[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2009/dsa-1{935,804,874}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2009/dsa-1804.wml	2014-04-30 13:16:19.000000000 +0600
+++ russian/security/2009/dsa-1804.wml	2016-08-24 18:46:53.891166342 +0500
@@ -1,36 +1,37 @@
- -<define-tag description>null pointer dereference, memory leaks</define-tag>
+#use wml::debian::translation-check translation="1.5" maintainer="Lev Lamberov"
+<define-tag description>Ñ?азÑ?менование null-Ñ?казаÑ?елÑ?, Ñ?Ñ?еÑ?ки памÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Several remote vulnerabilities have been discovered in racoon, the Internet Key
- -Exchange daemon of ipsec-tools.  The Common Vulnerabilities and Exposures
- -project identifies the following problems:</p>
+<p>Ð? racoon, Ñ?лÑ?жбе обмена Ð?нÑ?еÑ?неÑ?-клÑ?Ñ?ами из пакеÑ?а ipsec-tools, бÑ?ло
+обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?далÑ?ннÑ?Ñ? Ñ?Ñ?звимоÑ?Ñ?ей.  Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-1574";>CVE-2009-1574</a>
- -<p>Neil Kettle discovered a NULL pointer dereference on crafted fragmented packets
- -that contain no payload.  This results in the daemon crashing which can be used
- -for denial of service attacks.</p></li>
+<p>Ð?ил Ð?Ñ?Ñ?Ñ?л обнаÑ?Ñ?жил Ñ?азÑ?менование NULL-Ñ?казаÑ?елÑ?, возникаÑ?Ñ?ее пÑ?и обÑ?абоÑ?ке Ñ?пеÑ?иалÑ?но
+Ñ?Ñ?агменÑ?иÑ?ованнÑ?Ñ? пакеÑ?ов, не имеÑ?Ñ?иÑ? Ñ?одеÑ?жимого.  ЭÑ?о пÑ?иводиÑ? к аваÑ?ийной оÑ?Ñ?ановке Ñ?лÑ?жбÑ?, Ñ?Ñ?о можеÑ?
+иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? длÑ? вÑ?полнениÑ? аÑ?ак по вÑ?зовÑ? оÑ?каза в обÑ?лÑ?живании.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-1632";>CVE-2009-1632</a>
- -<p>Various memory leaks in the X.509 certificate authentication handling and the
- -NAT-Traversal keepalive implementation can result in memory exhaustion and
- -thus denial of service.</p></li>
+<p>РазлиÑ?нÑ?е Ñ?Ñ?еÑ?ки памÑ?Ñ?и в коде обÑ?абоÑ?ки аÑ?Ñ?енÑ?иÑ?икаÑ?ии Ñ? помоÑ?Ñ?Ñ? Ñ?еÑ?Ñ?иÑ?икаÑ?ов X.509 и
+Ñ?еализаÑ?ии keepalive-Ñ?ообÑ?ений NAT-Traversal могÑ?Ñ? пÑ?иводиÑ?Ñ? к иÑ?Ñ?оÑ?ениÑ? памÑ?Ñ?и и
+оÑ?казÑ? в обÑ?лÑ?живании.</p></li>
 
 </ul>
 
- -<p>For the oldstable distribution (etch), this problem has been fixed in
- -version 0.6.6-3.1etch3.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 0.6.6-3.1etch3.</p>
 
- -<p>For the stable distribution (lenny), this problem has been fixed in
- -version 0.7.1-1.3+lenny2.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 0.7.1-1.3+lenny2.</p>
 
- -<p>For the testing distribution (squeeze), this problem will be fixed soon.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?а пÑ?облема бÑ?деÑ? иÑ?пÑ?авлена позже.</p>
 
- -<p>For the unstable distribution (sid), this problem has been fixed in
- -version 1:0.7.1-1.5.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1:0.7.1-1.5.</p>
 
 
- -<p>We recommend that you upgrade your ipsec-tools packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? ipsec-tools.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2009/dsa-1874.wml	2014-04-30 13:16:19.000000000 +0600
+++ russian/security/2009/dsa-1874.wml	2016-08-24 18:50:53.779584938 +0500
@@ -1,38 +1,39 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in the Network Security
- -Service libraries. The Common Vulnerabilities and Exposures project
- -identifies the following problems:</p>
+<p>Ð? библиоÑ?екаÑ? Network Security Service бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко
+Ñ?Ñ?звимоÑ?Ñ?ей. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-2404";>CVE-2009-2404</a>
 
- -   <p>Moxie Marlinspike discovered that a buffer overflow in the regular
- -   expression parser could lead to the execution of arbitrary code.</p></li>
+   <p>Ð?окÑ?и Ð?аÑ?линÑ?пайк обнаÑ?Ñ?жил, Ñ?Ñ?о пеÑ?еполнение бÑ?Ñ?еÑ?а в коде длÑ? гÑ?аммаÑ?иÑ?еÑ?кого
+   Ñ?азбоÑ?а Ñ?егÑ?лÑ?Ñ?нÑ?Ñ? вÑ?Ñ?ажений можеÑ? пÑ?иводиÑ?Ñ? к вÑ?полнениÑ? пÑ?оизволÑ?ного кода.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-2408";>CVE-2009-2408</a>
 
- -   <p>Dan Kaminsky discovered that NULL characters in certificate
- -   names could lead to man-in-the-middle attacks by tricking the user
- -   into accepting a rogue certificate.</p></li>
+   <p>Ð?Ñ?н Ð?аминÑ?ки обнаÑ?Ñ?жил, Ñ?Ñ?о NULL-Ñ?имволÑ? в именаÑ? Ñ?еÑ?Ñ?иÑ?икаÑ?ов
+   могÑ?Ñ? пÑ?иводиÑ?Ñ? к вÑ?полнениÑ? аÑ?ак по пÑ?инÑ?ипÑ? Ñ?еловек-в-Ñ?еÑ?едине, еÑ?ли полÑ?зоваÑ?елÑ?
+   пÑ?имеÑ? подделÑ?нÑ?й Ñ?еÑ?Ñ?иÑ?икаÑ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-2409";>CVE-2009-2409</a>
 
- -   <p>Certificates with MD2 hash signatures are no longer accepted
- -   since they're no longer considered cryptograhically secure.</p></li>
+   <p>СеÑ?Ñ?иÑ?икаÑ?Ñ? Ñ? подпиÑ?Ñ?ми MD2 более не пÑ?инимаÑ?Ñ?Ñ?Ñ?,
+   поÑ?колÑ?кÑ? они более не Ñ?Ñ?иÑ?аÑ?Ñ?Ñ?Ñ? кÑ?ипÑ?игÑ?аÑ?иÑ?еÑ?ки безопаÑ?нÑ?ми.</p></li>
 
 </ul>
 
- -<p>The old stable distribution (etch) doesn't contain nss.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) пакеÑ? nss оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вÑ?еÑ?.</p>
 
- -<p>For the stable distribution (lenny), these problems have been fixed in
- -version 3.12.3.1-0lenny1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 3.12.3.1-0lenny1.</p>
 
- -<p>For the unstable distribution (sid), these problems have been fixed in
- -version 3.12.3.1-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 3.12.3.1-1.</p>
 
- -<p>We recommend that you upgrade your nss packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? nss.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2009/dsa-1935.wml	2014-04-30 13:16:19.000000000 +0600
+++ russian/security/2009/dsa-1935.wml	2016-08-24 18:42:13.547952555 +0500
@@ -1,27 +1,28 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
 
- -<p>Dan Kaminsky and Moxie Marlinspike discovered that gnutls, an implementation of
- -the TLS/SSL protocol, does not properly handle a '\0' character in a domain name
- -in the subject's Common Name or Subject Alternative Name (SAN) field of an X.509
- -certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL
- -servers via a crafted certificate issued by a legitimate Certification
- -Authority. (<a href="https://security-tracker.debian.org/tracker/CVE-2009-2730";>CVE-2009-2730</a>)</p>
- -
- -<p>In addition, with this update, certificates with MD2 hash signatures are no
- -longer accepted since they're no longer considered cryptograhically secure. It
- -only affects the oldstable distribution (etch).(<a href="https://security-tracker.debian.org/tracker/CVE-2009-2409";>CVE-2009-2409</a>)</p>
+<p>Ð?Ñ?н Ð?аминÑ?ки и Ð?окÑ?и Ð?аÑ?линÑ?пайк обнаÑ?Ñ?жили, Ñ?Ñ?о gnutls, Ñ?еализаÑ?иÑ?
+пÑ?оÑ?окола TLS/SSL, непÑ?авилÑ?но обÑ?абаÑ?Ñ?ваеÑ? Ñ?имвол '\0' в имени домена
+в полÑ?Ñ? Common Name или Subject Alternative Name (SAN) Ñ?еÑ?Ñ?иÑ?икаÑ?а X.509,
+Ñ?Ñ?о позволÑ?еÑ? злоÑ?мÑ?Ñ?ленникам, иÑ?полÑ?зÑ?Ñ?Ñ?им аÑ?акÑ? по пÑ?инÑ?ипÑ? Ñ?еловек-в-Ñ?еÑ?едине, подделÑ?ваÑ?Ñ?
+пÑ?оизволÑ?нÑ?е SSL-Ñ?еÑ?веÑ?Ñ? Ñ? помоÑ?Ñ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного Ñ?еÑ?Ñ?иÑ?икаÑ?а, вÑ?данного
+коÑ?Ñ?екÑ?нÑ?м авÑ?оÑ?иÑ?еÑ?ом. (<a href="https://security-tracker.debian.org/tracker/CVE-2009-2730";>CVE-2009-2730</a>)</p>
+
+<p>Ð?Ñ?оме Ñ?ого, в данном обновлении Ñ?еÑ?Ñ?иÑ?икаÑ?Ñ? Ñ? подпиÑ?Ñ?ми MD2 более
+не пÑ?инимаÑ?Ñ?Ñ?Ñ?, поÑ?колÑ?кÑ? они более не Ñ?Ñ?иÑ?аÑ?Ñ?Ñ?Ñ? кÑ?ипÑ?игÑ?аÑ?иÑ?еÑ?ки безопаÑ?нÑ?ми. ЭÑ?о
+каÑ?аеÑ?Ñ?Ñ? Ñ?олÑ?ко пÑ?едÑ?дÑ?Ñ?его Ñ?Ñ?абилÑ?ного вÑ?пÑ?Ñ?ка (etch).(<a href="https://security-tracker.debian.org/tracker/CVE-2009-2409";>CVE-2009-2409</a>)</p>
 
- -<p>For the oldstable distribution (etch), these problems have been fixed in version
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии
 1.4.4-3+etch5 for gnutls13.</p>
 
- -<p>For the stable distribution (lenny), these problems have been fixed in version
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии
 2.4.2-6+lenny2 for gnutls26.</p>
 
- -<p>For the testing distribution (squeeze), and the  unstable distribution (sid),
- -these problems have been fixed in version 2.8.3-1 for gnutls26.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом (squeeze) и неÑ?Ñ?абилÑ?ном (sid) вÑ?пÑ?Ñ?каÑ?
+Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии 2.8.3-1 for gnutls26.</p>
 
- -<p>We recommend that you upgrade your gnutls13/gnutls26 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? gnutls13/gnutls26.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXvaZAAAoJEF7nbuICFtKlmDUP/0uF+NhaOCz6cTEQx4luwXKO
g0r5wiuHd/fWN2Cu4G1kk7riJ5H5xKpbZ1vlHPM05NZVdhDLp+mYz+lR5SyFTXHm
OqoseHhnGhhqO7sDEO+eCMNdF8ObVnLEBlFw7NtfigXJrDVe6bnISWbV93+imIm+
ULo28DdbiHRVclR73p47MT+JLpfMoUR5yls7poIGLYM3QYzyOv+xGWHh4jl9PjKz
uBrkE9ZialveOikkjgCr5srWbL0kOz13+n0J75qcpwD70ynBeK6ukjAT51OCaNXs
sp7iWZC1hkcEXjm/XZvJuC4eqGtMf553RkTh/ARTcfoeSLuWJhcc4Ez+Yt0WSspv
Z0CGaEXCrXlAS74JJaufeRHnjhlB1g3uO0Vzsn75Jc/NZRSPIaXR02F9wEI3N0lM
Q3A/Xl7A8RPXlthx4l9jSI9eReYsaWcx4fAsQx6nuG9pd+vwiJpr5W9Oe1ch6SjV
yc8ap5rzbQgj3/QoKK/alXwfD9O+1edpAA0w7TEgxAZPGyoQrZav5dO/LjUjzbTn
z3+uZdTJCVwR0qto5d+6alBJyEvcQUz8TkgnSP37BYxXj8NTk8tF8sEfKngYPB28
8uAUYbaH0RIYkCMwvvfeJ0I7XWmH6RiCtLlyB2SxohLboOX1GTJCPmqFt8DUwa7C
DNHw+EOMZaydXA7eqdpa
=eBkP
-----END PGP SIGNATURE-----
Reply to: