/security/2021/dsa-4963.wml
> @@ -1,4 +1,4 @@
> -#use wml::debian::translation-check
> translation="8893b6716ac8e06f1696d121568a974bf244f9c3" mindelta="1"
> maintainer="Lev Lamberov"
> +#use wml::debian::translation-check
> translation="64
.wml
> @@ -1,30 +1,28 @@
> -#use wml::debian::template title="Подписка на Список Рассылки
> debian-announce"
> -#use wml::debian::translation-check
> translation="c91663b5367da3439d490a328d57e14501b22e04" maintainer="Lev
> Lamberov"
> +#use
="65cceff6a6a0c79b613460bda15cf81d0fb25736" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Apache Tomcat, the servlet and JSP engine, did not properly release an
HTTP
- -upgrade connection for WebSocket connections once the WebSocket connection
was
- -clos
Пт 12 ноя 2021 @ 15:23 vofka :
> On Thu, 11 Nov 2021 20:41:17 +0500
> Lev Lamberov wrote:
>
>> +В XStream, Java-библотеке для сериализации объектов в XML и обратно,
> библиотеке
>
>> +Сам XStream в настоящее время устанавливает белый список. То есть, она
>&g
="b34649a5e021b8b0d15395efec2032243d1606a0" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -It was discovered that the symlink extraction protections in node-tar,
- -a Tar archives module for Node.js could by bypassed; allowing a malicious
- -Tar archive to syml
="d9169c6ccc89dcf0f717ca923d5518500d4c20db" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Jacob Champion discovered two vulnerabilities in the PostgreSQL database
- -system, which could result in man-in-the-middle attacks.
+Джейкоб Чэмпион обнаружил две у
="b456611dfadc3611f1de4e4f707f10f789381ae9" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Jacob Champion discovered two vulnerabilities in the PostgreSQL database
- -system, which could result in man-in-the-middle attacks.
+Джейкоб Чэмпион обнаружил две у
="9021424ee668597a5b8130c5d1bb387ddc66dac3" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security vulnerabilities have been discovered in XStream, a Java
- -library to serialize objects to XML and back again.
+В XStream, Java-библотеке для сериализации о
="ec38d900248faa6f08d73c514fd79001559169f6" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -A security vulnerability has been found in Kaminari, a pagination engine
plugin
- -for Rails 3+ and other modern frameworks, that would allow an attacker to
- -in
="fe8a2087097d88ffc91293a2c8530e551b714fce" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,
- -print, and login server for Unix.
+В Samba, файловом сервере, сервере печати и входа SMB/C
Вс 07 ноя 2021 @ 14:32 vofka :
> On Sun, 7 Nov 2021 09:59:38 +0500
> Lev Lamberov wrote:
>
>> +В containerd, открытом и надёжном контейнерном окружении исполнения,
>> была обнаружена
>> +уязвимость. Недостаточное ограничение прав доступа к корню файловой системы
&g
="f42a59628807fcc3f52ba48f3ea922838a8e1ee6" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -A flaw was discovered in containerd, an open and reliable container
- -runtime. Insufficiently restricted permissions on container root and
- -plugin directories could resu
Сб 06 ноя 2021 @ 19:33 Yevgeny :
> В новости https://www.debian.org/News/2021/20210814 написано "для
> обоих областей". Должно быть "для обеих областей".
Исправил. Спасибо!
="5fc26377337281b40c5a05fdb69ec2278831a18e" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple vulnerabilities were discovered in Redis, a persistent key-value
- -database, which could result in denial of service or the execution of
- -arbitrary code.
+
Пт 05 ноя 2021 @ 18:33 vofka :
> On Fri, 05 Nov 2021 14:55:41 +0500
> Lev Lamberov wrote:
>
>> > @@ -295,20 +295,20 @@
>> > пользовательские метки будут установлены для данного имени. Иначе в
>> > качестве
>> > имени пользователя бу
Пт 05 ноя 2021 @ 17:24 vofka :
> Привет. Подготовил патч с исправлениями для debian.org/Bugs/Reporting.
> Применять в корне сайта с опцией -p1.
>
> --- orig/russian/Bugs/Reporting.wml
> +++ new/russian/Bugs/Reporting.wml
> @@ -118,7 +118,7 @@
> ошибок использует это поле для определения того,
Чт 04 ноя 2021 @ 14:42 vofka :
>> +> памяти при SASL-входе на сервер [CVE-2019-13045]">
> Исправление использования
>
>> +> issue [CVE-2021-35368]">
> убрать issue
>
>> +> регулярного выражения issue [CVE-2021-3807]">
> убрать issue
>
>> +Утечки содержимого памяти в
>> mod_radius к серверу
Ср 03 ноя 2021 @ 21:52 vofka :
>> обновление ABI Linux ABI до версии 5.10.0-9
> лишнее ABI
>
>> +> обновлений с предыдущих выпусков">
> с целью
>
>> +
> с учётом
>
>> +Утечки содержимого памяти в
>> mod_radius к серверу radius и Прерывание sftp-соединения с опцией
>> Повреждённый MAC на
translation="d9e5cd3d7df23feb17458b95c465e062e9cd6e5a" maintainer="Lev Lamberov"
+Обновлённый Debian 10: выпуск 10.11
2021-10-09
#use wml::debian::news
- -# $Id:
10
buster
@@ -24,106 +24,106 @@
https://packages.debian.org/src:%0;>%0
- -The Debian project is pleased t
translation="d9e5cd3d7df23feb17458b95c465e062e9cd6e5a" maintainer="Lev Lamberov"
+Обновлённый Debian 11: выпуск 11.1
2021-10-09
#use wml::debian::news
- -# $Id:
11
bullseye
@@ -24,126 +24,126 @@
https://packages.debian.org/src:%0;>%0
- -The Debian project is pleased to an
="2faa27a8931d8ab518a786261a0f7370276b3c09" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple vulnerabilities have been discovered in Asterisk, an open
- -source PBX and telephony toolkit, which may result in denial of service.
+В Asterisk, наборе инструм
="eaa51c821c659ec1f1e15e1402bd740b75fa5c44" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities have been discovered in the OpenJDK Java
- -runtime, which may result in denial of service, incorrect Kerberos ticket
- -use, selection of weak cip
="747da94acf47593b687d2fb72698fd771d1668c3" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -A flaw was discovered in tiff, a Tag Image File Format library, which
- -may result in denial of service or the execution of arbitrary code if
- -malformed image files are
="143b481bcfa64906a8adcf9e8119f19c773582bb" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities have been discovered in the FFmpeg multimedia
- -framework, which could result in denial of service or potentially the
- -execution of arbitrary c
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- --- ../../english/security/2021/dsa-4996.wml 2021-10-29 16:26:38.771695453
+0500
+++ 2021/dsa-4996.wml 2021-10-29 16:56:11.246382295 +0500
@@ -1,39 +1,39 @@
- -security update
+#use wml::debian::translation-check
="75b99797a7e35c030fc904a603d0d4186d4c5ac4" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -The following vulnerabilities have been discovered in the webkit2gtk
- -web engine:
+В веб-движке webkit2gtk были обнаружены следующие
+уязвимости:
https://security-
="acb43b2fa87aa8f8184583d892758460fd5b2d7a" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Kishore Kumar Kothapalli discovered that the lame server cache in BIND,
- -a DNS server implementation, can be abused by an attacker to
- -significantly degrade resolver pe
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- --- ../../english/security/2021/dsa-4993.wml 2021-10-26 12:59:34.568753152
+0500
+++ 2021/dsa-4993.wml 2021-10-26 13:03:12.250708464 +0500
@@ -1,19 +1,20 @@
- -security update
+#use wml::debian::translation-check
="e30d8c3e3eef4666bd00fe1c0c37858f8c661b22" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -An out-of-bounds read and write flaw was discovered in the PHP-FPM code,
- -which could result in escalation of privileges from local unprivileged
- -user to the root user.
+
Сб 23 окт 2021 @ 20:27 vofka :
>> с помощью страницу пользовательских опций
> с помощью страницы пользовательских опций
Исправил. Спасибо!
="4005def0be888471b5b0a3c2dcb6b210215b600e" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities were discovered in mailman, a web-based mailing
- -list manager, which could result in arbitrary content injection via the
- -options and private
Чт 21 окт 2021 @ 20:33 vofka :
> Самое простое и быстрое решение – заменить сущность mdash символом тире.
> Позже можно добавить поддержку подобных сущностей в rss,
> а пока не использовать их в заголовке и первом абзаце.
> Там ещё пропущен тег в самом начале.
>
="4607ef3304c90d4fadda6bdfb2b1323235095d09" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities have been discovered in the FFmpeg multimedia
- -framework, which could result in denial of service or potentially the
- -execution of arbitrary c
Вт 19 окт 2021 @ 16:04 vofka :
>> эта проверка, например, быть вызвана несвязанным
> эта проверка, например, может быть вызвана несвязанным
>
>> которое приводит к двойному разыменованию и вызову с использование
> которое приводит к двойному разыменованию и вызову с использованием
Исправил.
="21199125ec27fcc04d1d656a9f0bf8050249091a" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Researchers at the United States of America National Security Agency (NSA)
- -identified two denial of services vulnerability in strongSwan, an IKE/IPsec
- -suite.
+Исследова
Вт 19 окт 2021 @ 08:10 vofka :
> насчёт Вы
> В Debian, как в Ubuntu, GNOME и KDE, предпочтительна безличная форма.
> Если всё же используется это местоимение, то оно пишется со строчной буквы.
> https://wiki.debian.org/ru/L10n/Russian
>
>> для чего просто установите его (Debian Edu) на сервера,
Вт 19 окт 2021 @ 09:50 vofka :
> В русском языке под параграфом понимается совсем не то, что в английском.
> Например, здесь https://www.debian.org/international/l10n/ddtp это слово
> несколько раз используется в значении "абзац". Наверное, имеет смысл
> исправить.
Исправил. Спасибо!
="6940e240daafc70abfffda0a32c4ffe5cd80c3b7" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Two security issues have been discovered in LibreOffice's support for
- -digital signatures in ODF documents, which could result in incorrect
- -signature indicators/
Сб 16 окт 2021 @ 09:26 Galina Anikina :
> On Fri, 2021-10-15 at 22:10 +0500, Lev Lamberov wrote:
>> --- ../../english/security/2021/dsa-4987.wml2021-10-15
>> 22:03:42.512708397 +0500
>> +++ 2021/dsa-4987.wml 2021-10-15 22:09:28.941164064 +0500
>> @@ -1,24 +
="75db51116e3e1517bac6af6033ec38e988b46653" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Richard Weinberger reported that unsquashfs in squashfs-tools, the tools
- -to create and extract Squashfs filesystems, does not check for duplicate
- -filenames within a d
="5fbd24a15ccc413ef021754d0b9d106e907776b6" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Two vulnerabilities were discovered in the Tomcat servlet and JSP engine,
- -which could result in denial of service.
+В Tomcat, сервлете и JSP-движке, были обнаружены
="5677f831faba6fc42e12b69e1db8c3f47b443c3c" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities were discovered in Wordpress, a web blogging
- -tool. They allowed remote attackers to perform Cross-Site Scripting
- -(XSS) attacks or imperso
="5004ac5f8a314d76777de79849730426b3f783fc" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -It was discovered that sandbox restrictions in Flatpak, an application
- -deployment framework for desktop apps, could be bypassed for a Flatpak
- -app with di
="546016c2142ac66b3cadc5d6f9f7358a846ad458" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Pavel Toporkov discovered a vulnerability in Neutron, the OpenStack
- -virtual network service, which allowed a reconfiguration of dnsmasq
- -via crafted dhcp_extra_op
Вт 26 янв 2021 @ 10:29 Galina Anikina :
> On Thu, 2020-11-12 at 16:52 +0500, Lev Lamberov wrote:
>> --- ../../english/security/2020/dsa-4789.wml2020-11-12
>> 16:41:04.373685527 +0500
>> +++ 2020/dsa-4789.wml 2020-11-12 16:47:32.061650451 +0500
>> @@ -1,20 +
Вт 26 янв 2021 @ 10:30 Galina Anikina :
> On Thu, 2020-11-05 at 21:00 +0500, Lev Lamberov wrote:
>> --- ../../english/security/2020/dsa-4783.wml2020-11-05
>> 20:57:45.285154303 +0500
>> +++ 2020/dsa-4783.wml 2020-11-05 20:59:31.463642531 +0500
>> @@ -1,19 +
Сб 09 окт 2021 @ 23:03 Galina Anikina :
> On Mon, 2021-10-04 at 21:58 +0500, Lev Lamberov wrote:
>> --- ../../english/security/2021/dsa-4978.wml2021-09-26
>> 21:37:20.822291966 +0500
>> +++ 2021/dsa-4978.wml 2021-10-04 21:53:37.369245746 +0500
>> @@ -1,120 +1
="5ccf6f35aca5c2fe23efdaee39652b59f684e253" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities have been found in the Apache HTTP server, which
- -could result in denial of service. In addition a vulnerability was
- -discovered in mod_proxy with
="67497a8fa36e45e02dc4c83683e31e3e9c185249" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security issues have been found in the Mozilla Firefox web
- -browser, which could potentially result in the execution of arbitrary
- -code.
+В веб-браузере M
="7faefffc3274a573d5c5f07519cdb24891c4093c" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security issues were discovered in QEMU, a fast processor
- -emulator, which could result in denial of service or the the execution
- -of arbitrary code.
+В QEMU
="cb61e48c0b590145d526b25534c156232550c9c0" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities have been discovered in the Linux kernel
- -that may lead to a privilege escalation, denial of service or
- -information leaks.
+В ядре L
="906b922dbc10b9ef2d511f647952832b5fabc61b" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security issues were found in MediaWiki, a website engine for
- -collaborative work, which could result in cross-site scripting,
- -denial of service and a bypass
="9a04acf92ce9ea6ff1f214cf96a177810f0286d4" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -The following vulnerabilities have been discovered in the webkit2gtk
- -web engine:
+В веб-движке webkit2gtk была обнаружена следующая
+уязвимость:
https://security-
="b9f9d99d4282926c508e1e4290af054e259997d4" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -The following vulnerabilities have been discovered in the webkit2gtk
- -web engine:
+В веб-движке webkit2gtk была обнаружена следующая
+уязвимость:
https://security-
="145ac14348dfb7d321fdf8808e5e364ab1e9032f" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple vulnerabilities have been discovered in the Xen hypervisor,
- -which could result in privilege escalation, denial of service or
- -information leaks.
+В г
="8f4d5d36cfd58919423f5b3477d0c4d7c3725e78" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Two vulnerabilities were discovered in the Nextcloud desktop client,
- -which could result in information disclosure.
+В настольном клиенте для Nextcloud были обнаружены
="6ba20d3399e411c39faa453e9a77b20b046a4a8b" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security issues were discovered in Thunderbird, which could
- -result in the execution of arbitrary code.
+В Thunderbird были обнаружены многочисленные проблем
="c7890a2562bcf3265d8a6ec48d164e22718a2009" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -It was discovered that Ghostscript, the GPL PostScript/PDF interpreter,
- -does not properly validate access for the "%pipe%", "%handle%" and
- -"%pr
="80f219d5ad25ebfa3029836ec90f3c9b44ffb479" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Kevin Israel discovered that Postorius, the administrative web frontend
- -for Mailman 3, didn't validate whether a logged-in user owns the email
- -address when unsubscri
="df8787fcc27c8f46df559b42b1ad6eb64029aa8b" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities were discovered in NTFS-3G, a read-write NTFS
- -driver for FUSE. A local user can take advantage of these flaws for
- -local root privilege escala
="7271cd065085fb10d014d231d76bc7e799098272" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security issues have been found in the Mozilla Firefox web
- -browser, which could potentially result in the execution of arbitrary
- -code.
+В веб-браузере M
="1eb3932e2f83538a9ef6b953c8a65a929524bda5" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Ori Hollander reported that missing header name length checks in the
- -htx_add_header() and htx_add_trailer() functions in HAProxy, a fast and
- -reliable load balanci
="117b4a335868aeb3fa87061a991b7a95beb201d1" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Etienne Stalmans discovered that unsquashfs in squashfs-tools, the tools
- -to create and extract Squashfs filesystems, does not validate filenames
- -for traversal outsid
="1fb2ae292f5db5e72fafc7259e8d06f11f7aab92" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security issues were discovered in the GPAC multimedia framework
- -which could result in denial of service or the execution of arbitrary
code.
+В мультимедиа-
="592abfaf19b48d71d302fdabb322115ccb417ecd" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -It was discovered that a buffer overflow in rekeying in libssh could
- -result in denial of service or potentially the execution of arbitrary
- -code.
+Было обнаружено, что
Вс 29 авг 2021 @ 16:39 Ruslan Tanas :
> Не правильные ссылки на http://debian.org/releases
>
> Для выпуска Debian 11 (bullseye) ссылка http://debian.org/releases/buster
>
> Для выпуска Debian 10 (buster) ссылка http://debian.org/releases/stretch
Исправил, в ближайшее время обновится. Спасибо!
="eebf73f6f1306851590138e0b9fc3917cf4580a6" maintainer="Lev Lamberov"
+Завершается онлайн-конференция DebConf21
2021-08-28
#use wml::debian::news
- -On Saturday 28 August 2021, the annual Debian Developers
- -and Contributors Conference came to a close.
+В субботу,
="a60fa871122117cd7fcd74f71b26eb61234afd21" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Michael Catanzaro reported a problem in Grilo, a framework for
- -discovering and browsing media. TLS certificate verification is not
- -enabled on the SoupSessionAsync obj
="8893b6716ac8e06f1696d121568a974bf244f9c3" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple vulnerabilities have been discovered in OpenSSL, a Secure
- -Sockets Layer toolkit.
+В OpenSSL, наборе инструментов протокола защиты информации, были
+обнару
="ec4e586fae885b532a9b1b9d6d35a4b8d95a721a" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities were discovered in LedgerSMB, a financial
- -accounting and ERP program, which could result in cross-site scripting
- -or clickjacking.
+В Ledger
="0ef64561227e59f8f24772a07d8b7a05db0d0e31" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities were discovered in HAProxy, a fast and reliable
- -load balancing reverse proxy, which can result in HTTP request
- -smuggling. By care
="e0222cf367a5263a80a29645fe9ef421889293c6" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security issues were discovered in Thunderbird, which could
- -result in the execution of arbitrary code.
+В Thunderbird были обнаружены многочисленные проблем
school
+#use wml::debian::translation-check
translation="e7ce9859ec2794a8c0d0978182d2d513ed96cfa0" maintainer="Lev Lamberov"
+Debian Edu / Skolelinux Bullseye полное
Linux-решение для вашей школы
2021-08-15
#use wml::debian::news
- -
- -Are you the administrator for a compu
translation="7ce619292bb7825470d6cb611887d68f405623ff" maintainer="Lev Lamberov"
+Выпущен Debian 11 bullseye
2021-08-14
#use wml::debian::news
- -After 2 years, 1 month, and 9 days of development, the Debian
- -project is proud to present its new stable version 11 (code name
="9af081dd46d0785cd7e6e99021c30ef1bda0d1fa" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities were discovered in Apache Traffic Server, a
- -reverse and forward proxy server, which could result in denial of
- -service, HTTP request smuggling
="f62bac74a975df0d8fc148e4fd22275e3833f5a7" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities have been discovered in Exiv2, a C++ library and
- -a command line utility to manage image metadata which could result in
- -denial of service or t
Theodoro de Brito
+#use wml::debian::translation-check
translation="a48c50faef33185d0ae2746854bc99435817bad1" maintainer="Lev Lamberov"
+Проект Debian скорбит о потере Роберта Леммена, Карла
Рамма и Рожерио Теодоро де Брито
2021-08-12
#use wml::debian::news
- -# $Id$
- -Th
="cb965557ab8252dac7cd0d194529817660e969e4" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security issues have been found in the Mozilla Firefox web
- -browser, which could potentially result in the execution of arbitrary
- -code.
+В веб-бразуере M
="cba2ec6a4ecf2da99858d59090fee879df8df365" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Philipp Jeitner and Haya Shulman discovered a stack-based buffer
- -overflow in libspf2, a library for validating mail senders with SPF,
- -which could result in den
="51344094e10a6d3654bfb99d6ddb7fd5f2988a51" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Philipp Jeitner and Haya Shulman discovered a flaw in c-ares, a library
- -that performs DNS requests and name resolution asynchronously. Missing
- -input validation of hos
="3baaada0b618e1123e38c378057efb3990225649" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Thorsten Glaser and Axel Beckert reported that lynx, a non-graphical
- -(text-mode) web browser, does not properly handle the userinfo
- -subcomponent of a URI, which can
="2fdc9738be8390f52c150dda83c9fbc564d44d5d" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Two vulnerabilities were discovered in the Tomcat servlet and JSP engine,
- -which could result in HTTP request smuggling, bypass of logout
- -restrictions or authenticatio
="6aa682f4f094fddd41be2462f4e493e841ffb1ac" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities were discovered in Bluez, the Linux Bluetooth
- -protocol stack.
+В Bluez, стеке протокола Bluetooth для Linux, было обнаружено
+несколько уязв
="a97e8471e45507bdca135f4dda299c077ff36ed9" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities have been found in Ansible, a configuration
- -management, deployment and task execution system, which could result in
- -information disclosure or a
ml::debian::template title="Спасибо за загрузку Debian!"
#include "$(ENGLISHDIR)/releases/info"
#include "$(ENGLISHDIR)/releases/images.data"
#include "$(ENGLISHDIR)/releases/arches.data"
+#use wml::debian::translation-check
translation="dce6879deec
="3d4bd285d0dbc3200e9f0b997f93899e9ff75471" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple vulnerabilities were discovered in Jetty, a Java servlet engine
- -and webserver which could result in cross-site scripting, information
- -disclosure, privilege e
="ede24ae392348712f4d13e596b96d08f8a914387" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -A buffer overflow was discovered in the Aspell spell checker, which could
- -result in the execution of arbitrary code.
+В Aspell, утилите для проверки правописания, было о
="2d3e4967c66e205139d3f2a19a7c0ed353cf1767" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Andrea Fioraldi discovered a buffer overflow in libsndfile, a library
- -for reading/writing audio files, which could result in denial of service
- -or potentially the ex
="ef763b8db391f549d9938b5c8a192309f25d0024" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities have been discovered in the OpenJDK Java runtime,
- -resulting in bypass of sandbox restrictions, incorrect validation of
- -signed Jars or info
="79d3502f9416ddb5b313214ab9f721d43b0d4107" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -The following vulnerabilities have been discovered in the webkit2gtk
- -web engine:
+В веб-движке webkit2gtk были обнаружены следующие
+уязвимости:
https://security-
="c58742bc6eed922d7c255902d3a51e24d7a3745b" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -It was discovered that the Key Distribution Center (KDC) in krb5, the
- -MIT implementation of Kerberos, is prone to a NULL pointer dereference
- -flaw. An unauthenticat
="e49d74229aaafee36a90345e5500c466899fb81f" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities were discovered in lemonldap-ng, a Web-SSO
- -system. The flaws could result in information disclosure, authentication
- -bypass, or could all
="48746be51c584895907f61cadde08b88bba638a8" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -The Qualys Research Labs discovered that an attacker-controlled
- -allocation using the alloca() function could result in memory
- -corruption, allowing to crash systemd
="158226aad5fbf7d8645b13853a75c3562078bbc7" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities have been discovered in the Linux kernel that
- -may lead to a privilege escalation, denial of service or information
- -leaks.
+В ядре Linux было об
="7678c6dc2fb134b99ec225ce21ca3cd931d06e88" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security issues were discovered in Thunderbird, which could
- -result in the execution of arbitrary code.
+В Thunderbird были обнаружены многочисленные проблем
Добрый день!
Сб 17 июл 2021 @ 12:49 масляков дмитрий :
> Не создается Wlan интерфейс Debian 9.13 XFCE.
> Устанавливал на 2 разных компьютера.
> firmware-atheros_20190114-2~deb9u1_all.deb
> # lsusb -> AR9271 (устройство обнаруживается
> # lshw -> ath9k_htc (драйвер установлен
> # ip link show ->
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- --- ../../english/security/2021/dsa-4939.wml 2021-07-15 10:11:47.182487659
+0500
+++ 2021/dsa-4939.wml 2021-07-15 10:13:09.131465545 +0500
@@ -1,20 +1,20 @@
- -security update
+#use wml::debian::translation-check
="f03905d87009337c984ca94d21c8407c38893fa2" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Miroslav Lichvar reported that the ptp4l program in linuxptp, an
- -implementation of the Precision Time Protocol (PTP), does not validate
- -the messageLength field
="969217b0f40311f19c818f4a2aed598edc9bf2c6" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities have been found in the Apache HTTP server, which
- -could result in denial of service. In addition the implementation of
- -the MergeSlashes opt
="15b6bec94f1cf640510449f9fe4015084c4c0708" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security issues were found in PHP, a widely-used open source
- -general purpose scripting language which could result an SSRF bypass
- -of the FILTER_VALIDATE_U
Результаты 101 - 200 из 3647 matches
Mail list logo