-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2007/dsa-1273.wml 2017-11-01 10:11:09.703803791 +0500 +++ russian/security/2007/dsa-1273.wml 2018-03-14 12:14:46.923102281 +0500 @@ -1,51 +1,52 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.5" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities have been discovered in nas, the Network Audio - -System.</p> +<p>Ð nas, Network Audio System, бÑло обнаÑÑжено неÑколÑко +ÑÑзвимоÑÑей.</p> <ul> - -<li><a href="https://security-tracker.debian.org/tracker/CVE-2007-1543">CVE-2007-1543</a> +<li><a href="https://security-tracker.debian.org/tracker/CVE-2007-1543">CVE-2007-1543</a> - -<p>A stack-based buffer overflow in the accept_att_local function in - -server/os/connection.c in nas allows remote attackers to execute - -arbitrary code via a long path slave name in a USL socket connection.</p></li> +<p>ÐеÑеполнение бÑÑеÑа в ÑÑнкÑии accept_att_local в server/os/connection.c +в nas позволÑÐµÑ ÑдалÑннÑм злоÑмÑÑленникам вÑполнÑÑÑ Ð¿ÑоизволÑнÑй +код Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ Ð´Ð»Ð¸Ð½Ð½Ð¾Ð³Ð¾ имени пÑÑи в ÑокеÑ-Ñоединении USL.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-1544">CVE-2007-1544</a> - -<p>An integer overflow in the ProcAuWriteElement function in - -server/dia/audispatch.c allows remote attackers to cause a denial of - -service (crash) and possibly execute arbitrary code via a large - -max_samples value.</p></li> +<p>ÐеÑеполнение ÑелÑÑ ÑиÑел в ÑÑнкÑии ProcAuWriteElement в server/dia/audispatch.c +позволÑÐµÑ ÑдалÑннÑм злоÑмÑÑленникам вÑзÑваÑÑ Ð¾Ñказ в обÑлÑживании (аваÑÐ¸Ð¹Ð½Ð°Ñ +оÑÑановка) и поÑенÑиалÑно вÑполнÑÑÑ Ð¿ÑоизволÑнÑй код Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ Ð±Ð¾Ð»ÑÑого +знаÑÐµÐ½Ð¸Ñ max_samples.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-1545">CVE-2007-1545</a> - -<p>The AddResource function in server/dia/resource.c allows remote - -attackers to cause a denial of service (server crash) via a - -nonexistent client ID.</p></li> +<p>ФÑнкÑÐ¸Ñ AddResource в server/dia/resource.c позволÑÐµÑ ÑдалÑннÑм +злоÑмÑÑленникам вÑзÑваÑÑ Ð¾Ñказ в обÑлÑживании (аваÑÐ¸Ð¹Ð½Ð°Ñ Ð¾ÑÑановка ÑеÑвеÑа) Ñ +помоÑÑÑ Ð½ÐµÑÑÑеÑÑвÑÑÑего клиенÑÑкого иденÑиÑикаÑоÑа.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-1546">CVE-2007-1546</a> - -<p>An array index error allows remote attackers to cause a denial of service - -(crash) via (1) large num_action values in the ProcAuSetElements - -function in server/dia/audispatch.c or (2) a large inputNum parameter - -to the compileInputs function in server/dia/auutil.c.</p></li> +<p>ÐÑибка индекÑаÑии маÑÑива позволÑÐµÑ ÑдалÑннÑм злоÑмÑÑленникам вÑзÑваÑÑ Ð¾Ñказ в +обÑлÑживании (аваÑÐ¸Ð¹Ð½Ð°Ñ Ð¾ÑÑановка) Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ (1) болÑÑÐ¸Ñ Ð·Ð½Ð°Ñений num_action в ÑÑнкÑии +ProcAuSetElements в server/dia/audispatch.c, либо (2) болÑÑого паÑамеÑÑа inputNum +ÑÑнкÑии compileInputs в server/dia/auutil.c.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-1547">CVE-2007-1547</a> - -<p>The ReadRequestFromClient function in server/os/io.c allows remote - -attackers to cause a denial of service (crash) via multiple - -simultaneous connections, which triggers a NULL pointer dereference.</p></li> +<p>ФÑнкÑÐ¸Ñ ReadRequestFromClient в server/os/io.c позволÑÐµÑ ÑдалÑннÑм +злоÑмÑÑленникам вÑзÑваÑÑ Ð¾Ñказ в обÑлÑживании (аваÑÐ¸Ð¹Ð½Ð°Ñ Ð¾ÑÑановка) Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ +множеÑÑвеннÑÑ Ð¾Ð´Ð½Ð¾Ð²ÑеменнÑÑ Ñоединений, ÑÑо пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº ÑазÑÐ¼ÐµÐ½Ð¾Ð²Ð°Ð½Ð¸Ñ NULL-ÑказаÑелÑ.</p></li> </ul> - -<p>For the stable distribution (sarge), these problems have been fixed in - -version 1.7-2sarge1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (sarge) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 1.7-2sarge1.</p> - -<p>For the upcoming stable distribution (etch) and the unstable - -distribution (sid) these problems have been fixed in version 1.8-4.</p> +<p>РгоÑовÑÑемÑÑ ÑÑабилÑном (etch) и неÑÑабилÑном (sid) вÑпÑÑÐºÐ°Ñ +ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² веÑÑии 1.8-4.</p> - -<p>We recommend that you upgrade your nas package.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑ nas.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlqoy+sACgkQXudu4gIW 0qU+Ig/+LrY7VyHI3nGlLY+2vFvJD/MAMbTFN5gt6nFvR29nO2gg2YxTPRJOdfl/ swUx79f+Pr2IIMmfWXwtTj82VMMxXOWvumQWTiP9R5ToEnj6T9sUgl/H2Oz68/fY q4KBm4ubUY6jf051PV2fzVpjvl8sbiDfx+jqG1d+RElc/As8LV0uBqUz99R5nWe4 oIhpDWwWRnWO30HG89y/aVaYxt4DIKxYJk+VQye4pAbmrvtv/B8UEuPkDNPFaCNb xhPS42Xq82YwKSvN07LBuTcIxwlr8IO/YayttNiBZ674qqWA/lnpez+KAbhx6ZjC 8ZMvMSs25lDRfQiBsXF0SR0Tq0H8FGivjnLj54vJgwAF8f2uQ11v/Qh+5yKO5V/M 5j/ye2z0ndhTSrPwH2znkJUs7q1X8EFxKMfcZjV5eqIBNI8D+62Q81BQ0W+T3A+A HF2o/RKRZENe7GKYGiSQKqwFv4Eiz88zeptPm3S271s4N8Qa4K0+s7vuIOJqkDtn nJDz0Cd/vcGrwl930BpX4/93UfO4kDq2i4uQ4puCpgdhf7DcdNkFDRtDl/E0iAlw XonTNerdoohrrUhy4h9We4PsTR7mTQ7Re/Pof0hGvxr+RNkut1nXeZ8SCjax5aPN 85Q6reDnPqoejDwP79kt8IHixCrSyJk3QrF6AQvdouCZeYRIfZE= =MJGQ -----END PGP SIGNATURE-----