dsa-4157.wml

Lev Lamberov Fri, 30 Mar 2018 01:00:02 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- ../../english/security/2018/dsa-4157.wml  2018-03-30 03:49:48.000000000 
+0500
+++ 2018/dsa-4157.wml   2018-03-30 12:59:10.522386957 +0500
@@ -1,42 +1,43 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" mindelta="1"
+<define-tag description>Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ðµ 
Ð±ÐµÐ·Ð¾Ð¿Ð°ÑÐ½Ð¾ÑÑÐ¸</define-tag>
 <define-tag moreinfo>
- -<p>Multiple vulnerabilities have been discovered in OpenSSL, a Secure
- -Sockets Layer toolkit. The Common Vulnerabilities and Exposures project
- -identifies the following issues:</p>
+<p>Ð OpenSSL, Ð½Ð°Ð±Ð¾ÑÐµ Ð¸Ð½ÑÑÑÑÐ¼ÐµÐ½ÑÐ¾Ð² Secure Sockets Layer, 
Ð±ÑÐ»Ð¸ Ð¾Ð±Ð½Ð°ÑÑÐ¶ÐµÐ½Ñ
+Ð¼Ð½Ð¾Ð³Ð¾ÑÐ¸ÑÐ»ÐµÐ½Ð½ÑÐµ ÑÑÐ·Ð²Ð¸Ð¼Ð¾ÑÑÐ¸. ÐÑÐ¾ÐµÐºÑ Common 
Vulnerabilities and Exposures
+Ð¾Ð¿ÑÐµÐ´ÐµÐ»ÑÐµÑ ÑÐ»ÐµÐ´ÑÑÑÐ¸Ðµ Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ñ:</p>
 
 <ul>
 
 <li><a 
href="https://security-tracker.debian.org/tracker/CVE-2017-3738";>CVE-2017-3738</a>
 
- -    <p>David Benjamin of Google reported an overflow bug in the AVX2
- -    Montgomery multiplication procedure used in exponentiation with
- -    1024-bit moduli.</p></li>
+    <p>ÐÑÐ²Ð¸Ð´ ÐÐµÐ½Ð´Ð¶Ð°Ð¼Ð¸Ð½ Ð¸Ð· Google ÑÐ¾Ð¾Ð±ÑÐ¸Ð» Ð¾ 
Ð¿ÐµÑÐµÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ð¸ Ð±ÑÑÐµÑÐ° Ð² Ð¿ÑÐ¾ÑÐµÐ´ÑÑÐµ, 
ÑÐµÐ°Ð»Ð¸Ð·ÑÑÑÐµÐ¹ Ð°Ð»Ð³Ð¾ÑÐ¸ÑÐ¼
+    ÐÐ¾Ð½ÑÐ³Ð¾Ð¼ÐµÑÐ¸ AVX2, Ð¸ÑÐ¿Ð¾Ð»ÑÐ·ÑÐµÐ¼Ð¾Ð¹ Ð¿ÑÐ¸ 
Ð²Ð¾Ð·Ð²ÐµÐ´ÐµÐ½Ð¸Ð¸ Ð² ÑÑÐµÐ¿ÐµÐ½Ñ ÑÐ¾ 1024-Ð±Ð¸ÑÐ½ÑÐ¼Ð¸ 
Ð¼Ð¾Ð´ÑÐ»ÑÐ¼Ð¸.</p></li>
 
 <li><a 
href="https://security-tracker.debian.org/tracker/CVE-2018-0739";>CVE-2018-0739</a>
 
- -    <p>It was discovered that constructed ASN.1 types with a recursive
- -    definition could exceed the stack, potentially leading to a denial
- -    of service.</p>
- -
- -<p>Details can be found in the upstream advisory:
- -<a 
href="https://www.openssl.org/news/secadv/20180327.txt";>https://www.openssl.org/news/secadv/20180327.txt</a></p></li>
+    <p>ÐÑÐ»Ð¾ Ð¾Ð±Ð½Ð°ÑÑÐ¶ÐµÐ½Ð¾, ÑÑÐ¾ ÑÐ»Ð¾Ð¶Ð½ÑÐµ ÑÐ¸Ð¿Ñ ASN.1 Ñ 
ÑÐµÐºÑÑÑÐ¸Ð²Ð½ÑÐ¼Ð¸ Ð¾Ð¿ÑÐµÐ´ÐµÐ»ÐµÐ½Ð¸ÑÐ¼Ð¸
+    Ð¼Ð¾Ð³ÑÑ Ð²ÑÐ·Ð²Ð°ÑÑ Ð¿ÐµÑÐµÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ðµ ÑÑÐµÐºÐ°, 
Ð¿Ð¾ÑÐµÐ½ÑÐ¸Ð°Ð»ÑÐ½Ð¾ Ð¿ÑÐ¸Ð²Ð¾Ð´ÑÑÐµÐµ Ðº Ð¾ÑÐºÐ°Ð·Ñ
+    Ð² Ð¾Ð±ÑÐ»ÑÐ¶Ð¸Ð²Ð°Ð½Ð¸Ð¸.</p>
+
+<p>ÐÐ¾Ð´ÑÐ¾Ð±Ð½Ð¾ÑÑÐ¸ Ð¼Ð¾Ð¶Ð½Ð¾ Ð½Ð°Ð¹ÑÐ¸ Ð² ÑÐµÐºÐ¾Ð¼ÐµÐ½Ð´Ð°ÑÐ¸Ð¸ 
Ð¾ÑÐ½Ð¾Ð²Ð½Ð¾Ð¹ Ð²ÐµÑÐºÐ¸ ÑÐ°Ð·ÑÐ°Ð±Ð¾ÑÐºÐ¸:
+<a href="https://www.openssl.org/news/secadv/20180327.txt";>\
+https://www.openssl.org/news/secadv/20180327.txt</a></p></li>
 
 </ul>
 
- -<p>For the oldstable distribution (jessie), these problems have been fixed
- -in version 1.0.1t-1+deb8u8. The oldstable distribution is not affected
- -by <a 
href="https://security-tracker.debian.org/tracker/CVE-2017-3738";>CVE-2017-3738</a>.</p>
- -
- -<p>For the stable distribution (stretch), these problems have been fixed in
- -version 1.1.0f-3+deb9u2.</p>
- -
- -<p>We recommend that you upgrade your openssl packages.</p>
- -
- -<p>For the detailed security status of openssl please refer to its security
- -tracker page at:
- -<a 
href="https://security-tracker.debian.org/tracker/openssl";>https://security-tracker.debian.org/tracker/openssl</a></p>
+<p>Ð Ð¿ÑÐµÐ´ÑÐ´ÑÑÐµÐ¼ ÑÑÐ°Ð±Ð¸Ð»ÑÐ½Ð¾Ð¼ Ð²ÑÐ¿ÑÑÐºÐµ (jessie) ÑÑÐ¸ 
Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±ÑÐ»Ð¸ Ð¸ÑÐ¿ÑÐ°Ð²Ð»ÐµÐ½Ñ
+Ð² Ð²ÐµÑÑÐ¸Ð¸ 1.0.1t-1+deb8u8. ÐÑÐµÐ´ÑÐ´ÑÑÐ¸Ð¹ ÑÑÐ°Ð±Ð¸Ð»ÑÐ½ÑÐ¹ 
Ð²ÑÐ¿ÑÑÐº Ð½Ðµ Ð¿Ð¾Ð´Ð²ÐµÑÐ¶ÐµÐ½
+<a 
href="https://security-tracker.debian.org/tracker/CVE-2017-3738";>CVE-2017-3738</a>.</p>
+
+<p>Ð ÑÑÐ°Ð±Ð¸Ð»ÑÐ½Ð¾Ð¼ Ð²ÑÐ¿ÑÑÐºÐµ (stretch) ÑÑÐ¸ Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ñ 
Ð±ÑÐ»Ð¸ Ð¸ÑÐ¿ÑÐ°Ð²Ð»ÐµÐ½Ñ Ð²
+Ð²ÐµÑÑÐ¸Ð¸ 1.1.0f-3+deb9u2.</p>
+
+<p>Ð ÐµÐºÐ¾Ð¼ÐµÐ½Ð´ÑÐµÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ openssl.</p>
+
+<p>Ð¡ Ð¿Ð¾Ð´ÑÐ¾Ð±Ð½ÑÐ¼ ÑÑÐ°ÑÑÑÐ¾Ð¼ Ð¿Ð¾Ð´Ð´ÐµÑÐ¶ÐºÐ¸ 
Ð±ÐµÐ·Ð¾Ð¿Ð°ÑÐ½Ð¾ÑÑÐ¸ openssl Ð¼Ð¾Ð¶Ð½Ð¾ Ð¾Ð·Ð½Ð°ÐºÐ¾Ð¼Ð¸ÑÑÑÑ Ð½Ð°
+ÑÐ¾Ð¾ÑÐ²ÐµÑÑÑÐ²ÑÑÑÐµÐ¹ ÑÑÑÐ°Ð½Ð¸ÑÐµ Ð¾ÑÑÐ»ÐµÐ¶Ð¸Ð²Ð°Ð½Ð¸Ñ 
Ð±ÐµÐ·Ð¾Ð¿Ð°ÑÐ½Ð¾ÑÑÐ¸ Ð¿Ð¾ Ð°Ð´ÑÐµÑÑ
+<a href="https://security-tracker.debian.org/tracker/openssl";>\
+https://security-tracker.debian.org/tracker/openssl</a></p>
 </define-tag>
 
 # do not modify the following line
 #include "$(ENGLISHDIR)/security/2018/dsa-4157.data"
- -# $Id: dsa-4157.wml,v 1.1 2018/03/29 22:49:48 tvincent Exp $
-----BEGIN PGP SIGNATURE-----


iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlq97lsACgkQXudu4gIW
0qVgyA/5AR9TTWFiGfk2GBZ9ef2XsiKjj7BBXokuU7LSpUy3L9zPNkJJDmLCKin6
GELAtTwOWo3H4f78f+B283KKxvD2uALo0stf3ksOSptG2JTUlWTsxfNOF1PbHkDE
15yaAH008KEWuYam2GihyqqGcKe45zV2DHEov5DZTErrrsYrAzZPEVU/yw1QwrbL
azElAD3ppsImbb7mc8uiJMNPtB9Y3vfjQdHByBfObIQs1mHnBNhUdNZewoKB+nCs
ZTtKBuFIeYti+/G41oiO8aUh9mHLW0+cu72ZYrY6P2yQWJI8kbiD9AWsVCvQKCqg
3w7GQgZBLiMtDwRT7upQqfsHQjeyDnEN3IQVCnD41CtdrzrmZTT1rnnJYyyvXksO
B/uwdYVrrrdutO0/Hco/J38Z0H9yMEdN9F2CyDFO0cSbFAQxkLBBnhKBHJTn8TrI
O5Sb6uxmWEH95eUqWk4u8vyes/TAm21Tw7QuKly2dT+tZrJNX7RkvzVSgcd9KIKm
1zY+qHOBJajpmcNapMNDfhK6k9KjYSPgkJn467xAag5hsZWcjlI06uNkRqlA8IUF
jDLzKk8REXlfpfQrCn3T+sxKiQ5yS/BVApMMldqQFEe4s019o07uN5OL2Wfhr0xW
ou5WUHOgkYvdyg+BAP5RtWusY8OTwJu8vN46bvcUs8p+JC8uKIA=
=aSng
-----END PGP SIGNATURE-----

[DONE] wml://security/2018/dsa-4157.wml

Ответить