-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- --- english/security/2011/dsa-2362.wml2014-04-30 13:16:25.0
+0600
+++ russian/security/2011/dsa-2362.wml 2016-09-18 16:32:08.612182758 +0500
@@ -1,40 +1,41 @@
- -several vulnerabilities
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+неÑколÑко ÑÑзвимоÑÑей
- -Multiple vulnerabilities were found in the ACPI Daemon, the Advanced
- -Configuration and Power Interface event daemon:
+Ð ÑлÑжбе ACPI, ÑлÑжбе ÑобÑÑий
ÑÑовеÑÑенÑÑвованного инÑеÑÑейÑа
ÑпÑавлениÑ
+конÑигÑÑаÑией и пиÑанием, бÑли обнаÑÑженÑ
многоÑиÑленнÑе ÑÑзвимоÑÑи:
https://security-tracker.debian.org/tracker/CVE-2011-1159";>CVE-2011-1159
- -Vasiliy Kulikov of OpenWall discovered that the socket handling
- -is vulnerable to denial of service.
+ÐаÑилий ÐÑликов из OpenWall обнаÑÑжил, ÑÑо
обÑабоÑка ÑокеÑов ÑÑзвима
+к оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании.
https://security-tracker.debian.org/tracker/CVE-2011-2777";>CVE-2011-2777
- -Oliver-Tobias Ripka discovered that incorrect process handling in
- -the Debian-specific powerbtn.sh script could lead to local
- -privilege escalation. This issue doesn't affect oldstable. The
- -script is only shipped as an example in /usr/share/doc/acpid/examples.
- -See /usr/share/doc/acpid/README.Debian for details.
+ÐливÑе-Ð¢Ð¾Ð±Ð¸Ð°Ñ Ð Ð¸Ð¿ÐºÐ° обнаÑÑжил, ÑÑо
некоÑÑекÑÐ½Ð°Ñ Ð¾Ð±ÑабоÑка пÑоÑеÑÑов в
+ÑÑенаÑии powerbtn.sh (ÑпеÑиалÑно Ð´Ð»Ñ Debian)
Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº локалÑномÑ
+повÑÑÐµÐ½Ð¸Ñ Ð¿Ñивилегий. ÐÑа пÑоблема не
каÑаеÑÑÑ Ð¿ÑедÑдÑÑего ÑÑабилÑного вÑпÑÑка.
+ÐÑÐ¾Ñ ÑÑенаÑий поÑÑавлÑеÑÑÑ Ð² каÑеÑÑве
пÑимеÑа в каÑалоге /usr/share/doc/acpid/examples.
+ÐодÑобноÑÑи иÑиÑе в Ñайле
/usr/share/doc/acpid/README.Debian.
https://security-tracker.debian.org/tracker/CVE-2011-4578";>CVE-2011-4578
- -Helmut Grohne and Michael Biebl discovered that acpid sets a umask
- -of 0 when executing scripts, which could result in local privilege
- -escalation.
+ÐелÑмÑÑ ÐÑоне и ÐиÑ
аÑÐ»Ñ ÐиблÑ
обнаÑÑжили, ÑÑо acpid ÑÑÑÐ°Ð½Ð°Ð²Ð»Ð¸Ð²Ð°ÐµÑ Ð¼Ð°ÑкÑ
+Ñо знаÑением 0 пÑи вÑполнении ÑÑенаÑиев,
ÑÑо Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº локалÑÐ½Ð¾Ð¼Ñ Ð¿Ð¾Ð²ÑÑениÑ
+пÑивилегий.
- -For the oldstable distribution (lenny), this problem has been fixed in
- -version 1.0.8-1lenny4.
+РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (lenny) ÑÑа
пÑоблема бÑла иÑпÑавлена в
+веÑÑии 1.0.8-1lenny4.
- -For the stable distribution (squeeze), this problem has been fixed in
- -version 1:2.0.7-1squeeze3.
+Ð ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑа пÑоблема
бÑла иÑпÑавлена в
+веÑÑии 1:2.0.7-1squeeze3.
- -For the unstable distribution (sid), this problem will be fixed soon.
+РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема
бÑÐ´ÐµÑ Ð¸ÑпÑавлена позже.
- -We recommend that you upgrade your acpid packages.
+РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ acpid.
# do not modify the following line
- --- english/security/2011/dsa-2363.wml2011-12-17 01:07:25.0
+0600
+++ russian/security/2011/dsa-2363.wml 2016-09-18 16:39:11.359120815 +0500
@@ -1,37 +1,38 @@
- -buffer overflow
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+пеÑеполнение бÑÑеÑа
- -It was discovered that Tor, an online privacy tool, incorrectly computes
- -buffer sizes in certain cases involving SOCKS connections. Malicious
- -parties could use this to cause a heap-based buffer overflow, potentially
- -allowing execution of arbitrary code.
- -
- -In Tor's default configuration this issue can only be triggered by
- -clients that can connect to Tor's SOCKS port, which listens only on
- -localhost by default.
- -
- -In non-default configurations where Tor's SocksPort listens not only on
- -localhost or where Tor was configured to use another SOCKS server for all of
- -its outgoing connections, Tor is vulnerable to a larger set of malicious
- -parties.
- -
- -For the oldstable distribution (lenny), this problem has been fixed in
- -version 0.2.1.32-1.
- -
- -For the stable distribution (squeeze), this problem has been fixed in
- -version 0.2.2.35-1~squeeze+1.
- -
- -For the unstable (sid) and testing (wheezy) distributions, this problem
has been fixed in
- -version 0.2.2.35-1.
- -
- -For th