-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2017/dsa-3887.wml 2017-06-19 22:00:39.000000000 +0500 +++ russian/security/2017/dsa-3887.wml 2017-06-20 12:57:53.455005440 +0500 @@ -1,20 +1,21 @@ - -<define-tag description>security update</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи</define-tag> <define-tag moreinfo> - -<p>The Qualys Research Labs discovered various problems in the dynamic - -linker of the GNU C Library which allow local privilege escalation by - -clashing the stack. For the full details, please refer to their advisory - -published at: +<p>СоÑÑÑдники Qualys Research Labs обнаÑÑжили ÑазлиÑнÑе пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð² динамиÑеÑком +компоновÑике из ÑоÑÑава GNU C Library, коÑоÑÑе позволÑÑÑ Ð²ÑполнÑÑÑ Ð»Ð¾ÐºÐ°Ð»Ñное повÑÑение +пÑивилегий из-за поÑÑи ÑÑека. Ðа подÑобноÑÑÑми обÑаÑайÑеÑÑ Ðº ÑекомендаÑии +на ÑайÑе компании по ÑледÑÑÑÐµÐ¼Ñ Ð°Ð´ÑеÑÑ: <a href="https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt">https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt</a></p> - -<p>For the oldstable distribution (jessie), this problem has been fixed - -in version 2.19-18+deb8u10.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (jessie) ÑÑа пÑоблема бÑла иÑпÑавлена +в веÑÑии 2.19-18+deb8u10.</p> - -<p>For the stable distribution (stretch), this problem has been fixed in - -version 2.24-11+deb9u1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (stretch) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.24-11+deb9u1.</p> - -<p>For the unstable distribution (sid), this problem will be fixed soon.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑÐ´ÐµÑ Ð¸ÑпÑавлена позже.</p> - -<p>We recommend that you upgrade your glibc packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ glibc.</p> </define-tag> # do not modify the following line - --- english/security/2017/dsa-3888.wml 2017-06-19 22:02:40.000000000 +0500 +++ russian/security/2017/dsa-3888.wml 2017-06-20 17:10:54.662869115 +0500 @@ -1,20 +1,21 @@ - -<define-tag description>security update</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи</define-tag> <define-tag moreinfo> - -<p>The Qualys Research Labs discovered a memory leak in the Exim mail - -transport agent. This is not a security vulnerability in Exim by itself, - -but can be used to exploit a vulnerability in stack handling. For the - -full details, please refer to their advisory published at: +<p>СоÑÑÑдники Qualys Research Labs обнаÑÑжили ÑÑеÑÐºÑ Ð¿Ð°Ð¼ÑÑи в Exim, агенÑе +пеÑедаÑи поÑÑи. ÐÑо не ÑÑзвимоÑÑÑ Ð² Ñамом Exim, +но она Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑ ÐºÐ°Ðº ÑÑзвимоÑÑÑ Ð¿Ñи ÑабоÑе Ñо ÑÑеком. С +подÑобноÑÑÑми можно ознакомиÑÑÑÑ Ð² ÑекомендаÑии компании по ÑледÑÑÑÐµÐ¼Ñ Ð°Ð´ÑеÑÑ: <a href="https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt">https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt</a></p> - -<p>For the oldstable distribution (jessie), this problem has been fixed - -in version 4.84.2-2+deb8u4.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (jessie) ÑÑа пÑоблема бÑла иÑпÑавлена +в веÑÑии 4.84.2-2+deb8u4.</p> - -<p>For the stable distribution (stretch), this problem has been fixed in - -version 4.89-2+deb9u1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (stretch) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 4.89-2+deb9u1.</p> - -<p>For the unstable distribution (sid), this problem will be fixed soon.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑÐ´ÐµÑ Ð¸ÑпÑавлена позже.</p> - -<p>We recommend that you upgrade your exim4 packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ exim4.</p> </define-tag> # do not modify the following line - --- english/security/2017/dsa-3889.wml 2017-06-19 22:03:47.000000000 +0500 +++ russian/security/2017/dsa-3889.wml 2017-06-20 17:17:50.432130821 +0500 @@ -1,26 +1,27 @@ - -<define-tag description>security update</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи</define-tag> <define-tag moreinfo> - -<p>libffi, a library used to call code written in one language from code written - -in a different language, was enforcing an executable stack on the i386 - -architecture. While this might not be considered a vulnerability by itself, - -this could be leveraged when exploiting other vulnerabilities, like for example - -the <q>stack clash</q> class of vulnerabilities discovered by Qualys Research Labs. - -For the full details, please refer to their advisory published at: +<p>libffi, библиоÑека Ð´Ð»Ñ Ð²Ñзова кода, напиÑанного на одном ÑзÑке, из кода, напиÑанного +на дÑÑгом ÑзÑке, пÑинÑдиÑелÑно ÑÑÑÐ°Ð½Ð°Ð²Ð»Ð¸Ð²Ð°ÐµÑ Ð¸ÑполнÑемÑй ÑÑек на аÑÑ Ð¸ÑекÑÑÑе +i386. ХоÑÑ Ñамо по Ñебе ÑÑо не ÑвлÑеÑÑÑ ÑÑзвимоÑÑÑÑ, +ÑÑо Ð¼Ð¾Ð¶ÐµÑ ÑпоÑобÑÑвоваÑÑ Ð¸ÑполÑÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ Ð´ÑÑÐ³Ð¸Ñ ÑÑзвимоÑÑей. ÐапÑимеÑ, ÑÑзвимоÑÑей +Ñипа <q>поÑÑи ÑÑека</q>, коÑоÑÑе бÑли обнаÑÑÐ¶ÐµÐ½Ñ ÑоÑÑÑдниками Qualys Research Labs. +С подÑобноÑÑÑми можно ознакомиÑÑÑÑ Ð² ÑекомендаÑии компании по ÑледÑÑÑÐµÐ¼Ñ Ð°Ð´ÑеÑÑ: <a href="https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt">https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt</a></p> - -<p>For the oldstable distribution (jessie), this problem has been fixed - -in version 3.1-2+deb8u1.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (jessie) ÑÑа пÑоблема бÑла иÑпÑавлена +в веÑÑии 3.1-2+deb8u1.</p> - -<p>For the stable distribution (stretch), this problem has been fixed in - -version 3.2.1-4.</p> +<p>Ð ÑÑабилÑно вÑпÑÑке (stretch) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 3.2.1-4.</p> - -<p>For the testing distribution (buster), this problem has been fixed - -in version 3.2.1-4.</p> +<p>Ð ÑеÑÑиÑÑемом вÑпÑÑке (buster) ÑÑа пÑоблема бÑла иÑпÑавлена +в веÑÑии 3.2.1-4.</p> - -<p>For the unstable distribution (sid), this problem has been fixed in - -version 3.2.1-4.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 3.2.1-4.</p> - -<p>We recommend that you upgrade your libffi packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ libffi.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAllJEnEACgkQXudu4gIW 0qUxVw//UcBJjOoIBviy82um3VBaD9TyNTLZVuov6Sdgk1CK1w6PSsEEx7zjfGJw a499b5sTh+VJsOttQ0VWhsu26sZ5ZOsfRR6QFBXGa7FPm+lUFz58aG6S75C4EpN5 1OzFeaz4TOOiqtJzyfljLwCxCzXNbHkdw9WUCvgRRnjtRMZTJWiT4ZmDSHMvNfZw QJXk12WAi1OFUyifN9T0BjXhIQVTjhxGsR5oiUD0nUfQYjLfqLbdToU/b3vwgr3O bT/YDRk1Z5IOJrnNU3jwrmWlm1RQkg+0Ve+lu1HMYU6iG+3coRRmpcdNA7TIbzg0 FQs5mfvwixQEsVub2UlRGr3t5jd3QUnHkQAHseRenOPhSJAVZTXZCfC1w8fOaETN c2UVALTQYgzCGBJXhgTMpIp+iBDK5Rsb3zXosPSBv1dd+klw56qSdI0SOhOHd0B6 Ww4h9/av8fjJvJU+lmaDbQ3PFVb2lcpbB50MxCK7WQ/lZQvr/ctDP7QXm9pgmwOG yS6O6hNUz5AN4W8xkbAaJUTn2xhO/BeDtHHP088Ck3ChLeslpBOUFbegXWectx4h UZFJ9o7v6cDpwcFBCGzPA29F20SzXHTSoEF8/hIJjyM+JT5d05Cdda8ERZelOOt5 ltdZR/7rBGH+QEPIj+D6+vDuDkxyNmcPqNFmTNY2+eUmC97XCPY= =Fwu6 -----END PGP SIGNATURE-----