-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2018/dsa-4104.wml 2018-02-05 01:45:08.000000000 +0500 +++ russian/security/2018/dsa-4104.wml 2018-02-05 10:08:10.204024883 +0500 @@ -1,23 +1,25 @@ - -<define-tag description>security update</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи</define-tag> <define-tag moreinfo> - -<p>'landave' discovered a heap-based buffer overflow vulnerability in the - -NCompress::NShrink::CDecoder::CodeReal method in p7zip, a 7zr file - -archiver with high compression ratio. A remote attacker can take - -advantage of this flaw to cause a denial-of-service or, potentially the - -execution of arbitrary code with the privileges of the user running - -p7zip, if a specially crafted shrinked ZIP archive is processed.</p> +<p>'landave' обнаÑÑжил пеÑеполнение динамиÑеÑкой памÑÑи в +меÑоде NCompress::NShrink::CDecoder::CodeReal в p7zip, аÑÑ Ð¸Ð²Ð°ÑоÑе Ñайлов +7zr Ñ Ð²ÑÑокой ÑÑепенÑÑ ÑжаÑиÑ. УдалÑннÑй злоÑмÑÑленник Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑ +ÑÑÑ ÑÑзвимоÑÑÑ Ð´Ð»Ñ Ð²Ñзова оÑказа в обÑлÑживании или поÑенÑиалÑного вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ +пÑоизволÑного кода Ñ Ð¿Ñавами полÑзоваÑелÑ, запÑÑÑивÑего p7zip в ÑлÑÑае +обÑабоÑки ÑпеÑиалÑно ÑÑоÑмиÑованного ÑокÑаÑÑнного ZIP-аÑÑ Ð¸Ð²Ð°.</p> - -<p>For the oldstable distribution (jessie), this problem has been fixed - -in version 9.20.1~dfsg.1-4.1+deb8u3.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (jessie) ÑÑа пÑоблема бÑла иÑпÑавлена +в веÑÑии 9.20.1~dfsg.1-4.1+deb8u3.</p> - -<p>For the stable distribution (stretch), this problem has been fixed in - -version 16.02+dfsg-3+deb9u1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (stretch) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 16.02+dfsg-3+deb9u1.</p> - -<p>We recommend that you upgrade your p7zip packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ p7zip.</p> - -<p>For the detailed security status of p7zip please refer to its security - -tracker page at: - -<a href="https://security-tracker.debian.org/tracker/p7zip">https://security-tracker.debian.org/tracker/p7zip</a></p> +<p>С подÑобнÑм ÑÑаÑÑÑом поддеÑжки безопаÑноÑÑи p7zip можно ознакомиÑÑÑÑ Ð½Ð° +ÑооÑвеÑÑÑвÑÑÑей ÑÑÑаниÑе оÑÑÐ»ÐµÐ¶Ð¸Ð²Ð°Ð½Ð¸Ñ Ð±ÐµÐ·Ð¾Ð¿Ð°ÑноÑÑи по адÑеÑÑ +<a href="https://security-tracker.debian.org/tracker/p7zip">\ +https://security-tracker.debian.org/tracker/p7zip</a></p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlp35t0ACgkQXudu4gIW 0qXyDg/7BvnhT/+loMon5iXD+GlQIxkf0GnSa6i2VkQnkT0A2fKNVT6vYWUGe2cx DW1i4iRJrfsjautRJA+R/lB3rjDBd8LIWIVeQebUZHO8eTg44KZpkjL+XpaK71JD 6xVk17YxuOXzomxkoB3+oyqMFwckIpxlNRH0p7YRIJUdL06w/V5Yhp2lOeVUFuSP YmqbQT/fBc4Caq4TR/v/qaOBC5Brdp6M1MSl3F7f2moZmDLgFnUanjysBcm8v1Oi +1NCu9y22cLg/fikus2d9M35Fz82fnoTJvOazzJipmRouUvEzg5okmptK+RaHcwj /jBkvucOFEPiQQ91UZF1/ldCpJ/nwtvFf4vueNRzcNROdzgjEUHdzeZkIuEbfCTE 5Tn3LjMjzQDDeZWoiIHcm97NcSpXTalaBKuDH4phbc7dZdETJJQne2dmILEo/RMV hUCFXxpPk4zzv42RXrOno9PTAUWw1lh0/ksbZzXaXV6b3BVJN7pB0uLPCrgIPESL pd/r9hsU8cYpfLTje+LDJHiPX0oRSryCCTLPkBNYqTxau8+ev92PfPQXPZ92MtRU pPmjHMSqwVivzVQdLHFeWqNDsJLKn7fhjozsTBSZNNmySKzYh0UYBoq2ahBYdUKH 7XlbqbCrL+YaBH0xUVkPE+UiALqSO4IPMq8ZOkpWSJd4WgPe5GE= =bZFF -----END PGP SIGNATURE-----