-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- --- english/security/2008/dsa-1627.wml2008-08-31 16:40:20.0
+0600
+++ russian/security/2008/dsa-1627.wml 2016-09-21 01:19:32.542634586 +0500
@@ -1,35 +1,36 @@
- -programming error
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+оÑибка
пÑогÑаммиÑованиÑ
- -Chaskiel M Grundman discovered that opensc, a library and utilities to
- -handle smart cards, would initialise smart cards with the Siemens CardOS M4
- -card operating system without proper access rights. This allowed everyone
- -to change the card's PIN.
- -
- -With this bug anyone can change a user PIN without having the PIN or PUK
- -or the superusers PIN or PUK. However it can not be used to figure out the
- -PIN. If the PIN on your card is still the same you always had, there's a
- -reasonable chance that this vulnerability has not been exploited.
- -
- -This vulnerability affects only smart cards and USB crypto tokens based on
- -Siemens CardOS M4, and within that group only those that were initialised
- -with OpenSC. Users of other smart cards and USB crypto tokens, or cards
- -that have been initialised with some software other than OpenSC, are not
- -affected.
+ХаÑÐºÐµÐ»Ñ ÐÑÑндман обнаÑÑжил, ÑÑо opensc,
библиоÑека и ÑÑилиÑÑ Ð´Ð»Ñ
+ÑабоÑÑ Ñо ÑмаÑÑ-каÑÑами, иниÑиализиÑÑÑÑ
ÑмаÑÑ-каÑÑÑ Ñ ÐºÐ°ÑÑоÑной опеÑаÑионной
+ÑиÑÑемой Siemens CardOS M4 без ÑооÑвеÑÑÑвÑÑÑиÑ
пÑав доÑÑÑпа. ÐÑо позволÑÐµÑ Ð²Ñем
+полÑзоваÑелÑм изменÑÑÑ PIN каÑÑÑ.
+
+ÐÑполÑзÑÑ ÑÑÑ Ð¾ÑибкÑ, вÑÑкий можеÑ
измениÑÑ PIN полÑзоваÑелÑ, не имеÑ
ÑооÑвеÑÑÑвÑÑÑиÑ
+PIN или PUK, либо PIN или PUK ÑÑпеÑполÑзоваÑелÑ.
Тем не менее, ÑÑа оÑибка не можеÑ
иÑполÑзоваÑÑÑÑ Ð´Ð»Ñ
+опÑÐµÐ´ÐµÐ»ÐµÐ½Ð¸Ñ PIN. ÐÑли PIN на ваÑей каÑÑе ÑоÑ
же, Ñо ÑкоÑее вÑего
+ÑÑа ÑÑзвимоÑÑÑ Ð¿ÑоÑив Ð²Ð°Ñ Ð½Ðµ бÑла
иÑполÑзована.
+
+ÐÑа ÑÑзвимоÑÑÑ ÐºÐ°ÑаеÑÑÑ ÑолÑко
ÑмаÑÑ-каÑÑ Ð¸ USB-Ñокенов ÑиÑÑÐ¾Ð²Ð°Ð½Ð¸Ñ Ð½Ð° оÑнове
+Siemens CardOS M4, а к ÑÑой гÑÑппе ÑолÑко ÑеÑ
,
коÑоÑÑе иниÑиализиÑÑÑÑÑÑ
+Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ OpenSC. ÐолÑзоваÑели дÑÑгиÑ
ÑмаÑÑ-каÑÑ Ð¸ USB-Ñокенов ÑиÑÑованиÑ, либо
каÑÑ,
+коÑоÑÑе иниÑиализиÑÑÑÑÑÑ Ñ Ð¾ÑлиÑнÑм оÑ
OpenSC ÐÐ, не подвеÑÐ¶ÐµÐ½Ñ ÑÑой
+ÑÑзвимоÑÑи.
- -After upgrading the package, running
+ÐоÑле Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ Ð¿Ð°ÐºÐµÑа запÑÑк командÑ
pkcs15-tool-T
- -will show you whether the card is fine or vulnerable. If the card is
- -vulnerable, you need to update the security setting using:
+Ð¿Ð¾ÐºÐ°Ð¶ÐµÑ Ð²Ð°Ð¼, ÑÑзвима ли ваÑа каÑÑа. ÐÑли
каÑÑа
+ÑÑзвима, Ñо вам нÑжно обновиÑÑ Ð½Ð°ÑÑÑойки
безопаÑноÑÑи, иÑполÑзÑÑ ÑледÑÑÑÑÑ ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ:
pkcs15-tool-T-U.
- -For the stable distribution (etch), this problem has been fixed in
- -version 0.11.1-2etch2.
+Ð ÑÑабилÑном вÑпÑÑке (etch) ÑÑа пÑоблема
бÑла иÑпÑавлена в
+веÑÑии 0.11.1-2etch2.
- -For the unstable distribution (sid), this problem has been fixed in
- -version 0.11.4-5.
+РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема
бÑла иÑпÑавлена в
+веÑÑии 0.11.4-5.
- -We recommend that you upgrade your opensc package and check
- -your card(s) with the command described above.
+РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑ opensc и
пÑовеÑиÑÑ
+ваÑÑ ÐºÐ°ÑÑÑ/ваÑи каÑÑÑ Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ Ð¾Ð¿Ð¸Ñанной
вÑÑе командÑ.
# do not modify the following line
- --- english/security/2008/dsa-1667.wml2014-04-30 13:16:16.0
+0600
+++ russian/security/2008/dsa-1667.wml 2016-09-21 01:11:24.777227601 +0500
@@ -1,42 +1,43 @@
- -several vulnerabilities
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+неÑколÑко ÑÑзвимоÑÑей
- -Several vulnerabilities have been discovered in the interpreter for the
- -Python language. The Common Vulnerabilities and Exposures project
- -identifies the following problems:
+РинÑеÑпÑеÑаÑоÑе ÑзÑка Python бÑло
обнаÑÑжено неÑколÑко
+ÑÑзвимоÑÑей. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and Exposures
+опÑеделÑÐµÑ ÑледÑÑÑие пÑоблемÑ:
https://security-tracker.debian.org/tracker/CVE-2008-2315;>CVE-2008-2315
- -David Remahl