dsa-3451.wml}

Lev Lamberov Fri, 22 Jan 2016 09:00:40 -0800

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2016/dsa-3451.wml        2016-01-22 14:06:04.000000000 
+0500
+++ russian/security/2016/dsa-3451.wml  2016-01-22 21:41:16.335883188 +0500
@@ -1,29 +1,30 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ðµ 
Ð±ÐµÐ·Ð¾Ð¿Ð°ÑÐ½Ð¾ÑÑÐ¸</define-tag>
 <define-tag moreinfo>
- -<p>Jann Horn discovered a vulnerability in the fuse (Filesystem in
- -Userspace) package in Debian. The fuse package ships an udev rule
- -adjusting permissions on the related /dev/cuse character device, making
- -it world writable.</p>
+<p>Ð¯Ð½ Ð¥Ð¾ÑÐ½ Ð¾Ð±Ð½Ð°ÑÑÐ¶Ð¸Ð» ÑÑÐ·Ð²Ð¸Ð¼Ð¾ÑÑÑ Ð² Ð¿Ð°ÐºÐµÑÐµ fuse 
(ÑÐ°Ð¹Ð»Ð¾Ð²Ð¾Ð¹ ÑÐ¸ÑÑÐµÐ¼Ðµ Ð²
+Ð¿ÑÐ¾ÑÑÑÐ°Ð½ÑÑÐ²Ðµ Ð¿Ð¾Ð»ÑÐ·Ð¾Ð²Ð°ÑÐµÐ»Ñ) Ð² Debian. ÐÐ°ÐºÐµÑ fuse 
ÑÐ¾Ð´ÐµÑÐ¶Ð¸Ñ Ð¿ÑÐ°Ð²Ð¸Ð»Ð¾ udev,
+Ð¸Ð·Ð¼ÐµÐ½ÑÑÑÐµÐµ Ð¿ÑÐ°Ð²Ð° Ð´Ð¾ÑÑÑÐ¿Ð° Ðº ÑÐ²ÑÐ·Ð°Ð½Ð½Ð¾Ð¼Ñ 
ÑÐ¸Ð¼Ð²Ð¾Ð»ÑÐ½Ð¾Ð¼Ñ ÑÑÑÑÐ¾Ð¹ÑÑÐ²Ñ /dev/cuse,
+Ð´ÐµÐ»Ð°Ñ ÐµÐ³Ð¾ Ð¾ÑÐºÑÑÑÑÐ¼ Ð´Ð»Ñ Ð·Ð°Ð¿Ð¸ÑÐ¸ Ð»ÑÐ±Ð¾Ð¼Ñ 
Ð¿Ð¾Ð»ÑÐ·Ð¾Ð²Ð°ÑÐµÐ»Ñ.</p>
 
- -<p>This permits a local, unprivileged attacker to create an
- -arbitrarily-named character device in /dev and modify the memory of any
- -process that opens it and performs an ioctl on it.</p>
+<p>ÐÑÐ° ÑÑÐ·Ð²Ð¸Ð¼Ð¾ÑÑÑ Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÐµÑ Ð»Ð¾ÐºÐ°Ð»ÑÐ½Ð¾Ð¼Ñ 
Ð½ÐµÐ¿ÑÐ¸Ð²Ð¸Ð»ÐµÐ³Ð¸ÑÐ¾Ð²Ð°Ð½Ð½Ð¾Ð¼Ñ Ð·Ð»Ð¾ÑÐ¼ÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÑ 
ÑÐ¾Ð·Ð´Ð°Ð²Ð°ÑÑ
+ÑÐ¸Ð¼Ð²Ð¾Ð»ÑÐ½Ð¾Ðµ ÑÑÑÑÐ¾Ð¹ÑÑÐ²Ð¾ Ð² /dev Ñ Ð¿ÑÐ¾Ð¸Ð·Ð²Ð¾Ð»ÑÐ½ÑÐ¼ 
Ð¸Ð¼ÐµÐ½ÐµÐ¼ Ð¸ Ð¸Ð·Ð¼ÐµÐ½ÑÑÑ ÑÐ¾Ð´ÐµÑÐ¶Ð¸Ð¼Ð¾Ðµ Ð¿Ð°Ð¼ÑÑÐ¸
+Ð»ÑÐ±Ð¾Ð³Ð¾ Ð¿ÑÐ¾ÑÐµÑÑÐ°, Ð¾ÑÐºÑÑÐ²Ð°ÑÑÐµÐ³Ð¾ ÑÑÐ¾ 
ÑÑÑÑÐ¾Ð¹ÑÑÐ²Ð¾ Ð¸ Ð²ÑÐ¿Ð¾Ð»Ð½ÑÑÑÐµÐ³Ð¾ Ð½Ð° Ð½ÑÐ¼ ÑÑÐ½ÐºÑÐ¸Ñ 
ioctl.</p>
 
- -<p>This in turn might allow a local, unprivileged attacker to escalate to
- -root privileges.</p>
+<p>Ð ÑÐ²Ð¾Ñ Ð¾ÑÐµÑÐµÐ´Ñ ÑÑÐ¾ Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑÐ¸Ð²Ð¾Ð´Ð¸ÑÑ Ðº 
ÑÐ¾Ð¼Ñ, ÑÑÐ¾ Ð»Ð¾ÐºÐ°Ð»ÑÐ½ÑÐ¹ Ð½ÐµÐ¿ÑÐ¸Ð²Ð¸Ð»ÐµÐ³Ð¸ÑÐ¾Ð²Ð°Ð½Ð½ÑÐ¹ 
Ð¿Ð¾Ð»ÑÐ·Ð¾Ð²Ð°ÑÐµÐ»Ñ
+Ð¿Ð¾Ð²ÑÑÐ¸Ñ ÑÐ²Ð¾Ð¸ Ð¿ÑÐ°Ð²Ð° Ð´Ð¾ÑÑÑÐ¿Ð° Ð´Ð¾ ÑÑÐ¾Ð²Ð½Ñ 
ÑÑÐ¿ÐµÑÐ¿Ð¾Ð»ÑÐ·Ð¾Ð²Ð°ÑÐµÐ»Ñ.</p>
 
- -<p>For the oldstable distribution (wheezy), the fuse package is not 
affected.</p>
+<p>Ð Ð¿ÑÐµÐ´ÑÐ´ÑÑÐµÐ¼ ÑÑÐ°Ð±Ð¸Ð»ÑÐ½Ð¾Ð¼ Ð²ÑÐ¿ÑÑÐºÐµ (wheezy) 
Ð¿Ð°ÐºÐµÑ fuse Ð½Ðµ Ð¿Ð¾Ð´Ð²ÐµÑÐ¶ÐµÐ½ Ð´Ð°Ð½Ð½Ð¾Ð¹ ÑÑÐ·Ð²Ð¸Ð¼Ð¾ÑÑÐ¸.</p>
 
- -<p>For the stable distribution (jessie), this problem has been fixed in
- -version 2.9.3-15+deb8u2.</p>
+<p>Ð ÑÑÐ°Ð±Ð¸Ð»ÑÐ½Ð¾Ð¼ Ð²ÑÐ¿ÑÑÐºÐµ (jessie) ÑÑÐ° Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ð° 
Ð±ÑÐ»Ð° Ð¸ÑÐ¿ÑÐ°Ð²Ð»ÐµÐ½Ð° Ð²
+Ð²ÐµÑÑÐ¸Ð¸ 2.9.3-15+deb8u2.</p>
 
- -<p>For the testing distribution (stretch), this problem has been fixed
- -in version 2.9.5-1.</p>
+<p>Ð ÑÐµÑÑÐ¸ÑÑÐµÐ¼Ð¾Ð¼ Ð²ÑÐ¿ÑÑÐºÐµ (stretch) ÑÑÐ° Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ð° 
Ð±ÑÐ»Ð° Ð¸ÑÐ¿ÑÐ°Ð²Ð»ÐµÐ½Ð°
+Ð² Ð²ÐµÑÑÐ¸Ð¸ 2.9.5-1.</p>
 
- -<p>For the unstable distribution (sid), this problem has been fixed in
- -version 2.9.5-1.</p>
+<p>Ð Ð½ÐµÑÑÐ°Ð±Ð¸Ð»ÑÐ½Ð¾Ð¼ Ð²ÑÐ¿ÑÑÐºÐµ (sid) ÑÑÐ° Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ð° 
Ð±ÑÐ»Ð° Ð¸ÑÐ¿ÑÐ°Ð²Ð»ÐµÐ½Ð° Ð²
+Ð²ÐµÑÑÐ¸Ð¸ 2.9.5-1.</p>
 
- -<p>We recommend that you upgrade your fuse packages.</p>
+<p>Ð ÐµÐºÐ¾Ð¼ÐµÐ½Ð´ÑÐµÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ fuse.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----


iQIcBAEBCgAGBQJWolvLAAoJEF7nbuICFtKlzMoP/R9zrlUGF0yG8568Mf6PouNk
lnEF6Z+EqEvbQUkO8pS8Gk0jphYLJT92mi30U97FVIosLTdfl9zGKZH7qi0zPjiQ
rElbAufXePmcc5lF1k6J/hKA7w89wlHAPrcvjxzfeVzZXQVcqmQNj5kfKuWeKq9A
dEL4H2P6Lh3rMyWsCePxLnsbfBc/DPjw9tKCY5JfM5mbcOI8L/cMpAuXpKqS7tig
g1bCxZ0TiweL3cxOjzYMuqhVo2rA7XbEVKlif5dRZQhUZax3hXyftaYJXM1lmXPm
7KJRURRo+uE70UewU7twVZJUKAKlafoUnN8Gya1qOvd/0wZ1p1n4AxSjiucKUzH2
xNkyeArKjPq/tHc7R/RH0Z4/kOuvba8PqvmmAfnVmBnGMBU0ufyJ2zbhDYT/dZHn
9l2O9MOJxdSwGySowoekb0Vu/8xpB4FRE4i3R7NrAsCfAK0s9wbrOlOc/kfF8v0O
63K6aPZVSEoENchOURnfeqz+5U+1zNe2O+pwxLDonJTkFGIr+D3s9FaduPSLeYFm
aqodF8ziaUALlLVefM/8kn53iwyYrQ5AzERv+V8nFu6fKboGcZsUmBfK8WDZqVY+
zYKHUfY+CPKkJsrcHWSOUVk9y3Vqb8J1MIzGLR/JURyf193HN1IqcIdDeyKoSvZb
aYWla6llW+qiGlI8WRbK
=5q+Y
-----END PGP SIGNATURE-----

[DONE] wml://{security/2016/dsa-3451.wml}

Ответить