-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2016/dsa-3676.wml 2016-09-25 00:51:55.000000000 +0500 +++ russian/security/2016/dsa-3676.wml 2016-09-25 00:56:46.268691511 +0500 @@ -1,35 +1,36 @@ - -<define-tag description>security update</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи</define-tag> <define-tag moreinfo> - -<p>Tuomas Räsänen discovered two vulnerabilities in unADF, a tool to extract - -files from an Amiga Disk File dump (.adf):</p> +<p>ТÑÐ¾Ð¼Ð°Ñ Ð ÑÑÑнен обнаÑÑжил две ÑÑзвимоÑÑи в unADF, инÑÑÑÑменÑе Ð´Ð»Ñ ÑаÑпаковки +Ñайлов из дампа Amiga Disk File (.adf):</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-1243">CVE-2016-1243</a> - - <p>A stack buffer overflow in the function extractTree() might allow an - - attacker, with control on the content of a ADF file, to execute - - arbitrary code with the privileges of the program execution.</p></li> + <p>ÐеÑеполнение бÑÑеÑа в ÑÑнкÑии extractTree() Ð¼Ð¾Ð¶ÐµÑ Ð¿Ð¾Ð·Ð²Ð¾Ð»Ð¸ÑÑ + злоÑмÑÑленникÑ, имеÑÑÐµÐ¼Ñ ÐºÐ¾Ð½ÑÑÐ¾Ð»Ñ Ð½Ð°Ð´ ÑодеÑжимÑм ADF-Ñайла, вÑполниÑÑ + пÑоизволÑнÑй код Ñ Ð¿Ñавами пÑогÑа полÑзоваÑелÑ, запÑÑÑивÑего пÑогÑаммÑ.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-1244">CVE-2016-1244</a> - - <p>The unADF extractor creates the path in the destination via a mkdir - - in a system() call. Since there was no sanitization on the input of - - the filenames, an attacker can directly inject code in the pathnames - - of archived directories in an ADF file.</p></li> + <p>РаÑпаковÑик unADF ÑоздаÑÑ Ð¿ÑÑÑ Ð² Ñелевом каÑалоге Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ mkdir + в вÑзове system(). ÐоÑколÑÐºÑ Ð¾ÑиÑÑка Ð²Ñ Ð¾Ð´Ð½ÑÑ Ð´Ð°Ð½Ð½ÑÑ Ð´Ð»Ñ Ð¸Ð¼Ñн Ñайлов не + вÑполнÑеÑÑÑ, злоÑмÑÑленник Ð¼Ð¾Ð¶ÐµÑ Ð½Ð°Ð¿ÑÑмÑÑ Ð²Ð²Ð¾Ð´Ð¸ÑÑ ÐºÐ¾Ð´ в имена пÑÑи + зааÑÑ Ð¸Ð²Ð¸ÑованнÑÑ ÐºÐ°Ñалогов в ADF-Ñайле.</p></li> </ul> - -<p>For the oldstable distribution (wheezy), these problems have been fixed - -in version 0.7.11a-3+deb7u1.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (wheezy) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ +в веÑÑии 0.7.11a-3+deb7u1.</p> - -<p>For the stable distribution (jessie), these problems have been fixed in - -version 0.7.11a-3+deb8u1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (jessie) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 0.7.11a-3+deb8u1.</p> - -<p>For the unstable distribution (sid), these problems have been fixed in - -version 0.7.11a-4.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 0.7.11a-4.</p> - -<p>We recommend that you upgrade your unadf packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ unadf.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJX5tqAAAoJEF7nbuICFtKlZ3AP/0y9qJWgnlKsZbB33iEobXZB gLoLmpzoUf4XMMhikxLQgeu+E+gSqZrWY7NQaxlS+xFos0BKhjmTPWGODchw5++W B/7HpcjysrJyBQuVpj9uMeaWyUSaIl8G8cqsDQeyaHNwWdWclJuhOnIA7j2uKPRX o3kqzL/KJEPQu6faxq+7acx7Blizc1rC6Xbv+nGeo+vYvTBPw98dRHmyhs2TUs5/ PvEGl/C6zIiHvYWdQOYH1Df+AVrUds5qG4JPih357/Ao6AEXjFXc7u5PNuwWSNYx RYwOyKdlaOEaTsOtjo3/iO7vYgHtlHFQ8PX2J2Rvyce9CQvMiGPmXY2o1hmyR/B2 jazCk60tZjd6OIw8E4DzyWUohNXzOj8AWldNpW/OajA0gCkaGg0UcTGjUtfitSZQ ve3BjrX+PAt9YisnirHk7f/dT+aDwgaDfhmNu5wENWQoJqzoIcm+JAFsT18CoWfo 2wMGTULXC0faCGoqGWAAWyuSFeDhL5iUTSkkMV4/sezvOIwwEOMN2CtXMK0b5/WO 29W6LPmPhiXzloT6uftnbTH0aeqieHK5NW+xYgPwimqVDQ0e6zalFsI6gLsZ0kxS /3z3AyTD/2NJrFav6GX40zj5Oal98GpKYiocxvHsjzKgH69bHSeNbmk6iAl36ozH 1andhRSVPtkFlVr7d39f =OJSX -----END PGP SIGNATURE-----

