-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2015/dsa-3426.wml 2015-12-18 11:51:58.000000000 +0500 +++ russian/security/2015/dsa-3426.wml 2015-12-18 13:08:10.619696731 +0500 @@ -1,68 +1,69 @@ - -<define-tag description>security update</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities have been discovered in the Linux kernel that - -may lead to a privilege escalation, denial of service, information leak - -or data loss.</p> +<p>Ð ÑдÑе Linux бÑло обнаÑÑжено неÑколÑко ÑÑзвимоÑÑей, коÑоÑÑе могÑÑ +пÑиводиÑÑ Ðº повÑÑÐµÐ½Ð¸Ñ Ð¿Ñивилегий, оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании, ÑÑеÑке инÑоÑмаÑии +или поÑеÑе даннÑÑ .</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2013-7446">CVE-2013-7446</a> - - <p>Dmitry Vyukov discovered that a particular sequence of valid - - operations on local (AF_UNIX) sockets can result in a - - use-after-free. This may be used to cause a denial of service - - (crash) or possibly for privilege escalation.</p></li> + <p>ÐмиÑÑий ÐÑÑков обнаÑÑжил, ÑÑо опÑеделÑÐ½Ð½Ð°Ñ Ð¿Ð¾ÑледоваÑелÑноÑÑÑ ÐºÐ¾ÑÑекÑнÑÑ + опеÑаÑий над локалÑнÑми (AF_UNIX) ÑокеÑами Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº + иÑполÑÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ ÑказаÑелей поÑле оÑÐ²Ð¾Ð±Ð¾Ð¶Ð´ÐµÐ½Ð¸Ñ Ð¿Ð°Ð¼ÑÑи. ÐÑо Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑÑÑ Ð´Ð»Ñ Ð²Ñзова оÑказа в + обÑлÑживании (аваÑÐ¸Ð¹Ð½Ð°Ñ Ð¾ÑÑановка) или Ð²Ð¾Ð·Ð¼Ð¾Ð¶Ð½Ð¾Ð¼Ñ Ð¿Ð¾Ð²ÑÑÐµÐ½Ð¸Ñ Ð¿Ñивилегий.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7799">CVE-2015-7799</a> - - <p>It was discovered that a user granted access to /dev/ppp can cause a - - denial of service (crash) by passing invalid parameters to the - - PPPIOCSMAXCID ioctl. This also applies to ISDN PPP device nodes.</p></li> + <p>ÐÑло обнаÑÑженое, ÑÑо полÑзоваÑелÑ, полÑÑивÑий доÑÑÑп к /dev/ppp, Ð¼Ð¾Ð¶ÐµÑ Ð²ÑзÑваÑÑ + оÑказ в обÑлÑживании (аваÑÐ¸Ð¹Ð½Ð°Ñ Ð¾ÑÑановка) пÑÑÑм пеÑедаÑи некоÑÑекÑнÑÑ Ð¿Ð°ÑамеÑÑом + PPPIOCSMAXCID ioctl. ÐÑо Ñакже каÑаеÑÑÑ Ð¸ к нодам ÑÑÑÑойÑÑв ISDN PPP.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7833">CVE-2015-7833</a> - - <p>Sergej Schumilo, Hendrik Schwartke and Ralf Spenneberg discovered a - - flaw in the processing of certain USB device descriptors in the - - usbvision driver. An attacker with physical access to the system can - - use this flaw to crash the system. This was partly fixed by the - - changes listed in DSA 3396-1.</p></li> + <p>СеÑгей ШÑмило, ХенÑик ШваÑÑке и РалÑÑ Ð¨Ð¿ÐµÐ½Ð½ÐµÐ±ÐµÑг обнаÑÑжили + ÑÑзвимоÑÑÑ Ð² коде обÑабоÑки опÑеделÑннÑÑ Ð´ÐµÑкÑипÑоÑов ÑÑÑÑойÑÑв USB в + дÑайвеÑе usbvision. ÐлоÑмÑÑленник, имеÑÑий ÑизиÑеÑкий доÑÑÑп к ÑиÑÑеме, Ð¼Ð¾Ð¶ÐµÑ + иÑполÑзоваÑÑ ÑÑÑ ÑÑзвимоÑÑÑ Ð´Ð»Ñ Ð°Ð²Ð°Ñийного завеÑÑÐµÐ½Ð¸Ñ ÑабоÑÑ ÑиÑÑемÑ. ÐÑа ÑÑзвимоÑÑÑ Ð±Ñла ÑаÑÑиÑно + иÑпÑавлена в DSA 3396-1.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8104">CVE-2015-8104</a> - - <p>Jan Beulich reported a guest to host denial-of-service flaw - - affecting the KVM hypervisor running on AMD processors. A malicious - - guest can trigger an infinite stream of <q>debug</q> (#DB) exceptions - - causing the processor microcode to enter an infinite loop where the - - core never receives another interrupt. This leads to a panic of the - - host kernel.</p></li> + <p>Ян ÐÑÐ»Ð¸Ñ ÑообÑил об ÑÑзвимоÑÑи, ÑвÑзанной Ñ Ð³Ð¾ÑÑевой и оÑновной ÑиÑÑемами, пÑиводÑÑей к + оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании, коÑоÑÐ°Ñ Ð²Ð¾Ð·Ð½Ð¸ÐºÐ°ÐµÑ Ð² гипеÑвизоÑе KVM пÑи запÑÑке на пÑоÑеÑÑоÑÐ°Ñ AMD. ÐлоÑмÑÑленник + на гоÑÑевой ÑиÑÑеме Ð¼Ð¾Ð¶ÐµÑ Ð¿Ð¾ÑождаÑÑ Ð±ÐµÑконеÑнÑй поÑок иÑклÑÑений <q>debug</q> (#DB), + пÑиводÑÑий к ÑомÑ, ÑÑо микÑокод пÑоÑеÑÑоÑа войдÑÑ Ð² беÑконеÑнÑй Ñикл, пÑи коÑоÑом + ÑдÑо никогда не полÑÑÐ°ÐµÑ Ð´ÑÑгое пÑеÑÑвание. ÐÑо пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº панике ÑдÑа на + оÑновной ÑиÑÑеме.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8374">CVE-2015-8374</a> - - <p>It was discovered that Btrfs did not correctly implement truncation - - of compressed inline extents. This could lead to an information - - leak, if a file is truncated and later made readable by other users. - - Additionally, it could cause data loss. This has been fixed for the - - stable distribution (jessie) only.</p></li> + <p>ÐÑло обнаÑÑжено, ÑÑо Btrfs непÑавилÑно ÑеализÑÐµÑ Ð¾Ð±Ñезание + ÑжаÑÑÑ ÑÑÑоковÑÑ ÑкÑÑенÑ. ÐÑо Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº ÑÑеÑке + инÑоÑмаÑии в Ñом ÑлÑÑае, еÑли Ñайл обÑезаеÑÑÑ, а позднее дÑÑгие полÑзоваÑели полÑÑаÑÑ Ðº Ð½ÐµÐ¼Ñ Ð´Ð¾ÑÑÑп + Ð´Ð»Ñ ÑÑениÑ. ÐÑоме Ñого, ÑÑо Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº поÑеÑе даннÑÑ . ÐÑа ÑÑзвимоÑÑÑ Ð±Ñла иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ + ÑолÑко в ÑÑабилÑном вÑпÑÑке (jessie).</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8543">CVE-2015-8543</a> - - <p>It was discovered that a local user permitted to create raw sockets - - could cause a denial-of-service by specifying an invalid protocol - - number for the socket. The attacker must have the CAP_NET_RAW - - capability in their user namespace. This has been fixed for the - - stable distribution (jessie) only.</p></li> + <p>ÐÑло обнаÑÑжено, ÑÑо локалÑнÑй полÑзоваÑелÑ, имеÑÑий пÑава на Ñоздание + неÑÑÑÑкÑÑÑиÑованнÑÑ ÑокеÑов, Ð¼Ð¾Ð¶ÐµÑ Ð²ÑзÑваÑÑ Ð¾Ñказ в обÑлÑживании, Ñказав Ð´Ð»Ñ Ñакого + ÑокеÑа непÑавилÑнÑй Ð½Ð¾Ð¼ÐµÑ Ð¿ÑоÑокола. ÐлоÑмÑÑленник должен обладаÑÑ CAP_NET_RAW + в полÑзоваÑелÑÑком пÑоÑÑÑанÑÑве имÑн. ÐÑа ÑÑзвимоÑÑÑ Ð±Ñла иÑпÑавлена ÑолÑко + в ÑÑабилÑном вÑпÑÑке (jessie).</p></li> </ul> - -<p>For the oldstable distribution (wheezy), these problems have been fixed - -in version 3.2.73-2+deb7u1. In addition, this update contains several - -changes originally targeted for the upcoming Wheezy point release.</p> - - - -<p>For the stable distribution (jessie), these problems have been fixed in - -version 3.16.7-ckt20-1+deb8u1. In addition, this update contains several - -changes originally targeted for the upcoming Jessie point release.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (wheezy) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ +в веÑÑии 3.2.73-2+deb7u1. ÐÑоме Ñого, данное обновление ÑодеÑÐ¶Ð¸Ñ Ð½ÐµÑколÑко +изменений, коÑоÑÑе изнаÑалÑно пÑедназнаÑалиÑÑ Ð´Ð»Ñ Ð³Ð¾ÑовÑÑейÑÑ ÑедакÑии Wheezy.</p> + +<p>Ð ÑÑабилÑном вÑпÑÑке (jessie) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 3.16.7-ckt20-1+deb8u1. ÐÑоме Ñого, данное обновление ÑодеÑÐ¶Ð¸Ñ Ð½ÐµÑколÑко +изменений, коÑоÑÑе изнаÑалÑно пÑедназнаÑалиÑÑ Ð´Ð»Ñ Ð³Ð¾ÑовÑÑейÑÑ ÑедакÑии Jessie.</p> - -<p>We recommend that you upgrade your linux packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ linux.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJWc8AIAAoJEF7nbuICFtKl+7AQAKaUWySe2A/oFofVKWJNhQJZ 5rLH1bxVFoMm3E+hMZDLajQBpnCB6fzBXQjnU34MOY3bsMJfSMM0B+Ic3r1l8U49 j7kVRMA+DEh0OnTdo2EN04fEicurwiEo7Y6h4I+8TXZplDu79ZjL0iFt3Ch3qmjB nVvCjE5oj56XqwjP/xSGq0uh12B6c9+3gerMf4v9CPWnxCZpRYo98fTFBjfpI68j wZMq3NXiZDGFkaCc54MVdz84R2yrRBGvlX/sPuJhL5+KJ807jNKoMPKiDLu2dej3 nEjuYCy5Jm1+DaVP2wd4FehhhRWg2ZyNBMnvf35pf7+e/V+5uwdumRq+vdDwC2d/ bg+9chOBeUb7kxdREakoQaOD7NznmWA9+0CT8/xZya0PiNepQ+TmRqFLYiy9vxDz XBbacK0mfr+HsOwZkacao8zNj5P138y4sXY/fFdBoka3guFkD19OBvMfxnZHFumg GDo07J4n7uvLbLewqbSYvkKvzOXhXJBvwbywOfP5kHAogzMJ822Ai3Edyv4Y2TYU d+ISUSuBm2h5ro/0AwpzDvQMX90+cHGD1Nbx16fKe1sXPV64qGcHiA85XUyp6sYF z+cdhVzyhcxFaw26FrEpw9bGqHjnQuyU98Yjt/gKdqUErJ+tniMIsyYtborlnVmn HNKnKhFwCDGBMxxhRbIO =Mg3V -----END PGP SIGNATURE-----

