-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2009/dsa-1908.wml 2017-11-01 10:11:10.083828563 +0500 +++ russian/security/2009/dsa-1908.wml 2018-03-05 13:32:57.587882973 +0500 @@ -1,47 +1,48 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities have been discovered in samba, an implementation of - -the SMB/CIFS protocol for Unix systems, providing support for cross-platform - -file and printer sharing with other operating systems and more. The Common - -Vulnerabilities and Exposures project identifies the following problems:</p> +<p>Ð samba, ÑеализаÑии пÑоÑокола SMB/CIFS Ð´Ð»Ñ Unix-ÑиÑÑем, пÑедоÑÑавлÑÑÑей поддеÑÐ¶ÐºÑ +кÑоÑÑплаÑÑоÑменного ÑовмеÑÑного иÑполÑÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ Ñайлов и пÑинÑеÑов Ñ Ð´ÑÑгими +опеÑаÑионнÑми ÑиÑÑемами, бÑло обнаÑÑжено неÑколÑко ÑÑзвимоÑÑей. ÐÑÐ¾ÐµÐºÑ Common +Vulnerabilities and Exposures опÑеделÑÐµÑ ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-2948">CVE-2009-2948</a> - -<p>The mount.cifs utility is missing proper checks for file permissions when - -used in verbose mode. This allows local users to partly disclose the - -content of arbitrary files by specifying the file as credentials file and - -attempting to mount a samba share.</p></li> +<p>Ð ÑÑилиÑе mount.cifs пÑи иÑполÑзовании в Ñежиме вÑвода подÑобной инÑоÑмаÑии +оÑÑÑÑÑÑвÑÑÑ Ð¿ÑовеÑки пÑав доÑÑÑпа к Ñайлам. ÐÑо позволÑÐµÑ Ð»Ð¾ÐºÐ°Ð»ÑнÑм полÑзоваÑелÑм ÑаÑÑиÑно +ÑаÑкÑÑваÑÑ ÑодеÑжимое пÑоизволÑнÑÑ Ñайлов, пÑÑÑм ÑÐºÐ°Ð·Ð°Ð½Ð¸Ñ Ñайла в каÑеÑÑве Ñайла Ñ Ð´Ð°Ð½Ð½Ñми об +ÑÑÑÑнÑÑ Ð·Ð°Ð¿Ð¸ÑÑÑ Ð¸ вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿Ð¾Ð¿ÑÑки монÑиÑÐ¾Ð²Ð°Ð½Ð¸Ñ Ð¾Ð±Ñего каÑалога samba.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-2906">CVE-2009-2906</a> - -<p>A reply to an oplock break notification which samba doesn't expect could - -lead to the service getting stuck in an infinite loop. An attacker - -can use this to perform denial of service attacks via a specially crafted - -SMB request.</p></li> +<p>ÐеожиданнÑй Ð´Ð»Ñ samba оÑÐ²ÐµÑ Ð½Ð° Ñведомление о пÑеÑÑвании oplock Ð¼Ð¾Ð¶ÐµÑ +пÑиводиÑÑ Ðº ÑомÑ, ÑÑо ÑлÑжба Ð²Ñ Ð¾Ð´Ð¸Ñ Ð² беÑконеÑнÑй Ñикл. ÐлоÑмÑÑленник +Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑ ÑÑÑ ÑÑзвимоÑÑÑ Ð´Ð»Ñ Ð²Ñзова оÑказа в обÑлÑживании Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ ÑпеÑиалÑно +ÑÑоÑмиÑованного SMB-запÑоÑа.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-2813">CVE-2009-2813</a> - -<p>A lack of error handling in case no home directory was configured/specified - -for the user could lead to file disclosure. In case the automated [homes] - -share is enabled or an explicit share is created with that username, samba - -fails to enforce sharing restrictions which results in an attacker being - -able to access the file system from the root directory.</p></li> +<p>ÐÑÑÑÑÑÑвие обÑабоÑки оÑибок в ÑлÑÑае, еÑли не бÑл наÑÑÑоен/Ñказан домаÑний каÑалог +полÑзоваÑÐµÐ»Ñ Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº ÑаÑкÑÑÑÐ¸Ñ Ñайлов. Ð ÑлÑÑае вклÑÑÐµÐ½Ð¸Ñ Ð°Ð²ÑомаÑиÑеÑкого каÑалога +ÑовмеÑÑного доÑÑÑпа [homes] или Ñвного ÑÐ¾Ð·Ð´Ð°Ð½Ð¸Ñ ÐºÐ°Ñалога ÑовмеÑÑного доÑÑÑпа Ñ Ð´Ð°Ð½Ð½Ñм именем +полÑзоваÑÐµÐ»Ñ samba не ÑдаÑÑÑÑ ÑÑÑановиÑÑ Ð¾Ð³ÑаниÑÐµÐ½Ð¸Ñ ÑовмеÑÑного доÑÑÑпа, ÑÑо пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº ÑомÑ, +ÑÑо злоÑмÑÑленник полÑÑÐ°ÐµÑ Ð²Ð¾Ð·Ð¼Ð¾Ð¶Ð½Ð¾ÑÑÑ Ð¾Ð±ÑаÑиÑÑÑÑ Ðº Ñайловой ÑиÑÑеме из коÑневого каÑалога.</p></li> </ul> - -<p>For the oldstable distribution (etch), this problem will be fixed soon.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (etch) ÑÑа пÑоблема бÑÐ´ÐµÑ Ð¸ÑпÑавлена позже.</p> - -<p>For the stable distribution (lenny), this problem has been fixed in - -version 2:3.2.5-4lenny7.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (lenny) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2:3.2.5-4lenny7.</p> - -<p>For the testing distribution (squeeze), this problem will be fixed soon.</p> +<p>Ð ÑеÑÑиÑÑемом вÑпÑÑке (squeeze) ÑÑа пÑоблема бÑÐ´ÐµÑ Ð¸ÑпÑавлена позже.</p> - -<p>For the unstable distribution (sid), this problem has been fixed in - -version 2:3.4.2-1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2:3.4.2-1.</p> - -<p>We recommend that you upgrade your samba packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ samba.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlqdAMAACgkQXudu4gIW 0qXcEhAArtb0VsjE8ZcbFdjN4RqKse+gSxttPOxLy63uj2UB7DM56Cl+cXt/lNS8 iBfED6yHaHSxSuXHm7LYj1euwnZlsQ02b4ulRitqV8FofIWuLJQ+bWDs69ssiO9e D/lOAlRNizYNqIY3XwtefCcEQvh0pj6HxJymhtUevkqgjTtQsC6Be94/tDCrHVPs /LETL04FLawEAO4Atvy92GENMEI/+lpVqUpGBt7R/lf/MqV9DrFDL4mx5dejE+yZ Mlf478uK8xSbRzozuQAVjIany8GdXqRQM83CUXKJ9jrwC0XBvwf0GzqgNuZX6e2B UkORGi6B4GZqySPMhazOQZp+ktBp2Yuttmw7e5mHZCqQu8hvFd8KxkSAy+BbPLKZ q+sQvSQSfljJD7BhcgbGXkNc0fGjgKS/yJpBW8AjBPa626Whyf5ozEpPuTfbnbPk egr6Di0e6rCxo9h2xtfAE6q2An9sOdeSXDamqjTlI38KnEsJhujrGxFClo3DesRd Vg5Zin7eLNqr6GPXAyFtg6n6iiGJWwO6EDSqcqbBE35sC3LldzHfv7I4ZzXUv5i0 e0IzHikh2TJQZcj9oSlKHgd+a2H/0Zcnb8lhh/3CsQUolsquhB15oGkZp85pNv1K 0dlR2iDmKLkhSwguSiZwn91QPTcviU5GQ/YG7BoxvqJKRUGWovA= =xDMu -----END PGP SIGNATURE-----