-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2017/dsa-3790.wml 2017-02-17 10:34:02.000000000 +0500 +++ russian/security/2017/dsa-3790.wml 2017-02-17 10:39:32.906641617 +0500 @@ -1,35 +1,36 @@ - -<define-tag description>security update</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities were discovered in spice, a SPICE protocol - -client and server library. The Common Vulnerabilities and Exposures - -project identifies the following problems:</p> +<p>Ð spice, клиенÑÑкой и ÑеÑвеÑной библиоÑеке поддеÑжки пÑоÑокола SPICE, +бÑло обнаÑÑжено неÑколÑко ÑÑзвимоÑÑей. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and Exposures +опÑеделÑÐµÑ ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-9577">CVE-2016-9577</a> - - <p>Frediano Ziglio of Red Hat discovered a buffer overflow - - vulnerability in the main_channel_alloc_msg_rcv_buf function. An - - authenticated attacker can take advantage of this flaw to cause a - - denial of service (spice server crash), or possibly, execute - - arbitrary code.</p></li> + <p>ФÑедиано Ðиглио из Red Hat обнаÑÑжил пеÑеполнение бÑÑеÑа + в ÑÑнкÑии main_channel_alloc_msg_rcv_buf. ÐÑÑенÑиÑиÑиÑованнÑй + злоÑмÑÑленник Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑ ÑÑÑ ÑÑзвимоÑÑÑ Ð´Ð»Ñ Ð²Ñзова + оÑказа в обÑлÑживании (аваÑÐ¸Ð¹Ð½Ð°Ñ Ð¾ÑÑановка ÑеÑвеÑа spice) или поÑенÑиалÑно + вÑполниÑÑ Ð¿ÑоизволÑнÑй код.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-9578">CVE-2016-9578</a> - - <p>Frediano Ziglio of Red Hat discovered that spice does not properly - - validate incoming messages. An attacker able to connect to the - - spice server could send crafted messages which would cause the - - process to crash.</p></li> + <p>ФÑедиано Ðиглио из Red Hat обнаÑÑжил, ÑÑо spice непÑавилÑно вÑполнÑÐµÑ + пÑовеÑÐºÑ Ð²Ñ Ð¾Ð´ÑÑÐ¸Ñ ÑообÑений. ÐлоÑмÑÑленник, ÑпоÑобнÑй подклÑÑиÑÑÑÑ Ðº + ÑеÑвеÑÑ spice, Ð¼Ð¾Ð¶ÐµÑ Ð¾ÑпÑавиÑÑ ÑпеÑиалÑно ÑÑоÑмиÑованнÑе ÑообÑениÑ, коÑоÑÑе + пÑиведÑÑ Ðº аваÑÐ¸Ð¹Ð½Ð¾Ð¼Ñ Ð·Ð°Ð²ÐµÑÑÐµÐ½Ð¸Ñ ÑеÑвеÑного пÑоÑеÑÑа.</p></li> </ul> - -<p>For the stable distribution (jessie), these problems have been fixed in - -version 0.12.5-1+deb8u4.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (jessie) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 0.12.5-1+deb8u4.</p> - -<p>For the unstable distribution (sid), these problems have been fixed in - -version 0.12.8-2.1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 0.12.8-2.1.</p> - -<p>We recommend that you upgrade your spice packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ spice.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlimjJ4ACgkQXudu4gIW 0qVsbg/8DOWkErPsHKhtxbze15sfVDz/vpfnyGIPK89BXvi5WrcB8gXPouqCbWaf q1Wa2uEljQugIArILNyiawaxq8dlsYSiu/XvS0vGYnnAikWAlA/7tMsxz0RuGH5R d8GRd/j2XJq3CdwAkO1M8COql7OboDTdEnbQ8qmcnKpLTZkWlufHUyx0o5q7Tf+W ZlFi+M9ptfZBVrpy8BAuQBYZ26nl5U+XfcWD8XrEzsAFdVL/vTRbLNHL9ulzkBni PErkQjx9dRkyvCXHnIk1+GGhErVvDn7I0nU2U1Y/fdEOeT5HM1Y3JUedk1H7DZZT 35SMFAl6GvLEH+IsGfSMy2d2odbYnNctgQItTSim8FmGv5JcrnegYhx6FyYI0EKa zRO1sBoMZtIIeKQ0iix36PC4yP1bRmLBPK8wLl9bA8/KbH1Yl19uRp92vNutSvPd q9wDOJjT9maGxL5RyPjACcNggPApZVQUyXgMqf717pQswmtA6b9Je3X1CJDpFtvO f+YaRtUbq589lahoQ3BL87fStxRxNpv8rLEDCr8s/VGrFH381uu4MHoc+tkr4TdE v4cpFHJQg4bu52WdgyfHI2H9w5PMFEh0Fr0SBcznyZ2XbXk483Og+muIPDyRjm8H ztzPi5OZurk0FMgfzBh4LaQKa5azi06If0mKMLdbaoZ+9GJVygE= =6J/Q -----END PGP SIGNATURE-----