-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2018/dsa-4134.wml 2018-03-11 03:06:20.000000000 +0500 +++ russian/security/2018/dsa-4134.wml 2018-03-11 19:24:25.971821411 +0500 @@ -1,20 +1,22 @@ - -<define-tag description>security update</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи</define-tag> <define-tag moreinfo> - -<p>Bjorn Bosselmann discovered that the umount bash completion from - -util-linux does not properly handle embedded shell commands in a - -mountpoint name. An attacker with rights to mount filesystems can take - -advantage of this flaw for privilege escalation if a user (in particular - -root) is tricked into using the umount completion while a specially - -crafted mount is present.</p> +<p>ÐÑÑÑн ÐоÑÑелÑман обнаÑÑжил, ÑÑо авÑодополнение bash Ð´Ð»Ñ umount из пакеÑа +util-linux непÑавилÑно обÑабаÑÑÐ²Ð°ÐµÑ Ð²ÑÑÑоеннÑе ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ ÐºÐ¾Ð¼Ð°Ð½Ð´Ð½Ð¾Ð¹ оболоÑки в +имени ÑоÑки монÑиÑованиÑ. ÐлоÑмÑÑленник, имеÑÑий пÑава на монÑиÑование ÑайловÑÑ +ÑиÑÑем, Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑ ÑÑÑ ÑÑзвимоÑÑÑ Ð´Ð»Ñ Ð¿Ð¾Ð²ÑÑÐµÐ½Ð¸Ñ Ð¿Ñивилегий в ÑлÑÑае, еÑли +полÑзоваÑÐµÐ»Ñ (в ÑаÑÑноÑÑи, ÑÑпеÑполÑзоваÑелÑ) иÑполÑзÑÐµÑ Ð°Ð²Ñодополнение Ð´Ð»Ñ ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ umount +в моменÑ, когда подклÑÑена ÑпеÑиалÑно ÑÑоÑмиÑÐ¾Ð²Ð°Ð½Ð½Ð°Ñ ÑоÑка монÑиÑованиÑ.</p> - -<p>For the stable distribution (stretch), this problem has been fixed in - -version 2.29.2-1+deb9u1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (stretch) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.29.2-1+deb9u1.</p> - -<p>We recommend that you upgrade your util-linux packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ util-linux.</p> - -<p>For the detailed security status of util-linux please refer to its - -security tracker page at: - -<a href="https://security-tracker.debian.org/tracker/util-linux">https://security-tracker.debian.org/tracker/util-linux</a></p> +<p>С подÑобнÑм ÑÑаÑÑÑом поддеÑжки безопаÑноÑÑи util-linux можно ознакомиÑÑÑÑ Ð½Ð° +ÑооÑвеÑÑÑвÑÑÑей ÑÑÑаниÑе оÑÑÐ»ÐµÐ¶Ð¸Ð²Ð°Ð½Ð¸Ñ Ð±ÐµÐ·Ð¾Ð¿Ð°ÑноÑÑи по адÑеÑÑ +<a href="https://security-tracker.debian.org/tracker/util-linux">\ +https://security-tracker.debian.org/tracker/util-linux</a></p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlqlPCAACgkQXudu4gIW 0qWusQ/9HUmp2laZQf3CI+6cBd3oXu+DdAqHmULhsXNu/PpzwecdurCg1iWuDOri wm7KQoiFHLljTmoEEriX22HNEXU/hKLpy1YhRFOwcxjEk9SOMlrqpwzQod5cV6+w jztBnGgkCblZfyFHN7U1PJ6swsfeLxFgHWP7bhablMP677ehIuO8i/X8dAHlvv8B JOFsxtJsg4zVV83w0P0KCVRLh6Rkbnag4Nx36dGrQRSJJNzwRxnYltxBTguJdoWI XXoXR9LR6v6jJDTZjyGpE2NPk9KvK5bZmjXbZawo2vo1FciPIcDCmxVFJxtqDNlg NFbWJXJsYOfZ0KsPSm72r3P0NrQCYxqVmDlu1lbsAkHj35wJefFUarkHFYKtsBKN luh+i96ye484+i6b9H7IpOOsgzCRFrTZawaBAJhAJobwI16NfE/uaQjOk1EL7MQQ ydW5cytYvdKRsDnDfuT6SaBTMTE8Pj3Ori17fpMTtkXYiaPchgvj/To3o9PL/7bW f6owezqGurIPOQRf5qSbtGE4w9yO8V6Ru7aMz6ltNRi0nPvGAtn/LYioqtVNsFBu BixEjb8MqtKVnEwHrVmGTvOPFIV1rPTtUtkJdaTQnu9h0t84IgM/Yv93QVKBr4QZ DPRL1SdL36dV9NrpY8bg5lGxzezulGxsTN+SLPXKBJAzV87aEHY= =B3To -----END PGP SIGNATURE-----