-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2015/dla-227.wml 2016-04-07 03:10:34.000000000 +0500 +++ russian/security/2015/dla-227.wml 2016-05-04 16:30:05.537419965 +0500 @@ -1,39 +1,40 @@ - -<define-tag description>LTS security update</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи LTS</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities were discovered in PostgreSQL, a relational - -database server system. The 8.4 branch is EOLed upstream, but still - -present in Debian squeeze. This new LTS minor version contains the - -fixes that were applied upstream to the 9.0.20 version, backported to - -8.4.22 which was the last version officially released by the PostgreSQL - -developers. This LTS effort for squeeze-lts is a community project - -sponsored by credativ GmbH.</p> +<p>Ð PostgreSQL, ÑеÑвеÑной ÑиÑÑеме ÑелÑÑионнÑÑ Ð±Ð°Ð· даннÑÑ , бÑло обнаÑÑжено +неÑколÑко ÑÑзвимоÑÑей. ÐоддеÑжка веÑки 8.4 в оÑновной веÑке ÑазÑабоÑки бÑла пÑекÑаÑена, но +ÑÑа веÑÑÐ¸Ñ Ð²ÑÑ ÐµÑÑ Ð¿ÑиÑÑÑÑÑвÑÐµÑ Ð² Debian squeeze. ÐÐ°Ð½Ð½Ð°Ñ Ð½Ð¾Ð²Ð°Ñ Ð¼Ð¸Ð½Ð¾ÑÐ½Ð°Ñ Ð²ÐµÑÑÐ¸Ñ LTS ÑодеÑÐ¶Ð¸Ñ +иÑпÑавлениÑ, коÑоÑÑй бÑли пÑÐ¸Ð¼ÐµÐ½ÐµÐ½Ñ Ð² оÑновной веÑке к веÑÑии 9.0.20 и адапÑиÑÐ¾Ð²Ð°Ð½Ñ +Ð´Ð»Ñ 8.4.22, коÑоÑÐ°Ñ Ð±Ñла поÑледней веÑÑией, оÑиÑиалÑно вÑпÑÑенной ÑазÑабоÑÑиками +PostgreSQL. ÐÐ°Ð½Ð½Ð°Ñ ÑабоÑа Ð´Ð»Ñ squeeze-lts ÑвлÑеÑÑÑ Ð¿ÑоекÑом ÑообÑеÑÑва +и ÑпонÑиÑÑеÑÑÑ credativ GmbH.</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-3165">CVE-2015-3165</a>: - -<p>Remote crash - -SSL clients disconnecting just before the authentication timeout expires - -can cause the server to crash.</p></li> +<p>УдалÑÐ½Ð½Ð°Ñ Ð°Ð²Ð°ÑÐ¸Ð¹Ð½Ð°Ñ Ð¾ÑÑановка. +ÐлиенÑÑ SSL, оÑклÑÑаÑÑиеÑÑ Ð´Ð¾ завеÑÑÐµÐ½Ð¸Ñ Ð¿ÐµÑиода аÑÑенÑиÑикаÑии, могÑÑ +вÑзÑваÑÑ Ð°Ð²Ð°ÑийнÑÑ Ð¾ÑÑÐ°Ð½Ð¾Ð²ÐºÑ ÑеÑвеÑа.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-3166">CVE-2015-3166</a>: - -<p>Information exposure - -The replacement implementation of snprintf() failed to check for errors - -reported by the underlying system library calls; the main case that - -might be missed is out-of-memory situations. In the worst case this - -might lead to information exposure.</p></li> +<p>РаÑкÑÑÑие инÑоÑмаÑии. +Ðамена ÑеализаÑии snprintf() не вÑполнÑÐµÑ Ð¿ÑовеÑÐºÑ Ð½Ð° оÑибки, +о коÑоÑÑÑ ÑообÑаÑÑ Ð²ÑÐ·Ð¾Ð²Ñ Ð¿Ð¾Ð´Ð»ÐµÐ¶Ð°Ñей ÑиÑÑемной библиоÑеки; в оÑновном +могÑÑ Ð±ÑÑÑ Ð¿ÑопÑÑÐµÐ½Ñ ÑиÑÑаÑии Ñ Ð´Ð¾ÑÑÑпам за пÑÐµÐ´ÐµÐ»Ñ Ð²Ñделенного бÑÑеÑа памÑÑи. Ð Ñ ÑдÑÐ¸Ñ ÑлÑÑаÑÑ ÑÑо +Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº ÑаÑкÑÑÑÐ¸Ñ Ð¸Ð½ÑоÑмаÑии.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-3167">CVE-2015-3167</a>: - -<p>Possible side-channel key exposure - -In contrib/pgcrypto, some cases of decryption with an incorrect key - -could report other error message texts. Fix by using a one-size-fits-all - -message.</p> - - - -<p>Note that the next round of minor releases for PostgreSQL have already - -been scheduled for early June 2015. There will be a corresponding - -8.4.22lts3 update at the same time.</p></li> +<p>Ðозможное ÑаÑкÑÑÑие клÑÑа ÑеÑез ÑÑоÑонний канал. +Ð contrib/pgcrypto в некоÑоÑÑÑ ÑлÑÑаÑÑ ÑаÑÑиÑÑовка Ñ Ð½ÐµÐ¿ÑавилÑнÑм клÑÑом +Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº вÑÐ²Ð¾Ð´Ñ ÐºÐ°ÐºÐ¾Ð³Ð¾-Ñо дÑÑгого ÑообÑÐµÐ½Ð¸Ñ Ð¾Ð± оÑибке. ÐÑпÑавлено Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ +ÑообÑÐµÐ½Ð¸Ñ one-size-fits-all.</p> + +<p>ÐамеÑÑÑе, ÑÑо ÑледÑÑÑий ÑÑап миноÑнÑÑ Ð²ÑпÑÑков PostgreSQL Ñже +запланиÑован на наÑало иÑÐ½Ñ 2015 года. Ð Ñо же вÑÐµÐ¼Ñ Ð±ÑÐ´ÐµÑ Ð²ÑпÑÑено +обновление 8.4.22lts3.</p></li> </ul> </define-tag> - --- english/security/2015/dla-316.wml 2016-04-08 01:24:54.000000000 +0500 +++ russian/security/2015/dla-316.wml 2016-05-04 16:39:57.099126525 +0500 @@ -1,44 +1,45 @@ - -<define-tag description>LTS security update</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи LTS</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities have been discovered in eglibc that - -may lead to a privilege escalation or denial of service.</p> +<p>Ð eglibc бÑло обнаÑÑжено неÑколÑко ÑÑзвимоÑÑей, коÑоÑÑе +могÑÑ Ð¿ÑиводиÑÑ Ðº повÑÑÐµÐ½Ð¸Ñ Ð¿Ñивилегий или оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании.</p> <ul> - -<li>Glibc pointer guarding weakness +<li>Ð¡Ð»Ð°Ð±Ð°Ñ Ð·Ð°ÑиÑÑ ÑказаÑелей в glibc. - - <p>A weakness in the dynamic loader prior has been found. The issue is - - that the LD_POINTER_GUARD in the environment is not sanitized - - allowing local attackers easily to bypass the pointer guarding - - protection on set-user-ID and set-group-ID programs.</p></li> + <p>СнаÑала ÑÑа пÑоблема бÑла обнаÑÑжена в динамиÑеÑком загÑÑзÑике. ÐÑоблема + ÑоÑÑÐ¾Ð¸Ñ Ð² Ñом, ÑÑо LD_POINTER_GUARD в окÑÑжении не оÑиÑаеÑÑÑ, + ÑÑо позволÑÐµÑ Ð»Ð¾ÐºÐ°Ð»ÑнÑм злоÑмÑÑленникам легко Ð¾Ð±Ñ Ð¾Ð´Ð¸ÑÑ Ð·Ð°ÑиÑÑ + ÑказаÑелей в пÑогÑÐ°Ð¼Ð¼Ð°Ñ set-user-ID и set-group-ID.</p></li> - -<li>Potential application crash due to overread in fnmatch +<li>ÐоÑенÑиалÑÐ½Ð°Ñ Ð°Ð²Ð°ÑÐ¸Ð¹Ð½Ð°Ñ Ð¾ÑÑановка пÑÐ¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Ð¸Ð·-за ÑÑÐµÐ½Ð¸Ñ Ð·Ð° пÑеделами огÑаниÑÐµÐ½Ð¸Ñ Ð² fnmatch. - - <p>When processing certain malformed patterns, fnmatch can skip over the - - NUL byte terminating the pattern. This can potentially result in an - - application crash if fnmatch hits an unmapped page before - - encountering a NUL byte.</p></li> + <p>ÐÑи обÑабоÑке опÑеделÑннÑÑ Ð½ÐµÐ¿ÑавилÑно ÑÑоÑмиÑованнÑÑ Ñаблонов fnmatch Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑопÑÑÑиÑÑ + NUL-байÑ, завеÑÑаÑÑий Ñаблон. ÐоÑенÑиалÑно ÑÑо Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº + аваÑийной оÑÑановке пÑÐ¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Ð² Ñом ÑлÑÑае, еÑли fnmatch вÑÑÑеÑÐ°ÐµÑ Ð½ÐµÐ½Ð°Ð·Ð½Ð°ÑеннÑÑ ÑÑÑаниÑÑ Ð´Ð¾ + обнаÑÑÐ¶ÐµÐ½Ð¸Ñ NUL-байÑа.</p></li> - -<li>_IO_wstr_overflow integer overflow +<li>ÐеÑеполнение динамиÑеÑкой памÑÑи в _IO_wstr_overflow - - <p>A miscalculation in _IO_wstr_overflow could potentially be exploited - - to overflow a buffer.</p></li> + <p>ÐепÑавилÑное вÑÑиÑление в _IO_wstr_overflow поÑенÑиалÑно Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑÑÑ + Ð´Ð»Ñ Ð¿ÐµÑÐµÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð±ÑÑеÑа.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8121">CVE-2014-8121</a> - - <p>DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) - - in GNU C Library (aka glibc or libc6) 2.21 and earlier does not - - properly check if a file is open, which allows remote attackers to - - cause a denial of service (infinite loop) by performing a look-up - - while the database is iterated over the database, which triggers the - - file pointer to be reset.</p></li> + <p>DB_LOOKUP в nss_files/files-XXX.c в Name Service Switch (NSS) + в библиоÑеке GNU C (Ñакже извеÑÑной как glibc или libc6) веÑÑии 2.21 и более ÑÐ°Ð½Ð½Ð¸Ñ + непÑавилÑно вÑполнÑÐµÑ Ð¿ÑовеÑÐºÑ Ñого, ÑÑо Ñайл оÑкÑÑÑ, ÑÑо позволÑÐµÑ ÑдалÑннÑм злоÑмÑÑленникам + вÑзÑваÑÑ Ð¾Ñказ в обÑлÑживании (беÑконеÑнÑй Ñикл) пÑÑÑм вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿Ð¾Ð¸Ñка + в Ñо вÑемÑ, когда база даннÑÑ Ð²ÑполнÑÐµÑ Ð¸ÑеÑаÑÐ¸Ñ Ð¿Ð¾ базе даннÑÑ , ÑÑо пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ + к ÑбÑоÑÑ ÑказаÑÐµÐ»Ñ Ð½Ð° Ñайл.</p></li> </ul> - -<p>For the oldoldstable distribution (squeeze), these problems have been fixed - -in version 2.11.3-4+deb6u7.</p> +<p>РпÑедÑдÑÑем ÑÑаÑом ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ +в веÑÑии 2.11.3-4+deb6u7.</p> - -<p>We recommend that you update your packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXKd+PAAoJEF7nbuICFtKlge8P/1yZlugBhHqt9muKFxwqeFGW c3stFngp5BEh9VCwXUvgpSP8E/WBpgeSjAUW6wX2G1rhE2CZhxX9GFLcIadDI300 FN+y68u4jGZxKjIHxQiXIL+dVQp54Mql6LZU4qCsbYMMBwPv8uGXurlym+qBX2Gv k5p0r9A7yVgioJHzu9TWOcIUdLfrAN7zjMm3vogdUta1pT/W1uMKVywS9qr2JWBI pjwD/j5nF7866BLnTIqEOHUH4RZC/GQR9eQaJPgVcsmamKjUh+YMCr0m/R/mVRJz GN8dNcuPGQcp2AoVA02WMTf8+VszLVg9nlDjooWcbuQ9SB3w2/JhbC3VwLMNEbZR 3ltUhdRHWNRap1qy/DZnSjX0J4XYW1U0PuvcegwfxaWXB0GabuYXvwrSSAEQh5X1 Xw7yFZiUMfg1+J2owmWVZi9+iClVvmzCi6yRpgpWa7YEAhHm7OqaMo/CGMvScTsT dHlcG6oMkUXMc7a0klTDUfdz6pALEyJHPrkgX3/ksZUKuFMZUNadAGlj4wnqy3SX f8X1rhNISBrm4BXGQGoMW+8YVsm8gP8G+FWDZI2lsFysXQVLx9OfCSWyzVRZ56lQ QDnrFKIYCHIwTt2zx0lj7mPi0DNd81Q8ZY2Nc2lVDyo7q5FJlIwvi0akW2A0GSIp PETdaW02fQRTdJojCwM+ =hVN1 -----END PGP SIGNATURE-----