[DONE] wml://security/20{18/dsa-4123,08/dsa-1479}.wml
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - --- english/security/2008/dsa-1479.wml2017-11-01 10:11:09.827811874 +0500 +++ russian/security/2008/dsa-1479.wml 2018-02-25 12:04:14.309536622 +0500 @@ -1,46 +1,47 @@ - -several vulnerabilities +#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov" +неÑколÑко ÑÑзвимоÑÑей - -Several local vulnerabilities have been discovered in the Linux kernel - -that may lead to a denial of service or the execution of arbitrary - -code. The Common Vulnerabilities and Exposures project identifies the - -following problems: +Ркоде ÑдÑа Linux бÑло обнаÑÑжено неÑколÑко локалÑнÑÑ ÑÑзвимоÑÑей, +коÑоÑÑе могÑÑ Ð¿ÑиводиÑÑ Ðº оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании или вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного +кода. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and Exposures опÑеделÑÐµÑ +ÑледÑÑÑие пÑоблемÑ: https://security-tracker.debian.org/tracker/CVE-2007-2878;>CVE-2007-2878 - -Bart Oldeman reported a denial of service (DoS) issue in the VFAT - -filesystem that allows local users to corrupt a kernel structure resulting - -in a system crash. This is only an issue for systems which make use - -of the VFAT compat ioctl interface, such as systems running an 'amd64' - -flavor kernel. +ÐаÑÑ ÐлдемÑн ÑообÑил об оÑказе в обÑлÑживании (DoS) в коде поддеÑжки Ñайловой +ÑиÑÑÐµÐ¼Ñ VFAT, коÑоÑÑе позволÑÐµÑ Ð»Ð¾ÐºÐ°Ð»ÑнÑм полÑзоваÑелÑм повÑеждаÑÑ ÑÑÑÑкÑÑÑÑ ÑдÑа, +ÑÑо пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº аваÑийной оÑÑановке ÑиÑÑемÑ. ÐÑа пÑоблема каÑаеÑÑÑ ÑолÑко ÑиÑÑем, в коÑоÑÑÑ +иÑполÑзÑеÑÑÑ ioctl-инÑеÑÑÐµÐ¹Ñ VFAT compat, напÑимеÑ, ÑиÑÑем, ÑабоÑаÑÑÐ¸Ñ Ð¿Ð¾Ð´ ÑпÑавлением +ÑдÑа Ð´Ð»Ñ Ð°ÑÑ Ð¸ÑекÑÑÑÑ 'amd64'. https://security-tracker.debian.org/tracker/CVE-2007-4571;>CVE-2007-4571 - -Takashi Iwai supplied a fix for a memory leak in the snd_page_alloc module. - -Local users could exploit this issue to obtain sensitive information from - -the kernel. +ТакаÑи Ðваи пÑиÑлал иÑпÑавление Ð´Ð»Ñ ÑÑеÑки памÑÑи в модÑле snd_page_alloc. +ÐокалÑнÑе полÑзоваÑели могÑÑ Ð¸ÑполÑзоваÑÑ ÑÑÑ ÑÑзвимоÑÑÑ Ð´Ð»Ñ Ð¿Ð¾Ð»ÑÑÐµÐ½Ð¸Ñ ÑÑвÑÑвиÑелÑной +инÑоÑмаÑии ÑдÑа. https://security-tracker.debian.org/tracker/CVE-2007-6151;>CVE-2007-6151 - -ADLAB discovered a possible memory overrun in the ISDN subsystem that - -may permit a local user to overwrite kernel memory by issuing - -ioctls with unterminated data. +СоÑÑÑдники ADLAB обнаÑÑжили возможнÑй вÑÑ Ð¾Ð´ за гÑаниÑÑ Ð²Ñделенного бÑÑеÑа памÑÑи в +подÑиÑÑеме ISDN, коÑоÑÑе Ð¼Ð¾Ð¶ÐµÑ Ð¿Ð¾Ð·Ð²Ð¾Ð»Ð¸ÑÑ Ð»Ð¾ÐºÐ°Ð»ÑÐ½Ð¾Ð¼Ñ Ð¿Ð¾Ð»ÑзоваÑÐµÐ»Ñ Ð¿ÐµÑезапиÑаÑÑ Ð¿Ð°Ð¼ÑÑÑ +ÑдÑа, вÑзÑÐ²Ð°Ñ ioctl Ñ Ð½ÐµÐ·Ð°Ð²ÐµÑÑÑннÑми даннÑми. https://security-tracker.debian.org/tracker/CVE-2008-0001;>CVE-2008-0001 - -Bill Roman of Datalight noticed a coding error in the linux VFS subsystem - -that, under certain conditions, can allow local users to remove - -directories for which they should not have removal privileges. +Ðилл РомÑн из Datalight замеÑил оÑÐ¸Ð±ÐºÑ Ð¿ÑогÑаммиÑÐ¾Ð²Ð°Ð½Ð¸Ñ Ð² подÑиÑÑеме VFS, +коÑоÑÐ°Ñ Ð¿Ñи опÑеделÑннÑÑ ÑÑÐ»Ð¾Ð²Ð¸Ñ Ð¼Ð¾Ð¶ÐµÑ Ð¿Ð¾Ð·Ð²Ð¾Ð»Ð¸ÑÑ Ð»Ð¾ÐºÐ°Ð»ÑнÑм полÑзоваÑелÑм ÑдалиÑÑ +каÑалоги, Ð´Ð»Ñ ÑÐ´Ð°Ð»ÐµÐ½Ð¸Ñ ÐºÐ¾ÑоÑÑÑ Ñ Ð½Ð¸Ñ Ð½ÐµÑ ÑооÑвеÑÑÑвÑÑÑÐ¸Ñ Ð¿Ñав. - -These problems have been fixed in the stable distribution in version +ÐÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² ÑÑабилÑном вÑпÑÑке в веÑÑии 2.6.18.dfsg.1-17etch1. - -We recommend that you upgrade your kernel packages immediately and reboot - -the machine. If you have built a custom kernel from the kernel source - -package, you will need to rebuild to take advantage of these fixes. +РекомендÑеÑÑÑ Ð½ÐµÐ·Ð°Ð¼ÐµÐ´Ð»Ð¸ÑелÑно обновиÑÑ Ð¿Ð°ÐºÐµÑÑ Ñ ÑдÑом и пеÑезапÑÑÑиÑÑ Ð¼Ð°ÑинÑ. ÐÑли +Ð²Ñ ÑобÑали ÑобÑÑвенное ÑдÑа из пакеÑа Ñ Ð¸ÑÑ Ð¾Ð´Ð½Ñм кодом ÑдÑа, Ñо Ð´Ð»Ñ Ñого, ÑÑÐ¾Ð±Ñ Ð¿Ð¾Ð»ÑÑиÑÑ +ÑказаннÑе иÑпÑавлениÑ, вам Ð½ÐµÐ¾Ð±Ñ Ð¾Ð´Ð¸Ð¼Ð¾ заново пÑоизвеÑÑи ÑбоÑкÑ. # do not modify the following
научите systemd!
Утро! Внезапно мне понадобилось выключить xdm на время. Ну я сказал # systemctl disable xdm и xdm на время выключился. А как включить его обратно? # systemctl enable xdm Synchronizing state of xdm.service with SysV service script with /lib/systemd/systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install enable xdm The unit files have no installation config (WantedBy, RequiredBy, Also, Alias settings in the [Install] section, and DefaultInstance for template units). This means they are not meant to be enabled using systemctl. Possible reasons for having this kind of units are: 1) A unit may be statically enabled by being symlinked from another unit's .wants/ or .requires/ directory. 2) A unit's purpose may be to act as a helper for some other unit which has a requirement dependency on it. 3) A unit may be started when needed via activation (socket, path, timer, D-Bus, udev, scripted systemctl call, ...). 4) In case of template units, the unit is meant to be enabled with some instance name specified. -- sergio
[DONE] wml://{security/2018/dsa-4123.wml}
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - --- english/security/2018/dsa-4123.wml2018-02-24 17:55:08.0 +0500 +++ russian/security/2018/dsa-4123.wml 2018-02-24 17:58:19.093114710 +0500 @@ -1,20 +1,21 @@ - -security update +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +обновление безопаÑноÑÑи - -Multiple vulnerabilities have been found in the Drupal content management - -framework. For additional information, please refer to the upstream - -advisory at https://www.drupal.org/sa-core-2018-001;>\ +Ð Drupal, инÑÑаÑÑÑÑкÑÑÑе ÑпÑавление ÑодеÑжимÑм, бÑли обнаÑÑÐ¶ÐµÐ½Ñ +многоÑиÑленнÑе ÑÑзвимоÑÑи. Ðа дополниÑелÑной инÑоÑмаÑией обÑаÑайÑеÑÑ Ðº ÑекомендаÑии +оÑновной веÑки ÑазÑабоÑки по адÑеÑÑ https://www.drupal.org/sa-core-2018-001;>\ https://www.drupal.org/sa-core-2018-001 - -For the oldstable distribution (jessie), this problem has been fixed - -in version 7.32-1+deb8u10. +РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (jessie) ÑÑа пÑоблема бÑла иÑпÑавлена +в веÑÑии 7.32-1+deb8u10. - -For the stable distribution (stretch), this problem has been fixed in - -version 7.52-2+deb9u2. +Ð ÑÑабилÑном вÑпÑÑке (stretch) ÑÑа пÑоблема бÑли иÑпÑавлена в +веÑÑии 7.52-2+deb9u2. - -We recommend that you upgrade your drupal7 packages. +РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ drupal7. - -For the detailed security status of drupal7 please refer to - -its security tracker page at: +С подÑобнÑм ÑÑаÑÑÑом поддеÑжки безопаÑноÑÑи drupal7 можно ознакомиÑÑÑÑ Ð½Ð° +ÑооÑвеÑÑÑвÑÑÑей ÑÑÑаниÑе оÑÑÐ»ÐµÐ¶Ð¸Ð²Ð°Ð½Ð¸Ñ Ð±ÐµÐ·Ð¾Ð¿Ð°ÑноÑÑи по адÑеÑÑ https://security-tracker.debian.org/tracker/drupal7;>\ https://security-tracker.debian.org/tracker/drupal7 -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlqRYXEACgkQXudu4gIW 0qXLWQ/8CvbJw5GNOncQoUJK+UyzG3BTfo7FOGRFMYKjNPudkH9yBg///ohVXhWN z4D8L5X8b/T/eQAQLXpVyXTB8PoILsMb5stW6NAW+DjqzRiVGXKyWYFuIAgvh/52 R2wnoojADzRsCGVQ0DS5F58BMUf6rZhZf7NCWNmNGbFxeL7mUvZx9q/Sezl4Jxp0 wz/Mru5HpS3KO4KUN3NJAdpQrcVw1MZa0k4uCD22j7SgNZyeqx5J7IiVncF5tt9I TMIhd/bwZ9h9h3Q0MDbd1SXuw0d5ZV6/M6+c0K9y38q3wsx65cRrlXGce5Sf/tp8 Zj2AI776wiBnx+E2pGiZa2n7Y3SmPdMARyyCt+wLX/869hGqIHVax98csuXxyjBE wovSWgTKveFZRHUFaFdwUDjJhEKXhq0aSn45HOCL+eVvAQpaaX+4WBp1NR5/KWjd j0NnwdIH9FZ20nicrIv752VLKG3mqvBAPY3gwiGUz4mqmcUQEyvdhKfcw5ihWBxl 45cIm24ckPz+d4fLR0oIkMUIMYgmK8H/N84Lifxxd2keXRNAAh91oVkxDU+tTitj c1uYbKfOFLiwO3DBWfIIn7H4B/YoQm9ciAc1JuBFvx/S8evrA2n4FsiaI6AdTgWr E2EbeRq4zkRJ6yxqf5mmRihRqGZg+pbwOr+9UpvUjhkVTAZUWjA= =Shvc -END PGP SIGNATURE-
[DONE] wml://{security/2011/dsa-2332.wml}
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - --- english/security/2011/dsa-2332.wml2017-11-01 10:11:10.291842128 +0500 +++ russian/security/2011/dsa-2332.wml 2018-02-24 12:57:36.964318230 +0500 @@ -1,48 +1,49 @@ - -several issues +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +неÑколÑко пÑоблем - -Paul McMillan, Mozilla and the Django core team discovered several - -vulnerabilities in Django, a Python web framework: +Ðол Ðакмиллан, ÑоÑÑÑдники Mozilla и ÑÑаÑÑники оÑновной ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ Django обнаÑÑжили +неÑколÑко ÑÑзвимоÑÑей в Django, веб-инÑÑаÑÑÑÑкÑÑÑе Ð´Ð»Ñ ÑзÑка Python: https://security-tracker.debian.org/tracker/CVE-2011-4136;>CVE-2011-4136 - - When using memory-based sessions and caching, Django sessions are - - stored directly in the root namespace of the cache. When user data is - - stored in the same cache, a remote user may take over a session. + ÐÑи иÑполÑзовании ÑеÑÑий и кÑÑа на оÑнове памÑÑи ÑеÑÑии Django Ñ ÑанÑÑÑÑ + пÑÑмо в коÑневом пÑоÑÑÑанÑÑве имÑн кÑÑа. ÐÑли полÑзоваÑелÑÑкие даннÑе + Ñ ÑанÑÑÑÑ Ð² Ñом же кÑÑе, Ñо ÑдалÑннÑй полÑзоваÑÐµÐ»Ñ Ð¼Ð¾Ð¶ÐµÑ Ð¿ÐµÑÐµÑ Ð²Ð°ÑиÑÑ ÑеÑÑиÑ. https://security-tracker.debian.org/tracker/CVE-2011-4137;>CVE-2011-4137, https://security-tracker.debian.org/tracker/CVE-2011-4138;>CVE-2011-4138 - - Django's field type URLfield by default checks supplied URL's by - - issuing a request to it, which doesn't time out. A Denial of Service - - is possible by supplying specially prepared URL's that keep the - - connection open indefinately or fill the Django's server memory. + Ðо ÑмолÑÐ°Ð½Ð¸Ñ Ñип Ð¿Ð¾Ð»Ñ URLfield в Django вÑполнÑÐµÑ Ð¿ÑовеÑÐºÑ Ð¿ÐµÑеданного URL + пÑÑÑм оÑпÑавки запÑоÑа, Ð´Ð»Ñ ÐºÐ¾ÑоÑого не ÑÑÑановлен ÑаймеÑ. ÐÑи пеÑедаÑе ÑпеÑиалÑно + ÑÑоÑмиÑованного URL можно вÑзваÑÑ Ð¾Ñказ в обÑлÑживании, Ñоединение бÑÐ´ÐµÑ Ð¾ÑÑаваÑÑÑÑ + оÑкÑÑÑÑм неопÑеделÑнно долго, либо бÑÐ´ÐµÑ Ð·Ð°Ð¿Ð¾Ð»Ð½ÐµÐ½Ð° памÑÑÑ ÑеÑвеÑа Django. https://security-tracker.debian.org/tracker/CVE-2011-4139;>CVE-2011-4139 - - Django used X-Forwarded-Host headers to construct full URL's. This - - header may not contain trusted input and could be used to poison the - - cache. + Django иÑполÑзÑÐµÑ Ð·Ð°Ð³Ð¾Ð»Ð¾Ð²ÐºÐ¸ X-Forwarded-Host Ð´Ð»Ñ ÑÐ¾Ð·Ð´Ð°Ð½Ð¸Ñ Ð¿Ð¾Ð»Ð½ÑÑ URL. ÐÑÐ¾Ñ + заголовок Ð¼Ð¾Ð¶ÐµÑ Ð½Ðµ ÑодеÑжаÑÑ Ð´Ð¾Ð²ÐµÑеннÑе Ð²Ñ Ð¾Ð´Ð½Ñе даннÑе и Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑÑÑ + Ð´Ð»Ñ Ð¾ÑÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ ÐºÑÑа. https://security-tracker.debian.org/tracker/CVE-2011-4140;>CVE-2011-4140 - - The CSRF protection mechanism in Django does not properly handle - - web-server configurations supporting arbitrary HTTP Host headers, - - which allows remote attackers to trigger unauthenticated forged - - requests. + ÐÐµÑ Ð°Ð½Ð¸Ð·Ð¼ заÑиÑÑ CSRF в Django непÑавилÑно обÑабаÑÑÐ²Ð°ÐµÑ Ð½Ð°ÑÑÑойки + веб-ÑеÑвеÑа, поддеÑживаÑÑие пÑоизволÑнÑе HTTP-заголовки Host, + ÑÑо позволÑÐµÑ ÑдалÑннÑм злоÑмÑÑленникам оÑÑÑеÑÑвлÑÑÑ Ð½ÐµÐ°ÑÑенÑиÑиÑиÑованнÑе + ÑпеÑиалÑно ÑÑоÑмиÑованнÑе запÑоÑÑ. - -For the oldstable distribution (lenny), this problem has been fixed in - -version 1.0.2-1+lenny3. +РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (lenny) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1.0.2-1+lenny3. - -For the stable distribution (squeeze), this problem has been fixed in - -version 1.2.3-3+squeeze2. +Ð ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1.2.3-3+squeeze2. - -For the testing (wheezy) and unstable distribution (sid), this problem - -has been fixed in version 1.3.1-1. +Ð ÑеÑÑиÑÑемом (wheezy) и неÑÑабилÑном (sid) вÑпÑÑÐºÐ°Ñ ÑÑа пÑоблема +бÑла иÑпÑавлена в веÑÑии 1.3.1-1. - -We recommend that you upgrade your python-django packages. +РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ python-django. # do not modify the following line -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlqRGvUACgkQXudu4gIW 0qVgzBAAmof34YM9v88FrvOPEBEhUzy3Shu6e3GxKLxPTUSUULd/XGE08LkSNaSk 4W5AABE07bJOVCuSBM2rvJOEs1ugmRsCKbVykzWc9TlqluhkMxV+K9xMBMcKM31L