-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2011/dsa-2323.wml 2017-11-01 10:11:10.287841867 +0500 +++ russian/security/2011/dsa-2323.wml 2018-02-12 13:00:43.943962172 +0500 @@ -1,49 +1,50 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Multiple security issues were discovered by Vasiliy Kulikov in radvd, an - -IPv6 Router Advertisement daemon:</p> +<p>ÐаÑилий ÐÑликов обнаÑÑжил многоÑиÑленнÑе пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±ÐµÐ·Ð¾Ð¿Ð°ÑноÑÑи в radvd, ÑлÑжбе +обÑÑÐ²Ð»ÐµÐ½Ð¸Ñ Ð¼Ð°ÑÑÑÑÑизаÑоÑа IPv6:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-3602">CVE-2011-3602</a> - - <p>set_interface_var() function doesn't check the interface name, which is - - chosen by an unprivileged user. This could lead to an arbitrary file - - overwrite if the attacker has local access, or specific files overwrites - - otherwise.</p></li> + <p>ФÑнкÑÐ¸Ñ set_interface_var() не вÑполнÑÐµÑ Ð¿ÑовеÑÐºÑ Ð¸Ð¼ÐµÐ½Ð¸ инÑеÑÑейÑа, коÑоÑое + вÑбиÑаеÑÑÑ Ð½ÐµÐ¿ÑивилегиÑованнÑм полÑзоваÑелем. ÐÑо Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº пеÑезапиÑи пÑоизволÑного + Ñайла в ÑлÑÑае, еÑли злоÑмÑÑленник Ð¸Ð¼ÐµÐµÑ Ð»Ð¾ÐºÐ°Ð»ÑнÑй доÑÑÑп, в пÑоÑивном ÑлÑÑае пеÑезапиÑÑваÑÑÑÑ + опÑеделÑннÑе ÑайлÑ.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-3604">CVE-2011-3604</a> - - <p>process_ra() function lacks multiple buffer length checks which could - - lead to memory reads outside the stack, causing a crash of the daemon.</p></li> + <p>Ð ÑÑнкÑии process_ra() оÑÑÑÑÑÑвÑÑÑ Ð¿ÑовеÑки Ð´Ð»Ð¸Ð½Ñ Ð±ÑÑеÑа, ÑÑо Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº + ÑÑениÑм ÑодеÑжимого памÑÑи за пÑеделами ÑÑека, вÑзÑÐ²Ð°Ñ Ð°Ð²Ð°ÑийнÑÑ Ð¾ÑÑÐ°Ð½Ð¾Ð²ÐºÑ ÑлÑжбÑ.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-3605">CVE-2011-3605</a> - - <p>process_rs() function calls mdelay() (a function to wait for a defined - - time) unconditionnally when running in unicast-only mode. As this call - - is in the main thread, that means all request processing is delayed (for - - a time up to MAX_RA_DELAY_TIME, 500 ms by default). An attacker could - - flood the daemon with router solicitations in order to fill the input - - queue, causing a temporary denial of service (processing would be - - stopped during all the mdelay() calls). + <p>ФÑнкÑÐ¸Ñ process_rs() вÑзÑÐ²Ð°ÐµÑ mdelay() (ÑÑнкÑÐ¸Ñ Ð´Ð»Ñ Ð¾Ð¶Ð¸Ð´Ð°Ð½Ð¸Ñ Ð¾Ð¿ÑеделÑнного + вÑемени) без огÑаниÑений какими-либо ÑÑловиÑми пÑи запÑÑке в Ñежиме адÑеÑаÑии по + конкÑеÑÐ½Ð¾Ð¼Ñ ÑÑÑÑойÑÑвÑ. ÐоÑколÑÐºÑ ÑÑÐ¾Ñ Ð²Ñзов Ð½Ð°Ñ Ð¾Ð´Ð¸ÑÑÑ Ð² оÑновом поÑоке, Ñо ÑÑо ознаÑаеÑ, ÑÑо + вÑÑ Ð¾Ð±ÑабоÑка запÑоÑов задеÑживаеÑÑÑ (на вÑÐµÐ¼Ñ Ð´Ð¾ MAX_RA_DELAY_TIME, по ÑмолÑÐ°Ð½Ð¸Ñ 500 мÑ). ÐлоÑмÑÑленник + Ð¼Ð¾Ð¶ÐµÑ Ð¿ÐµÑеполниÑÑ ÑлÑÐ¶Ð±Ñ Ð²Ñзовами маÑÑÑÑÑизаÑоÑа Ñ ÑелÑÑ Ð·Ð°Ð¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¾ÑеÑеди + Ð²Ñ Ð¾Ð´Ð½ÑÑ Ð´Ð°Ð½Ð½ÑÑ , ÑÑо пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº вÑÐµÐ¼ÐµÐ½Ð½Ð¾Ð¼Ñ Ð¾ÑÐºÐ°Ð·Ñ Ð² обÑлÑживании (обÑабоÑка оÑÑанавливаеÑÑÑ + во вÑÐµÐ¼Ñ Ð²ÑÐµÑ Ð²Ñзовов mdelay()). <br/> - - Note: upstream and Debian default is to use anycast mode.</p></li> + ÐамеÑÑÑе: по ÑмолÑÐ°Ð½Ð¸Ñ Ð² оÑновной веÑке ÑазÑабоÑки и в Debian иÑполÑзÑеÑÑÑ Ñежим адÑеÑаÑии по лÑÐ±Ð¾Ð¼Ñ ÑÑÑÑойÑÑвÑ.</p></li> </ul> - -<p>For the oldstable distribution (lenny), this problem has been fixed in - -version 1:1.1-3.1.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (lenny) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1:1.1-3.1.</p> - -<p>For the stable distribution (squeeze), this problem has been fixed in - -version 1:1.6-1.1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1:1.6-1.1.</p> - -<p>For the testing distribution (wheezy), this problem has been fixed in - -version 1:1.8-1.2.</p> +<p>Ð ÑеÑÑиÑÑемом вÑпÑÑке (wheezy) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1:1.8-1.2.</p> - -<p>For the unstable distribution (sid), this problem has been fixed in - -version 1:1.8-1.2.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1:1.8-1.2.</p> - -<p>We recommend that you upgrade your radvd packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ radvd.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlqBSbEACgkQXudu4gIW 0qXOVg/+MXiutEOGXrvJi891vuayLOUXrrDJhAH5pQiRWKsK50I2zjZragDRu/Ia V5dSgpqYfXq5d5Du2FBphprBv8B6Akaom4WnE4kJ3//dgu09+FrY2cww2VGjMGrX RxCdm24ciEm9kPVHzW5Er80aGj6IiRw9r3lkI/vZ9lfA65kLooeJv2bhRjrInEzI iaI/ETYC9QkagmoNikyXrGtl6PXVyKGQ/CcfGKcUWBpJaqjDA2LNLO/kl84u52k6 lE80R+qGOSsv6K1wNsXQlwCi0eu2Gspjr7+L4Jc6n39i6M6fD7P1CXDRGWwd7Vyc zDoAu+0l+/Fe/bZi3Y0LHIsgCJ4pXKBTaNGE03T02t6rrJwGb9A8tZcPr4DZnobw Oye9OOL9uvTGb52ioSdpLOyAfkY7PmJZiE2kP5iuJxX9WW/yahf1FW86DQaooTtX IBAFLgr2rEv7oi2LGwgnMDD4y3uHLfZR3kv3gZxLkxRGVMLhz4iktt8MkOzXF+lb Cy8OQNPmKygPMXT2x2bMf5tT8SJnMcxdAEKL/zukYWi42Yb5wv/1DjWQ9hqm2aDz f+tJubz27tPoTcxsV5TzjUw5XOuU/ovh9kb//fxC5cf6wNW52fCTZV0sAwR9Bjk3 +IP4gjUIeHBPN5DFaNJv0TYvcxSi3um94sf4KkkJylsWD8a0q2w= =yuLN -----END PGP SIGNATURE-----