ÑÐ·Ð¾Ð²Ñ Ð¾ÑÐºÐ°Ð·Ð° Ð² Ð¾Ð±ÑÐ»ÑÐ¶Ð¸Ð²Ð°Ð½Ð¸Ð¸.</p>
+
+    <p>Ð£ÑÑÐ°Ð½Ð¾Ð²ÐºÐ¸ Ð¿Ð¾ ÑÐ¼Ð¾Ð»ÑÐ°Ð½Ð¸Ñ memcached Ð² Debian Ð½Ðµ 
Ð¿Ð¾Ð´Ð²ÐµÑÐ¶ÐµÐ½Ñ ÑÐºÐ°Ð·Ð°Ð½Ð½Ð¾Ð¹
+    Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ðµ, Ð¿Ð¾ÑÐºÐ¾Ð»ÑÐºÑ Ð¿Ð¾ ÑÐ¼Ð¾Ð»ÑÐ°Ð½Ð¸Ñ 
Ð¿ÑÐ¾ÑÐ»ÑÑÐ¸Ð²Ð°Ð½Ð¸Ðµ Ð²ÐµÐ´ÑÑÑÑ ÑÐ¾Ð»ÑÐºÐ¾ Ð´Ð»Ñ 
Ð»Ð¾ÐºÐ°Ð»ÑÐ½Ð¾Ð³Ð¾ ÑÐ·Ð»Ð°.
+    ÐÐ°Ð½Ð½Ð¾Ðµ Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ðµ Ð¿Ð¾ ÑÐ¼Ð¾Ð»ÑÐ°Ð½Ð¸Ñ 
Ð¾ÑÐºÐ»ÑÑÐ°ÐµÑ Ð¿Ð¾ÑÑ UDP. ÐÑÐ¾ÑÐ»ÑÑÐ¸Ð²Ð°Ð½Ð¸Ðµ UDP
+    Ð¼Ð¾Ð¶Ð½Ð¾ Ð¿Ð¾Ð²ÑÐ¾ÑÐ½Ð¾ Ð²ÐºÐ»ÑÑÐ¸ÑÑ Ð² ÑÐ°Ð¹Ð»Ðµ 
/etc/memcached.conf (ÑÐ¼.
     /usr/share/doc/memcached/NEWS.Debian.gz).</p></li>
 
 <li><a 
href="https://security-tracker.debian.org/tracker/CVE-2018-1000127";>CVE-2018-1000127</a>
 
-    <p>An integer overflow was reported in memcached, resulting in resource
-    leaks, data corruption, deadlocks or crashes.</p></li>
+    <p>ÐÑÐ»Ð¾ ÑÐ¾Ð¾Ð±ÑÐµÐ½Ð¾ Ð¾ Ð¿ÐµÑÐµÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ð¸ ÑÐµÐ»ÑÑ 
ÑÐ¸ÑÐµÐ» Ð² memcached, Ð¿ÑÐ¸Ð²Ð¾Ð´ÑÑÐµÐ¼ Ðº ÑÑÐµÑÐºÐ°Ð¼
+    ÑÐµÑÑÑÑÐ¾Ð², Ð¿Ð¾Ð²ÑÐµÐ¶Ð´ÐµÐ½Ð¸Ð¸ Ð´Ð°Ð½Ð½ÑÑ, 
Ð±Ð»Ð¾ÐºÐ¸ÑÐ¾Ð²ÐºÐ°Ð¼ Ð¸Ð»Ð¸ Ð°Ð²Ð°ÑÐ¸Ð¹Ð½ÑÐ¼ Ð¾ÑÑÐ°Ð½Ð¾Ð²ÐºÐ°Ð¼.</p></li>
 
 </ul>
 
-<p>For the oldstable distribution (jessie), these problems have been fixed
-in version 1.4.21-1.1+deb8u2.</p>
+<p>Ð Ð¿ÑÐµÐ´ÑÐ´ÑÑÐµÐ¼ ÑÑÐ°Ð±Ð¸Ð»ÑÐ½Ð¾Ð¼ Ð²ÑÐ¿ÑÑÐºÐµ (jessie) ÑÑÐ¸ 
Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±ÑÐ»Ð¸ Ð¸ÑÐ¿ÑÐ°Ð²Ð»ÐµÐ½Ñ
+Ð² Ð²ÐµÑÑÐ¸Ð¸ 1.4.21-1.1+deb8u2.</p>
 
-<p>For the stable distribution (stretch), these problems have been fixed in
-version 1.4.33-1+deb9u1.</p>
+<p>Ð ÑÑÐ°Ð±Ð¸Ð»ÑÐ½Ð¾Ð¼ Ð²ÑÐ¿ÑÑÐºÐµ (stretch) ÑÑÐ¸ Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ñ 
Ð±ÑÐ»Ð¸ Ð¸ÑÐ¿ÑÐ°Ð²Ð»ÐµÐ½Ñ Ð²
+Ð²ÐµÑÑÐ¸Ð¸ 1.4.33-1+deb9u1.</p>
 
-<p>We recommend that you upgrade your memcached packages.</p>
+<p>Ð ÐµÐºÐ¾Ð¼ÐµÐ½Ð´ÑÐµÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ memcached.</p>
 
-<p>For the detailed security status of memcached please refer to its
-security tracker page at:
-<a 
href="https://security-tracker.debian.org/tracker/memcached";>https://security-tracker.debian.org/tracker/memcached</a></p>
+<p>Ð¡ Ð¿Ð¾Ð´ÑÐ¾Ð±Ð½ÑÐ¼ ÑÑÐ°ÑÑÑÐ¾Ð¼ Ð¿Ð¾Ð´Ð´ÐµÑÐ¶ÐºÐ¸ 
Ð±ÐµÐ·Ð¾Ð¿Ð°ÑÐ½Ð¾ÑÑÐ¸ memcached Ð¼Ð¾Ð¶Ð½Ð¾ Ð¾Ð·Ð½Ð°ÐºÐ¾Ð¼Ð¸ÑÑÑÑ Ð½Ð°
+ÑÐ¾Ð¾ÑÐ²ÐµÑÑÑÐ²ÑÑÑÐµÐ¹ ÑÑÑÐ°Ð½Ð¸ÑÐµ Ð¾ÑÑÐ»ÐµÐ¶Ð¸Ð²Ð°Ð½Ð¸Ñ 
Ð±ÐµÐ·Ð¾Ð¿Ð°ÑÐ½Ð¾ÑÑÐ¸ Ð¿Ð¾ Ð°Ð´ÑÐµÑÑ
+<a href="https://security-tracker.debian.org/tracker/memcached";>\
+https://security-tracker.debian.org/tracker/memcached</a></p>
 </define-tag>
 
 # do not modify the following line
 #include "$(ENGLISHDIR)/security/2018/dsa-4218.data"
-# $Id: $
[DONE] wml://security/2018/dsa-4218.wml

Ответить
