-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2017/dsa-3862.wml 2017-05-26 11:08:56.000000000 +0500 +++ russian/security/2017/dsa-3862.wml 2017-05-26 11:15:43.935563948 +0500 @@ -1,21 +1,22 @@ - -<define-tag description>security update</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи</define-tag> <define-tag moreinfo> - -<p>It was discovered that unrestricted YAML deserialisation of data sent - -from agents to the server in the Puppet configuration management system - -could result in the execution of arbitrary code.</p> +<p>ÐÑло обнаÑÑжено, ÑÑо неогÑаниÑÐµÐ½Ð½Ð°Ñ YAML-деÑеÑиализаÑÐ¸Ñ Ð´Ð°Ð½Ð½ÑÑ , оÑпÑавленнÑÑ +агенÑами на ÑеÑÐ²ÐµÑ Ð² Puppet, ÑиÑÑеме ÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ Ð½Ð°ÑÑÑойками, +Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода.</p> - -<p>Note that this fix breaks backward compability with Puppet agents older - -than 3.2.2 and there is no safe way to restore it. This affects puppet - -agents running on Debian wheezy; we recommend to update the the - -puppet version shipped in wheezy-backports.</p> +<p>ÐамеÑÑÑе, ÑÑо данное иÑпÑавление Ð»Ð¾Ð¼Ð°ÐµÑ ÑовмеÑÑимоÑÑÑ Ñ Puppet-агенÑами +ÑÑаÑее веÑÑии 3.2.2, и безопаÑного ÑпоÑоба воÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ ÑÑой ÑовмеÑÑимоÑÑи неÑ. ÐÑо +каÑаеÑÑÑ Ð°Ð³ÐµÐ½Ñов puppet, запÑÑеннÑÑ Ð² Debian wheezy; ÑекомендÑеÑÑÑ Ð²ÑполниÑÑ +обновление до веÑÑии puppet, поÑÑавлÑемой в wheezy-backports.</p> - -<p>For the stable distribution (jessie), this problem has been fixed in - -version 3.7.2-4+deb8u1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (jessie) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 3.7.2-4+deb8u1.</p> - -<p>For the unstable distribution (sid), this problem has been fixed in - -version 4.8.2-5.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 4.8.2-5.</p> - -<p>We recommend that you upgrade your puppet packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ puppet.</p> </define-tag> # do not modify the following line - --- english/security/2017/dsa-3863.wml 2017-05-26 11:10:14.000000000 +0500 +++ russian/security/2017/dsa-3863.wml 2017-05-26 11:19:26.349237415 +0500 @@ -1,21 +1,23 @@ - -<define-tag description>security update</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи</define-tag> <define-tag moreinfo> - -<p>This update fixes several vulnerabilities in imagemagick: Various memory - -handling problems and cases of missing or incomplete input sanitising - -may result in denial of service, memory disclosure or the execution of - -arbitrary code if malformed RLE, ART, JNG, DDS, BMP, ICO, EPT, SUN, MTV, - -PICT, XWD, PCD, SFW, MAT, EXR, DCM, MNG, PCX or SVG files are processed.</p> +<p>Ðанное обновление иÑпÑавлÑÐµÑ Ð½ÐµÑколÑко ÑÑзвимоÑÑей в imagemagick: ÑазлиÑнÑе +пÑÐ¾Ð±Ð»ÐµÐ¼Ñ ÑабоÑÑ Ñ Ð¿Ð°Ð¼ÑÑÑÑ Ð¸ ÑлÑÑаи оÑÑÑÑÑÑÐ²Ð¸Ñ Ð¸Ð»Ð¸ неполной оÑиÑÑки Ð²Ñ Ð¾Ð´Ð½ÑÑ +даннÑÑ Ð¼Ð¾Ð³ÑÑ Ð¿ÑиводиÑÑ Ðº оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании, ÑаÑкÑÑÑÐ¸Ñ ÑодеÑжимого памÑÑи +или вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода в ÑлÑÑае обÑабоÑки ÑпеÑиалÑно ÑÑоÑмиÑованнÑÑ +Ñайлов RLE, ART, JNG, DDS, BMP, ICO, EPT, SUN, MTV, PICT, XWD, PCD, SFW, MAT, +EXR, DCM, MNG, PCX или SVG.</p> - -<p>For the stable distribution (jessie), these problems have been fixed in - -version 8:6.8.9.9-5+deb8u9.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (jessie) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 8:6.8.9.9-5+deb8u9.</p> - -<p>For the upcoming stable distribution (stretch), these problems have been - -fixed in version 8:6.9.7.4+dfsg-8.</p> +<p>РгоÑовÑÑемÑÑ ÑÑабилÑном вÑпÑÑке (stretch) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли +иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² веÑÑии 8:6.9.7.4+dfsg-8.</p> - -<p>For the unstable distribution (sid), these problems have been fixed in - -version 8:6.9.7.4+dfsg-8.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 8:6.9.7.4+dfsg-8.</p> - -<p>We recommend that you upgrade your imagemagick packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ imagemagick.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlknyPIACgkQXudu4gIW 0qWg3Q/+KzvEOXmrqcEG7ofBg27IrTY6Ail0n1bgBBCXNh6n4XDmiRDkVIFvZVJz 3HhxyjPQSPbqYzNtN6I3j7kxpx3dflVNnJbvKPJHzKEkQZAXT7lcIygPDQTqu/Ri cglfvCDxhJZHaAF31AIMGxjr+32THFfgcElWgoZN/xFfRangqDVoykiWatwmNct5 jNWnTYcu2qqxXdVIfC7C4JAUeTe3dKwpOdxpZUS9bdDcGpcCHJKQa3Ioq6nbl15h VLC6juDKTdhVxyBr1XKDj2U0EtSASlV4ZSrH4tZJVwML5dYuSGV4oI98puZMzq0x umSM/1eXMPkvxLPLZ2cVUcYSoeCdZ1l94Fivmt/53PX/a0S4d67MvFbF2/PsLmu0 WaIkG/SLxcoRqoKEqzTcW7bQtERd7/Hgr+iBnsEEWc03s1KxnXmq9EwjwYMnVZR3 JlKGbzCCBkmVPZEv4Y+qxZHu6uzfQcrD6519HZBU05nIyDkzMC8bmtYQe2P5ywf0 FLTLrOeZmIuKydI8t1hXDIAy7ceNY26ZeHeqqDDbeN9R1k5F6Y5ntBt57JnMXINX 7xgaRHwkycOHmGpyxs92sYTD5MZW7zeGFbhlK31s5KvQYG1pw0k9mdWJ5QHmxT6G OLM2kWFEDc0uvD8ZoLtjA4o5M7C8leaDIsM/AbvVkZ4CjomNiWU= =0YU3 -----END PGP SIGNATURE-----