--- ../../english/security/2018/dsa-4213.wml 2018-05-31 12:00:54.128977552 +0500 +++ 2018/dsa-4213.wml 2018-05-31 12:18:31.328505699 +0500 @@ -1,81 +1,81 @@ +#use wml::debian::translation-check translation="72e985dfa9b7a9be1fca49944d2bccd5d39a088c" <define-tag description>security update</define-tag> <define-tag moreinfo> -<p>Several vulnerabilities were discovered in qemu, a fast processor -emulator.</p> +<p>Ð qemu, бÑÑÑÑом ÑмÑлÑÑоÑе пÑоÑеÑÑоÑа, бÑло обнаÑÑжено неÑколÑко +ÑÑзвимоÑÑей.</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-15038">CVE-2017-15038</a> - <p>Tuomas Tynkkynen discovered an information leak in 9pfs.</p></li> + <p>ТÑÐ¾Ð¼Ð°Ñ Ð¢ÑнккÑнен обнаÑÑжил ÑÑеÑÐºÑ Ð¸Ð½ÑоÑмаÑии в 9pfs.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-15119">CVE-2017-15119</a> - <p>Eric Blake discovered that the NBD server insufficiently restricts - large option requests, resulting in denial of service.</p></li> + <p>ÐÑик ÐлÑйк обнаÑÑжил, ÑÑо NBD-ÑеÑÐ²ÐµÑ Ð½ÐµÐ´Ð¾ÑÑаÑоÑно огÑаниÑÐ¸Ð²Ð°ÐµÑ + болÑÑие запÑоÑÑ Ð¾Ð¿Ñий, ÑÑо пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-15124">CVE-2017-15124</a> - <p>Daniel Berrange discovered that the integrated VNC server - insufficiently restricted memory allocation, which could result in - denial of service.</p></li> + <p>ÐÑниÑл ÐеÑÑанж обнаÑÑжил, ÑÑо инÑегÑиÑованнÑй VNC-ÑеÑÐ²ÐµÑ + недоÑÑаÑоÑно огÑаниÑÐ¸Ð²Ð°ÐµÑ Ð²Ñделение памÑÑи, ÑÑо Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº + оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-15268">CVE-2017-15268</a> - <p>A memory leak in websockets support may result in denial of service.</p></li> + <p>УÑеÑка памÑÑи в поддеÑжке веб-ÑокеÑов Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-15289">CVE-2017-15289</a> - <p>Guoxiang Niu discovered an OOB write in the emulated Cirrus graphics - adaptor which could result in denial of service.</p></li> + <p>ÐоÑÑн ÐÑ Ð¾Ð±Ð½Ð°ÑÑжил запиÑÑ Ð·Ð° пÑеделами вÑделенного бÑÑеÑа памÑÑи в ÑмÑлÑÑии гÑаÑиÑеÑкого + адапÑеÑа Cirrus, коÑоÑÐ°Ñ Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-16845">CVE-2017-16845</a> - <p>Cyrille Chatras discovered an information leak in PS/2 mouse and - keyboard emulation which could be exploited during instance - migration.</p></li> + <p>СиÑил ЧаÑÑÐ°Ñ Ð¾Ð±Ð½Ð°ÑÑжил ÑÑеÑÐºÑ Ð¸Ð½ÑоÑмаÑии в ÑмÑлÑÑии PS/2 клавиаÑÑÑÑ Ð¸ мÑÑи, + коÑоÑÐ°Ñ Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑÑÑ Ð² Ñ Ð¾Ð´Ðµ мигÑаÑии + ÑкземплÑÑов.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-17381">CVE-2017-17381</a> - <p>Dengzhan Heyuandong Bijunhua and Liweichao discovered that an - implementation error in the virtio vring implementation could result - in denial of service.</p></li> + <p>ÐÑнÑÐ¶Ð°Ð½Ñ Ð¥ÑÑанÑдÑн ÐиÑзÑнÑÑ Ñа и ÐивÑйÑао обнаÑÑжили, ÑÑо + оÑибка ÑеализаÑии в ÑеализаÑии vring в virtio Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ + к оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-18043">CVE-2017-18043</a> - <p>Eric Blake discovered an integer overflow in an internally used - macro which could result in denial of service.</p></li> + <p>ÐÑик ÐлÑйк обнаÑÑжил пеÑеполнение ÑелÑÑ ÑиÑел во внÑÑÑенне иÑполÑзÑемом + макÑоÑе, коÑоÑое Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2018-5683">CVE-2018-5683</a> - <p>Jiang Xin and Lin ZheCheng discovered an OOB memory access in the - emulated VGA adaptor which could result in denial of service.</p></li> + <p>ЦзÑн Ð¡Ð¸Ð½Ñ Ð¸ ÐÐ¸Ð½Ñ Ð§Ð¶ÑЧÑн обнаÑÑжил доÑÑÑп к памÑÑи за гÑаниÑами вÑделенного бÑÑеÑа в + ÑмÑлÑÑии VGA-адапÑеÑа, коÑоÑÑй Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2018-7550">CVE-2018-7550</a> - <p>Cyrille Chatras discovered that an OOB memory write when using - multiboot could result in the execution of arbitrary code.</p></li> + <p>СиÑил ЧаÑÑÐ°Ñ Ð¾Ð±Ð½Ð°ÑÑжил, ÑÑо запиÑÑ Ð·Ð° пÑеделами вÑделенного бÑÑеÑа памÑÑи в Ñ Ð¾Ð´Ðµ + иÑполÑÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ Ð¼ÑлÑÑизагÑÑзки Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода.</p></li> </ul> -<p>This update also backports a number of mitigations against the Spectre -v2 vulnerability affecting modern CPUs +<p>Ðанное обновление ÑодеÑÐ¶Ð¸Ñ Ð¾Ð±ÑаÑнÑй пеÑÐµÐ½Ð¾Ñ ÑÑда ÑÑедÑÑв Ð´Ð»Ñ ÑÐ½Ð¸Ð¶ÐµÐ½Ð¸Ñ ÑÑепени опаÑноÑÑи +Ð¾Ñ ÑÑзвимоÑÑи Spectre v2, каÑаÑÑейÑÑ ÑовÑеменнÑÑ Ð¦Ð (<a href="https://security-tracker.debian.org/tracker/CVE-2017-5715">\ -CVE-2017-5715</a>). For additional information please refer to +CVE-2017-5715</a>). Ðа дополниÑелÑной инÑоÑмаÑией обÑаÑайÑеÑÑ Ð¿Ð¾ адÑеÑÑ <a href="https://www.qemu.org/2018/01/04/spectre/">\ https://www.qemu.org/2018/01/04/spectre/</a></p> -<p>For the stable distribution (stretch), these problems have been fixed in -version 1:2.8+dfsg-6+deb9u4.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (stretch) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 1:2.8+dfsg-6+deb9u4.</p> -<p>We recommend that you upgrade your qemu packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ qemu.</p> -<p>For the detailed security status of qemu please refer to -its security tracker page at: +<p>С подÑобнÑм ÑÑаÑÑÑом поддеÑжки безопаÑноÑÑи qemu можно ознакомиÑÑÑÑ Ð½Ð° +ÑооÑвеÑÑÑвÑÑÑей ÑÑÑаниÑе оÑÑÐ»ÐµÐ¶Ð¸Ð²Ð°Ð½Ð¸Ñ Ð±ÐµÐ·Ð¾Ð¿Ð°ÑноÑÑи по адÑеÑÑ <a href="https://security-tracker.debian.org/tracker/qemu">\ https://security-tracker.debian.org/tracker/qemu</a></p> </define-tag> # do not modify the following line #include "$(ENGLISHDIR)/security/2018/dsa-4213.data" -# $Id$