From patchwork Sun Feb 14 14:30:13 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Zhu Zihao X-Patchwork-Id: 27049 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id EFDAD27BC45; Sun, 14 Feb 2021 14:31:41 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL, SPF_HELO_PASS,T_DKIM_INVALID,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.2 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id AC46227BC2E for ; Sun, 14 Feb 2021 14:31:41 +0000 (GMT) Received: from localhost ([::1]:33708 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lBIR0-0000Kn-WC for patchwork@mira.cbaines.net; Sun, 14 Feb 2021 09:31:39 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:58312) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lBIQR-0008QH-0R for guix-patches@gnu.org; Sun, 14 Feb 2021 09:31:03 -0500 Received: from debbugs.gnu.org ([209.51.188.43]:52344) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1lBIQQ-0005HK-Oj for guix-patches@gnu.org; Sun, 14 Feb 2021 09:31:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1lBIQQ-0001NM-M3 for guix-patches@gnu.org; Sun, 14 Feb 2021 09:31:02 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#46510] Acknowledgement ([PATCH]: news: Add 'zh_CN' translation.) Resent-From: Zhu Zihao Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sun, 14 Feb 2021 14:31:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 46510 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 46510@debbugs.gnu.org Received: via spool by 46510-submit@debbugs.gnu.org id=B46510.16133130315222 (code B ref 46510); Sun, 14 Feb 2021 14:31:02 +0000 Received: (at 46510) by debbugs.gnu.org; 14 Feb 2021 14:30:31 +0000 Received: from localhost ([127.0.0.1]:35653 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lBIPv-0001M8-5u for submit@debbugs.gnu.org; Sun, 14 Feb 2021 09:30:31 -0500 Received: from m12-18.163.com ([220.181.12.18]:59369) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lBIPo-0001Lk-Pq for 46510@debbugs.gnu.org; Sun, 14 Feb 2021 09:30:29 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=163.com; s=s110527; h=From:Subject:Date:Message-ID:MIME-Version; bh=3Hwih +nNEHnF8azApookq9EunEGyMkGcKtQxEgCYOfE=; b=mI4dMjNbXdn1lCvRDzlgx ij1JMhKvW0ogcM7pTZhEijqvuntsFjaDZ2kJILaD6ZSPEul2OWab7tGcrqGEq4x1 K2xUzw+9dXD6OqPFuR4gyp0cxPBAIyO/g2IwGYQ5ox4YYhnj/joyLdbcLKodWwgE 63ntq+OMUGhfeMRDyA16do= Received: from asus-laptop (unknown [183.19.167.3]) by smtp14 (Coremail) with SMTP id EsCowAB3fQn1Mylgz2KvUA--.42043S2; Sun, 14 Feb 2021 22:30:13 +0800 (CST) References: <86r1lihil6.fsf@163.com> User-agent: mu4e 1.4.15; emacs 27.1 From: Zhu Zihao In-reply-to: Date: Sun, 14 Feb 2021 22:30:13 +0800 Message-ID: <86eehihgcq.fsf@163.com> MIME-Version: 1.0 X-CM-TRANSID: EsCowAB3fQn1Mylgz2KvUA--.42043S2 X-Coremail-Antispam: 1Uf129KBjDUn29KB7ZKAUJUUUUU529EdanIXcx71UUUUU7v73 VFW2AGmfu7bjvjm3AaLaJ3UbIYCTnIWIevJa73UjIFyTuYvjxUIyvVDUUUU X-Originating-IP: [183.19.167.3] X-CM-SenderInfo: pdoosuxxwbztlvw6il2tof0z/1tbiTxU5r1sGXqYcngAAsr X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches Fix some minor issues. From 1a22ec435681a95faee596287781db2b8e06f2a1 Mon Sep 17 00:00:00 2001 From: Zhu Zihao Date: Sun, 14 Feb 2021 21:40:02 +0800 Subject: [PATCH] news: Add 'zh_CN' translation. --- etc/news.scm | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/etc/news.scm b/etc/news.scm index a1a0b7b2a9..247198b587 100644 --- a/etc/news.scm +++ b/etc/news.scm @@ -21,7 +21,8 @@ (entry (commit "aa8de806252e3835d57fab351b02d13db762deac") (title (en "Risk of local privilege escalation @i{via} setuid programs") - (de "Risiko lokaler Rechteausweitung bei setuid-Programmen")) + (de "Risiko lokaler Rechteausweitung bei setuid-Programmen") + (zh_CN "存在通过 setuid 程序进行本地提权的风险")) (body (en "On Guix System, setuid programs were, until now, installed as setuid-root @emph{and} setgid-root (in the @file{/run/setuid-programs} @@ -53,7 +54,19 @@ guix system reconfigure /run/current-system/configuration.scm @end example Benutzer von Guix auf einer „Fremddistribution“ sind @emph{nicht} betroffen. -Siehe @url{https://issues.guix.gnu.org/46395} für weitere Informationen."))) +Siehe @url{https://issues.guix.gnu.org/46395} für weitere Informationen.") + (zh_CN "到目前为止,Guix 系统上的 setuid 程序(位于 @file{/run/setuid-programs}) +同时具有 setuid-root @emph{和} setgid-root 权限。然而,此类程序大多被设计为在拥有 +setuid 权限而非 setgid 权限时运行。因此,这样的设置可能会使系统受到本地提权攻击。 + +此漏洞已经被修复,同时建议用户使用下列命令升级他们的系统: + +@example +guix system reconfigure /run/current-system/configuration.scm +@end example + +在 ``第三方宿主系统'' 上使用 Guix 的用户不受此漏洞影响,详情请参阅 +@url{https://issues.guix.gnu.org/46395}。"))) (entry (commit "aedbc5ff32a62f45aeed74c6833399a6cf2c22dc") (title -- 2.30.0