-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2016/dsa-3451.wml 2016-01-22 14:06:04.000000000 +0500 +++ russian/security/2016/dsa-3451.wml 2016-01-22 21:41:16.335883188 +0500 @@ -1,29 +1,30 @@ - -<define-tag description>security update</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи</define-tag> <define-tag moreinfo> - -<p>Jann Horn discovered a vulnerability in the fuse (Filesystem in - -Userspace) package in Debian. The fuse package ships an udev rule - -adjusting permissions on the related /dev/cuse character device, making - -it world writable.</p> +<p>Ян ХоÑн обнаÑÑжил ÑÑзвимоÑÑÑ Ð² пакеÑе fuse (Ñайловой ÑиÑÑеме в +пÑоÑÑÑанÑÑве полÑзоваÑелÑ) в Debian. ÐÐ°ÐºÐµÑ fuse ÑодеÑÐ¶Ð¸Ñ Ð¿Ñавило udev, +изменÑÑÑее пÑава доÑÑÑпа к ÑвÑÐ·Ð°Ð½Ð½Ð¾Ð¼Ñ ÑимволÑÐ½Ð¾Ð¼Ñ ÑÑÑÑойÑÑÐ²Ñ /dev/cuse, +Ð´ÐµÐ»Ð°Ñ ÐµÐ³Ð¾ оÑкÑÑÑÑм Ð´Ð»Ñ Ð·Ð°Ð¿Ð¸Ñи лÑÐ±Ð¾Ð¼Ñ Ð¿Ð¾Ð»ÑзоваÑелÑ.</p> - -<p>This permits a local, unprivileged attacker to create an - -arbitrarily-named character device in /dev and modify the memory of any - -process that opens it and performs an ioctl on it.</p> +<p>ÐÑа ÑÑзвимоÑÑÑ Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÐµÑ Ð»Ð¾ÐºÐ°Ð»ÑÐ½Ð¾Ð¼Ñ Ð½ÐµÐ¿ÑивилегиÑÐ¾Ð²Ð°Ð½Ð½Ð¾Ð¼Ñ Ð·Ð»Ð¾ÑмÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÑ ÑоздаваÑÑ +ÑимволÑное ÑÑÑÑойÑÑво в /dev Ñ Ð¿ÑоизволÑнÑм именем и изменÑÑÑ ÑодеÑжимое памÑÑи +лÑбого пÑоÑеÑÑа, оÑкÑÑваÑÑего ÑÑо ÑÑÑÑойÑÑво и вÑполнÑÑÑего на нÑм ÑÑнкÑÐ¸Ñ ioctl.</p> - -<p>This in turn might allow a local, unprivileged attacker to escalate to - -root privileges.</p> +<p>Ð ÑÐ²Ð¾Ñ Ð¾ÑеÑÐµÐ´Ñ ÑÑо Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº ÑомÑ, ÑÑо локалÑнÑй непÑивилегиÑованнÑй полÑзоваÑÐµÐ»Ñ +повÑÑÐ¸Ñ Ñвои пÑава доÑÑÑпа до ÑÑÐ¾Ð²Ð½Ñ ÑÑпеÑполÑзоваÑелÑ.</p> - -<p>For the oldstable distribution (wheezy), the fuse package is not affected.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (wheezy) Ð¿Ð°ÐºÐµÑ fuse не подвеÑжен данной ÑÑзвимоÑÑи.</p> - -<p>For the stable distribution (jessie), this problem has been fixed in - -version 2.9.3-15+deb8u2.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (jessie) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.9.3-15+deb8u2.</p> - -<p>For the testing distribution (stretch), this problem has been fixed - -in version 2.9.5-1.</p> +<p>Ð ÑеÑÑиÑÑемом вÑпÑÑке (stretch) ÑÑа пÑоблема бÑла иÑпÑавлена +в веÑÑии 2.9.5-1.</p> - -<p>For the unstable distribution (sid), this problem has been fixed in - -version 2.9.5-1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.9.5-1.</p> - -<p>We recommend that you upgrade your fuse packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ fuse.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJWolvLAAoJEF7nbuICFtKlzMoP/R9zrlUGF0yG8568Mf6PouNk lnEF6Z+EqEvbQUkO8pS8Gk0jphYLJT92mi30U97FVIosLTdfl9zGKZH7qi0zPjiQ rElbAufXePmcc5lF1k6J/hKA7w89wlHAPrcvjxzfeVzZXQVcqmQNj5kfKuWeKq9A dEL4H2P6Lh3rMyWsCePxLnsbfBc/DPjw9tKCY5JfM5mbcOI8L/cMpAuXpKqS7tig g1bCxZ0TiweL3cxOjzYMuqhVo2rA7XbEVKlif5dRZQhUZax3hXyftaYJXM1lmXPm 7KJRURRo+uE70UewU7twVZJUKAKlafoUnN8Gya1qOvd/0wZ1p1n4AxSjiucKUzH2 xNkyeArKjPq/tHc7R/RH0Z4/kOuvba8PqvmmAfnVmBnGMBU0ufyJ2zbhDYT/dZHn 9l2O9MOJxdSwGySowoekb0Vu/8xpB4FRE4i3R7NrAsCfAK0s9wbrOlOc/kfF8v0O 63K6aPZVSEoENchOURnfeqz+5U+1zNe2O+pwxLDonJTkFGIr+D3s9FaduPSLeYFm aqodF8ziaUALlLVefM/8kn53iwyYrQ5AzERv+V8nFu6fKboGcZsUmBfK8WDZqVY+ zYKHUfY+CPKkJsrcHWSOUVk9y3Vqb8J1MIzGLR/JURyf193HN1IqcIdDeyKoSvZb aYWla6llW+qiGlI8WRbK =5q+Y -----END PGP SIGNATURE-----