chinese: News: translation for News/2017/20171209.wml

CVS version numbers

chinese/News/2017/20171209.wml: INITIAL -> 1.1

1 files changed, 274 insertions, 0 deletions

diff --git a/chinese/News/2017/20171209.wml b/chinese/News/2017/20171209.wml
new file mode 100644
index 00000000000..ffa7c737ae2
--- /dev/null
+++ b/chinese/News/2017/20171209.wml
@@ -0,0 +1,274 @@
+#use wml::debian::translation-check translation="1.1" maintainer="Boyuan Yang"
+<define-tag pagetitle>Debian 8 更新：8.10 发布</define-tag>
+<define-tag release_date>2017-12-09</define-tag>
+#use wml::debian::news
+
+<define-tag release>8</define-tag>
+<define-tag codename>jessie</define-tag>
+<define-tag revision>8.10</define-tag>
+
+<define-tag dsa>
+    <tr><td align="center"><a href="$(HOME)/security/%0/dsa-%1">DSA-%1</a></td>
+        <td align="center"><:
+    my @p = ();
+    for my $p (split (/,\s*/, "%2")) {
+	push (@p, sprintf ('<a href="https://packages.debian.org/src:%s">%s</a>', $p, $p));
+    }
+    print join (", ", @p);
+:></td></tr>
+</define-tag>
+
+<define-tag correction>
+    <tr><td><a href="https://packages.debian.org/src:%0">%0</a></td>              <td>%1</td></tr>
+</define-tag>
+
+<define-tag srcpkg><a href="https://packages.debian.org/src:%0">%0</a></define-tag>
+
+<p>Debian 项目很高兴地宣布 Debian <release> 旧稳定版本的第十次更新（代号<q><codename></q>）。
+此次小版本更新主要添加了对安全问题的修正补丁，以及为一些严重问题所作的调整。
+安全通告已单独发布，并会在适当的情况下予以引用。</p>
+
+<p>请注意，此更新并不是 Debian <release> 的新版本，其仅更新了所包含的一些软件包。
+没有必要丢弃旧的<q><codename></q>的安装介质。在安装之后，只需使用最新的 Debian
+镜像更新旧的软件包即可。</p>
+
+<p>经常从 security.debian.org 安装更新的用户将不必更新许多软件包，
+因本更新中包含了 security.debian.org 的大多数更新。</p>
+
+<p>新的安装镜像即将于常规的位置予以提供。</p>
+
+<p>通过将软件包管理系统指向 Debian 的许多 HTTP 镜像站点之一，
+您可以将已有的系统升级至本次更新版本。详尽的镜像列表可以在以下网址处获得：</p>
+
+<div class="center">
+  <a href="$(HOME)/mirror/list">https://www.debian.org/mirror/list</a>
+</div>
+
+<h2>杂项错误修正</h2>
+
+<p>本次旧稳定版更新为以下软件包添加了一些重要的修正：</p>
+<table border=0>
+<tr><th>软件包</th>               <th>原因</th></tr>
+<correction bareos                           "修复 bareos-dir logrotate 配置权限；修复使用 SHA1 签名时的文件破坏">
+<correction base-files                       "为小版本更新提供文件">
+<correction bind9                            "导入即将启用的 DNSSEC KSK-2017">
+<correction cups                             "默认禁用 SSLv3 和 RC4 以解决 POODLE 问题">
+<correction db                               "在 db_home 未设置时不要访问 DB_CONFIG [CVE-2017-10140]">
+<correction db5.3                            "在 db_home 未设置时不要访问 DB_CONFIG [CVE-2017-10140]">
+<correction debian-installer                 "为小版本更新重新构建">
+<correction debian-installer-netboot-images  "为小版本更新重新构建">
+<correction debmirror                        "容忍 *.diff/Index 文件中的未知行；镜像 DEP-11 元数据文件；更偏好 xz 文件而非 gz 文件，处理两者均不存在的情况；镜像并验证 InRelease 文件">
+<correction dns-root-data                    "更新 root.hints 至 2017072601 版本；将 KSK-2017 添加至 root.key 文件">
+<correction dput                             "dput.cf：替换 security-master.debian.org 为 ftp.upload.security.debian.org">
+<correction dwww                             "修复 <q>Last-Modified</q> 头名称">
+<correction elog                             "更新补丁 0005_elogd_CVE-2016-6342_fix 以授予普通用户以访问权限">
+<correction flightgear                       "修复任意文件覆写问题 [CVE-2017-13709]">
+<correction gsoap                            "修复大型 XML 文档导致的整数溢出 [CVE-2017-9765]">
+<correction hexchat                          "修复 /server 指令带来的段错误问题">
+<correction icu                              "修复 createMetazoneMappings() 中的重复 free() 问题 [CVE-2017-14952]">
+<correction kdepim                           "修复<q>send Later with Delay bypasses OpenPGP</q> [CVE-2017-9604]">
+<correction kedpm                            "修复命令历史文件带来的信息泄漏问题 [CVE-2017-8296]">
+<correction keyringer                        "Handle subkeys without expiration date and public keys listed multiple times">
+<correction krb5                             "Security fixes - remote authenticated attackers can crash the KDC [CVE-2017-11368]; kdc crash on restrict_anon_to_tgt [CVE-2016-3120]; remote DOS with ldap for authenticated attackers [CVE-2016-3119]; prevent requires_preauth bypass [CVE-2015-2694]">
+<correction libdatetime-timezone-perl        "更新包含的数据">
+<correction libdbi                           "Re-enable error handler call in dbi_result_next_row()">
+<correction libembperl-perl                  "Change hard dependency on mod_perl in zembperl.load to Recommends, fixing an installation failure when libapache2-mod-perl2 is not installed">
+<correction libio-socket-ssl-perl            "Fix segfault using malformed client certificates">
+<correction liblouis                         "Fix multiple stack-based buffer overflows [CVE-2014-8184]">
+<correction libofx                           "安全修复 [CVE-2017-2816 CVE-2017-14731]">
+<correction libwnckmm                        "收紧软件包之间的依赖关系；使用来自 libjs-jquery 包的 jquery.js">
+<correction libwpd                           "安全修复 [CVE-2017-14226]">
+<correction libx11                           "Fix <q>insufficient validation of data from the X server can cause out of boundary memory read (XGetImage()) or write (XListFonts())</q> [CVE-2016-7942 CVE-2016-7943]">
+<correction libxfixes                        "Fix integer overflow on illegal server response [CVE-2016-7944]">
+<correction libxi                            "Fix <q>insufficient validation of data from the X server can cause out of boundary memory access or endless loops</q> [CVE-2016-7945 CVE-2016-7946]">
+<correction libxrandr                        "Avoid out of boundary accesses on illegal responses [CVE-2016-7947 CVE-2016-7948]">
+<correction libxtst                          "Fix <q>insufficient validation of data from the X server can cause out of boundary memory access or endless loops</q> [CVE-2016-7951 CVE-2016-7952]">
+<correction libxv                            "Fix protocol handling issues in libXv [CVE-2016-5407]">
+<correction libxvmc                          "Avoid buffer underflow on empty strings [CVE-2016-7953]">
+<correction linux                            "New stable kernel version 3.16.51">
+<correction ncurses                          "Fix various crash bugs in the tic library and the tic binary [CVE-2017-10684 CVE-2017-10685 CVE-2017-11112 CVE-2017-11113 CVE-2017-13728 CVE-2017-13729 CVE-2017-13730 CVE-2017-13731 CVE-2017-13732 CVE-2017-13734 CVE-2017-13733]">
+<correction openssh                          "Test configuration before starting or reloading sshd under systemd; make <q>--</q> before the hostname terminate argument processing after the hostname too">
+<correction pdns                             "Add missing check on API operations [CVE-2017-15091]">
+<correction pdns-recursor                    "Fix configuration file injection in the API [CVE-2017-15093]">
+<correction postgresql-9.4                   "新上游漏洞修复版本">
+<correction python-tablib                    "安全地加载 YAML [CVE-2017-2810]">
+<correction request-tracker4                 "Fix regression in previous security release where incorrect SHA256 passwords could trigger an error">
+<correction ruby-ox                          "Avoid crash with invalid XML passed to Oj.parse_obj() [CVE-2017-15928]">
+<correction sam2p                            "Fix several integer overflow or heap-based buffer overflow issues [CVE-2017-14628 CVE-2017-14629 CVE-2017-14630 CVE-2017-14631 CVE-2017-14636 CVE-2017-14637 CVE-2017-16663]">
+<correction slurm-llnl                       "Fix security issue caused by insecure file path handling triggered by the failure of a Prolog script [CVE-2016-10030]">
+<correction sudo                             "修复任意终端访问 [CVE-2017-1000368]">
+<correction syslinux                         "Fix boot problem for old BIOS firmware by correcting C/H/S order">
+<correction tor                              "Add <q>Bastet</q> directory authority; update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2 country database; fix a memset() off the end of an array when packing cells">
+<correction transfig                         "Add input sanitisation on FIG files [CVE-2017-16899]; sanitize input of fill patterns">
+<correction tzdata                           "上游新版本">
+<correction unbound                          "Fix install of trust anchor when two anchors are present; include root trust anchor id 20326">
+<correction weechat                          "<q>logger: call strftime before replacing buffer local variables</q> [CVE-2017-14727]">
+</table>
+
+<h2>安全更新</h2>
+
+
+<p>此修订版本将以下安全更新添加到了旧稳定发行版本中。安全团队已经分别为这些更新发布了通告：</p>
+
+<table border=0>
+<tr><th>通告编号</th>  <th>软件包</th></tr>
+
+
+<dsa 2017 3904 bind9>
+<dsa 2017 3908 nginx>
+<dsa 2017 3909 samba>
+<dsa 2017 3913 apache2>
+<dsa 2017 3914 imagemagick>
+<dsa 2017 3916 atril>
+<dsa 2017 3917 catdoc>
+<dsa 2017 3921 enigmail>
+<dsa 2017 3922 mysql-5.5>
+<dsa 2017 3924 varnish>
+<dsa 2017 3928 firefox-esr>
+<dsa 2017 3929 libsoup2.4>
+<dsa 2017 3930 freeradius>
+<dsa 2017 3932 subversion>
+<dsa 2017 3933 pjproject>
+<dsa 2017 3934 git>
+<dsa 2017 3935 postgresql-9.4>
+<dsa 2017 3937 zabbix>
+<dsa 2017 3938 libgd2>
+<dsa 2017 3939 botan1.10>
+<dsa 2017 3940 cvs>
+<dsa 2017 3942 supervisor>
+<dsa 2017 3943 gajim>
+<dsa 2017 3945 linux>
+<dsa 2017 3946 libmspack>
+<dsa 2017 3947 newsbeuter>
+<dsa 2017 3948 ioquake3>
+<dsa 2017 3949 augeas>
+<dsa 2017 3950 libraw>
+<dsa 2017 3951 smb4k>
+<dsa 2017 3952 libxml2>
+<dsa 2017 3956 connman>
+<dsa 2017 3958 fontforge>
+<dsa 2017 3960 gnupg>
+<dsa 2017 3961 libgd2>
+<dsa 2017 3962 strongswan>
+<dsa 2017 3963 mercurial>
+<dsa 2017 3964 asterisk>
+<dsa 2017 3969 xen>
+<dsa 2017 3970 emacs24>
+<dsa 2017 3971 tcpdump>
+<dsa 2017 3972 bluez>
+<dsa 2017 3973 wordpress-shibboleth>
+<dsa 2017 3974 tomcat8>
+<dsa 2017 3976 freexl>
+<dsa 2017 3977 newsbeuter>
+<dsa 2017 3978 gdk-pixbuf>
+<dsa 2017 3979 pyjwt>
+<dsa 2017 3980 apache2>
+<dsa 2017 3981 linux>
+<dsa 2017 3982 perl>
+<dsa 2017 3983 samba>
+<dsa 2017 3984 git>
+<dsa 2017 3986 ghostscript>
+<dsa 2017 3987 firefox-esr>
+<dsa 2017 3988 libidn2-0>
+<dsa 2017 3989 dnsmasq>
+<dsa 2017 3990 asterisk>
+<dsa 2017 3992 curl>
+<dsa 2017 3995 libxfont>
+<dsa 2017 3997 wordpress>
+<dsa 2017 3998 nss>
+<dsa 2017 3999 wpa>
+<dsa 2017 4000 xorg-server>
+<dsa 2017 4002 mysql-5.5>
+<dsa 2017 4004 jackson-databind>
+<dsa 2017 4006 mupdf>
+<dsa 2017 4007 curl>
+<dsa 2017 4008 wget>
+<dsa 2017 4011 quagga>
+<dsa 2017 4012 libav>
+<dsa 2017 4013 openjpeg2>
+<dsa 2017 4016 irssi>
+<dsa 2017 4018 openssl>
+<dsa 2017 4021 otrs2>
+<dsa 2017 4022 libreoffice>
+<dsa 2017 4025 libpam4j>
+<dsa 2017 4026 bchunk>
+<dsa 2017 4027 postgresql-9.4>
+<dsa 2017 4029 postgresql-common>
+<dsa 2017 4033 konversation>
+<dsa 2017 4035 firefox-esr>
+<dsa 2017 4037 jackson-databind>
+<dsa 2017 4038 shibboleth-sp2>
+<dsa 2017 4039 opensaml2>
+<dsa 2017 4040 imagemagick>
+<dsa 2017 4041 procmail>
+<dsa 2017 4042 libxml-libxml-perl>
+<dsa 2017 4043 samba>
+<dsa 2017 4045 vlc>
+<dsa 2017 4046 libspring-ldap-java>
+<dsa 2017 4047 otrs2>
+<dsa 2017 4051 curl>
+<dsa 2017 4052 bzr>
+
+</table>
+
+<h2>已删除的软件包</h2>
+
+<p>由于我们无法控制的情况，以下软件包已被删除：</p>
+
+
+<table border=0>
+<tr><th>软件包</th>               <th>原因</th></tr>
+
+<correction libnet-ping-external-perl "无人维护，有安全漏洞">
+<correction aiccu                     "SixXS 停止服务后无用">
+</table>
+
+<h2>Debian 安装器</h2>
+<p>安装器已经更新，以配合发布时包含在旧稳定版本中的修正内容。</p>
+
+<h2>链接</h2>
+
+<p>此修订版本中有更改的软件包的完整列表：</p>
+
+<div class="center">
+  <url "http://ftp.debian.org/debian/dists/<downcase <codename>>/ChangeLog">
+</div>
+
+<p>当前旧稳定发行版：</p>
+
+<div class="center">
+  <url "http://ftp.debian.org/debian/dists/oldstable/">
+</div>
+
+<p>拟议的旧稳定发行版更新：</p>
+
+<div class="center">
+  <url "http://ftp.debian.org/debian/dists/oldstable-proposed-updates">
+</div>
+
+<p>旧稳定发行版信息（发行说明，勘误等）：</p>
+
+<div class="center">
+  <a
+  href="$(HOME)/releases/oldstable/">https://www.debian.org/releases/oldstable/</a>
+</div>
+
+<p>安全公告及信息：</p>
+
+<div class="center">
+  <a href="$(HOME)/security/">https://security.debian.org/</a>
+</div>
+
+
+<h2>关于 Debian</h2>
+
+<p>Debian 项目是一个自由软件开发者组织，这些志愿者为制作完全自由免费的 Debian 操作系统而自愿贡献时间和精力。</p>
+
+<h2>联系信息</h2>
+
+<p>更多信息，请访问 Debian 主页 <a
+href="$(HOME)/">https://www.debian.org/</a>，发送邮件至
+&lt;press@debian.org&gt;，或联系稳定版本发布团队
+&lt;debian-release@lists.debian.org&gt;。</p>
+
+