-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2016/dsa-3437.wml 2016-01-09 17:13:13.000000000 +0500 +++ russian/security/2016/dsa-3437.wml 2016-01-10 00:32:03.288016736 +0500 @@ -1,20 +1,21 @@ - -<define-tag description>security update</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи</define-tag> <define-tag moreinfo> - -<p>Karthikeyan Bhargavan and Gaetan Leurent at INRIA discovered a flaw in - -the TLS 1.2 protocol which could allow the MD5 hash function to be used - -for signing ServerKeyExchange and Client Authentication packets during a - -TLS handshake. A man-in-the-middle attacker could exploit this flaw to - -conduct collision attacks to impersonate a TLS server or an - -authenticated TLS client.</p> +<p>ÐаÑÑикеÑн ÐÑ Ð°Ñгаван и ÐаÑÑан ÐÑÑен из INRIA обнаÑÑжили ÑÑзвимоÑÑÑ Ð² +пÑоÑоколе TLS 1.2, коÑоÑÐ°Ñ Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÐµÑ Ð¸ÑполÑзоваÑÑ Ñ ÑÑиÑÑÑÑÑÑ ÑÑнкÑÐ¸Ñ MD5 +Ð´Ð»Ñ Ð¿Ð¾Ð´Ð¿Ð¸ÑÑÐ²Ð°Ð½Ð¸Ñ Ð¿Ð°ÐºÐµÑов обмена клÑÑами Ñо ÑÑоÑÐ¾Ð½Ñ ÑеÑвеÑа и аÑÑенÑиÑикаÑии клиенÑа во вÑÐµÐ¼Ñ +TLS-ÑÑкопожаÑиÑ. РаÑÐ°ÐºÐ°Ñ Ð¿Ð¾ меÑÐ¾Ð´Ñ Ñеловек-в-ÑеÑедине ÑÑа ÑÑзвимоÑÑÑ Ð¼Ð¾Ð¶ÐµÑ +иÑполÑзоваÑÑÑÑ Ð´Ð»Ñ ÐºÐ¾Ð»Ð»Ð¸Ð·Ð¸Ð¾Ð½Ð½Ð¾Ð¹ аÑаки Ñ ÑелÑÑ Ð¸Ð¼Ð¸ÑаÑии ÑеÑвеÑа TLS или +аÑÑенÑиÑиÑиÑованного клиенÑа TLS.</p> - -<p>More information can be found at +<p>ÐополниÑелÑÐ½Ð°Ñ Ð¸Ð½ÑоÑмаÑÐ¸Ñ Ð¼Ð¾Ð¶ÐµÑ Ð±ÑÑÑ Ð½Ð°Ð¹Ð´ÐµÐ½Ð° по адÑеÑÑ <a href='https://www.mitls.org/pages/attacks/SLOTH'>\ https://www.mitls.org/pages/attacks/SLOTH</a></p> - -<p>For the oldstable distribution (wheezy), this problem has been fixed - -in version 2.12.20-8+deb7u5.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (wheezy) ÑÑа пÑоблема бÑла иÑпÑавлена +в веÑÑии 2.12.20-8+deb7u5.</p> - -<p>We recommend that you upgrade your gnutls26 packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ gnutls26.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJWkWBoAAoJEF7nbuICFtKl0HMP/1z/Ey6J0O3UfH4/jL/1A+YK IJzwJBLx6sH6O79r/gvUqRpjFbPCMkufLp08GRLUupl97zcg1EhFYmPwgng3WYyr KQjmzbH+rrnbfYhcaU3Io0TUgea7MejMFS8DZsGcTGynloJm9X6913VT3bkB9YT1 hFXjTYOLtG14zdCsdjrO2dYr3S6CXFBW61gEf0x1alj2OZGJi2Pez8y7TromjJhJ 80er8kF4EsNndg/fgtfRQugx3TKVcZCz8lp2QZadoOULFNI5MP27I2tu+nxA9JvB 0l5KlgD9XAvGZ/QCv1YUzdf4XheSI8AWnH9blglimj/EzmVyDRzFInwD+wpOfIPf WLONleBVZGE1lrZP83KUe7rsbmpxaiBnyrd+uB3dlzJnZZ29Z1jqXE1D3L3tqi4K pToILIdFCuzUYrOLuhnim5MZuUX8YEeuMe1BtqbKNgx0V0kBBfAjB3CgVnaiqT0B shzLT1WJ7tdggct9Y+tiJoOUjvnPlzavAswDaVMcy2vXamV3tShtD2V3O+8rQFpd /6hRoBJ6RWe/51W69zcQtQAdaJ/AcbR4G2PMnijnkZd63oZKLg+ikCBQxhKDCQpA KDbfRBlAhef2Y3KGWo0S3aRlpCD1VTE4JYZglpSSym39cH0eES2g9ssm9pbMkR66 MRr50YcWAIH+1rp8jgbP =3v1T -----END PGP SIGNATURE-----

