aboutsummaryrefslogtreecommitdiffstats
path: root/chinese/security
diff options
context:
space:
mode:
authorWu XiangCheng <bobwxc@yeah.net>2021-02-20 03:52:54 +0800
committerBoyuan Yang <byang@debian.org>2021-02-25 19:07:12 +0000
commit8fc5327d71c29e6c6f22b0a44fdd96b9cd1b97e9 (patch)
tree43f2daa825559ffb12d841d7cabc61d2b6f74427 /chinese/security
parentaa8933f86b5c7854b160e5645ddbb59df1aec633 (diff)
(zh) add 2021 dsa
dsa-4822 ~ dsa-4861
Diffstat (limited to 'chinese/security')
-rw-r--r--chinese/security/2021/Makefile1
-rw-r--r--chinese/security/2021/dsa-4822.wml18
-rw-r--r--chinese/security/2021/dsa-4823.wml18
-rw-r--r--chinese/security/2021/dsa-4824.wml18
-rw-r--r--chinese/security/2021/dsa-4825.wml36
-rw-r--r--chinese/security/2021/dsa-4826.wml18
-rw-r--r--chinese/security/2021/dsa-4827.wml18
-rw-r--r--chinese/security/2021/dsa-4828.wml18
-rw-r--r--chinese/security/2021/dsa-4829.wml23
-rw-r--r--chinese/security/2021/dsa-4830.wml35
-rw-r--r--chinese/security/2021/dsa-4831.wml19
-rw-r--r--chinese/security/2021/dsa-4832.wml17
-rw-r--r--chinese/security/2021/dsa-4833.wml18
-rw-r--r--chinese/security/2021/dsa-4834.wml18
-rw-r--r--chinese/security/2021/dsa-4835.wml18
-rw-r--r--chinese/security/2021/dsa-4836.wml19
-rw-r--r--chinese/security/2021/dsa-4837.wml20
-rw-r--r--chinese/security/2021/dsa-4838.wml19
-rw-r--r--chinese/security/2021/dsa-4839.wml19
-rw-r--r--chinese/security/2021/dsa-4840.wml18
-rw-r--r--chinese/security/2021/dsa-4841.wml20
-rw-r--r--chinese/security/2021/dsa-4842.wml18
-rw-r--r--chinese/security/2021/dsa-4843.wml91
-rw-r--r--chinese/security/2021/dsa-4844.wml20
-rw-r--r--chinese/security/2021/dsa-4845.wml20
-rw-r--r--chinese/security/2021/dsa-4846.wml150
-rw-r--r--chinese/security/2021/dsa-4847.wml19
-rw-r--r--chinese/security/2021/dsa-4848.wml19
-rw-r--r--chinese/security/2021/dsa-4849.wml20
-rw-r--r--chinese/security/2021/dsa-4850.wml18
-rw-r--r--chinese/security/2021/dsa-4851.wml20
-rw-r--r--chinese/security/2021/dsa-4852.wml19
-rw-r--r--chinese/security/2021/dsa-4853.wml19
-rw-r--r--chinese/security/2021/dsa-4854.wml25
-rw-r--r--chinese/security/2021/dsa-4855.wml28
-rw-r--r--chinese/security/2021/dsa-4856.wml19
-rw-r--r--chinese/security/2021/dsa-4857.wml18
-rw-r--r--chinese/security/2021/dsa-4858.wml62
-rw-r--r--chinese/security/2021/dsa-4859.wml19
-rw-r--r--chinese/security/2021/dsa-4860.wml19
-rw-r--r--chinese/security/2021/dsa-4861.wml19
-rw-r--r--chinese/security/2021/index.wml12
42 files changed, 1062 insertions, 0 deletions
diff --git a/chinese/security/2021/Makefile b/chinese/security/2021/Makefile
new file mode 100644
index 00000000000..17f19c095e2
--- /dev/null
+++ b/chinese/security/2021/Makefile
@@ -0,0 +1 @@
+include $(subst webwml/chinese,webwml/english,$(CURDIR))/Makefile
diff --git a/chinese/security/2021/dsa-4822.wml b/chinese/security/2021/dsa-4822.wml
new file mode 100644
index 00000000000..e460930feb6
--- /dev/null
+++ b/chinese/security/2021/dsa-4822.wml
@@ -0,0 +1,18 @@
+#use wml::debian::translation-check translation="ce053bc67f7e188f5978ad5bbfd7c2786669f07c"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>David Cook 报告了几个影响p11-kit中RPC协议的内存安全问题,
+p11-kit是一个提供加载和枚举PKCS#11模块的库。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 0.23.15-2+deb10u1。</p>
+
+<p>我们建议您升级您的 p11-kit 软件包。</p>
+
+<p>查看关于 p11-kit 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/p11-kit">https://security-tracker.debian.org/tracker/p11-kit</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4822.data"
diff --git a/chinese/security/2021/dsa-4823.wml b/chinese/security/2021/dsa-4823.wml
new file mode 100644
index 00000000000..6ff00b153ac
--- /dev/null
+++ b/chinese/security/2021/dsa-4823.wml
@@ -0,0 +1,18 @@
+#use wml::debian::translation-check translation="df41ee2d83423c2e6bcdc9061671b96ead8a6074"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>发现在InfluxDB(一个时间序列、度量和分析数据库)中对JWT令牌的错误验证可能会导致绕过身份验证</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 1.6.4-1+deb10u1。</p>
+
+<p>我们建议您升级您的 influxdb 软件包。</p>
+
+<p>查看关于 influxdb 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/influxdb">\
+https://security-tracker.debian.org/tracker/influxdb</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4823.data"
diff --git a/chinese/security/2021/dsa-4824.wml b/chinese/security/2021/dsa-4824.wml
new file mode 100644
index 00000000000..9a80125d4d9
--- /dev/null
+++ b/chinese/security/2021/dsa-4824.wml
@@ -0,0 +1,18 @@
+#use wml::debian::translation-check translation="b7239518c823ae53e2826fd2e71efbc6e91007e3"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>Chromium web浏览器中发现多个安全问题,可能导致执行任意代码、拒绝服务或信息泄露。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 87.0.4280.88-0.4~deb10u1。</p>
+
+<p>我们建议您升级您的 chromium 软件包。</p>
+
+<p>查看关于 chromium 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/chromium">\
+https://security-tracker.debian.org/tracker/chromium</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4824.data"
diff --git a/chinese/security/2021/dsa-4825.wml b/chinese/security/2021/dsa-4825.wml
new file mode 100644
index 00000000000..b731ef25abc
--- /dev/null
+++ b/chinese/security/2021/dsa-4825.wml
@@ -0,0 +1,36 @@
+#use wml::debian::translation-check translation="28bc87857803972597b697f1aafdfc05773ea8db"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>在Dovecot电子邮件服务器中发现了多个漏洞。</p>
+
+<ul>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-24386">CVE-2020-24386</a>
+
+ <p>当imap休眠处启动时,攻击者(具有访问邮件服务器的有效凭据)可以使
+ Dovecot发现文件系统目录结构,并通过精心构建的命令访问其他用户的电子邮件。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25275">CVE-2020-25275</a>
+
+ <p>Innokentii Sennovskiy 报告当第10000个MIME部分是
+ message/rfc822(或者父级是 multipart/digest)时,
+ Dovecot中的邮件传递和解析可能会崩溃。
+ 此缺陷是由早期更改
+ <a href="https://security-tracker.debian.org/tracker/CVE-2020-12100">\
+ CVE-2020-12100</a>引入的。</p></li>
+
+</ul>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 1:2.3.4.1-5+deb10u5。</p>
+
+<p>我们建议您升级您的 dovecot 软件包。</p>
+
+<p>查看关于 dovecot 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/dovecot">\
+https://security-tracker.debian.org/tracker/dovecot</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4825.data"
diff --git a/chinese/security/2021/dsa-4826.wml b/chinese/security/2021/dsa-4826.wml
new file mode 100644
index 00000000000..83e5fea77d1
--- /dev/null
+++ b/chinese/security/2021/dsa-4826.wml
@@ -0,0 +1,18 @@
+#use wml::debian::translation-check translation="27a3db159df9f47798f0f5c818d5f1dafdd4a815"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>在 Node.js 中发现了两个漏洞,这可能导致拒绝服务,并可能导致执行任意代码或HTTP请求偷渡。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 10.23.1~dfsg-1~deb10u1。</p>
+
+<p>我们建议您升级您的 nodejs 软件包。</p>
+
+<p>查看关于 nodejs 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/nodejs">\
+https://security-tracker.debian.org/tracker/nodejs</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4826.data"
diff --git a/chinese/security/2021/dsa-4827.wml b/chinese/security/2021/dsa-4827.wml
new file mode 100644
index 00000000000..6e95de62105
--- /dev/null
+++ b/chinese/security/2021/dsa-4827.wml
@@ -0,0 +1,18 @@
+#use wml::debian::translation-check translation="2250192440b4e4662c2bd0c7ab63e34e6ff313ee"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>Mozilla Firefox web浏览器中发现安全问题,可能导致执行任意代码。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 78.6.1esr-1~deb10u1。</p>
+
+<p>我们建议您升级您的 firefox-esr 软件包。</p>
+
+<p>查看关于 firefox-esr 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/firefox-esr">\
+https://security-tracker.debian.org/tracker/firefox-esr</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4827.data"
diff --git a/chinese/security/2021/dsa-4828.wml b/chinese/security/2021/dsa-4828.wml
new file mode 100644
index 00000000000..3cddac48c16
--- /dev/null
+++ b/chinese/security/2021/dsa-4828.wml
@@ -0,0 +1,18 @@
+#use wml::debian::translation-check translation="c7278d0cf5a2c92a64386bb83ed50bdb7e9b56f4"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>Liaogui Zhong 在XStream中发现了两个安全问题,XStream是一个Java库,用于将对象序列化为XML,然后再次序列化,这可能导致在解组时删除文件或伪造服务器端请求。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 1.4.11.1-1+deb10u2。</p>
+
+<p>我们建议您升级您的 libxstream-java 软件包。</p>
+
+<p>查看关于 libxstream-java 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/libxstream-java">\
+https://security-tracker.debian.org/tracker/libxstream-java</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4828.data"
diff --git a/chinese/security/2021/dsa-4829.wml b/chinese/security/2021/dsa-4829.wml
new file mode 100644
index 00000000000..600e035400b
--- /dev/null
+++ b/chinese/security/2021/dsa-4829.wml
@@ -0,0 +1,23 @@
+#use wml::debian::translation-check translation="6deb41e83064921e63d318734179cf3b4d8867e0"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>A flaw was discovered in coturn, a TURN and STUN server for VoIP. By
+default coturn does not allow peers on the loopback addresses
+(127.x.x.x and ::1). A remote attacker can bypass the protection via a
+specially crafted request using a peer address of <q>0.0.0.0</q> and trick
+coturn in relaying to the loopback interface. If listening on IPv6 the
+loopback interface can also be reached by using either [::1] or [::] as
+the address。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 4.5.1.1-1.1+deb10u2。</p>
+
+<p>我们建议您升级您的 coturn 软件包。</p>
+
+<p>查看关于 coturn 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/coturn">https://security-tracker.debian.org/tracker/coturn</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4829.data"
diff --git a/chinese/security/2021/dsa-4830.wml b/chinese/security/2021/dsa-4830.wml
new file mode 100644
index 00000000000..99c1a82a90a
--- /dev/null
+++ b/chinese/security/2021/dsa-4830.wml
@@ -0,0 +1,35 @@
+#use wml::debian::translation-check translation="cc173b8d34b89c7d43e8628759e88ae4a67b7db9"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>Simon McVittie 在flatpak门户服务中发现了一个bug,
+它允许沙盒应用程序在主机系统上执行任意代码(沙盒逃脱)。</p>
+
+<p>The Flatpak portal D-Bus service (flatpak-portal, also known by its
+D-Bus service name org.freedesktop.portal.Flatpak) allows apps in a
+Flatpak sandbox to launch their own subprocesses in a new sandbox
+instance, either with the same security settings as the caller or
+with more restrictive security settings. For example, this is used in
+Flatpak-packaged web browsers such as Chromium to launch subprocesses
+that will process untrusted web content, and give those subprocesses a
+more restrictive sandbox than the browser itself。</p>
+
+<p>In vulnerable versions, the Flatpak portal service passes caller-specified
+environment variables to non-sandboxed processes on the host system,
+and in particular to the flatpak run command that is used to launch the
+new sandbox instance. A malicious or compromised Flatpak app could set
+environment variables that are trusted by the flatpak run command, and
+use them to execute arbitrary code that is not in a sandbox。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 1.2.5-0+deb10u2。</p>
+
+<p>我们建议您升级您的 flatpak 软件包。</p>
+
+<p>查看关于 flatpak 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/flatpak">\
+https://security-tracker.debian.org/tracker/flatpak</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4830.data"
diff --git a/chinese/security/2021/dsa-4831.wml b/chinese/security/2021/dsa-4831.wml
new file mode 100644
index 00000000000..0e3592dfb2c
--- /dev/null
+++ b/chinese/security/2021/dsa-4831.wml
@@ -0,0 +1,19 @@
+#use wml::debian::translation-check translation="6d1643a67509927d077347faabf9fdb8fdcb2dc5"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>Johan Smits 发现ruby redcarpet,一个markdown解析器,没有正确地验证它的输入。
+这将允许攻击者发起跨站点脚本攻击。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 3.4.0-4+deb10u1。</p>
+
+<p>我们建议您升级您的 ruby-redcarpet 软件包。</p>
+
+<p>查看关于 ruby-redcarpet 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/ruby-redcarpet">\
+https://security-tracker.debian.org/tracker/ruby-redcarpet</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4831.data"
diff --git a/chinese/security/2021/dsa-4832.wml b/chinese/security/2021/dsa-4832.wml
new file mode 100644
index 00000000000..aa7abd9ea8a
--- /dev/null
+++ b/chinese/security/2021/dsa-4832.wml
@@ -0,0 +1,17 @@
+#use wml::debian::translation-check translation="a5c79088ff2296ccbad43ece8403cb9d49aa69ac"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>Chromium web浏览器中发现多个安全问题,可能导致执行任意代码、拒绝服务或信息泄露。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 87.0.4280.141-0.1~deb10u1。</p>
+
+<p>我们建议您升级您的 chromium 软件包。</p>
+
+<p>查看关于 chromium 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/chromium">https://security-tracker.debian.org/tracker/chromium</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4832.data"
diff --git a/chinese/security/2021/dsa-4833.wml b/chinese/security/2021/dsa-4833.wml
new file mode 100644
index 00000000000..fabe5261f7e
--- /dev/null
+++ b/chinese/security/2021/dsa-4833.wml
@@ -0,0 +1,18 @@
+#use wml::debian::translation-check translation="44daa28d7165e7856597605819dd8a2aa51c048f"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>Andrew Wesie在GStreamer多媒体框架的H264支持中发现了缓冲区溢出,这可能导致执行任意代码。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 1.14.4-1deb10u1。</p>
+
+<p>我们建议您升级您的 gst-plugins-bad1.0 软件包。</p>
+
+<p>查看关于 gst-plugins-bad1.0 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/gst-plugins-bad1.0">\
+https://security-tracker.debian.org/tracker/gst-plugins-bad1.0</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4833.data"
diff --git a/chinese/security/2021/dsa-4834.wml b/chinese/security/2021/dsa-4834.wml
new file mode 100644
index 00000000000..8faf6bd9315
--- /dev/null
+++ b/chinese/security/2021/dsa-4834.wml
@@ -0,0 +1,18 @@
+#use wml::debian::translation-check translation="13bfa3423af65169b2f2d0d153f852ba4103dd3c"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>在VLC媒体播放器中发现多个漏洞,如果打开格式错误的媒体文件,可能导致执行任意代码或拒绝服务。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 3.0.12-0+deb10u1。</p>
+
+<p>我们建议您升级您的 vlc 软件包。</p>
+
+<p>查看关于 vlc 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/vlc">\
+https://security-tracker.debian.org/tracker/vlc</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4834.data"
diff --git a/chinese/security/2021/dsa-4835.wml b/chinese/security/2021/dsa-4835.wml
new file mode 100644
index 00000000000..cf270039031
--- /dev/null
+++ b/chinese/security/2021/dsa-4835.wml
@@ -0,0 +1,18 @@
+#use wml::debian::translation-check translation="3fea03cb934f83fd2586afe70178153c8330281f"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>在Tomcat servlet和JSP引擎中发现了两个漏洞,这可能导致信息泄露</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 9.0.31-1~deb10u3。</p>
+
+<p>我们建议您升级您的 tomcat9 软件包。</p>
+
+<p>查看关于 tomcat9 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/tomcat9">\
+https://security-tracker.debian.org/tracker/tomcat9</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4835.data"
diff --git a/chinese/security/2021/dsa-4836.wml b/chinese/security/2021/dsa-4836.wml
new file mode 100644
index 00000000000..33698f131dc
--- /dev/null
+++ b/chinese/security/2021/dsa-4836.wml
@@ -0,0 +1,19 @@
+#use wml::debian::translation-check translation="9510422e7838a480b1a6078d836538bb3c6b029a"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>在Open-vSwitch(一种基于软件的以太网虚拟交换机)
+的LLPD实现中发现了两个漏洞,这可能导致拒绝服务。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 2.10.6+ds1-0+deb10u1。</p>
+
+<p>我们建议您升级您的 openvswitch 软件包。</p>
+
+<p>查看关于 openvswitch 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/openvswitch">\
+https://security-tracker.debian.org/tracker/openvswitch</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4836.data"
diff --git a/chinese/security/2021/dsa-4837.wml b/chinese/security/2021/dsa-4837.wml
new file mode 100644
index 00000000000..9e8c87d5ae4
--- /dev/null
+++ b/chinese/security/2021/dsa-4837.wml
@@ -0,0 +1,20 @@
+#use wml::debian::translation-check translation="23b235270837433bab2ef3d3919d771d79b42a73"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>在强大的远程执行管理器salt中发现了几个漏洞。
+这些缺陷可能导致绕过Salt-SSH的身份验证和调用,
+通过TLS执行模块创建具有弱文件权限的证书,
+或者使用SSH客户端使用Salt-API进行shell注入。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 2018.3.4+dfsg1-6+deb10u2。</p>
+
+<p>我们建议您升级您的 salt 软件包。</p>
+
+<p>查看关于 salt 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/salt">https://security-tracker.debian.org/tracker/salt</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4837.data"
diff --git a/chinese/security/2021/dsa-4838.wml b/chinese/security/2021/dsa-4838.wml
new file mode 100644
index 00000000000..03510946966
--- /dev/null
+++ b/chinese/security/2021/dsa-4838.wml
@@ -0,0 +1,19 @@
+#use wml::debian::translation-check translation="7332091fb9221dc7f16942318bcf63cea083ed52"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>Tavis Ormandy在Mutt(一种支持MIME、GPG、PGP和线程的基于文本的邮件读取器)
+的rfc822组收件人解析中发现了一个内存泄漏漏洞,这可能导致拒绝服务。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 1.10.1-2.1+deb10u5。</p>
+
+<p>我们建议您升级您的 mutt 软件包。</p>
+
+<p>查看关于 mutt 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/mutt">\
+https://security-tracker.debian.org/tracker/mutt</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4838.data"
diff --git a/chinese/security/2021/dsa-4839.wml b/chinese/security/2021/dsa-4839.wml
new file mode 100644
index 00000000000..47f99c9445e
--- /dev/null
+++ b/chinese/security/2021/dsa-4839.wml
@@ -0,0 +1,19 @@
+#use wml::debian::translation-check translation="3430520092002ba2cf08a905c95e82635551b172"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>Qualys研究实验室在sudo中发现了一个基于堆的缓冲区溢出漏洞,
+sudo是一个旨在为特定用户提供有限超级用户权限的程序。
+任何本地用户(sudoers和非sudoers)都可以利用此漏洞升级ROOT权限。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 1.8.27-1+deb10u3。</p>
+
+<p>我们建议您升级您的 sudo 软件包。</p>
+
+<p>查看关于 sudo 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/sudo">https://security-tracker.debian.org/tracker/sudo</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4839.data"
diff --git a/chinese/security/2021/dsa-4840.wml b/chinese/security/2021/dsa-4840.wml
new file mode 100644
index 00000000000..a4717adb94f
--- /dev/null
+++ b/chinese/security/2021/dsa-4840.wml
@@ -0,0 +1,18 @@
+#use wml::debian::translation-check translation="105f0db4e352f9e78b2dc8c412985cf171a97805"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>Mozilla Firefox web浏览器中发现多个安全问题,这可能导致执行任意代码或信息泄露。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 78.7.0esr-1~deb10u1。</p>
+
+<p>我们建议您升级您的 firefox-esr 软件包。</p>
+
+<p>查看关于 firefox-esr 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/firefox-esr">\
+https://security-tracker.debian.org/tracker/firefox-esr</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4840.data"
diff --git a/chinese/security/2021/dsa-4841.wml b/chinese/security/2021/dsa-4841.wml
new file mode 100644
index 00000000000..d402538840d
--- /dev/null
+++ b/chinese/security/2021/dsa-4841.wml
@@ -0,0 +1,20 @@
+#use wml::debian::translation-check translation="29834dabc5508da0cafcf2a974c4ab5c7943d209"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>在一个集群资源管理和作业调度系统
+Simple Linux Utility for Resource Management(SLURM)中发现了多个安全问题,
+这些问题可能导致拒绝服务、信息泄露或权限提升。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 18.08.5.2-1+deb10u2。</p>
+
+<p>我们建议您升级您的 slurm-llnl 软件包。</p>
+
+<p>查看关于 slurm-llnl 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/slurm-llnl">\
+https://security-tracker.debian.org/tracker/slurm-llnl</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4841.data"
diff --git a/chinese/security/2021/dsa-4842.wml b/chinese/security/2021/dsa-4842.wml
new file mode 100644
index 00000000000..59131ae82fa
--- /dev/null
+++ b/chinese/security/2021/dsa-4842.wml
@@ -0,0 +1,18 @@
+#use wml::debian::translation-check translation="6c95eff37261f5db13f187dc4c5f8c9ce72e75bc"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>在Thunderbird中发现了多个安全问题,这些问题可能导致执行任意代码、拒绝服务或信息泄漏。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 1:78.7.0-1~deb10u1。</p>
+
+<p>我们建议您升级您的 thunderbird 软件包。</p>
+
+<p>查看关于 thunderbird 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/thunderbird">\
+https://security-tracker.debian.org/tracker/thunderbird</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4842.data"
diff --git a/chinese/security/2021/dsa-4843.wml b/chinese/security/2021/dsa-4843.wml
new file mode 100644
index 00000000000..dd325001435
--- /dev/null
+++ b/chinese/security/2021/dsa-4843.wml
@@ -0,0 +1,91 @@
+#use wml::debian::translation-check translation="7d4e416de9b0d5870d3b56d250bdbed4f5cdde8b"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>Linux内核中发现了几个可能导致权限提升、拒绝服务或信息泄漏的漏洞。</p>
+
+<ul>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-27815">CVE-2020-27815</a>
+
+ <p>A flaw was reported in the JFS filesystem code allowing a local
+ attacker with the ability to set extended attributes to cause a
+ denial of service。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-27825">CVE-2020-27825</a>
+
+ <p>Adam <q>pi3</q> Zabrocki reported a use-after-free flaw in the ftrace
+ ring buffer resizing logic due to a race condition, which could
+ result in denial of service or information leak。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-27830">CVE-2020-27830</a>
+
+ <p>Shisong Qin reported a NULL pointer dereference flaw in the Speakup
+ screen reader core driver。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-28374">CVE-2020-28374</a>
+
+ <p>David Disseldorp discovered that the LIO SCSI target implementation
+ performed insufficient checking in certain XCOPY requests. An
+ attacker with access to a LUN and knowledge of Unit Serial Number
+ assignments can take advantage of this flaw to read and write to any
+ LIO backstore, regardless of the SCSI transport settings。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-29568">CVE-2020-29568 (XSA-349)</a>
+
+ <p>Michael Kurth and Pawel Wieczorkiewicz reported that frontends can
+ trigger OOM in backends by updating a watched path。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-29569">CVE-2020-29569 (XSA-350)</a>
+
+ <p>Olivier Benjamin and Pawel Wieczorkiewicz reported a use-after-free
+ flaw which can be triggered by a block frontend in Linux blkback. A
+ misbehaving guest can trigger a dom0 crash by continuously
+ connecting / disconnecting a block frontend。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-29660">CVE-2020-29660</a>
+
+ <p>Jann Horn reported a locking inconsistency issue in the tty
+ subsystem which may allow a local attacker to mount a
+ read-after-free attack against TIOCGSID。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-29661">CVE-2020-29661</a>
+
+ <p>Jann Horn reported a locking issue in the tty subsystem which can
+ result in a use-after-free. A local attacker can take advantage of
+ this flaw for memory corruption or privilege escalation。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-36158">CVE-2020-36158</a>
+
+ <p>A buffer overflow flaw was discovered in the mwifiex WiFi driver
+ which could result in denial of service or the execution of
+ arbitrary code via a long SSID value。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-3347">CVE-2021-3347</a>
+
+ <p>It was discovered that PI futexes have a kernel stack use-after-free
+ during fault handling. An unprivileged user could use this flaw to
+ crash the kernel (resulting in denial of service) or for privilege
+ escalation。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-20177">CVE-2021-20177</a>
+
+ <p>A flaw was discovered in the Linux implementation of string matching
+ within a packet. A privileged user (with root or CAP_NET_ADMIN) can
+ take advantage of this flaw to cause a kernel panic when inserting
+ iptables rules。</p></li>
+
+</ul>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 4.19.171-2。</p>
+
+<p>我们建议您升级您的 linux 软件包。</p>
+
+<p>查看关于 linux 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/linux">\
+https://security-tracker.debian.org/tracker/linux</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4843.data"
diff --git a/chinese/security/2021/dsa-4844.wml b/chinese/security/2021/dsa-4844.wml
new file mode 100644
index 00000000000..3f11c18872e
--- /dev/null
+++ b/chinese/security/2021/dsa-4844.wml
@@ -0,0 +1,20 @@
+#use wml::debian::translation-check translation="3b85f13b6ae7d2b5dc01f391605934669f18117f"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>JSOF的Moshe Kol和Shlomi Oberman在dnsmasq中发现了几个漏洞,
+dnsmasq是一个小型的缓存DNS代理和DHCP/TFTP服务器。
+它们可能导致拒绝服务、缓存中毒或执行任意代码。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 2.80-1+deb10u1。</p>
+
+<p>我们建议您升级您的 dnsmasq 软件包。</p>
+
+<p>查看关于 dnsmasq 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/dnsmasq">\
+https://security-tracker.debian.org/tracker/dnsmasq</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4844.data"
diff --git a/chinese/security/2021/dsa-4845.wml b/chinese/security/2021/dsa-4845.wml
new file mode 100644
index 00000000000..8e1647327c9
--- /dev/null
+++ b/chinese/security/2021/dsa-4845.wml
@@ -0,0 +1,20 @@
+#use wml::debian::translation-check translation="5953186c6296cf5c12835b1379935c80bc126430"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>OpenLDAP是轻量级目录访问协议的免费实现,在其中发现了几个漏洞。
+未经验证的远程攻击者可以利用这些缺陷,通过精心构建的数据包造成拒绝服务
+(slapd daemon崩溃、无限循环)。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 2.4.47+dfsg-3+deb10u5。</p>
+
+<p>我们建议您升级您的 openldap 软件包。</p>
+
+<p>查看关于 openldap 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/openldap">\
+https://security-tracker.debian.org/tracker/openldap</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4845.data"
diff --git a/chinese/security/2021/dsa-4846.wml b/chinese/security/2021/dsa-4846.wml
new file mode 100644
index 00000000000..0bf8bdc41a0
--- /dev/null
+++ b/chinese/security/2021/dsa-4846.wml
@@ -0,0 +1,150 @@
+#use wml::debian::translation-check translation="603ec322379c4d19ac2617c6e9f713349947c37e"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>chromium web浏览器中发现了多个漏洞。</p>
+
+<ul>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-16044">CVE-2020-16044</a>
+
+ <p>Ned Williamson 在 WebRTC 实现中发现了 use-after-free 问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21117">CVE-2021-21117</a>
+
+ <p>Rory McNamara 在 Cryptohome 中发现了一个策略执行问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21118">CVE-2021-21118</a>
+
+ <p>Tyler Nighswander 在v8 javascript库中发现了一个数据验证问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21119">CVE-2021-21119</a>
+
+ <p>媒体处理中发现了 use-after-free 问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21120">CVE-2021-21120</a>
+
+ <p>Nan Wang 和 Guang Gong 在 WebSQL 实现中发现一个 use-after-free 问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21121">CVE-2021-21121</a>
+
+ <p>Leecraso 和 Guang Gong 在 Omnibox 中发现了一个 use-after-free 问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21122">CVE-2021-21122</a>
+
+ <p>Renata Hodovan 在 Blink/WebKit 中发现了一个 use-after-free 问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21123">CVE-2021-21123</a>
+
+ <p>Maciej Pulikowski 发现了一个数据验证问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21124">CVE-2021-21124</a>
+
+ <p>Chaoyang Ding 在语音识别器发现了一个 use-after-free 问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21125">CVE-2021-21125</a>
+
+ <p>Ron Masas 发现了一个策略执行问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21126">CVE-2021-21126</a>
+
+ <p>David Erceg 在扩展中发现了一个策略执行问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21127">CVE-2021-21127</a>
+
+ <p>Jasminder Pal Singh 在扩展中发现了一个策略执行问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21128">CVE-2021-21128</a>
+
+ <p>Liang Dong 在 Blink/WebKit 中发现了缓冲区溢出问题t。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21129">CVE-2021-21129</a>
+
+ <p>Maciej Pulikowski 发现了一个策略执行问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21130">CVE-2021-21130</a>
+
+ <p>Maciej Pulikowski 发现了一个策略执行问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21131">CVE-2021-21131</a>
+
+ <p>Maciej Pulikowski 发现了一个策略执行问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21132">CVE-2021-21132</a>
+
+ <p>David Erceg 在开发人员工具中发现了一个实现错误。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21133">CVE-2021-21133</a>
+
+ <p>wester0x01 发现了一个策略执行问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21134">CVE-2021-21134</a>
+
+ <p>wester0x01 发现了一个用户接口错误。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21135">CVE-2021-21135</a>
+
+ <p>ndevtk 在性能API中发现了一个实现错误。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21136">CVE-2021-21136</a>
+
+ <p>Shiv Sahni, Movnavinothan V 和 Imdad Mohammed 发现了一个策略执行错误。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21137">CVE-2021-21137</a>
+
+ <p>bobbybear 在开发人员工具中发现了一个实现错误。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21138">CVE-2021-21138</a>
+
+ <p>Weipeng Jiang 在开发人员工具中发现了一个 use-after-free 错误。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21139">CVE-2021-21139</a>
+
+ <p>Jun Kokatsu 在iframe沙盒中发现了一个实现错误。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21140">CVE-2021-21140</a>
+
+ <p>David Manouchehri 在USB实现中发现了未初始化的内存。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21141">CVE-2021-21141</a>
+
+ <p>Maciej Pulikowski 发现了一个策略执行错误。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21142">CVE-2021-21142</a>
+
+ <p>Khalil Zhani 发现了一个 use-after-free 问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21143">CVE-2021-21143</a>
+
+ <p>Allen Parker 和 Alex Morgan 在扩展中发现了缓冲区溢出问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21144">CVE-2021-21144</a>
+
+ <p>Leecraso 和 Guang Gong 发现了缓冲区溢出问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21145">CVE-2021-21145</a>
+
+ <p>发现了一个 use-after-free 问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21146">CVE-2021-21146</a>
+
+ <p>Alison Huffman 和 Choongwoo Han 发现了一个 use-after-free 问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21147">CVE-2021-21147</a>
+
+ <p>Roman Starkov 在skia库中发现了一个实现错误。</p></li>
+
+</ul>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 88.0.4324.146-1~deb10u1。</p>
+
+<p>我们建议您升级您的 chromium 软件包。</p>
+
+<p>查看关于 chromium 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/chromium">\
+https://security-tracker.debian.org/tracker/chromium</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4846.data"
diff --git a/chinese/security/2021/dsa-4847.wml b/chinese/security/2021/dsa-4847.wml
new file mode 100644
index 00000000000..4fd5ade4aca
--- /dev/null
+++ b/chinese/security/2021/dsa-4847.wml
@@ -0,0 +1,19 @@
+#use wml::debian::translation-check translation="f948129211d92c2e0093fb2dbf1fe25c4da5f837"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>在嵌入式设备的网络管理器 ConnMan 中发现了一个远程信息泄漏漏洞
+和一个远程缓冲区溢出漏洞,这可能导致拒绝服务或执行任意代码。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 1.36-2.1~deb10u1。</p>
+
+<p>我们建议您升级您的 connman 软件包。</p>
+
+<p>查看关于 connman 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/connman">\
+https://security-tracker.debian.org/tracker/connman</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4847.data"
diff --git a/chinese/security/2021/dsa-4848.wml b/chinese/security/2021/dsa-4848.wml
new file mode 100644
index 00000000000..e3e9bcb5836
--- /dev/null
+++ b/chinese/security/2021/dsa-4848.wml
@@ -0,0 +1,19 @@
+#use wml::debian::translation-check translation="35d36e32dc79a523fa0577da0912f84adca764e0"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>在Go编程语言的实现中发现了多个安全问题,这可能会导致拒绝服务,
+P-224曲线实现可能会生成不正确的输出。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 1.11.6-1+deb10u4。</p>
+
+<p>我们建议您升级您的 golang-1.11 软件包。</p>
+
+<p>查看关于 golang-1.11 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/golang-1.11">\
+https://security-tracker.debian.org/tracker/golang-1.11</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4848.data"
diff --git a/chinese/security/2021/dsa-4849.wml b/chinese/security/2021/dsa-4849.wml
new file mode 100644
index 00000000000..e2ba35038ad
--- /dev/null
+++ b/chinese/security/2021/dsa-4849.wml
@@ -0,0 +1,20 @@
+#use wml::debian::translation-check translation="6a616753f50ac040bb0442c928584ff59857f54c"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>Roman Fiedler 在 firejail 中的 OverlayFS 代码中发现一个漏洞,
+firejail 是一个沙盒程序,用于限制不受信任应用程序的运行环境,
+这可能导致ROOT权限提升。
+此更新将禁用 firejail 中的 OverlayFS 支持。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 0.9.58.2-2+deb10u2。</p>
+
+<p>我们建议您升级您的 firejail 软件包。</p>
+
+<p>查看关于 firejail 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/firejail">https://security-tracker.debian.org/tracker/firejail</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4849.data"
diff --git a/chinese/security/2021/dsa-4850.wml b/chinese/security/2021/dsa-4850.wml
new file mode 100644
index 00000000000..c5831bb48b5
--- /dev/null
+++ b/chinese/security/2021/dsa-4850.wml
@@ -0,0 +1,18 @@
+#use wml::debian::translation-check translation="5c3dfa640369c614f0e6c9553cd46fdf11abddde"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>发现压缩实用程序 zstd 临时公开了其输入的全部可读版本,即使原始文件具有控制权限。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 1.3.8+dfsg-3+deb10u1。</p>
+
+<p>我们建议您升级您的 libzstd 软件包。</p>
+
+<p>查看关于 libzstd 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/libzstd">\
+https://security-tracker.debian.org/tracker/libzstd</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4850.data"
diff --git a/chinese/security/2021/dsa-4851.wml b/chinese/security/2021/dsa-4851.wml
new file mode 100644
index 00000000000..cd89abcd035
--- /dev/null
+++ b/chinese/security/2021/dsa-4851.wml
@@ -0,0 +1,20 @@
+#use wml::debian::translation-check translation="d006ce565fcf7220e57c35571bee0fdf83341df6"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>Thomas Akesson 在版本控制系统Subversion的 mod_authz_svn 模块中发现
+了一个可远程触发的漏洞。当在存储库中使用 AuthzSVNReposRelativeAccessFile 选项
+的authz规则时,未经身份验证的远程客户端可以通过发送对不存在的存储库 URL 的请求
+来利用此漏洞导致拒绝服务。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 1.10.4-1+deb10u2。</p>
+
+<p>我们建议您升级您的 subversion 软件包。</p>
+
+<p>查看关于 subversion 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/subversion">https://security-tracker.debian.org/tracker/subversion</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4851.data"
diff --git a/chinese/security/2021/dsa-4852.wml b/chinese/security/2021/dsa-4852.wml
new file mode 100644
index 00000000000..d8f29775c31
--- /dev/null
+++ b/chinese/security/2021/dsa-4852.wml
@@ -0,0 +1,19 @@
+#use wml::debian::translation-check translation="1c4239860022f3a722fee53eebd9a97b979ab14b"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>Joakim Hindersson 发现基于软件的以太网虚拟交换机 openvswitch 允许恶意用户通过
+发送精心构建的数据包来造成拒绝服务。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 2.10.7+ds1-0+deb10u1。</p>
+
+<p>我们建议您升级您的 openvswitch 软件包。</p>
+
+<p>查看关于 openvswitch 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/openvswitch">\
+https://security-tracker.debian.org/tracker/openvswitch</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4852.data"
diff --git a/chinese/security/2021/dsa-4853.wml b/chinese/security/2021/dsa-4853.wml
new file mode 100644
index 00000000000..8a23aa46fb1
--- /dev/null
+++ b/chinese/security/2021/dsa-4853.wml
@@ -0,0 +1,19 @@
+#use wml::debian::translation-check translation="b277300840a940d2378dcbdbbc797aff8067437d"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>发现 SPIP,一种用于发布的网站引擎,允许恶意用户执行跨站点脚本攻击、
+访问敏感信息或执行任意代码。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 3.2.4-1+deb10u4。</p>
+
+<p>我们建议您升级您的 spip 软件包。</p>
+
+<p>查看关于 spip 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/spip">\
+https://security-tracker.debian.org/tracker/spip</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4853.data"
diff --git a/chinese/security/2021/dsa-4854.wml b/chinese/security/2021/dsa-4854.wml
new file mode 100644
index 00000000000..5b4f0c16941
--- /dev/null
+++ b/chinese/security/2021/dsa-4854.wml
@@ -0,0 +1,25 @@
+#use wml::debian::translation-check translation="c85aa63fe1c5972ca4ac07ff9adf7c38a41f1475"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>在 webkit2gtk web 引擎中发现了以下漏洞。</p>
+
+<ul>
+<li>
+<a href="https://security-tracker.debian.org/tracker/CVE-2020-13558">CVE-2020-13558</a>
+<p>Marcin Noga 发现,处理恶意构建的 web 内容可能导致任意代码执行。</p>
+</li>
+</ul>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 2.30.5-1~deb10u1。</p>
+
+<p>我们建议您升级您的 webkit2gtk 软件包。</p>
+
+<p>查看关于 webkit2gtk 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/webkit2gtk">\
+https://security-tracker.debian.org/tracker/webkit2gtk</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4854.data"
diff --git a/chinese/security/2021/dsa-4855.wml b/chinese/security/2021/dsa-4855.wml
new file mode 100644
index 00000000000..55e8918d6f9
--- /dev/null
+++ b/chinese/security/2021/dsa-4855.wml
@@ -0,0 +1,28 @@
+#use wml::debian::translation-check translation="0b9c89566ef13daffbc9185681dac5de2ae0d592"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>在安全套接字层工具包OpenSSL中发现了多个漏洞。
+在x64_64 Montgomery 平方过程中发现了溢出错误、
+CipherUpdate 中发现整数溢出
+以及 X509_issuer_and_serial_hash() 空指针解引用缺陷,
+这可能会导致拒绝服务。</p>
+
+<p>更多信息参见上游警报:
+<a href="https://www.openssl.org/news/secadv/20191206.txt">\
+https://www.openssl.org/news/secadv/20191206.txt</a> 和
+<a href="https://www.openssl.org/news/secadv/20210216.txt">\
+https://www.openssl.org/news/secadv/20210216.txt</a>。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 1.1.1d-0+deb10u5。</p>
+
+<p>我们建议您升级您的 openssl 软件包。</p>
+
+<p>查看关于 openssl 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/openssl">\
+https://security-tracker.debian.org/tracker/openssl</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4855.data"
diff --git a/chinese/security/2021/dsa-4856.wml b/chinese/security/2021/dsa-4856.wml
new file mode 100644
index 00000000000..94238d9b1cc
--- /dev/null
+++ b/chinese/security/2021/dsa-4856.wml
@@ -0,0 +1,19 @@
+#use wml::debian::translation-check translation="3db6cc25244cc7b89a4f96961d7636ae98e489e1"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>PHP是一种广泛使用的开源通用脚本语言,它存在多个安全问题,可能导致拒绝服务、
+信息泄露、cookie伪造或错误的加密。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 7.3.27-1~deb10u1。</p>
+
+<p>我们建议您升级您的 php7.3 软件包。</p>
+
+<p>查看关于 php7.3 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/php7.3">\
+https://security-tracker.debian.org/tracker/php7.3</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4856.data"
diff --git a/chinese/security/2021/dsa-4857.wml b/chinese/security/2021/dsa-4857.wml
new file mode 100644
index 00000000000..31cbe8b3d8f
--- /dev/null
+++ b/chinese/security/2021/dsa-4857.wml
@@ -0,0 +1,18 @@
+#use wml::debian::translation-check translation="f11c835c6487253210688706e7b7c11464c54a6c"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>在SPNEGO实现中发现了一个缓冲区溢出漏洞,该漏洞会影响BIND(DNS服务器实现)
+中的GSSAPI安全策略协商,从而导致拒绝服务(守护进程崩溃)或可能执行任意代码</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 1:9.11.5.P4+dfsg-5.1+deb10u3。</p>
+
+<p>我们建议您升级您的 bind9 软件包。</p>
+
+<p>查看关于 bind9 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/bind9">https://security-tracker.debian.org/tracker/bind9</a>。</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4857.data"
diff --git a/chinese/security/2021/dsa-4858.wml b/chinese/security/2021/dsa-4858.wml
new file mode 100644
index 00000000000..8e0b91cd393
--- /dev/null
+++ b/chinese/security/2021/dsa-4858.wml
@@ -0,0 +1,62 @@
+#use wml::debian::translation-check translation="0f4f3e8210b7403850a5550da354ea08036f8c2f"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>chromium web浏览器中发现了多个漏洞</p>
+
+<ul>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21148">CVE-2021-21148</a>
+
+ <p>Mattias Buelens 在v8 javascript库中发现了一个缓冲区溢出问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21149">CVE-2021-21149</a>
+
+ <p>Ryoya Tsukasaki 在数据传输实现中发现堆栈溢出问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21150">CVE-2021-21150</a>
+
+ <p>Woojin Oh 在文件下载中发现了一个 use-after-free(释放后可重用)问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21151">CVE-2021-21151</a>
+
+ <p>Khalil Zhani 在支付系统中发现了一个 use-after-free 问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21152">CVE-2021-21152</a>
+
+ <p>在媒体处理中发现缓冲区溢出。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21153">CVE-2021-21153</a>
+
+ <p>Jan Ruge 在GPU进程中发现堆栈溢出问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21154">CVE-2021-21154</a>
+
+ <p>Abdulrahman Alqabandi 在Tab Strip实现中发现缓冲区溢出问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21155">CVE-2021-21155</a>
+
+ <p>Khalil Zhani 在Tab Strip实现中发现缓冲区溢出问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21156">CVE-2021-21156</a>
+
+ <p>Sergei Glazunov 在v8 javascript库中发现了一个缓冲区溢出问题。</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2021-21157">CVE-2021-21157</a>
+
+ <p>在websockets实现中发现了一个 use-after-free 问题。</p></li>
+
+</ul>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 88.0.4324.182-1~deb10u1。</p>
+
+<p>我们建议您升级您的 chromium 软件包。</p>
+
+<p>查看关于 chromium 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/chromium">\
+https://security-tracker.debian.org/tracker/chromium</a></p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4858.data"
diff --git a/chinese/security/2021/dsa-4859.wml b/chinese/security/2021/dsa-4859.wml
new file mode 100644
index 00000000000..a5ccaa52d8f
--- /dev/null
+++ b/chinese/security/2021/dsa-4859.wml
@@ -0,0 +1,19 @@
+#use wml::debian::translation-check translation="123908fe74f54620222a349a507f9178a2faf07a"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>发现压缩实用程序zstd易受多线程竞争条件的影响:即使原始文件具有限制权限,
+它也会在很短的时间内临时公开其输入的所有用户可读版本。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 1.3.8+dfsg-3+deb10u2。</p>
+
+<p>我们建议您升级您的 libzstd 软件包。</p>
+
+<p>查看关于 libzstd 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/libzstd">\
+https://security-tracker.debian.org/tracker/libzstd</a></p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4859.data"
diff --git a/chinese/security/2021/dsa-4860.wml b/chinese/security/2021/dsa-4860.wml
new file mode 100644
index 00000000000..ed7779667cf
--- /dev/null
+++ b/chinese/security/2021/dsa-4860.wml
@@ -0,0 +1,19 @@
+#use wml::debian::translation-check translation="17b26eb27e095ada2631f748a90b0252c6b1437d"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>在OpenLDAP中发现了证书列表精确断言验证(Certificate List Exact Assertion)
+中的漏洞,OpenLDAP是轻量级目录访问协议的免费实现。未经身份验证的远程攻击者
+可以利用此漏洞通过精心构建的数据包造成拒绝服务(slapd daemon崩溃)。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 2.4.47+dfsg-3+deb10u6。</p>
+
+<p>我们建议您升级您的 openldap 软件包。</p>
+
+<p>查看关于 openldap 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/openldap">https://security-tracker.debian.org/tracker/openldap</a></p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4860.data"
diff --git a/chinese/security/2021/dsa-4861.wml b/chinese/security/2021/dsa-4861.wml
new file mode 100644
index 00000000000..8a440246be1
--- /dev/null
+++ b/chinese/security/2021/dsa-4861.wml
@@ -0,0 +1,19 @@
+#use wml::debian::translation-check translation="25518192d421a3133547e82abb73fb6b6e248f73"
+<define-tag description>安全更新</define-tag>
+<define-tag moreinfo>
+<p>Felix Weinmann 报告 screen 在处理组合字符时存在缺陷,
+screen 是具有 VT100/ANSI 终端仿真的终端多路复用器,
+这可能导致拒绝服务,或通过精心构建的 UTF-8 字符序列执行任意代码。</p>
+
+<p>在稳定版(buster)中,此问题已被修复于
+版本 4.6.2-3+deb10u1。</p>
+
+<p>我们建议您升级您的 screen 软件包。</p>
+
+<p>查看关于 screen 的详细信息,
+请访问其安全追踪页面
+<a href="https://security-tracker.debian.org/tracker/screen">https://security-tracker.debian.org/tracker/screen</a></p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2021/dsa-4861.data"
diff --git a/chinese/security/2021/index.wml b/chinese/security/2021/index.wml
new file mode 100644
index 00000000000..c1e340231ae
--- /dev/null
+++ b/chinese/security/2021/index.wml
@@ -0,0 +1,12 @@
+#use wml::debian::translation-check translation="6924311eff583467dfc63d4affd3eca6c37ec5be"
+<define-tag pagetitle>2021 年安全通告</define-tag>
+#use wml::debian::template title="<pagetitle>" GEN_TIME="yes"
+#use wml::debian::recent_list
+
+<:= get_recent_list ('.', '0', '$(ENGLISHDIR)/security/2021', '', 'dsa-\d+' ) :>
+
+<p>要获取最新 Debian 安全通告,
+您可以订阅我们的
+<a href="https://lists.debian.org/debian-security-announce/">\
+<strong>debian-security-announce</strong></a>邮件列表。
+您也可以<a href="https://lists.debian.org/debian-security-announce/debian-security-announce-2021/">浏览列表的在线存档</a>。</p>

© 2014-2024 Faster IT GmbH | imprint | privacy policy