dsa-4134.wml}

Lev Lamberov Sun, 11 Mar 2018 07:25:17 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2018/dsa-4134.wml        2018-03-11 03:06:20.000000000 
+0500
+++ russian/security/2018/dsa-4134.wml  2018-03-11 19:24:25.971821411 +0500
@@ -1,20 +1,22 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ðµ 
Ð±ÐµÐ·Ð¾Ð¿Ð°ÑÐ½Ð¾ÑÑÐ¸</define-tag>
 <define-tag moreinfo>
- -<p>Bjorn Bosselmann discovered that the umount bash completion from
- -util-linux does not properly handle embedded shell commands in a
- -mountpoint name. An attacker with rights to mount filesystems can take
- -advantage of this flaw for privilege escalation if a user (in particular
- -root) is tricked into using the umount completion while a specially
- -crafted mount is present.</p>
+<p>ÐÑÑÑÐ½ ÐÐ¾ÑÑÐµÐ»ÑÐ¼Ð°Ð½ Ð¾Ð±Ð½Ð°ÑÑÐ¶Ð¸Ð», ÑÑÐ¾ 
Ð°Ð²ÑÐ¾Ð´Ð¾Ð¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ðµ bash Ð´Ð»Ñ umount Ð¸Ð· Ð¿Ð°ÐºÐµÑÐ°
+util-linux Ð½ÐµÐ¿ÑÐ°Ð²Ð¸Ð»ÑÐ½Ð¾ Ð¾Ð±ÑÐ°Ð±Ð°ÑÑÐ²Ð°ÐµÑ 
Ð²ÑÑÑÐ¾ÐµÐ½Ð½ÑÐµ ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ ÐºÐ¾Ð¼Ð°Ð½Ð´Ð½Ð¾Ð¹ Ð¾Ð±Ð¾Ð»Ð¾ÑÐºÐ¸ Ð²
+Ð¸Ð¼ÐµÐ½Ð¸ ÑÐ¾ÑÐºÐ¸ Ð¼Ð¾Ð½ÑÐ¸ÑÐ¾Ð²Ð°Ð½Ð¸Ñ. ÐÐ»Ð¾ÑÐ¼ÑÑÐ»ÐµÐ½Ð½Ð¸Ðº, 
Ð¸Ð¼ÐµÑÑÐ¸Ð¹ Ð¿ÑÐ°Ð²Ð° Ð½Ð° Ð¼Ð¾Ð½ÑÐ¸ÑÐ¾Ð²Ð°Ð½Ð¸Ðµ ÑÐ°Ð¹Ð»Ð¾Ð²ÑÑ
+ÑÐ¸ÑÑÐµÐ¼, Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑÐ¿Ð¾Ð»ÑÐ·Ð¾Ð²Ð°ÑÑ ÑÑÑ ÑÑÐ·Ð²Ð¸Ð¼Ð¾ÑÑÑ 
Ð´Ð»Ñ Ð¿Ð¾Ð²ÑÑÐµÐ½Ð¸Ñ Ð¿ÑÐ¸Ð²Ð¸Ð»ÐµÐ³Ð¸Ð¹ Ð² ÑÐ»ÑÑÐ°Ðµ, ÐµÑÐ»Ð¸
+Ð¿Ð¾Ð»ÑÐ·Ð¾Ð²Ð°ÑÐµÐ»Ñ (Ð² ÑÐ°ÑÑÐ½Ð¾ÑÑÐ¸, 
ÑÑÐ¿ÐµÑÐ¿Ð¾Ð»ÑÐ·Ð¾Ð²Ð°ÑÐµÐ»Ñ) Ð¸ÑÐ¿Ð¾Ð»ÑÐ·ÑÐµÑ 
Ð°Ð²ÑÐ¾Ð´Ð¾Ð¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ðµ Ð´Ð»Ñ ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ umount
+Ð² Ð¼Ð¾Ð¼ÐµÐ½Ñ, ÐºÐ¾Ð³Ð´Ð° Ð¿Ð¾Ð´ÐºÐ»ÑÑÐµÐ½Ð° ÑÐ¿ÐµÑÐ¸Ð°Ð»ÑÐ½Ð¾ 
ÑÑÐ¾ÑÐ¼Ð¸ÑÐ¾Ð²Ð°Ð½Ð½Ð°Ñ ÑÐ¾ÑÐºÐ° Ð¼Ð¾Ð½ÑÐ¸ÑÐ¾Ð²Ð°Ð½Ð¸Ñ.</p>
 
- -<p>For the stable distribution (stretch), this problem has been fixed in
- -version 2.29.2-1+deb9u1.</p>
+<p>Ð ÑÑÐ°Ð±Ð¸Ð»ÑÐ½Ð¾Ð¼ Ð²ÑÐ¿ÑÑÐºÐµ (stretch) ÑÑÐ° Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ð° 
Ð±ÑÐ»Ð° Ð¸ÑÐ¿ÑÐ°Ð²Ð»ÐµÐ½Ð° Ð²
+Ð²ÐµÑÑÐ¸Ð¸ 2.29.2-1+deb9u1.</p>
 
- -<p>We recommend that you upgrade your util-linux packages.</p>
+<p>Ð ÐµÐºÐ¾Ð¼ÐµÐ½Ð´ÑÐµÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ util-linux.</p>
 
- -<p>For the detailed security status of util-linux please refer to its
- -security tracker page at:
- -<a 
href="https://security-tracker.debian.org/tracker/util-linux";>https://security-tracker.debian.org/tracker/util-linux</a></p>
+<p>Ð¡ Ð¿Ð¾Ð´ÑÐ¾Ð±Ð½ÑÐ¼ ÑÑÐ°ÑÑÑÐ¾Ð¼ Ð¿Ð¾Ð´Ð´ÐµÑÐ¶ÐºÐ¸ 
Ð±ÐµÐ·Ð¾Ð¿Ð°ÑÐ½Ð¾ÑÑÐ¸ util-linux Ð¼Ð¾Ð¶Ð½Ð¾ Ð¾Ð·Ð½Ð°ÐºÐ¾Ð¼Ð¸ÑÑÑÑ Ð½Ð°
+ÑÐ¾Ð¾ÑÐ²ÐµÑÑÑÐ²ÑÑÑÐµÐ¹ ÑÑÑÐ°Ð½Ð¸ÑÐµ Ð¾ÑÑÐ»ÐµÐ¶Ð¸Ð²Ð°Ð½Ð¸Ñ 
Ð±ÐµÐ·Ð¾Ð¿Ð°ÑÐ½Ð¾ÑÑÐ¸ Ð¿Ð¾ Ð°Ð´ÑÐµÑÑ
+<a href="https://security-tracker.debian.org/tracker/util-linux";>\
+https://security-tracker.debian.org/tracker/util-linux</a></p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----


iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlqlPCAACgkQXudu4gIW
0qWusQ/9HUmp2laZQf3CI+6cBd3oXu+DdAqHmULhsXNu/PpzwecdurCg1iWuDOri
wm7KQoiFHLljTmoEEriX22HNEXU/hKLpy1YhRFOwcxjEk9SOMlrqpwzQod5cV6+w
jztBnGgkCblZfyFHN7U1PJ6swsfeLxFgHWP7bhablMP677ehIuO8i/X8dAHlvv8B
JOFsxtJsg4zVV83w0P0KCVRLh6Rkbnag4Nx36dGrQRSJJNzwRxnYltxBTguJdoWI
XXoXR9LR6v6jJDTZjyGpE2NPk9KvK5bZmjXbZawo2vo1FciPIcDCmxVFJxtqDNlg
NFbWJXJsYOfZ0KsPSm72r3P0NrQCYxqVmDlu1lbsAkHj35wJefFUarkHFYKtsBKN
luh+i96ye484+i6b9H7IpOOsgzCRFrTZawaBAJhAJobwI16NfE/uaQjOk1EL7MQQ
ydW5cytYvdKRsDnDfuT6SaBTMTE8Pj3Ori17fpMTtkXYiaPchgvj/To3o9PL/7bW
f6owezqGurIPOQRf5qSbtGE4w9yO8V6Ru7aMz6ltNRi0nPvGAtn/LYioqtVNsFBu
BixEjb8MqtKVnEwHrVmGTvOPFIV1rPTtUtkJdaTQnu9h0t84IgM/Yv93QVKBr4QZ
DPRL1SdL36dV9NrpY8bg5lGxzezulGxsTN+SLPXKBJAzV87aEHY=
=B3To
-----END PGP SIGNATURE-----

[DONE] wml://{security/2018/dsa-4134.wml}

Ответить