-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2014/dla-106.wml 2016-04-09 01:32:21.000000000 +0500 +++ russian/security/2014/dla-106.wml 2016-06-27 22:05:25.819082716 +0500 @@ -1,39 +1,40 @@ - -<define-tag description>LTS security update</define-tag> +#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи LTS</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities have been discovered in getmail4, a mail retriever - -with support for POP3, IMAP4 and SDPS, that could allow man-in-the-middle - -attacks.</p> +<p>Ð getmail4, пÑогÑамме Ð´Ð»Ñ Ð¿Ð¾Ð»ÑÑÐµÐ½Ð¸Ñ ÑлекÑÑонной поÑÑÑ, поддеÑживаÑÑей +POP3, IMAP4 и SDPS, бÑло обнаÑÑжено неÑколÑко ÑÑзвимоÑÑей, коÑоÑÑе позволÑÑÑ +вÑполнÑÑÑ Ð°Ñаки по пÑинÑÐ¸Ð¿Ñ Ñеловек-в-ÑеÑедине.</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-7273">CVE-2014-7273</a> - - <p>The IMAP-over-SSL implementation in getmail 4.0.0 through 4.43.0 does - - not verify X.509 certificates from SSL servers, which allows - - man-in-the-middle attackers to spoof IMAP servers and obtain sensitive - - information via a crafted certificate.</p></li> + <p>РеализаÑÐ¸Ñ IMAP-ÑеÑез-SSL в getmail Ñ Ð²ÐµÑÑии 4.0.0 до веÑÑии 4.43.0 + не вÑполнÑÐµÑ Ð¿ÑовеÑÐºÑ ÑеÑÑиÑикаÑов X.509 SSL-ÑеÑвеÑов, ÑÑо позволÑÐµÑ + злоÑмÑÑленникам подделÑваÑÑ ÑеÑвеÑÑ IMAP и полÑÑаÑÑ ÑÑвÑÑвиÑелÑнÑÑ + инÑоÑмаÑÐ¸Ñ Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ ÑпеÑиалÑно ÑÑоÑмиÑованного ÑеÑÑиÑикаÑа.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-7274">CVE-2014-7274</a> - - <p>The IMAP-over-SSL implementation in getmail 4.44.0 does not verify - - that the server hostname matches a domain name in the subject's Common - - Name (CN) field of the X.509 certificate, which allows - - man-in-the-middle attackers to spoof IMAP servers and obtain sensitive - - information via a crafted certificate from a recognized Certification - - Authority.</p></li> + <p>РеализаÑÐ¸Ñ IMAP-ÑеÑез-SSL в getmail веÑÑии 4.44.0 не вÑполнÑÐµÑ Ð¿ÑовеÑÐºÑ + Ñого, ÑÑо Ð¸Ð¼Ñ Ñзла ÑеÑвеÑа ÑÐ¾Ð²Ð¿Ð°Ð´Ð°ÐµÑ Ñ Ð¸Ð¼ÐµÐ½ÐµÐ¼ домена в поле Common Name (CN) + ÑеÑÑиÑикаÑа X.509, ÑÑо позволÑÐµÑ Ð·Ð»Ð¾ÑмÑÑленникам + подделÑваÑÑ ÑеÑвеÑÑ IMAP и полÑÑаÑÑ ÑÑвÑÑвиÑелÑнÑÑ + инÑоÑмаÑÐ¸Ñ Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ ÑпеÑиалÑно ÑÑоÑмиÑованного ÑеÑÑиÑикаÑа Ð¾Ñ Ñзнаваемого + авÑоÑиÑеÑа.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-7275">CVE-2014-7275</a> - - <p>The POP3-over-SSL implementation in getmail 4.0.0 through 4.44.0 does - - not verify X.509 certificates from SSL servers, which allows - - man-in-the-middle attackers to spoof POP3 servers and obtain sensitive - - information via a crafted certificate.</p> + <p>РеализаÑÐ¸Ñ POP3-ÑеÑез-SSL в getmail Ñ Ð²ÐµÑÑии 4.0.0 до веÑÑии 4.44.0 + не вÑполнÑÐµÑ Ð¿ÑовеÑÐºÑ ÑеÑÑиÑикаÑов X.509 SSL-ÑеÑвеÑов, ÑÑо позволÑÐµÑ + злоÑмÑÑленникам подделÑваÑÑ ÑеÑвеÑÑ POP3 и полÑÑаÑÑ ÑÑвÑÑвиÑелÑнÑÑ + инÑоÑмаÑÐ¸Ñ Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ ÑпеÑиалÑно ÑÑоÑмиÑованного ÑеÑÑиÑикаÑа.</p> </ul> - -<p>For the squeeze distribution, those problems have been fixed by importing - -a new upstream version: 4.46.0-1~deb6u1. The updated package has been - -prepared by Osamu Aoki.</p> +<p>РвÑпÑÑке squeeze ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð¿ÑÑÑм импоÑÑа +новой веÑÑии из оÑновной веÑки ÑазÑабоÑки: 4.46.0-1~deb6u1. ÐбновлÑннÑй Ð¿Ð°ÐºÐµÑ +бÑл подгоÑовлен ÐÑÐ°Ð¼Ñ Ðоки.</p> </define-tag> # do not modify the following line - --- english/security/2014/dla-116.wml 2016-04-06 03:02:53.000000000 +0500 +++ russian/security/2014/dla-116.wml 2016-06-27 22:14:08.255615381 +0500 @@ -1,45 +1,46 @@ - -<define-tag description>LTS security update</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи LTS</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities were discovered in the ntp package, an - -implementation of the Network Time Protocol.</p> +<p>РпакеÑе ntp, ÑеализаÑии пÑоÑокола ÑеÑевого вÑемени, бÑло обнаÑÑжено неÑколÑко +ÑÑзвимоÑÑей.</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9293">CVE-2014-9293</a> - - <p>ntpd generated a weak key for its internal use, with full - - administrative privileges. Attackers could use this key to - - reconfigure ntpd (or to exploit other vulnerabilities).</p></li> + <p>ntpd ÑоздаÑÑ ÑлабÑй клÑÑ Ð´Ð»Ñ Ð²Ð½ÑÑÑеннего иÑполÑзованиÑ, клÑÑ Ð¸Ð¼ÐµÐµÑ Ð¿Ð¾Ð»Ð½Ñе + админиÑÑÑаÑивнÑе пÑава. ÐлоÑмÑÑленники могÑÑ Ð¸ÑполÑзоваÑÑ ÑÑÐ¾Ñ ÐºÐ»ÑÑ + Ð´Ð»Ñ Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ Ð½Ð°ÑÑÑоек ntpd (или Ð´Ð»Ñ Ð¸ÑполÑÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ Ð´ÑÑÐ³Ð¸Ñ ÑÑзвимоÑÑей).</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9294">CVE-2014-9294</a> - - <p>The ntp-keygen utility generated weak MD5 keys with insufficient - - entropy.</p></li> + <p>УÑилиÑа ntp-keygen ÑоздаÑÑ ÑлабÑе клÑÑи MD5 Ñ Ð½ÐµÐ´Ð¾ÑÑаÑоÑной + ÑнÑÑопией.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9295">CVE-2014-9295</a> - - <p>ntpd had several buffer overflows (both on the stack and in the - - data section), allowing remote authenticated attackers to crash - - ntpd or potentially execute arbitrary code.</p></li> + <p>ntpd ÑодеÑÐ¶Ð¸Ñ Ð½ÐµÑколÑко пеÑеполнений бÑÑеÑа (ÑвÑÐ·Ð°Ð½Ñ Ð¸ Ñо ÑÑеком, и Ñ + даннÑми), ÑÑо позволÑÐµÑ ÑдалÑннÑм аÑÑенÑиÑиÑиÑованнÑм злоÑмÑÑленникам аваÑийно завеÑÑаÑÑ + ÑабоÑÑ ntpd или поÑенÑиалÑно вÑполнÑÑÑ Ð¿ÑоизволÑнÑй код.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9296">CVE-2014-9296</a> - - <p>The general packet processing function in ntpd did not handle an - - error case correctly.</p></li> + <p>ÐбÑÐ°Ñ ÑÑнкÑÐ¸Ñ Ð´Ð»Ñ Ð²ÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð³ÑаммаÑиÑеÑкого ÑазбоÑа пакеÑов в ntpd непÑавилÑно + обÑабаÑÑÐ²Ð°ÐµÑ Ð¾Ñибки.</p></li> </ul> - -<p>The default ntpd configuration in Debian restricts access to localhost - -(and possible the adjacent network in case of IPv6).</p> +<p>Ðо ÑмолÑÐ°Ð½Ð¸Ñ Ð½Ð°ÑÑÑойки ntpd в Debian огÑаниÑиваÑÑ Ð´Ð¾ÑÑÑп к локалÑной маÑине +(возможно, Ñакже и Ñмежной ÑеÑи в ÑлÑÑае иÑполÑÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ IPv6).</p> - -<p>Keys explicitly generated by "ntp-keygen -M" should be regenerated.</p>< +<p>ÐлÑÑи, ÑозданнÑе ÑвнÑм обÑазом Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ "ntp-keygen -M", ÑледÑÐµÑ ÑоздаÑÑ Ð·Ð°Ð½Ð¾Ð²Ð¾.</p>< - -<p>For the oldstable distribution (squeeze), these problems have been fixed in - -version 4.2.6.p2+dfsg-1+deb6u1.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 4.2.6.p2+dfsg-1+deb6u1.</p> - -<p>We recommend that you upgrade your heirloom-mailx packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ heirloom-mailx.</p> - -<p>Thanks to the Florian Weimer for the Red Hat security update.</p> +<p>ÐлагодаÑим ФлоÑиана ÐаймеÑа за обновление безопаÑноÑÑи Ð´Ð»Ñ Red Hat.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXcV7lAAoJEF7nbuICFtKlTZUQAIQLWp7MAXrocwThplNvtS/O Ma9yuUC82w+hWkRZhwR1hPBqAJmp6L3PjxcqMqY6mOjitdOFnXL2XXAXGDhxqEZn SmTFK9eOOH+GxwcVRO8LbHxn7mcLa/lubZLGPPxFywq5fopn/t39CbXlWVORW5/W RaocazujPFu3k+vcVdYdt0J1C7/1RTUETMyexvR+2TT+h8XPywolaAZjAfjoRbom jsiY6dZ6jkma+SOOTQVcSBRLM1L0Mfj/D7sGjYMsBpMQDZ5YV3rpcDCyWWt4QNaO yxc1YIBLLY8IDtBnfYDDXUJwUp5qQNihfrxq0zBwXkeNRIlVuQOKRzYkoIiV2K4m XNj3B5yKo6msTtDrg1QeVHdMr/81Rc9p5veNUzh5YHoFYLaG/7xLek+hbKA+vFAy 7MSdovB3+ef9X8+squM+9zmILTa/oZ8F3fql+Q0ZrJCsCfUhy9ZYA3XEwqb1ZBbg +pbQTBgJt7+J2ukLql97xbdr2yNk5DdkVuHLhWllj9ayQjWkav1CiCf9kMe5DBtl svosifVwNENrkBk35UZGcyc2uPfL+ICE8KqVYzuR2Kudahto0PA6VqPWAF/352hY sLjcwHO9hnLj5CkksViVgfhMelBhnfWNBaVpY6zDrvc8nxa5m4X5SQ48G061he+f pxz5kH2OI9l2XBt8FFUx =wToC -----END PGP SIGNATURE-----