-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2016/dsa-3434.wml 2016-01-06 00:51:22.212722466 +0500 +++ russian/security/2016/dsa-3434.wml 2016-01-06 13:27:26.749841237 +0500 @@ -1,101 +1,102 @@ - -<define-tag description>security update</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities have been discovered in the Linux kernel that - -may lead to a privilege escalation, denial of service or information - -leak.</p> +<p>Ð ÑдÑе Linux бÑло обнаÑÑжено неÑколÑко ÑÑзвимоÑÑÑ, коÑоÑÑе +могÑÑ Ð¿ÑиводиÑÑ Ðº повÑÑÐµÐ½Ð¸Ñ Ð¿Ñивилегий, оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании или ÑÑеÑкам +инÑоÑмаÑии.</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7513">CVE-2015-7513</a> - - <p>It was discovered that a local user permitted to use the x86 KVM - - subsystem could configure the PIT emulation to cause a denial of - - service (crash).</p></li> + <p>ÐÑло обнаÑÑжено, ÑÑо локалÑнÑй полÑзоваÑелÑ, имеÑÑий пÑава на иÑполÑзование + подÑиÑÑÐµÐ¼Ñ KVM x86, Ð¼Ð¾Ð¶ÐµÑ Ð½Ð°ÑÑÑоиÑÑ ÑмÑлÑÑÐ¸Ñ PIT Ñак, ÑÑо ÑÑо пÑиведÑÑ Ðº оÑÐºÐ°Ð·Ñ + в обÑлÑживании (аваÑийное завеÑÑение ÑабоÑÑ).</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7550">CVE-2015-7550</a> - - <p>Dmitry Vyukov discovered a race condition in the keyring subsystem - - that allows a local user to cause a denial of service (crash).</p></li> + <p>ÐмиÑÑий ÐÑÑков обнаÑÑжил ÑоÑÑоÑние гонки в подÑиÑÑеме бÑелоков клÑÑей, + коÑоÑое позволÑÐµÑ Ð»Ð¾ÐºÐ°Ð»ÑÐ½Ð¾Ð¼Ñ Ð¿Ð¾Ð»ÑзоваÑÐµÐ»Ñ Ð²ÑзÑваÑÑ Ð¾Ñказ в обÑлÑживании (аваÑийное завеÑÑение ÑабоÑÑ).</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8543">CVE-2015-8543</a> - - <p>It was discovered that a local user permitted to create raw sockets - - could cause a denial-of-service by specifying an invalid protocol - - number for the socket. The attacker must have the CAP_NET_RAW - - capability.</p></li> + <p>ÐÑло обнаÑÑжено, ÑÑо локалÑнÑй полÑзоваÑелÑ, имеÑÑий пÑава на Ñоздание ÑÑÑÑÑ ÑокеÑов, + Ð¼Ð¾Ð¶ÐµÑ Ð²ÑзваÑÑ Ð¾Ñказ в обÑлÑживании, Ñказав непÑавилÑнÑй Ð½Ð¾Ð¼ÐµÑ Ð¿ÑоÑокола Ð´Ð»Ñ + Ñоздаваемого ÑокеÑа. ÐлоÑмÑÑленник должен имеÑÑ Ð¼Ð°Ð½Ð´Ð°Ñ + CAP_NET_RAW.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8550">CVE-2015-8550</a> - - <p>Felix Wilhelm of ERNW discovered that the Xen PV backend drivers - - may read critical data from shared memory multiple times. This - - flaw can be used by a guest kernel to cause a denial of service - - (crash) on the host, or possibly for privilege escalation.</p></li> + <p>Ð¤ÐµÐ»Ð¸ÐºÑ ÐилÑгелÑм из ERNW обнаÑÑжил, ÑÑо дÑайвеÑÑ Ð´Ð²Ð¸Ð¶ÐºÐ° Xen PV + могÑÑ Ð¿Ð¾ неÑколÑко Ñаз ÑÑиÑÑваÑÑ ÐºÑиÑиÑнÑе даннÑе из ÑазделÑемой памÑÑи. ÐÑа + ÑÑзвимоÑÑÑ Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑÑÑ Ð³Ð¾ÑÑевÑм ÑдÑом Ð´Ð»Ñ Ð²Ñзова оÑказа в обÑлÑживании + (аваÑийное завеÑÑение ÑабоÑÑ) на оÑновной ÑиÑÑеме, либо Ð´Ð»Ñ Ð²Ð¾Ð·Ð¼Ð¾Ð¶Ð½Ð¾Ð³Ð¾ повÑÑÐµÐ½Ð¸Ñ Ð¿Ñивилегий.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8551">CVE-2015-8551</a> / <a href="https://security-tracker.debian.org/tracker/CVE-2015-8552">CVE-2015-8552</a> - - <p>Konrad Rzeszutek Wilk of Oracle discovered that the Xen PCI - - backend driver does not adequately validate the device state when - - a guest configures MSIs. This flaw can be used by a guest kernel - - to cause a denial of service (crash or disk space exhaustion) on - - the host.</p></li> + <p>ÐонÑад РжежÑек Уилк из Oracle обнаÑÑжил, ÑÑо дÑÐ°Ð¹Ð²ÐµÑ Ð´Ð²Ð¸Ð¶ÐºÐ° Xen PCI + непÑавилÑно вÑполнÑÐµÑ Ð¿ÑовеÑÐºÑ ÑоÑÑоÑÐ½Ð¸Ñ ÑÑÑÑойÑÑва в ÑлÑÑае, когда + гоÑÑÐµÐ²Ð°Ñ ÑиÑÑема вÑполнÑÐµÑ Ð½Ð°ÑÑÑÐ¾Ð¹ÐºÑ MSI. ÐÑа ÑÑзвимоÑÑÑ Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑÑÑ Ð³Ð¾ÑÑевÑм + ÑдÑом Ð´Ð»Ñ Ð²Ñзова оÑказа в обÑлÑживании (аваÑийного завеÑÑÐµÐ½Ð¸Ñ ÑабоÑÑ Ð¸Ð»Ð¸ иÑполÑзование вÑего меÑÑа на диÑке) + на оÑновной ÑиÑÑеме.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8569">CVE-2015-8569</a> - - <p>Dmitry Vyukov discovered a flaw in the PPTP sockets implementation - - that leads to an information leak to local users.</p></li> + <p>ÐмиÑÑий ÐÑÑков обнаÑÑжил ÑÑзвимоÑÑÑ Ð² ÑеализаÑии ÑокеÑов PPTP, + коÑоÑÐ°Ñ Ð¿ÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº ÑÑеÑке инÑоÑмаÑии локалÑнÑм полÑзоваÑелÑм.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8575">CVE-2015-8575</a> - - <p>David Miller discovered a flaw in the Bluetooth SCO sockets - - implementation that leads to an information leak to local users.</p></li> + <p>ÐÑвид ÐÐ¸Ð»Ð»ÐµÑ Ð¾Ð±Ð½Ð°ÑÑжил ÑÑзвимоÑÑÑ Ð² ÑеализаÑии ÑокеÑов Bluetooth SCO, + коÑоÑÐ°Ñ Ð¿ÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº ÑÑеÑке инÑоÑмаÑии локалÑнÑм полÑзоваÑелÑм.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8709">CVE-2015-8709</a> - - <p>Jann Horn discovered a flaw in the permission checks for use of - - the ptrace feature. A local user who has the CAP_SYS_PTRACE - - capability within their own user namespace could use this flaw for - - privilege escalation if a more privileged process ever enters that - - user namespace. This affects at least the LXC system.</p></li> + <p>Янн ХоÑн обнаÑÑжил ÑÑзвимоÑÑÑ Ð² коде пÑовеÑки пÑав доÑÑÑпа Ð´Ð»Ñ Ð¸ÑполÑÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ + возможноÑÑи ptrace. ÐокалÑнÑй полÑзоваÑелÑ, имеÑÑий Ð¼Ð°Ð½Ð´Ð°Ñ CAP_SYS_PTRACE + в ÑвоÑм полÑзоваÑелÑÑком пÑоÑÑÑанÑÑве имÑн, Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑ ÑÑÑ ÑÑзвимоÑÑÑ Ð´Ð»Ñ + повÑÑÐµÐ½Ð¸Ñ Ð¿Ñивилегий в Ñом ÑлÑÑае, еÑли пÑоÑеÑÑ Ñ Ð±Ð¾Ð»ÑÑими пÑавами Ð²Ñ Ð¾Ð´Ð¸Ñ Ð² + его полÑзоваÑелÑÑкое пÑоÑÑÑанÑÑво имÑн. ÐÑа ÑÑзвимоÑÑÑ, по менÑÑей меÑе, каÑаеÑÑÑ ÑиÑÑÐµÐ¼Ñ LXC.</p></li> </ul> - -<p>In addition, this update fixes some regressions in the previous update:</p> +<p>ÐÑоме Ñого, данное обновление ÑодеÑÐ¶Ð¸Ñ Ð¸ÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ Ð½ÐµÑколÑÐºÐ¸Ñ ÑегÑеÑÑов, поÑвивÑÐ¸Ñ ÑÑ Ð² пÑоÑлом обновлении:</p> <ul> <li><a href="https://bugs.debian.org/808293">#808293</a> - - <p>A regression in the UDP implementation prevented freeradius and - - some other applications from receiving data.</p></li> + <p>РегÑеÑÑ Ð² ÑеализаÑии UDP не позволÑÐµÑ freeradius и + некоÑоÑÑм дÑÑгим пÑиложениÑм полÑÑаÑÑ Ð´Ð°Ð½Ð½Ñе.</p></li> - -<li><a href="https://bugs.debian.org/808602">#808602</a> / +<li><a href="https://bugs.debian.org/808602">#808602</a> / <a href="https://bugs.debian.org/808953">#808953</a> - - <p>A regression in the USB XHCI driver prevented use of some devices - - in USB 3 SuperSpeed ports.</p></li> + <p>РегÑеÑÑ Ð² дÑайвеÑе USB XHCI не позволÑÐµÑ Ð¸ÑполÑзоваÑÑ Ð½ÐµÐºÐ¾ÑоÑÑе ÑÑÑÑойÑÑва, + подклÑÑеннÑе к поÑÑам USB 3 SuperSpeed.</p></li> <li><a href="https://bugs.debian.org/808973">#808973</a> - - <p>A fix to the radeon driver interacted with an existing bug to - - cause a crash at boot when using some AMD/ATI graphics cards. - - This issue only affects wheezy.</p></li> + <p>ÐÑпÑавление в дÑайвеÑе radeon взаимодейÑÑвÑÐµÑ Ñ ÑÑÑеÑÑвÑÑÑей оÑибкой и вÑÐ·Ð²Ð°ÐµÑ Ð°Ð²Ð°Ñийное + завеÑÑение ÑабоÑÑ Ð²Ð¾ вÑÐµÐ¼Ñ Ð·Ð°Ð³ÑÑзки ÑиÑÑÐµÐ¼Ñ Ð¿Ñи иÑполÑзовании некоÑоÑÑÑ Ð³ÑаÑиÑеÑÐºÐ¸Ñ ÐºÐ°ÑÑ AMD/ATI. + ÐÐ°Ð½Ð½Ð°Ñ Ð¿Ñоблема каÑаеÑÑÑ ÑолÑко вÑпÑÑка wheezy.</p></li> </ul> - -<p>For the oldstable distribution (wheezy), these problems have been fixed - -in version 3.2.73-2+deb7u2. The oldstable distribution (wheezy) is not - -affected by <a href="https://security-tracker.debian.org/tracker/CVE-2015-8709">CVE-2015-8709</a>.</p> - - - -<p>For the stable distribution (jessie), these problems have been fixed in - -version 3.16.7-ckt20-1+deb8u2. - -<a href="https://security-tracker.debian.org/tracker/CVE-2015-8543">CVE-2015-8543</a> - -was already fixed in version 3.16.7-ckt20-1+deb8u1.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (wheezy) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ +в веÑÑии 3.2.73-2+deb7u2. ÐÑедÑдÑÑий ÑÑабилÑнÑй вÑпÑÑк (wheezy) не подвеÑжен +<a href="https://security-tracker.debian.org/tracker/CVE-2015-8709">CVE-2015-8709</a>.</p> + +<p>Ð ÑÑабилÑном вÑпÑÑке (jessie) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 3.16.7-ckt20-1+deb8u2. УÑзвимоÑÑÑ +<a href="https://security-tracker.debian.org/tracker/CVE-2015-8543">CVE-2015-8543</a> +Ñже бÑла иÑпÑавлена в веÑÑии 3.16.7-ckt20-1+deb8u1.</p> - -<p>For the unstable distribution (sid), these problems have been fixed in - -version 4.3.3-3 or earlier.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 4.3.3-3 или более ÑÐ°Ð½Ð½Ð¸Ñ Ð²ÐµÑÑиÑÑ .</p> - -<p>We recommend that you upgrade your linux packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ linux.</p> </define-tag> # do not modify the following line - --- english/security/2016/dsa-3435.wml 2016-01-06 01:57:14.000000000 +0500 +++ russian/security/2016/dsa-3435.wml 2016-01-06 13:30:48.039959108 +0500 @@ -1,23 +1,24 @@ - -<define-tag description>security update</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи</define-tag> <define-tag moreinfo> - -<p>Blake Burkhart discovered that the Git git-remote-ext helper incorrectly - -handled recursive clones of git repositories. A remote attacker could - -possibly use this issue to execute arbitary code by injecting commands - -via crafted URLs.</p> +<p>ÐлÑйк ÐÑÑÑ Ð°ÑÑ Ð¾Ð±Ð½Ð°ÑÑжил, ÑÑо git-remote-ext, вÑпомогаÑелÑÐ½Ð°Ñ ÑÑилиÑа Ð´Ð»Ñ Git, непÑавилÑно +обÑабаÑÑÐ²Ð°ÐµÑ ÐºÐ»Ð¾Ð½Ñ ÑепозиÑоÑиев git. ÐеÑоÑÑно, ÑдалÑннÑй злоÑмÑÑленник Ð¼Ð¾Ð¶ÐµÑ +иÑполÑзоваÑÑ ÑÑÑ Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð´Ð»Ñ Ð²ÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода пÑÑÑм Ð²Ð²ÐµÐ´ÐµÐ½Ð¸Ñ ÐºÐ¾Ð¼Ð°Ð½Ð´ +ÑеÑез ÑпеÑиалÑно ÑÑоÑмиÑованнÑе URL.</p> - -<p>For the oldstable distribution (wheezy), this problem has been fixed - -in version 1:1.7.10.4-1+wheezy2.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (wheezy) ÑÑа пÑоблема бÑла иÑпÑавлена +в веÑÑии 1:1.7.10.4-1+wheezy2.</p> - -<p>For the stable distribution (jessie), this problem has been fixed in - -version 1:2.1.4-2.1+deb8u1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (jessie) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1:2.1.4-2.1+deb8u1.</p> - -<p>For the testing distribution (stretch), this problem has been fixed - -in version 1:2.6.1-1.</p> +<p>Ð ÑеÑÑиÑÑемом вÑпÑÑке (stretch) ÑÑа пÑоблема бÑла иÑпÑавлена +в веÑÑии 1:2.6.1-1.</p> - -<p>For the unstable distribution (sid), this problem has been fixed in - -version 1:2.6.1-1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1:2.6.1-1.</p> - -<p>We recommend that you upgrade your git packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ git.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJWjNDnAAoJEF7nbuICFtKly5UP/RnSdXZ/Wc/3ryknAGSS3unQ +YhOTBlD1q9/d0mBv+GHUZ+1eS/GBnz2tTPLhYihWSE+mk+UBSRdNo9eCh4cpGvL mLWesQ0iQtpqGftlsG2iIItfsDeZwWQfUaja0JbR4735E408yVzw5/MsnR3SvMzv nn0aFhsocCk/P99mhK0CR8uWcV17Ai0uMHBIDJHhiwktxn9f6UWx9bbtOJVpN+/z k10j09p3KxubF9EQzWLdWPmvSCWLe+GkISKeEE9pLPMBDPKN1VhJA/XvcEqzgJ2H OeuJRl+fWyXuR8eumwWpUZWxA1xCR35FTS2nRBSxdwKAjKa1rYM53laIJldRh3xL xsut5NWE6Z9zPi5D4jga+bfrvMK8zzmBVcbrX5kWUIoefkk/jDaWTrI4I4SB5xIT A57ntWKJf596+lp61DCTcEEdJdmhqJVsoMlLL8yj6HccdJVH7n8bA5Ot/YeziqpA j9SkRgQj2IXf+uGlNRY5pIYXTsPrjCr9FfBiOBe+yki3/y4LAIWnEpPtqtfstG6Y Dv5Ci2LyJOEnEk1h1b0bISzcDTctxMnpr20XOGCMmFCudKPALnX13CUZ1QU4ONgj pih4MXDl/MuhGg+U8kSVuJhNCPu+hoDC/qAmVKJowFMdyyUFJYfFmPF8ePWSKZcb BTT9KugpgfbVqDWEn+zl =dtW3 -----END PGP SIGNATURE-----

