dsa-1273.wml}

Lev Lamberov Wed, 14 Mar 2018 00:15:44 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2007/dsa-1273.wml        2017-11-01 10:11:09.703803791 
+0500
+++ russian/security/2007/dsa-1273.wml  2018-03-14 12:14:46.923102281 +0500
@@ -1,51 +1,52 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.5" maintainer="Lev Lamberov"
+<define-tag description>Ð½ÐµÑÐºÐ¾Ð»ÑÐºÐ¾ ÑÑÐ·Ð²Ð¸Ð¼Ð¾ÑÑÐµÐ¹</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in nas, the Network Audio
- -System.</p>
+<p>Ð nas, Network Audio System, Ð±ÑÐ»Ð¾ Ð¾Ð±Ð½Ð°ÑÑÐ¶ÐµÐ½Ð¾ 
Ð½ÐµÑÐºÐ¾Ð»ÑÐºÐ¾
+ÑÑÐ·Ð²Ð¸Ð¼Ð¾ÑÑÐµÐ¹.</p>
 
 <ul>
 
- -<li><a 
href="https://security-tracker.debian.org/tracker/CVE-2007-1543";>CVE-2007-1543</a>
 
+<li><a 
href="https://security-tracker.debian.org/tracker/CVE-2007-1543";>CVE-2007-1543</a>
 
- -<p>A stack-based buffer overflow in the accept_att_local function in
- -server/os/connection.c in nas allows remote attackers to execute
- -arbitrary code via a long path slave name in a USL socket 
connection.</p></li>
+<p>ÐÐµÑÐµÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ðµ Ð±ÑÑÐµÑÐ° Ð² ÑÑÐ½ÐºÑÐ¸Ð¸ accept_att_local Ð² 
server/os/connection.c
+Ð² nas Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÐµÑ ÑÐ´Ð°Ð»ÑÐ½Ð½ÑÐ¼ Ð·Ð»Ð¾ÑÐ¼ÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÐ°Ð¼ 
Ð²ÑÐ¿Ð¾Ð»Ð½ÑÑÑ Ð¿ÑÐ¾Ð¸Ð·Ð²Ð¾Ð»ÑÐ½ÑÐ¹
+ÐºÐ¾Ð´ Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ Ð´Ð»Ð¸Ð½Ð½Ð¾Ð³Ð¾ Ð¸Ð¼ÐµÐ½Ð¸ Ð¿ÑÑÐ¸ Ð² 
ÑÐ¾ÐºÐµÑ-ÑÐ¾ÐµÐ´Ð¸Ð½ÐµÐ½Ð¸Ð¸ USL.</p></li>
 
 <li><a 
href="https://security-tracker.debian.org/tracker/CVE-2007-1544";>CVE-2007-1544</a>
 
- -<p>An integer overflow in the ProcAuWriteElement function in
- -server/dia/audispatch.c allows remote attackers to cause a denial of
- -service (crash) and possibly execute arbitrary code via a large
- -max_samples value.</p></li>
+<p>ÐÐµÑÐµÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ðµ ÑÐµÐ»ÑÑ ÑÐ¸ÑÐµÐ» Ð² ÑÑÐ½ÐºÑÐ¸Ð¸ 
ProcAuWriteElement Ð² server/dia/audispatch.c
+Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÐµÑ ÑÐ´Ð°Ð»ÑÐ½Ð½ÑÐ¼ Ð·Ð»Ð¾ÑÐ¼ÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÐ°Ð¼ 
Ð²ÑÐ·ÑÐ²Ð°ÑÑ Ð¾ÑÐºÐ°Ð· Ð² Ð¾Ð±ÑÐ»ÑÐ¶Ð¸Ð²Ð°Ð½Ð¸Ð¸ (Ð°Ð²Ð°ÑÐ¸Ð¹Ð½Ð°Ñ
+Ð¾ÑÑÐ°Ð½Ð¾Ð²ÐºÐ°) Ð¸ Ð¿Ð¾ÑÐµÐ½ÑÐ¸Ð°Ð»ÑÐ½Ð¾ Ð²ÑÐ¿Ð¾Ð»Ð½ÑÑÑ 
Ð¿ÑÐ¾Ð¸Ð·Ð²Ð¾Ð»ÑÐ½ÑÐ¹ ÐºÐ¾Ð´ Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ Ð±Ð¾Ð»ÑÑÐ¾Ð³Ð¾
+Ð·Ð½Ð°ÑÐµÐ½Ð¸Ñ max_samples.</p></li>
 
 <li><a 
href="https://security-tracker.debian.org/tracker/CVE-2007-1545";>CVE-2007-1545</a>
 
- -<p>The AddResource function in server/dia/resource.c allows remote
- -attackers to cause a denial of service (server crash) via a
- -nonexistent client ID.</p></li>
+<p>Ð¤ÑÐ½ÐºÑÐ¸Ñ AddResource Ð² server/dia/resource.c Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÐµÑ 
ÑÐ´Ð°Ð»ÑÐ½Ð½ÑÐ¼
+Ð·Ð»Ð¾ÑÐ¼ÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÐ°Ð¼ Ð²ÑÐ·ÑÐ²Ð°ÑÑ Ð¾ÑÐºÐ°Ð· Ð² 
Ð¾Ð±ÑÐ»ÑÐ¶Ð¸Ð²Ð°Ð½Ð¸Ð¸ (Ð°Ð²Ð°ÑÐ¸Ð¹Ð½Ð°Ñ Ð¾ÑÑÐ°Ð½Ð¾Ð²ÐºÐ° ÑÐµÑÐ²ÐµÑÐ°) 
Ñ
+Ð¿Ð¾Ð¼Ð¾ÑÑÑ Ð½ÐµÑÑÑÐµÑÑÐ²ÑÑÑÐµÐ³Ð¾ ÐºÐ»Ð¸ÐµÐ½ÑÑÐºÐ¾Ð³Ð¾ 
Ð¸Ð´ÐµÐ½ÑÐ¸ÑÐ¸ÐºÐ°ÑÐ¾ÑÐ°.</p></li>
 
 <li><a 
href="https://security-tracker.debian.org/tracker/CVE-2007-1546";>CVE-2007-1546</a>
 
- -<p>An array index error allows remote attackers to cause a denial of service
- -(crash) via (1) large num_action values in the ProcAuSetElements
- -function in server/dia/audispatch.c or (2) a large inputNum parameter
- -to the compileInputs function in server/dia/auutil.c.</p></li>
+<p>ÐÑÐ¸Ð±ÐºÐ° Ð¸Ð½Ð´ÐµÐºÑÐ°ÑÐ¸Ð¸ Ð¼Ð°ÑÑÐ¸Ð²Ð° Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÐµÑ 
ÑÐ´Ð°Ð»ÑÐ½Ð½ÑÐ¼ Ð·Ð»Ð¾ÑÐ¼ÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÐ°Ð¼ Ð²ÑÐ·ÑÐ²Ð°ÑÑ Ð¾ÑÐºÐ°Ð· Ð²
+Ð¾Ð±ÑÐ»ÑÐ¶Ð¸Ð²Ð°Ð½Ð¸Ð¸ (Ð°Ð²Ð°ÑÐ¸Ð¹Ð½Ð°Ñ Ð¾ÑÑÐ°Ð½Ð¾Ð²ÐºÐ°) Ñ 
Ð¿Ð¾Ð¼Ð¾ÑÑÑ (1) Ð±Ð¾Ð»ÑÑÐ¸Ñ Ð·Ð½Ð°ÑÐµÐ½Ð¸Ð¹ num_action Ð² ÑÑÐ½ÐºÑÐ¸Ð¸
+ProcAuSetElements Ð² server/dia/audispatch.c, Ð»Ð¸Ð±Ð¾ (2) Ð±Ð¾Ð»ÑÑÐ¾Ð³Ð¾ 
Ð¿Ð°ÑÐ°Ð¼ÐµÑÑÐ° inputNum
+ÑÑÐ½ÐºÑÐ¸Ð¸ compileInputs Ð² server/dia/auutil.c.</p></li>
 
 <li><a 
href="https://security-tracker.debian.org/tracker/CVE-2007-1547";>CVE-2007-1547</a>
 
- -<p>The ReadRequestFromClient function in server/os/io.c allows remote
- -attackers to cause a denial of service (crash) via multiple
- -simultaneous connections, which triggers a NULL pointer dereference.</p></li>
+<p>Ð¤ÑÐ½ÐºÑÐ¸Ñ ReadRequestFromClient Ð² server/os/io.c Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÐµÑ 
ÑÐ´Ð°Ð»ÑÐ½Ð½ÑÐ¼
+Ð·Ð»Ð¾ÑÐ¼ÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÐ°Ð¼ Ð²ÑÐ·ÑÐ²Ð°ÑÑ Ð¾ÑÐºÐ°Ð· Ð² 
Ð¾Ð±ÑÐ»ÑÐ¶Ð¸Ð²Ð°Ð½Ð¸Ð¸ (Ð°Ð²Ð°ÑÐ¸Ð¹Ð½Ð°Ñ Ð¾ÑÑÐ°Ð½Ð¾Ð²ÐºÐ°) Ñ 
Ð¿Ð¾Ð¼Ð¾ÑÑÑ
+Ð¼Ð½Ð¾Ð¶ÐµÑÑÐ²ÐµÐ½Ð½ÑÑ Ð¾Ð´Ð½Ð¾Ð²ÑÐµÐ¼ÐµÐ½Ð½ÑÑ ÑÐ¾ÐµÐ´Ð¸Ð½ÐµÐ½Ð¸Ð¹, 
ÑÑÐ¾ Ð¿ÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº ÑÐ°Ð·ÑÐ¼ÐµÐ½Ð¾Ð²Ð°Ð½Ð¸Ñ 
NULL-ÑÐºÐ°Ð·Ð°ÑÐµÐ»Ñ.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (sarge), these problems have been fixed in
- -version 1.7-2sarge1.</p>
+<p>Ð ÑÑÐ°Ð±Ð¸Ð»ÑÐ½Ð¾Ð¼ Ð²ÑÐ¿ÑÑÐºÐµ (sarge) ÑÑÐ¸ Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ñ 
Ð±ÑÐ»Ð¸ Ð¸ÑÐ¿ÑÐ°Ð²Ð»ÐµÐ½Ñ Ð²
+Ð²ÐµÑÑÐ¸Ð¸ 1.7-2sarge1.</p>
 
- -<p>For the upcoming stable distribution (etch) and the unstable
- -distribution (sid) these problems have been fixed in version 1.8-4.</p>
+<p>Ð Ð³Ð¾ÑÐ¾Ð²ÑÑÐµÐ¼ÑÑ ÑÑÐ°Ð±Ð¸Ð»ÑÐ½Ð¾Ð¼ (etch) Ð¸ 
Ð½ÐµÑÑÐ°Ð±Ð¸Ð»ÑÐ½Ð¾Ð¼ (sid) Ð²ÑÐ¿ÑÑÐºÐ°Ñ
+ÑÑÐ¸ Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±ÑÐ»Ð¸ Ð¸ÑÐ¿ÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² Ð²ÐµÑÑÐ¸Ð¸ 
1.8-4.</p>
 
- -<p>We recommend that you upgrade your nas package.</p>
+<p>Ð ÐµÐºÐ¾Ð¼ÐµÐ½Ð´ÑÐµÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑ nas.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----


iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlqoy+sACgkQXudu4gIW
0qU+Ig/+LrY7VyHI3nGlLY+2vFvJD/MAMbTFN5gt6nFvR29nO2gg2YxTPRJOdfl/
swUx79f+Pr2IIMmfWXwtTj82VMMxXOWvumQWTiP9R5ToEnj6T9sUgl/H2Oz68/fY
q4KBm4ubUY6jf051PV2fzVpjvl8sbiDfx+jqG1d+RElc/As8LV0uBqUz99R5nWe4
oIhpDWwWRnWO30HG89y/aVaYxt4DIKxYJk+VQye4pAbmrvtv/B8UEuPkDNPFaCNb
xhPS42Xq82YwKSvN07LBuTcIxwlr8IO/YayttNiBZ674qqWA/lnpez+KAbhx6ZjC
8ZMvMSs25lDRfQiBsXF0SR0Tq0H8FGivjnLj54vJgwAF8f2uQ11v/Qh+5yKO5V/M
5j/ye2z0ndhTSrPwH2znkJUs7q1X8EFxKMfcZjV5eqIBNI8D+62Q81BQ0W+T3A+A
HF2o/RKRZENe7GKYGiSQKqwFv4Eiz88zeptPm3S271s4N8Qa4K0+s7vuIOJqkDtn
nJDz0Cd/vcGrwl930BpX4/93UfO4kDq2i4uQ4puCpgdhf7DcdNkFDRtDl/E0iAlw
XonTNerdoohrrUhy4h9We4PsTR7mTQ7Re/Pof0hGvxr+RNkut1nXeZ8SCjax5aPN
85Q6reDnPqoejDwP79kt8IHixCrSyJk3QrF6AQvdouCZeYRIfZE=
=MJGQ
-----END PGP SIGNATURE-----

[DONE] wml://{security/2007/dsa-1273.wml}

Ответить