[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2007/dsa-1{291,362}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2007/dsa-1291.wml	2014-04-30 13:16:12.000000000 +0600
+++ russian/security/2007/dsa-1291.wml	2016-09-24 09:24:22.088191744 +0500
@@ -1,37 +1,39 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several issues have been identified in Samba, the SMB/CIFS
- -file- and print-server implementation for GNU/Linux.</p>
+<p>Ð? Samba, Ñ?еализаÑ?ии Ñ?айлового Ñ?еÑ?веÑ?а и Ñ?еÑ?веÑ?а пеÑ?аÑ?и SMB/CIFS длÑ?
+GNU/Linux, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-2444";>CVE-2007-2444</a>
- -    <p>When translating SIDs to/from names using Samba local list of user and
- -    group accounts, a logic error in the smbd daemon's internal security
- -    stack may result in a transition to the root user id rather than the
- -    non-root user.  The user is then able to temporarily issue SMB/CIFS
- -    protocol operations as the root user.  This window of opportunity may
- -    allow the attacker to establish addition means of gaining root access to
- -    the server.</p></li>
+    <p>Ð?Ñ?и пеÑ?еводе SID в/из имÑ?н, иÑ?полÑ?зÑ?Ñ? локалÑ?нÑ?й Ñ?пиÑ?ок полÑ?зоваÑ?елей Samba и
+    Ñ?Ñ?Ñ?Ñ?нÑ?Ñ? запиÑ?ей гÑ?Ñ?пп, логиÑ?еÑ?каÑ? оÑ?ибка во внÑ?Ñ?Ñ?еннем Ñ?Ñ?еке безопаÑ?ноÑ?Ñ?и Ñ?лÑ?жбÑ?
+    smbd можеÑ? пÑ?иводиÑ?Ñ? к пеÑ?еÑ?одÑ? к Ñ?Ñ?овнÑ? иденÑ?иÑ?икаÑ?оÑ?а Ñ?Ñ?пеÑ?полÑ?зоваÑ?елÑ?, а не
+    Ñ?Ñ?овнÑ? полÑ?зоваÑ?елÑ?, оÑ?лиÑ?ного оÑ? Ñ?Ñ?пеÑ?полÑ?зоваÑ?елÑ?.  Ð?алее, полÑ?зоваÑ?елÑ? можеÑ? вÑ?еменно пÑ?оизводиÑ?Ñ?
+    опеÑ?аÑ?ии по пÑ?оÑ?околÑ? SMB/CIFS оÑ? лиÑ?а Ñ?Ñ?пеÑ?полÑ?зоваÑ?елÑ?.  Ð?аннаÑ? возможноÑ?Ñ?Ñ? можеÑ?
+    позволиÑ?Ñ? злоÑ?мÑ?Ñ?ленникÑ? Ñ?Ñ?Ñ?ановиÑ?Ñ? дополниÑ?елÑ?нÑ?е возможноÑ?Ñ?и полÑ?Ñ?ениÑ? пÑ?ав Ñ?Ñ?пеÑ?полÑ?зоваÑ?елÑ?
+    на Ñ?еÑ?веÑ?е.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-2446";>CVE-2007-2446</a>
- -    <p>Various bugs in Samba's NDR parsing can allow a user to send specially
- -    crafted MS-RPC requests that will overwrite the heap space with user
- -    defined data.</p></li>
+    <p>РазлиÑ?нÑ?е оÑ?ибки в коде длÑ? гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а NDR в Samba могÑ?Ñ? позволиÑ?Ñ?
+    полÑ?зоваÑ?елÑ? оÑ?пÑ?авлÑ?Ñ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?е запÑ?оÑ?Ñ?
+    MS-RPC, коÑ?оÑ?Ñ?е пÑ?иведÑ?Ñ? к пеÑ?езапиÑ?и пÑ?оÑ?Ñ?Ñ?анÑ?Ñ?ва динамиÑ?еÑ?кой памÑ?Ñ?и полÑ?зоваÑ?елÑ?Ñ?кими
+    даннÑ?ми.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-2447";>CVE-2007-2447</a>
- -    <p>Unescaped user input parameters are passed as arguments to /bin/sh
- -    allowing for remote command execution.</p></li>
+    <p>Ð?ведÑ?ннÑ?е полÑ?зоваÑ?елем неÑ?кÑ?аниÑ?ованнÑ?е паÑ?амеÑ?Ñ?Ñ? пеÑ?едаÑ?Ñ?Ñ?Ñ? в каÑ?еÑ?Ñ?ве аÑ?гÑ?менÑ?ов /bin/sh,
+    Ñ?Ñ?о позволÑ?еÑ? Ñ?далÑ?нно вÑ?полнÑ?Ñ?Ñ? командÑ?.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (etch), these problems have been fixed in
- -version 3.0.24-6etch1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 3.0.24-6etch1.</p>
 
- -<p>For the testing and unstable distributions (lenny and sid,
- -respectively), these problems have been fixed in version 3.0.25-1.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом и неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?каÑ? (lenny и sid, Ñ?ооÑ?веÑ?Ñ?Ñ?венно)
+Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии 3.0.25-1.</p>
 
- -<p>We recommend that you upgrade your samba package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? samba.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2007/dsa-1362.wml	2014-04-30 13:16:13.000000000 +0600
+++ russian/security/2007/dsa-1362.wml	2016-09-24 09:30:17.834279467 +0500
@@ -1,42 +1,43 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.9" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities were discovered in lighttpd, a fast webserver with
- -minimal memory footprint, which could allow the execution of arbitrary code via
- -the overflow of CGI variables when mod_fcgi was enabled.  The Common
- -Vulnerabilities and Exposures project identifies the following problems:</p>
+<p>Ð? lighttpd, бÑ?Ñ?Ñ?Ñ?ом веб-Ñ?еÑ?веÑ?е Ñ? минималÑ?нÑ?м поÑ?Ñ?еблением памÑ?Ñ?и,
+бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей, коÑ?оÑ?Ñ?е могÑ?Ñ? позволиÑ?Ñ? вÑ?полниÑ?Ñ? пÑ?оизволÑ?нÑ?й код Ñ? помоÑ?Ñ?Ñ?
+пеÑ?еполнениÑ? CGI-пеÑ?еменнÑ?Ñ? в Ñ?лÑ?Ñ?ае вклÑ?Ñ?ениÑ? mod_fcgi.  Ð?Ñ?оекÑ? Common
+Vulnerabilities and Exposures опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-3946";>CVE-2007-3946</a>
 
- -    <p>The use of mod_auth could leave to a denial of service attack crashing
- -    the webserver.</p></li>
+    <p>Ð?Ñ?полÑ?зование mod_auth могÑ?Ñ? пÑ?иводиÑ?Ñ? к оÑ?казÑ? в обÑ?лÑ?живании в Ñ?вÑ?зи Ñ? аваÑ?ийной
+    оÑ?Ñ?ановкой веб-Ñ?еÑ?веÑ?а.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-3947";>CVE-2007-3947</a>
 
- -    <p>The improper handling of repeated HTTP headers could cause a denial
- -    of service attack crashing the webserver.</p></li>
+    <p>Ð?епÑ?авилÑ?наÑ? обÑ?абоÑ?ка повÑ?оÑ?Ñ?Ñ?Ñ?иÑ?Ñ?Ñ? HTTP-заголовков можеÑ? вÑ?зÑ?ваÑ?Ñ? оÑ?каз
+    в обÑ?лÑ?живании в Ñ?вÑ?зи Ñ? аваÑ?ийной оÑ?Ñ?ановкой веб-Ñ?еÑ?веÑ?а.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-3949";>CVE-2007-3949</a>
 
- -    <p>A bug in mod_access potentially allows remote users to bypass
- -    access restrictions via trailing slash characters.</p></li>
+    <p>Ð?Ñ?ибка в mod_access поÑ?енÑ?иалÑ?но позволÑ?еÑ? Ñ?далÑ?ннÑ?м полÑ?зоваÑ?елÑ?м обÑ?одиÑ?Ñ?
+    огÑ?аниÑ?ениÑ? доÑ?Ñ?Ñ?па Ñ? помоÑ?Ñ?Ñ? завеÑ?Ñ?аÑ?Ñ?иÑ? коÑ?Ñ?Ñ? Ñ?еÑ?Ñ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-3950";>CVE-2007-3950</a>
 
- -    <p>On 32-bit platforms users may be able to create denial of service
- -    attacks, crashing the webserver, via mod_webdav, mod_fastcgi, or
+    <p>Ð?а 32-биÑ?нÑ?Ñ? плаÑ?Ñ?оÑ?маÑ? полÑ?зоваÑ?ели могÑ?Ñ? вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании,
+    аваÑ?ийно оÑ?Ñ?анавливаÑ? веб-Ñ?еÑ?веÑ? Ñ? помоÑ?Ñ?Ñ? mod_webdav, mod_fastcgi или
     mod_scgi.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (etch), these problems have been fixed in version
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии
 1.4.13-4etch4.</p>
 
- -<p>For the unstable distribution (sid), these problems have been fixed in
- -version 1.4.16-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.4.16-1.</p>
 
- -<p>We recommend that you upgrade your lighttpd package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? lighttpd.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJX5gFcAAoJEF7nbuICFtKlUZ4QAIEQwXnSlZ2jZD22M06eKPG0
FTasSOKULJe/BOPUPTrRE2agy+0GFUiP+WVcX78a3NnvkweEixCSvgXIkiHKkLja
t6LHSG2EgV/TNfAkbpaFotgWrhe1HiB0cCa1eeeeIdRDGdSwRPlzBEax2tJDlJ1u
NO65FEwljoQnGkqPeR1G+67Vt6d8DbPUeJ+vp0ZEBCdi6s3paQW/SF4EAKbOoL+H
bS9Dg/rvzwuVozdzlVrQDoIG6G9BdOC5my2rRpzj79em1rEndP9XvJ6kzpNxp8aI
+W5iLPiXivzpS5btkSoNm5KB9iPJqFbK0XOlKdnJbe3YYj5EgxYTcpApWs0VRmEd
50Ivkhr/X1dSnHmP/IjxkFP4Jw73NW87yw5xCDlAuc6YR6chsFFRMIGWNFXXsnA3
vTBzk3gST6e8Ur7eom9fXNzwdahmvbxYEudfjHZkNEg27sdkGUJNRM6L7bFnkQKP
/pR5WMYta0YpubfsDx8bzJb8F8+bulWRLifvtHxzQiJSTk7C6/ZGIhFwyBWYqJtx
/bUvPPDq9x7/AghnuUdZwm3e+AAAnDYkhIoDd9MCH5JimgAjRnu0UEHnQg/tcqGH
Ug7uvM+AHVcGkSID+4LmVg6kuH07z6MtshWKTxnlKM72aamNlzTC07XJ2js4cDea
2fBz4zAj2VrRHv7Zjyf0
=Nk5m
-----END PGP SIGNATURE-----
Reply to: