[DONE] wml://security/2016/dsa-348{7,8}.wml

[Lev Lamberov <dogsleg@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2016/dsa-3487.wml	2016-02-23 21:04:59.000000000 +0500
+++ russian/security/2016/dsa-3487.wml	2016-02-24 12:47:25.187067503 +0500
@@ -1,19 +1,20 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Andreas Schneider reported that libssh2, a SSH2 client-side library,
- -passes the number of bytes to a function that expects number of bits
- -during the SSHv2 handshake when libssh2 is to get a suitable value for
- -<q>group order</q> in the Diffie-Hellman negotiation. This weakens
- -significantly the handshake security, potentially allowing an
- -eavesdropper with enough resources to decrypt or intercept SSH sessions.</p>
+<p>Ð?ндÑ?еаÑ? ШнайдеÑ? Ñ?ообÑ?ил, Ñ?Ñ?о libssh2, клиенÑ?Ñ?каÑ? библиоÑ?ека SSH2,
+пеÑ?едаÑ?Ñ? Ñ?Ñ?д байÑ? Ñ?Ñ?нкÑ?ии, ожидаÑ?Ñ?ей Ñ?Ñ?д биÑ?,
+во вÑ?емÑ? Ñ?Ñ?копожаÑ?иÑ? SSHv2 в Ñ?лÑ?Ñ?ае, когда libssh2 должна полÑ?Ñ?иÑ?Ñ? подÑ?одÑ?Ñ?ее знаÑ?ение
+длÑ? <q>поÑ?Ñ?дка гÑ?Ñ?ппÑ?</q> пÑ?и взаимодейÑ?Ñ?вии по алгоÑ?иÑ?мÑ? Ð?иÑ?Ñ?и-Хеллмана. ЭÑ?о Ñ?Ñ?Ñ?еÑ?Ñ?венно
+оÑ?лаблÑ?еÑ? безопаÑ?ноÑ?Ñ?Ñ? Ñ?Ñ?копожаÑ?иÑ?, поÑ?енÑ?иалÑ?но позволÑ?Ñ?
+подÑ?лÑ?Ñ?иваÑ?Ñ?емÑ? злоÑ?мÑ?Ñ?ленникÑ?, имеÑ?Ñ?емÑ? доÑ?Ñ?аÑ?оÑ?нÑ?е Ñ?еÑ?Ñ?Ñ?Ñ?Ñ?, Ñ?аÑ?Ñ?иÑ?Ñ?оваÑ?Ñ? или пеÑ?еÑ?ваÑ?иÑ? Ñ?еÑ?Ñ?ии SSH.</p>
 
- -<p>For the oldstable distribution (wheezy), this problem has been fixed
- -in version 1.4.2-1.1+deb7u2.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена
+в веÑ?Ñ?ии 1.4.2-1.1+deb7u2.</p>
 
- -<p>For the stable distribution (jessie), this problem has been fixed in
- -version 1.4.3-4.1+deb8u1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1.4.3-4.1+deb8u1.</p>
 
- -<p>We recommend that you upgrade your libssh2 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? libssh2.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2016/dsa-3488.wml	2016-02-23 21:39:36.000000000 +0500
+++ russian/security/2016/dsa-3488.wml	2016-02-24 12:52:27.681266209 +0500
@@ -1,22 +1,23 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Aris Adamantiadis discovered that libssh, a tiny C SSH library,
- -incorrectly generated a short ephemeral secret for the
- -diffie-hellman-group1 and diffie-hellman-group14 key exchange methods.
- -The resulting secret is 128 bits long, instead of the recommended sizes
- -of 1024 and 2048 bits respectively. This flaw could allow an
- -eavesdropper with enough resources to decrypt or intercept SSH sessions.</p>
+<p>Ð?Ñ?иÑ? Ð?даманÑ?иадиÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о libssh, неболÑ?Ñ?аÑ? библиоÑ?ека SSH длÑ? C,
+некоÑ?Ñ?екÑ?но Ñ?оздаÑ?Ñ? коÑ?оÑ?кий кÑ?аÑ?ковÑ?еменнÑ?й Ñ?екÑ?еÑ? длÑ?
+меÑ?одов обмена клÑ?Ñ?ами по алгоÑ?иÑ?мам diffie-hellman-group1 и diffie-hellman-group14.
+Ð?олÑ?Ñ?аÑ?Ñ?ийÑ?Ñ? Ñ?екÑ?еÑ? имееÑ? длинÑ? 128 биÑ? вмеÑ?Ñ?о Ñ?екомендÑ?емого Ñ?азмеÑ?а
+в 1024 и 2048 биÑ? Ñ?ооÑ?веÑ?Ñ?Ñ?венно. Ð?аннаÑ? Ñ?Ñ?звимоÑ?Ñ?Ñ? можеÑ? позволиÑ?Ñ?
+подÑ?лÑ?Ñ?иваÑ?Ñ?емÑ? злоÑ?мÑ?Ñ?ленникÑ? Ñ?аÑ?Ñ?иÑ?Ñ?оваÑ?Ñ? или пеÑ?еÑ?ваÑ?иÑ?Ñ? Ñ?еÑ?Ñ?ии SSH.</p>
 
- -<p>For the oldstable distribution (wheezy), this problem has been fixed in
- -version 0.5.4-1+deb7u3. This update also includes fixes for
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 0.5.4-1+deb7u3. Ð?Ñ?оме Ñ?ого, данное обновление вклÑ?Ñ?аеÑ? в Ñ?ебÑ? иÑ?пÑ?авлениÑ?
 <a href="https://security-tracker.debian.org/tracker/CVE-2014-8132";>CVE-2014-8132</a>
- -and <a href="https://security-tracker.debian.org/tracker/CVE-2015-3146";>CVE-2015-3146</a>,
- -which were previously scheduled for the next wheezy point release.</p>
+и <a href="https://security-tracker.debian.org/tracker/CVE-2015-3146";>CVE-2015-3146</a>,
+коÑ?оÑ?Ñ?е планиÑ?овалоÑ?Ñ? вклÑ?Ñ?иÑ?Ñ? в Ñ?ледÑ?Ñ?Ñ?Ñ?Ñ? Ñ?едакÑ?иÑ? wheezy.</p>
 
- -<p>For the stable distribution (jessie), this problem has been fixed in
- -version 0.6.3-4+deb8u2.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 0.6.3-4+deb8u2.</p>
 
- -<p>We recommend that you upgrade your libssh packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? libssh.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJWzWFuAAoJEF7nbuICFtKlc/IP/3gJa99EJPW1MfVeUVmFxjz0
SIcZuGbQ3xJakivMbnj13NwRKxLy7cI7Tmggln1e1Y7opDNoq6mtr9o6d9D9YME8
6ZmyDDTmBjl9XpmSsr9X1wAZ6LEJfaFqmYsSuVMCVbmH4iY8ejQwUH7gm0uzDf/8
F6/tM2TIwmMb7N5ZPp4bn0vZwQZNU4EqUKsYJUzGzwoFpSIj/nSM3227Twn2532w
T5/d67qfskyQHuhAiIcTUlBv0uTKZPyzn13iCxYbTK+aSzHrfYOQpXrMez9Z5yv6
/cdoUghsnx1pyxWWg0GMxe9Gsgur3VumUe+azFKYxV62fA8yThWK51GdwFwPXYS/
pyJciDXmcKVTyhNLJ99uAdTYREHUWs56AqmGbb5v6J2bIF6YMG1Vf2rrtHOpzbLQ
65qIosYKb0rn0EOnsbzPIw0OES+cZv8jydeLSnOzBNK1EyQw/LO5fgNqnLBIPXj9
8GR9yjvq0/3QSwVBjM3Idjkn6/d8K/QC+A/gQXXseigpjAhtJh00+TWh237pBmO1
cgco/Zn4d4KvlNB9JyvLq+scPyBJKoEOe6+5tHGmb2qH4gzU71QgeOt4iKKnTgCg
PcNk42zhDbL8URaugDSEJgTb/ioTh1xQQiK5ziWc0W/XUVpSYSxEYklZaDPNHBe7
yvpHfwJYDXkNLyzBsTZo
=yseU
-----END PGP SIGNATURE-----