Re: [RFR] wml://webwml/portuguese/security/2006/dsa-934.wml

To: debian-l10n-portuguese@lists.debian.org
Subject: Re: [RFR] wml://webwml/portuguese/security/2006/dsa-934.wml
From: "Felipe Augusto van de Wiel (faw)" <felipe@cathedrallabs.org>
Date: Fri, 13 Jan 2006 12:55:25 -0200
Message-id: <[🔎] 43C7BF5D.3020509@cathedrallabs.org>
In-reply-to: <[🔎] 20060112220256.GB14986@localhost.localdomain>
References: <[🔎] 20060110222647.GC18197@localhost.localdomain> <[🔎] 20060110224624.GA18889@localhost.localdomain> <[🔎] 43C53A0A.6000905@cathedrallabs.org> <[🔎] 20060111183635.GB12076@localhost.localdomain> <[🔎] 43C5566F.8060401@cathedrallabs.org> <[🔎] 20060112220256.GB14986@localhost.localdomain>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/12/2006 08:02 PM, Marco Carvalho wrote:
> ------------------------------------------------------------------------
> #use wml::debian::translation-check translation="1.3" maintainer="Marco Carvalho"
> <define-tag description>várias vulnerabilidades</define-tag>
> <define-tag moreinfo>
> <p>Duas vulnerabilidades foram descobertas no Pound, um proxy reverso e balanceador
> de carga para HTTP. O Projeto de Auditoria de Segurança do Debian
> ("Debian Security Audit Project") identificou os seguintes problemas:</p>
> 
> <ul>
> 
> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1391";>CVE-2005-1391</a>:
>      <p>Host HTTP excessivamente longo: cabeçalhos podem disparar um estouro de 
>      pilha na função add_port(), que pode levar a uma execução de código
>      arbitrário.</p></li>
> 
> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3751";>CVE-2005-3751</a>:
>      <p>Requisições HTTP com cabeçalhos Content-Length e Transfer-Encoding 
>      conflitantes podem levar a um ataque de requisição HTTP falsa ("HTTP Request
>      Smuggling Attack"), que pode ser explorado para transpor filtros de
>      pacotes ou envenenar "caches" web.</p></li>
> 
> </ul>
> 
> <p>A antiga distribuição estável ("woody") não contém o pacote pound.</p>
> 
> <p>Para a distribuição estável ("sarge") estes problemas foram corrigidos na
> versão 1.8.2-1sarge1</p>
> 
> <p>Para a distribuição instável ("sid") estes problemas foram corrigidos na
> versão 1.9.4-1</p>
> 
> <p>Recomendamos que você atualize seu pacote pound.</p>
> </define-tag>
> 
> # do not modify the following line
> #include "$(ENGLISHDIR)/security/2006/dsa-934.data"

	Ok.

- --
Felipe Augusto van de Wiel (faw)
"Debian. Freedom to code. Code to freedom!"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org

iD8DBQFDx79dCjAO0JDlykYRAq+nAJ43tcc7fOVFIiW2IMInV0mq1B8i1gCfUD9U
LP4mBpFKKsFd0bw4sq6pMuE=
=ymiY
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- [LCFC] wml://webwml/portuguese/security/2006/dsa-934.wml
  - From: marcocarvalho89@yahoo.com.br (Marco Carvalho)

References:
- [RFR] wml://webwml/portuguese/security/2006/dsa-934.wml
  - From: Marco Carvalho <marcocarvalho89@yahoo.com.br>
- Re: [RFR] wml://webwml/portuguese/security/2006/dsa-934.wml
  - From: marcocarvalho89@yahoo.com.br (Marco Carvalho)
- Re: [RFR] wml://webwml/portuguese/security/2006/dsa-934.wml
  - From: "Felipe Augusto van de Wiel (faw)" <felipe@cathedrallabs.org>
- Re: [RFR] wml://webwml/portuguese/security/2006/dsa-934.wml
  - From: marcocarvalho89@yahoo.com.br (Marco Carvalho)
- Re: [RFR] wml://webwml/portuguese/security/2006/dsa-934.wml
  - From: "Felipe Augusto van de Wiel (faw)" <felipe@cathedrallabs.org>
- Re: [RFR] wml://webwml/portuguese/security/2006/dsa-934.wml
  - From: marcocarvalho89@yahoo.com.br (Marco Carvalho)

Prev by Date: Re: [RFR] wml://webwml/portuguese/security/2006/dsa-936.wml
Next by Date: Re: [RFR] wml://webwml/portuguese/security/2006/dsa-930.wml
Previous by thread: Re: [RFR] wml://webwml/portuguese/security/2006/dsa-934.wml
Next by thread: [LCFC] wml://webwml/portuguese/security/2006/dsa-934.wml
Index(es):
- Date
- Thread