-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- --- english/security/2017/dsa-3862.wml2017-05-26 11:08:56.0
+0500
+++ russian/security/2017/dsa-3862.wml 2017-05-26 11:15:43.935563948 +0500
@@ -1,21 +1,22 @@
- -security update
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+обновление
безопаÑноÑÑи
- -It was discovered that unrestricted YAML deserialisation of data sent
- -from agents to the server in the Puppet configuration management system
- -could result in the execution of arbitrary code.
+ÐÑло обнаÑÑжено, ÑÑо неогÑаниÑеннаÑ
YAML-деÑеÑиализаÑÐ¸Ñ Ð´Ð°Ð½Ð½ÑÑ
, оÑпÑавленнÑÑ
+агенÑами на ÑеÑÐ²ÐµÑ Ð² Puppet, ÑиÑÑеме
ÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ Ð½Ð°ÑÑÑойками,
+Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº вÑполнениÑ
пÑоизволÑного кода.
- -Note that this fix breaks backward compability with Puppet agents older
- -than 3.2.2 and there is no safe way to restore it. This affects puppet
- -agents running on Debian wheezy; we recommend to update the the
- -puppet version shipped in wheezy-backports.
+ÐамеÑÑÑе, ÑÑо данное иÑпÑавление ломаеÑ
ÑовмеÑÑимоÑÑÑ Ñ Puppet-агенÑами
+ÑÑаÑее веÑÑии 3.2.2, и безопаÑного ÑпоÑоба
воÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ ÑÑой ÑовмеÑÑимоÑÑи неÑ. ÐÑо
+каÑаеÑÑÑ Ð°Ð³ÐµÐ½Ñов puppet, запÑÑеннÑÑ
в Debian wheezy;
ÑекомендÑеÑÑÑ Ð²ÑполниÑÑ
+обновление до веÑÑии puppet, поÑÑавлÑемой в
wheezy-backports.
- -For the stable distribution (jessie), this problem has been fixed in
- -version 3.7.2-4+deb8u1.
+Ð ÑÑабилÑном вÑпÑÑке (jessie) ÑÑа пÑоблема
бÑла иÑпÑавлена в
+веÑÑии 3.7.2-4+deb8u1.
- -For the unstable distribution (sid), this problem has been fixed in
- -version 4.8.2-5.
+РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема
бÑла иÑпÑавлена в
+веÑÑии 4.8.2-5.
- -We recommend that you upgrade your puppet packages.
+РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ puppet.
# do not modify the following line
- --- english/security/2017/dsa-3863.wml2017-05-26 11:10:14.0
+0500
+++ russian/security/2017/dsa-3863.wml 2017-05-26 11:19:26.349237415 +0500
@@ -1,21 +1,23 @@
- -security update
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+обновление
безопаÑноÑÑи
- -This update fixes several vulnerabilities in imagemagick: Various memory
- -handling problems and cases of missing or incomplete input sanitising
- -may result in denial of service, memory disclosure or the execution of
- -arbitrary code if malformed RLE, ART, JNG, DDS, BMP, ICO, EPT, SUN, MTV,
- -PICT, XWD, PCD, SFW, MAT, EXR, DCM, MNG, PCX or SVG files are processed.
+Ðанное обновление иÑпÑавлÑÐµÑ Ð½ÐµÑколÑко
ÑÑзвимоÑÑей в imagemagick: ÑазлиÑнÑе
+пÑÐ¾Ð±Ð»ÐµÐ¼Ñ ÑабоÑÑ Ñ Ð¿Ð°Ð¼ÑÑÑÑ Ð¸ ÑлÑÑаи
оÑÑÑÑÑÑÐ²Ð¸Ñ Ð¸Ð»Ð¸ неполной оÑиÑÑки вÑ
однÑÑ
+даннÑÑ
могÑÑ Ð¿ÑиводиÑÑ Ðº оÑÐºÐ°Ð·Ñ Ð²
обÑлÑживании, ÑаÑкÑÑÑÐ¸Ñ ÑодеÑжимого памÑÑи
+или вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода в
ÑлÑÑае обÑабоÑки ÑпеÑиалÑно
ÑÑоÑмиÑованнÑÑ
+Ñайлов RLE, ART, JNG, DDS, BMP, ICO, EPT, SUN, MTV, PICT, XWD, PCD, SFW,
MAT,
+EXR, DCM, MNG, PCX или SVG.
- -For the stable distribution (jessie), these problems have been fixed in
- -version 8:6.8.9.9-5+deb8u9.
+Ð ÑÑабилÑном вÑпÑÑке (jessie) ÑÑи пÑоблемÑ
бÑли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð²
+веÑÑии 8:6.8.9.9-5+deb8u9.
- -For the upcoming stable distribution (stretch), these problems have been
- -fixed in version 8:6.9.7.4+dfsg-8.
+РгоÑовÑÑемÑÑ ÑÑабилÑном вÑпÑÑке (stretch)
ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли
+иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² веÑÑии 8:6.9.7.4+dfsg-8.
- -For the unstable distribution (sid), these problems have been fixed in
- -version 8:6.9.7.4+dfsg-8.
+РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑоблемÑ
бÑли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð²
+веÑÑии 8:6.9.7.4+dfsg-8.
- -We recommend that you upgrade your imagemagick packages.
+РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ imagemagick.
# do not modify the following line
-BEGIN PGP SIGNATURE-
iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlknyPIACgkQXudu4gIW
0qWg3Q/+KzvEOXmrqcEG7ofBg27IrTY6Ail0n1bgBBCXNh6n4XDmiRDkVIFvZVJz
3HhxyjPQSPbqYzNtN6I3j7kxpx3dflVNnJbvKPJHzKEkQZAXT7lcIygPDQTqu/Ri
cglfvCDxhJZHaAF31AIMGxjr+32THFfgcElWgoZN/xFfRangqDVoykiWatwmNct5