="4be2b091c25c6ac980fc7632b3b90ad19b308ff9" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -An out-of-bounds read was discovered in the uv__idna_to_ascii() function
- -of Libuv, an asynchronous event notification library, which could result
- -in denial of service
="d5484a72e71b8da89fe25f18d5d9248fab4b56c6" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -This update ships updated CPU microcode for some types of Intel CPUs and
- -provides mitigations for security vulnerabilities which could result in
- -privilege escal
="fbbd6d620a3b8c0b91322f3f8d48f61a5c2981b6" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple vulnerabilities were discovered in nettle, a low level
- -cryptographic library, which could result in denial of service (remote
- -crash in RSA decryption via speci
="cd5feca9c9b2c8942facd97d90ae843325b1ab44" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple vulnerabilities have been discovered in the Xen hypervisor,
- -which could result in denial of service or information leaks.
+В гипервизоре Xen были обнаружены много
="73cad3ae5723b12aa256e6a0ab95caf68d98793c" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple vulnerabilities were discovered in libwebp, the implementation
- -of the WebP image format, which could result in denial of service, memory
- -disclosure or potentia
="02bfc3769e92f460d4a648f811843a48c2c77920" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security issues were discovered in the Rails web framework
- -which could result in denial of service.
+В веб-платформе Rails были обнаружены многочисленные проблем
="8e4af93e3e9d929f5b5afd9d25b7ad619f4645ca" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -A buffer overflow was discovered in HTMLDOC, a HTML processor that
- -generates indexed HTML, PS, and PDF, which could potentially result in
- -the execution of arbitr
="743cbcec69844a383d9a0e350c7b808072ecd39a" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security issues were discovered in Thunderbird, which could
- -result in the execution of arbitrary code. In adddition two security
- -issues were addressed in the O
="16bcfcc6b2b7892dcf4503526b5f4b2add037283" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -It was discovered that lasso, a library which implements SAML 2.0 and
- -Liberty Alliance standards, did not properly verify that all assertions
- -in a SAML response
="b5a2368765099d5120af7cd73578d12052a3788d" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security issues have been found in the Mozilla Firefox
- -web browser, which could potentially result in the execution
- -of arbitrary code.
+В веб-браузере M
="3167a1fcc4d87d4d977f9fabb292deb2f30192cf" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple denial of service vulnerabilities were discovered in the Squid
- -proxy caching server.
+В кэширующем прокси-сервере Squid были обнаружены многочи
="edf273a4209c8afbee5b25c76291ca9c743d23e3" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -The following vulnerabilities have been discovered in the webkit2gtk
- -web engine:
+В веб-движке webkit2gtk были обнаружены следующие
+уязвимости:
https://security-
="99bef2209bc5c277701891ac56b83f117f199a71" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Amir Sarabadani and Kunal Mehta discovered that the import functionality
- -of Hyperkitty, the web user interface to access Mailman 3 archives, did
- -not restrict the
="0d59fbb60f35ecb180007fb5e18c4ccbf88c4e39" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Luis Merino, Markus Vervier and Eric Sesterhenn discovered an off-by-one
- -in Nginx, a high-performance web and reverse proxy server, which could
- -result in den
="b8f7e1cd2958693280dee390cf5aafaa3e015bf6" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Roman Fiedler reported that missing length validation in various
- -functions provided by libx11, the X11 client-side library, allow
- -to inject X11 protocol
Вс 23 мая 2021 @ 16:52 David Schledewitz :
>> +Джаспер Ливис Адрианс сообщил о переполнении целых чисел в lz4, быстрой
>> библиотеке,
>> +реализующий алгоритм сжатия LZ, которое приводит к повреждению содержимого
>> памяти.
>
> реализующий алгоритм -> реализующей алгоритм
Исправил. Спасибо!
="12f7288bcb404ef289c56cb96b09a8eebe58157e" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Jasper Lievisse Adriaanse reported an integer overflow flaw in lz4, a
- -fast LZ compression algorithm library, resulting in memory corruption.
+Джаспер Ливис Адрианс сообщи
="8d93d5810a67977c85cb1cefeb20885ff14b641c" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Improper pathname handling in ruby-rack-cors, a middleware that makes
- -Rack-based apps CORS compatible, may result in access to private
- -resources.
+Неправильная обработ
="6f72b96446a301193c523484e863993ec321b6ce" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security issues were found in Prosody, a lightweight Jabber/XMPP
- -server, which could result in denial of service or information
disclosure.
+В Prosody, лёгком
="1fe97ede528cadc78447b1edeb9a753b00b0639c" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities have been discovered in the chromium web
browser.
+В веб-браузере chromium было обнаружено несколько уязвимостей.
https://security-tracker.deb
="c30e5c2de6ee2fb5d511cb8957fc4e1574ebfcce" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security issues have been discovered in the PostgreSQL database
- -system, which could result in the execution of arbitrary code or
- -disclosure of memory
="6cfe62108e876ed75b80dfd30a64955bb9c38cc8" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -A buffer overflow was discovered in Graphviz, which could potentially
- -result in the execution of arbitrary code when processing a malformed
- -file.
+В Graphviz было
="290419c60a628c5b8195c7e17212b9225b4e581e" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Jeremy Galindo discovered an out-of-bounds memory access in Hivex, a
- -library to parse Windows Registry hive files.
+Джереми Голиндо обнаружил доступ за пределы выде
ml::debian::template title="Люди: кто мы, что мы делаем"
#include "$(ENGLISHDIR)/releases/info"
+#use wml::debian::translation-check
translation="ac8343f61b83fe988dbcb035d77af5bf09ba0709" maintainer="Lev Lamberov"
# translators: some text is taken from /intro/ab
/2021/04/msg00030.html
+#use wml::debian::translation-check
translation="af0ebcfafd9047aef158a958ec50027ade37d68b" maintainer="Lev Lamberov"
- -bitName, Italy
+bitName, Италия
https://www.bitname.it
#use wml::debian::users
- -bitName uses Debian for many servers t
/msg00016.html
+#use wml::debian::translation-check
translation="76dcbdd6b951ba56011d8813a39950255e9047f6" maintainer="Lev Lamberov"
- -Big Rig Tax, USA
+Big Rig Tax, США
https://www.bigrigtax.com
#use wml::debian::users
- -Debian runs all our backup and sync systems. We
translation="88c96ebfb6796b3876514919326ee3a783e0ca27" maintainer="Lev Lamberov"
- -Articulate Labs, Inc., Dallas, TX, US
+Articulate Labs, Inc., Даллас, Техас, США
https://articulatelabs.tech/
#use wml::debian::users
- - All workstations/servers used for electroni
translation="e56d533378f4c5191c2c50915a2ba75050861591" maintainer="Lev Lamberov"
- -Information Technology Dep., SIITE SRLS, Lodi /
Milano, Italy
+Information Technology Dep., SIITE SRLS, Лоди / Милан,
Италия
https://it.siite.it
#use wml::debian::users
- - Ou
ranslation-check
translation="3c6917369c58a27df902c47dea7ef8d25be81e7a" maintainer="Lev Lamberov"
- -We are a software development and server management company operating in
- -the market since 2014. We work with the development of customized web
- -systems and the deployment a
ranslation-check
translation="88ab0b32976deb355745ccec0c0d4b31747f0d43" maintainer="Lev Lamberov"
- -Depanage informatique based in Leucate, English and French spoken.
+Depanage informatique расположена в Лёкате. Говорим на английском и
французском язык
ranslation-check
translation="3c6917369c58a27df902c47dea7ef8d25be81e7a" maintainer="Lev Lamberov"
- -We are a software development and server management company operating in
- -the market since 2014. We work with the development of customized web
- -systems and the deployment a
Ср 05 мая 2021 @ 11:50 David Schledewitz :
> Am 05.05.21 um 10:48 schrieb Lev Lamberov:
>> Сотрудники Qualys Research Labs сообщили о нескольких уязвимостях in Exim,
>> +агенте передачи почты, которые могут приводить к локальному повышению
>> привилегий
>> +и
="56768c7a99cf0cbe86447ced01029373fca40a16" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -The Qualys Research Labs reported several vulnerabilities in Exim, a
- -mail transport agent, which could result in local privilege escalation
- -and remote code executio
="35405b68aa31c415947c277663980744599dc1e0" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities have been discovered in the chromium web
browser.
+В веб-браузере chromium было обнаружено несколько уязвимостей.
https://security-tracker.deb
="f49b295b01084c860c0032c8ddfe81848385d182" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -A vulnerability was discovered in libimage-exiftool-perl, a library and
- -program to read and write meta information in multimedia files, which
- -may result in execution of
Сб 01 мая 2021 @ 18:00 David Schledewitz :
> Привет, Лев!
>
>
>> -Greg Kuechle discovered that a malformed incoming IXFR transfer
>> -could trigger an assertion failure in named, resulting in denial
>> -of service.
>> +Грег Кюхель обнаружил, что специально сформированная входящая
="022e55922f28ad2d0ab4d75ed4d28a027bafddfa" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities were discovered in BIND, a DNS server
- -implementation.
+В BIND, реализации DNS-сервера, было обнаружено несколько
+уязвимостей.
https://secur
="3c2d583686885b6b0dd6755da1d07d5aad442923" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -It was discovered that libhibernate3-java, a powerful, high performance
- -object/relational persistence and query service, is prone to an SQL
- -injection vulnerability
="1645656b0fdda069ea939823b641b521e070322a" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -It was discovered that composer, a dependency manager for PHP, did not
- -properly sanitize Mercurial URLs, which could lead to arbitrary code
- -execution.
+Было обна
="222fe2a8c3db7e4bec94b5d9a4a285666247753c" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities have been discovered in the chromium web
browser.
+В веб-браузере chromium было обнаружено несколько уязвимостей.
https://security-track
="90225f939cba12d08795c4f97d8604b5038087ea" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -It was discovered that the Shibboleth Service Provider is prone to a
- -NULL pointer dereference flaw in the cookie-based session recovery
- -feature. A remote, unauthenticat
Вс 25 апр 2021 @ 07:35 David Schledewitz :
> Привет, Лев!
>
>
>> к [...] выполнению произвольного когда в случае
>> +открытия
>
> когда -> кода
Исправил везде в dsa-490{0,1,2,3,4}. Спасибо!
="af51061fe132ea7e95f0c8e4945c9ac5d9c38362" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple vulnerabilities were discovered in plugins for the GStreamer
- -media framework, which may result in denial of service or potentially
- -the execution of arbitrary
="b59966aa791e5ac4b51cdea815238d32ef907378" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple vulnerabilities were discovered in plugins for the GStreamer
- -media framework, which may result in denial of service or potentially
- -the execution of arbitrary
="1350b12138426f0ddce9c7b6fefb0d05f2e43b0c" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple vulnerabilities were discovered in plugins for the GStreamer
- -media framework, which may result in denial of service or potentially
- -the execution of arbitrary
="25a02353ade96e0d7de76e59e48e3846dc223271" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple vulnerabilities were discovered in plugins for the GStreamer
- -media framework, which may result in denial of service or potentially
- -the execution of arbitrary
="38c91a31715eae673dd4fea2c29277152d4efd52" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple vulnerabilities were discovered in plugins for the GStreamer
- -media framework, which may result in denial of service or potentially
- -the execution of arbitrary
="127ab92eb8c7cb554d69982b5b1f863c6544808e" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -It was discovered that the OpenJDK Java platform incompletely enforced
- -configuration settings used in Jar signing verifications.
+Было обнаружено, что Java-платформа
="282fe47153ee7ae459dbd068bec0e572c214acb8" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities have been discovered in wpa_supplicant and
- -hostapd.
+В wpa_supplicant и hostapd было обнаружено несколько уязвимостей.
https://security-
="346129ad26ee51540ac9498331dbf2309270cf54" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities were discovered in Wordpress, a web blogging
- -tool. They allowed remote attackers to perform XML External Entity
- -(XXE) attacks, and access
="9d7f5c3ad318d59c43284e3b4f411620b2e15784" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security issues were discovered in Thunderbird, which could
- -result in the execution of arbitrary code or information disclosure.
- -In adddition a number of
="fd72a7c8fd74ef6c6c050ccbe1112bf6c91fa60b" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security issues have been found in the Mozilla Firefox web
- -browser, which could potentially result in the execution of arbitrary
- -code, information di
="cf828e41fc475b76bdd615132256f7af116d1f59" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -It was discovered that the PEAR Archive_Tar package for handling tar
- -files in PHP is prone to a directory traversal flaw due to inadequate
- -checking of symbolic link
Ср 21 апр 2021 @ 11:14 Vladimir Zhbanov :
> On Sun, Apr 18, 2021 at 04:25:44PM +0500, Lev Lamberov wrote:
>> +
>
> ре_д_акции
>> +
>
> Включени_е_
>> +> памяти issue [CVE-2019-20367]">
>
> _issue_ здесь лишнее
>> +> обновлен
="b05083b8938f7799fb6c338127e07a6d3ce8d7d4" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Jan-Niklas Sohn discovered that missing input sanitising in the XInput
- -extension of the X.org X server may result in privilege escalation if
- -the X server is runn
="76bacc94741c5ec0f96367878e4b456becb9625d" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -It was reported that python-bleach, a whitelist-based HTML-sanitizing
- -library, is prone to a mutation XSS vulnerability in bleach.clean when
- -svg or math are
translation="2a3fa2ac1b49f491737f3c89828986a43c00a61e" maintainer="Lev Lamberov"
+Обновлённый Debian 10: выпуск 10.9
2021-03-27
#use wml::debian::news
- -# $Id:
10
buster
@@ -24,27 +24,27 @@
https://packages.debian.org/src:%0;>%0
- -The Debian project is pleased to an
="bc4597a78a2d791a60141819c561ae083d02f394" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Two vulnerabilities were discovered in the Tomcat servlet and JSP engine,
- -which could result in information disclosure or denial of service.
+В Tomcat, движке сервле
="34627e1fa75b4537f132f73c06962ceb0edbecf0" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Stan Hu discovered that kramdown, a pure Ruby Markdown parser and
- -converter, performed insufficient namespace validation of Rouge syntax
- -highlighting formatters.
+С
="963714a121bf3d4807e783cc151d1a470c79e455" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security issues were found in MediaWiki, a website engine for
- -collaborative work, which could result in incomplete page/blocking
- -protection, denial of servi
="f611de8f53cdfa903fa4cd4bb41a9d92b4392632" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple vulnerabilities have been discovered in the Xen hypervisor,
- -which could result in denial of service, privilege escalation or memory
- -disclosure.
+В г
="2a6100941a3801a8f5470ec11610057f653b" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -A use-after-free was discovered in Lib3MF, a C++ implementation of the
- -3D Manufacturing Format, which could result in the execution of
- -arbitrary code if a malfo
="205277d1d56aa3929643ab8b60dae60aa9147130" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilites have been discovered in the chromium web
browser.
+В веб-браузере chromium было обнаружено несколько уязвимостей.
https://security-track
="e826822a70576345bd987d3fb677288adbed23cf" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security issues were discovered in Netty, a Java NIO
- -client/server framework, which could result in HTTP request smuggling,
- -denial of service or information di
Пт 02 апр 2021 @ 11:22 Vladimir Zhbanov :
> On Fri, Apr 02, 2021 at 01:11:33PM +0500, Lev Lamberov wrote:
>> +Дуглас Багнал обнаружил чтение за пределами выделенного буфера
>> памяти в коде
>> +обработки атрибутов LDAP, содержащих многочисленные последоват
="8841a09ee24923f86538151f0ba51430b8414c1a" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple vulnerabilities have been discovered in ldb, a LDAP-like
- -embedded database built on top of TDB.
+В ldb, LDAP-подобной встраиваемой базе данных, надстрое
="589db08df24e40fd0b032493c1dc117284d973d2" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -It was discovered that missing input sanitising in the template()
- -function of the Underscore JavaScript library could result in the
- -execution of arbitrary code.
+Б
="8133d077a584f4d118b8e095f094d6df1b7d2613" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple vulnerabilities have been discovered in openjpeg2, the
- -open-source JPEG 2000 codec, which could result in denial of service or
- -the execution of arbitrary code
="3b4dcf387c0ea55ca4f93024979c9557c89c0393" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple vulnerabilities were discovered in cURL, an URL transfer
library:
+В cURL, библиотека передачи URL, были обнаружены многочисленные
уязвимости:
https://secur
="0461babd4045c668ef371434514b74143f1e6925" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Ben Caller discovered that Pygments, a syntax highlighting package
- -written in Python 3, used regular expressions which could result in
- -denial of service.
+Бэн Коллер
="9b6e2575a6c497232661fc247cef61ab70393208" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -The following vulnerabilities have been discovered in the webkit2gtk
- -web engine:
+В веб-движке webkit2gtk были исправлены следующие
+уязвимости:
https://security-
="9be84f1e18e515dc37d2472b250e48267d15d7f2" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security issues were discovered in Thunderbird, which could
- -result in the execution of arbitrary code or information disclosure.
+В Thunderbird были обна
="efb6f22251ea8d4d778fd8afbc8938adb9515fc3" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Damian Lukowski discovered a flaw in spamassassin, a Perl-based spam
- -filter using text analysis. Malicious rule configuration files, possibly
- -downloaded from an
="b9b8d39d9b0a40634514dbd361ab55c99f898bc0" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Kevin Chung discovered that lxml, a Python binding for the libxml2 and
- -libxslt libraries, did not properly sanitize its input. This would
- -allow a malicious user t
="8c14bd4b35ccb6c85a6d61b611ecd724ecc1b07a" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -A NULL pointer dereference was found in the signature_algorithms
- -processing in OpenSSL, a Secure Sockets Layer toolkit, which could
- -result in denial of
="e76306c03cc0728ed930aca7664bec83d40cb48f" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security issues have been found in the Mozilla Firefox
- -web browser, which could potentially result in the execution
- -of arbitrary code, information disclosu
="c4efd022c19cb41eceec5c2392ac917f380e9926" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Jianjun Chen discovered that the Squid proxy caching server was
- -susceptible to HTTP request smuggling.
+Цзяньцзюнь Чэнь обнаружил, что Squid, кэширующий прокси-сервер,
="a4f18a105422eab245e7cde3c375d59fe11a0221" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Toni Huttunen discovered that the Shibboleth service provider's template
- -engine used to render error pages could be abused for phishing attacks.
+Тони Хуттунен обнаружил,
="69c44b4938d0936033bc793b57cffb7c8404c94a" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Two vulnerabilities were discovered in Tor, a connection-based
- -low-latency anonymous communication system, which could lead to
- -excessive CPU usage or cause a direct
="bc9daa7cf8ef9da4b5ef33a9214535a3957f1a98" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -It was discovered that Pygments, a syntax highlighting package written
- -in Python, could be forced into an infinite loop, resulting in denial
- -of service.
+Было о
="a794d051cb4d25ae4463e015e8e8105cdc11382d" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Anton Lydike discovered that sandbox restrictions in Flatpak, an
- -application deployment framework for desktop apps, could by bypassed
- -via a malicious .desktop file
Вс 07 мар 2021 @ 09:33 Vladimir Zhbanov :
> On Sat, Mar 06, 2021 at 01:47:11PM +0500, Lev Lamberov wrote:
>> +Как и в случае с BootHole вместо исправления этой одной ошибки разработчики
>> +продолжили более глубокий аудит и анализ исходного кода GRUB2.
>> +Было бы безответс
::template title="GRUB2 UEFI SecureBoot vulnerabilities -
2021"
+#use wml::debian::template title="Уязвимости GRUB2 UEFI SecureBoot
2021"
+#use wml::debian::translation-check
translation="c75c69f1804b1736803adeaed0ae75df904666b8" maintainer="Lev Lamberov"
- -
="197573ef4537798421da834e851fd3167f2c315b" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security issues were discovered in Thunderbird, which could
- -result in the execution of arbitrary code or information disclosure.
+В Thunderbird были обна
="d2d43f7892fddceb361d33ffe2506775b6501ee8" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security issues were discovered in Docker, a Linux container
- -runtime, which could result in denial of service, an information leak
- -or privilege escalation.
+В
="8270ea7b516481664732e77ea8ce861b543af400" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Beast Glatisant and Jelmer Vernooij reported that python-aiohttp, a
- -async HTTP client/server framework, is prone to an open redirect
- -vulnerability. A maliciously crafte
="7dfc4e9cb47cfdd07f29cd7fd327dd0b8aaa8173" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple security issues have been found in the Mozilla Firefox web
- -browser, which could potentially result in the execution of arbitrary
- -code or information discl
="7d3c74be8da3768df1cdde9dc5637023c2b5b5e2" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Two vulnerabilities were discovered in Node.js, which could result in
- -denial of service or DNS rebinding attacks.
+В Node.js были обнаружены две уязвимости, котор
="17b26eb27e095ada2631f748a90b0252c6b1437d" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -A vulnerability in the Certificate List Exact Assertion validation was
- -discovered in OpenLDAP, a free implementation of the Lightweight
- -Directory Access Protocol. An u
="25518192d421a3133547e82abb73fb6b6e248f73" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Felix Weinmann reported a flaw in the handling of combining characters
- -in screen, a terminal multiplexer with VT100/ANSI terminal emulation,
- -which can result in den
="123908fe74f54620222a349a507f9178a2faf07a" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -It was discovered that zstd, a compression utility, was vulnerable to
- -a race condition: it temporarily exposed, during a very short
- -timeframe, a world-read
="0f4f3e8210b7403850a5550da354ea08036f8c2f" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Several vulnerabilities have been discovered in the chromium web
browser.
+В веб-браузере chromium было обнаружено несколько уязвимостей.
https://security-tracker.deb
="f11c835c6487253210688706e7b7c11464c54a6c" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -A buffer overflow vulnerability was discovered in the SPNEGO
- -implementation affecting the GSSAPI security policy negotiation in BIND,
- -a DNS server implementation
="c85aa63fe1c5972ca4ac07ff9adf7c38a41f1475" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -The following vulnerabilities have been discovered in the webkit2gtk
- -web engine:
+В веб-движке webkit2gtk были обнаружены следующие
+уязвимости:
https://security-
="0b9c89566ef13daffbc9185681dac5de2ae0d592" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Multiple vulnerabilities have been discovered in OpenSSL, a Secure
- -Sockets Layer toolkit. An overflow bug in the x64_64 Montgomery squaring
- -procedure, an integer overf
="b277300840a940d2378dcbdbbc797aff8067437d" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -It was discovered that SPIP, a website engine for publishing, would
- -allow a malicious user to perform cross-site scripting attacks, access
- -sensitive information, or
="1c4239860022f3a722fee53eebd9a97b979ab14b" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Joakim Hindersson discovered that Open vSwitch, a software-based
- -Ethernet virtual switch, allowed a malicious user to cause a
- -denial-of-service by sending a spe
="d006ce565fcf7220e57c35571bee0fdf83341df6" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Thomas Akesson discovered a remotely triggerable vulnerability in the
- -mod_authz_svn module in Subversion, a version control system. When usin
translation="fed7b903761a804bb9667f09b15ca25d06529400" maintainer="Lev Lamberov"
+Обновлённый Debian 10: выпуск 10.8
2021-02-06
#use wml::debian::news
- -# $Id:
10
buster
@@ -24,27 +24,27 @@
https://packages.debian.org/src:%0;>%0
- -The Debian project is pleased to ann
="6a616753f50ac040bb0442c928584ff59857f54c" mindelta="1"
maintainer="Lev Lamberov"
+обновление безопасности
- -Roman Fiedler discovered a vulnerability in the OverlayFS code in
- -firejail, a sandbox program to restrict the running environment of
- -untrusted applications, which
Результаты 201 - 300 из 3647 matches
Mail list logo