-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2016/dsa-3433.wml 2016-01-02 14:42:46.000000000 +0500 +++ russian/security/2016/dsa-3433.wml 2016-01-03 00:03:02.409153543 +0500 @@ -1,77 +1,77 @@ - -<define-tag description>security update</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, - -print, and login server for Unix. The Common Vulnerabilities and - -Exposures project identifies the following issues:</p> +<p>Ð Samba, SMB/CIFS Ñайловом ÑеÑвеÑе, ÑеÑвеÑе пеÑаÑи и ÑеÑвеÑе аÑÑенÑиÑикаÑии +Ð´Ð»Ñ Unix, бÑло обнаÑÑжено неÑколÑко ÑÑзвимоÑÑей. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and +Exposures опÑеделÑÐµÑ ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-3223">CVE-2015-3223</a> - - <p>Thilo Uttendorfer of Linux Information Systems AG discovered that a - - malicious request can cause the Samba LDAP server to hang, spinning - - using CPU. A remote attacker can take advantage of this flaw to - - mount a denial of service.</p></li> + <p>Тила УÑÑендоÑÑÐµÑ Ð¸Ð· Linux Information Systems AG обнаÑÑжил, ÑÑо + некоÑÑекÑнÑй запÑÐ¾Ñ Ð¼Ð¾Ð¶ÐµÑ Ð²ÑзваÑÑ Ð·Ð°Ð²Ð¸Ñание LDAP-ÑеÑвеÑа Samba из-за ÑÑезмеÑного + иÑполÑÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ ÑеÑÑÑÑов ЦÐ. УдалÑннÑй злоÑмÑÑленник Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑ ÑÑÑ ÑÑзвимоÑÑÑ + Ð´Ð»Ñ Ð²Ñзова оÑказа в обÑлÑживании.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-5252">CVE-2015-5252</a> - - <p>Jan <q>Yenya</q> Kasprzak and the Computer Systems Unit team at Faculty - - of Informatics, Masaryk University discovered that insufficient - - symlink verification could allow data access outside an exported - - share path.</p></li> + <p>Ян <q>Yenya</q> ÐаÑпÑзак и команда Computer Systems Unit ÑакÑлÑÑеÑа + инÑоÑмаÑики ÐаÑаÑикова ÑнивеÑÑиÑеÑе обнаÑÑжили, ÑÑо недоÑÑаÑоÑÐ½Ð°Ñ Ð¿ÑовеÑка + ÑимволÑнÑÑ ÑÑÑлок Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑивеÑÑи к полÑÑÐµÐ½Ð¸Ñ Ð´Ð¾ÑÑÑпа к даннÑм за пÑеделами + Ñказанного пÑÑи.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-5296">CVE-2015-5296</a> - - <p>Stefan Metzmacher of SerNet discovered that Samba does not ensure - - that signing is negotiated when creating an encrypted client - - connection to a server. This allows a man-in-the-middle attacker to - - downgrade the connection and connect using the supplied credentials - - as an unsigned, unencrypted connection.</p></li> + <p>ШÑеÑан ÐеÑÐ¼Ð°Ñ ÐµÑ Ð¸Ð· SerNet обнаÑÑжил, ÑÑо Samba не гаÑанÑиÑÑÐµÑ ÑоглаÑование + подпиÑи пÑи Ñоздании заÑиÑÑованного подклÑÑÐµÐ½Ð¸Ñ ÐºÐ»Ð¸ÐµÐ½Ñа к + ÑеÑвеÑÑ. ÐÑо позволÑÐµÑ Ð²ÑполнÑÑÑ Ð°Ñаки по пÑинÑÐ¸Ð¿Ñ Ñеловек-в-ÑеÑедине Ñ ÑелÑÑ + Ð¿Ð¾Ð½Ð¸Ð¶ÐµÐ½Ð¸Ñ ÑÑÐ¾Ð²Ð½Ñ ÑÐ¾ÐµÐ´Ð¸Ð½ÐµÐ½Ð¸Ñ Ð¸ ÑÐ¾ÐµÐ´Ð¸Ð½ÐµÐ½Ð¸Ñ Ñ Ð¸ÑполÑзованием пеÑеданнÑÑ Ð´Ð°Ð½Ð½ÑÑ ÑÑÑÑной + запиÑи как неподпиÑанного незаÑиÑÑованного ÑоединениÑ.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-5299">CVE-2015-5299</a> - - <p>It was discovered that a missing access control check in the VFS - - shadow_copy2 module could allow unauthorized users to access - - snapshots.</p></li> + <p>ÐÑло обнаÑÑжено, ÑÑо оÑÑÑÑÑÑвие пÑовеÑки ÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ Ð´Ð¾ÑÑÑпом в модÑле shadow_copy2 + Ð´Ð»Ñ VFS Ð¼Ð¾Ð¶ÐµÑ Ð¿Ð¾Ð·Ð²Ð¾Ð»Ð¸ÑÑ Ð½ÐµÐ°Ð²ÑоÑизованнÑм полÑзоваÑелÑм полÑÑиÑÑ Ð´Ð¾ÑÑÑп + к ÑÑезам.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-5330">CVE-2015-5330</a> - - <p>Douglas Bagnall of Catalyst discovered that the Samba LDAP server - - is vulnerable to a remote memory read attack. A remote attacker can - - obtain sensitive information from daemon heap memory by sending - - crafted packets and then either read an error message, or a - - database value.</p></li> + <p>ÐÐ°Ð³Ð»Ð°Ñ Ðегнал из Catalyst обнаÑÑжил, ÑÑо LDAP-ÑеÑÐ²ÐµÑ Samba + подвеÑжен ÑдалÑнной аÑаке Ñ ÑÐµÐ»Ñ ÑÑÐµÐ½Ð¸Ñ ÑодеÑжимого памÑÑи. УдалÑннÑй злоÑмÑÑленник Ð¼Ð¾Ð¶ÐµÑ + полÑÑиÑÑ ÑÑвÑÑвиÑелÑнÑÑ Ð¸Ð½ÑоÑмаÑÐ¸Ñ Ð¸Ð· динамиÑеÑкой памÑÑи ÑлÑÐ¶Ð±Ñ Ð¿ÑÑÑм оÑпÑавки + ÑпеÑиалÑно ÑÑоÑмиÑованнÑÑ Ð¿Ð°ÐºÐµÑов, ÑÑо пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº ÑÑиÑÑÐ²Ð°Ð½Ð¸Ñ Ð»Ð¸Ð±Ð¾ ÑообÑÐµÐ½Ð¸Ñ Ð¾Ð± оÑибке, либо + знаÑÐµÐ½Ð¸Ñ Ð±Ð°Ð·Ñ Ð´Ð°Ð½Ð½ÑÑ .</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7540">CVE-2015-7540</a> - - <p>It was discovered that a malicious client can send packets that - - cause the LDAP server provided by the AD DC in the samba daemon - - process to consume unlimited memory and be terminated.</p></li> + <p>ÐÑло обнаÑÑжено, ÑÑо злоÑмÑÑленник Ð¼Ð¾Ð¶ÐµÑ Ð¾ÑпÑавлÑÑÑ Ð¿Ð°ÐºÐµÑÑ, коÑоÑÑе + пÑиводÑÑ Ðº ÑомÑ, ÑÑо LDAP-ÑеÑвеÑ, пÑедоÑÑавлÑемÑй AD DC пÑоÑеÑÑом ÑлÑÐ¶Ð±Ñ samba, + наÑÐ¸Ð½Ð°ÐµÑ Ð¿Ð¾ÑÑеблÑÑÑ Ð½ÐµÐ¾Ð³ÑаниÑенное колиÑеÑÑво памÑÑи и некоÑÑекÑно завеÑÑÐ°ÐµÑ ÑÐ²Ð¾Ñ ÑабоÑÑ.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8467">CVE-2015-8467</a> - - <p>Andrew Bartlett of the Samba Team and Catalyst discovered that a - - Samba server deployed as an AD DC can expose Windows DCs in the same - - domain to a denial of service via the creation of multiple machine - - accounts. This issue is related to the MS15-096 / <a href="https://security-tracker.debian.org/tracker/CVE-2015-2535">CVE-2015-2535</a> - - security issue in Windows.</p></li> + <p>ÐндÑÑ ÐаÑÑÐ»ÐµÑ Ð¸Ð· Samba Team и Catalyst обнаÑÑжил, ÑÑо + ÑеÑÐ²ÐµÑ Samba, ÑазвÑÑнÑÑÑй как AD DC, Ð¼Ð¾Ð¶ÐµÑ Ð²Ð¾Ð·Ð´ÐµÐ¹ÑÑвоваÑÑ Ð½Ð° Windows DC в Ñом + же домене, вÑзÑÐ²Ð°Ñ Ñ Ð½Ð¸Ñ Ð¾Ñказ в обÑлÑживании пÑи помоÑи ÑÐ¾Ð·Ð´Ð°Ð½Ð¸Ñ Ð½ÐµÑколÑÐºÐ¸Ñ Ð¼Ð°ÑиннÑÑ + ÑÑÑÑнÑÑ Ð´Ð°Ð½Ð½ÑÑ . ÐÑа пÑоблема ÑвÑзана Ñ Ð¿Ñоблемой безопаÑноÑÑи в Windows: MS15-096 / <a href="https://security-tracker.debian.org/tracker/CVE-2015-2535">CVE-2015-2535</a>.</p></li> </ul> - -<p>For the oldstable distribution (wheezy), these problems have been fixed - -in version 2:3.6.6-6+deb7u6. The oldstable distribution (wheezy) is only - -affected by <a href="https://security-tracker.debian.org/tracker/CVE-2015-5252">CVE-2015-5252</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2015-5296">CVE-2015-5296</a> and <a href="https://security-tracker.debian.org/tracker/CVE-2015-5299">CVE-2015-5299</a>.</p> - - - -<p>For the stable distribution (jessie), these problems have been fixed in - -version 2:4.1.17+dfsg-2+deb8u1. The fixes for <a href="https://security-tracker.debian.org/tracker/CVE-2015-3223">CVE-2015-3223</a> and - -<a href="https://security-tracker.debian.org/tracker/CVE-2015-5330">CVE-2015-5330</a> required an update to ldb 2:1.1.17-2+deb8u1 to correct the - -defects.</p> - - - -<p>For the unstable distribution (sid), these problems have been fixed in - -version 2:4.1.22+dfsg-1. The fixes for <a href="https://security-tracker.debian.org/tracker/CVE-2015-3223">CVE-2015-3223</a> and <a href="https://security-tracker.debian.org/tracker/CVE-2015-5330">CVE-2015-5330</a> - -required an update to ldb 2:1.1.24-1 to correct the defects.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (wheezy) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ +в веÑÑии 2:3.6.6-6+deb7u6. ÐÑедÑдÑÑий ÑÑабилÑнÑй вÑпÑÑк (wheezy) подвеÑжен +ÑолÑко <a href="https://security-tracker.debian.org/tracker/CVE-2015-5252">CVE-2015-5252</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2015-5296">CVE-2015-5296</a> и <a href="https://security-tracker.debian.org/tracker/CVE-2015-5299">CVE-2015-5299</a>.</p> + +<p>Ð ÑÑабилÑном вÑпÑÑке (jessie) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 2:4.1.17+dfsg-2+deb8u1. ÐÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ Ð´Ð»Ñ <a href="https://security-tracker.debian.org/tracker/CVE-2015-3223">CVE-2015-3223</a> и +<a href="https://security-tracker.debian.org/tracker/CVE-2015-5330">CVE-2015-5330</a> ÑÑебÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ Ð´Ð¾ ldb 2:1.1.17-2+deb8u1 Ñ Ñем, ÑÑÐ¾Ð±Ñ Ð¸ÑпÑавиÑÑ +ÑказаннÑе деÑекÑÑ.</p> + +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 2:4.1.22+dfsg-1. ÐÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ Ð´Ð»Ñ <a href="https://security-tracker.debian.org/tracker/CVE-2015-3223">CVE-2015-3223</a> и <a href="https://security-tracker.debian.org/tracker/CVE-2015-5330">CVE-2015-5330</a> +ÑÑебÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ Ð´Ð¾ ldb 2:1.1.24-1 Ñ Ñем, ÑÑÐ¾Ð±Ñ Ð¸ÑпÑавиÑÑ ÑказаннÑе деÑекÑÑ.</p> - -<p>We recommend that you upgrade your samba packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ samba.</p> </define-tag> # do not modify the following line - --- english/security/2016/index.wml 2016-01-02 14:42:46.000000000 +0500 +++ russian/security/2016/index.wml 2016-01-02 23:35:40.457504231 +0500 @@ -1,11 +1,12 @@ - -<define-tag pagetitle>Security Advisories from 2016</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag pagetitle>РекомендаÑии по безопаÑноÑÑи за 2016 год</define-tag> #use wml::debian::template title="<pagetitle>" GEN_TIME="yes" #use wml::debian::recent_list <:= get_recent_list ('.', '0', '$(ENGLISHDIR)/security/2016', '', 'dsa-\d+' ) :> - -<p>You can get the latest Debian security advisories by subscribing to our +<p>ÐÑ Ð¼Ð¾Ð¶ÐµÑе полÑÑаÑÑ Ð¿Ð¾Ñледние анонÑÑ Ð¾ безопаÑноÑÑи Debian, подпиÑавÑиÑÑ Ð½Ð° ÑпиÑок ÑаÑÑÑлки <a href="https://lists.debian.org/debian-security-announce/">\ - -<strong>debian-security-announce</strong></a> mailing list. - -You can also <a href="https://lists.debian.org/debian-security-announce/debian-security-announce-2013/">\ - -browse the archives</a> for the list.</p> +<strong>debian-security-announce</strong></a>. +ÐÑÑ Ð¸Ð² ÑпиÑка ÑаÑÑÑлки доÑÑÑпен <a href="https://lists.debian.org/debian-security-announce/debian-security-announce-2016/">\ +здеÑÑ</a>.</p> -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJWiB9NAAoJEF7nbuICFtKlTX4P/ibq+8vNNcvnuk/QQAmL5m9s 4lq63mf+Izj0d+shyjUtRJfyafkVdueJ+0NvLqK8ejuRhcYvEeX+ZTI+YPPdpjNL Ppro0XeGsTOIvjh50aSq3thq5TkmSYPQ6hRyLxmOQ6CbRXCoNJ5v1YAL39AJcMtI yNehc/grtARh6zlTb0D6fswTNQZ71DjwGu/ee8qNxL+YJH961lFSNHGH9xIJASCU JxGqgukX8lh3MK/3zMSzDKk/eI11xA7Et1F7AXnd8bsfIW51NxHd/D6dNGuHqzE5 TrAVD3Yei3vNC4Y2C/+L1gRVcVx0ey5Xyt3Cc5h59ZVmDmdfny8bdCoq+6LsYbd/ zMbjJoP0tBEsSnCmZeve3DQxRPnsiZtnyJUX+yfg0lBsGrFZMN79+1BUt+d75Cjt fmOCSYCl6+Je21uF1OV+7KTVpIvGLsgxMyCECUfWPgI1eV7MpncmeymGpGrJ+djQ pE7sTZ7LGGCWODL2wToMwmL4a1yv9zhz65SUveUDpju92PIe/kTJ+VpMkO/Ja/R6 c9WEokbxBs7MLpsCwe/HYyandIo4OLG8LpZ0PXFfmUOdaohKpXY2m/kf1R85xehM 2MKAHtomNoRZBNYvDVJ54DmVe0bMtZVL0vfvXesGvi9DbOKFjb16/TMk7oV9eanN 8x6PNjnqdxdYAkaLm1B2 =fomx -----END PGP SIGNATURE-----

