[DONE] wml://{security/2016/dsa-3495.wml}
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- --- english/security/2016/dsa-3495.wml 2016-02-29 16:08:27.000000000 +0500
+++ russian/security/2016/dsa-3495.wml 2016-02-29 21:49:59.739278786 +0500
@@ -1,47 +1,49 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
<define-tag moreinfo>
- -<p>Markus Krell discovered that xymon, a network- and
- -applications-monitoring system, was vulnerable to the following
- -security issues:</p>
+<p>Ð?аÑ?кÑ?Ñ? Ð?Ñ?елл обнаÑ?Ñ?жил, Ñ?Ñ?о xymon, Ñ?иÑ?Ñ?ема мониÑ?оÑ?инга Ñ?еÑ?и и
+пÑ?иложений, Ñ?Ñ?звима к Ñ?ледÑ?Ñ?Ñ?им
+пÑ?облемам безопаÑ?ноÑ?Ñ?и:</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2016-2054">CVE-2016-2054</a>
- - <p>The incorrect handling of user-supplied input in the <q>config</q>
- - command can trigger a stack-based buffer overflow, resulting in
- - denial of service (via application crash) or remote code execution.</p></li>
+ <p>Ð?екоÑ?Ñ?екÑ?наÑ? обÑ?абоÑ?ка пеÑ?едаваемÑ?Ñ? полÑ?зоваÑ?елем вÑ?однÑ?Ñ? даннÑ?Ñ? в команде <q>config</q>
+ можеÑ? пÑ?иводиÑ?Ñ? к пеÑ?еполнениÑ? бÑ?Ñ?еÑ?а, Ñ?Ñ?о пÑ?иводиÑ? к
+ оÑ?казÑ? в обÑ?лÑ?живании (из-за аваÑ?ийной оÑ?Ñ?ановки пÑ?иложениÑ?) или Ñ?далÑ?нномÑ? вÑ?полнениÑ? кода.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2016-2055">CVE-2016-2055</a>
- - <p>The incorrect handling of user-supplied input in the <q>config</q>
- - command can lead to an information leak by serving sensitive
- - configuration files to a remote user.</p></li>
+ <p>Ð?екоÑ?Ñ?екÑ?наÑ? обÑ?абоÑ?ка пеÑ?едаваемÑ?Ñ? полÑ?зоваÑ?елем даннÑ?Ñ? в команде <q>config</q>
+ можеÑ? пÑ?иводиÑ?Ñ? к Ñ?Ñ?еÑ?ке инÑ?оÑ?маÑ?ии из-за пеÑ?едаÑ?и Ñ?айлов
+ наÑ?Ñ?Ñ?оек Ñ?далÑ?нномÑ? полÑ?зоваÑ?елÑ?.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2016-2056">CVE-2016-2056</a>
- - <p>The commands handling password management do not properly validate
- - user-supplied input, and are thus vulnerable to shell command
- - injection by a remote user.</p></li>
+ <p>Ð?омандÑ?, обÑ?абаÑ?Ñ?ваÑ?Ñ?ие Ñ?пÑ?авлением паÑ?олÑ?ми, непÑ?авилÑ?но вÑ?полнÑ?Ñ?Ñ?
+ пÑ?овеÑ?кÑ? пеÑ?едаваемÑ?Ñ? полÑ?зоваÑ?елем вÑ?однÑ?Ñ? даннÑ?Ñ?, и поÑ?омÑ? Ñ?Ñ?звимÑ? к инÑ?екÑ?ии команд
+ командной оболоÑ?ки, коÑ?оÑ?аÑ? можеÑ? бÑ?Ñ?Ñ? вÑ?полнена Ñ?далÑ?ннÑ?м полÑ?зоваÑ?елем.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2016-2057">CVE-2016-2057</a>
- - <p>Incorrect permissions on an internal queuing system allow a user
- - with a local account on the xymon master server to bypass all
- - network-based access control lists, and thus inject messages
- - directly into xymon.</p></li>
+ <p>Ð?екоÑ?Ñ?екÑ?нÑ?е пÑ?ава доÑ?Ñ?Ñ?па к внÑ?Ñ?Ñ?енней Ñ?иÑ?Ñ?еме оÑ?еÑ?еди позволÑ?Ñ?Ñ? полÑ?зоваÑ?елÑ?,
+ имеÑ?Ñ?емÑ? локалÑ?нÑ?Ñ? Ñ?Ñ?Ñ?Ñ?нÑ?Ñ? запиÑ?Ñ? на главном Ñ?еÑ?веÑ?е xymon, обойÑ?и вÑ?е
+ Ñ?пÑ?авлÑ?Ñ?Ñ?ие Ñ?пиÑ?ки пÑ?ав Ñ?еÑ?евого доÑ?Ñ?Ñ?па и ввеÑ?Ñ?и Ñ?ообÑ?ениÑ?
+ напÑ?Ñ?мÑ?Ñ? в xymon.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2016-2058">CVE-2016-2058</a>
- - <p>Incorrect escaping of user-supplied input in status webpages can
- - be used to trigger reflected cross-site scripting attacks.</p></li>
+ <p>Ð?екоÑ?Ñ?екÑ?ное Ñ?кÑ?аниÑ?ование пеÑ?едаваемÑ?Ñ? полÑ?зоваÑ?елем даннÑ?Ñ? на Ñ?Ñ?Ñ?аниÑ?аÑ?
+ Ñ?Ñ?аÑ?Ñ?Ñ?а можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? длÑ? оÑ?Ñ?Ñ?еÑ?Ñ?влениÑ? аÑ?ак по пÑ?инÑ?ипÑ? межÑ?айÑ?ового
+ Ñ?кÑ?ипÑ?инга.</p></li>
</ul>
- -<p>For the stable distribution (jessie), these problems have been fixed in
- -version 4.3.17-6+deb8u1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 4.3.17-6+deb8u1.</p>
- -<p>We recommend that you upgrade your xymon packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? xymon.</p>
</define-tag>
# do not modify the following line
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJW1HbVAAoJEF7nbuICFtKl69wP/jLT0UMJ15WXMDp1arrg3z9M
AbTc6ksLJFSvyZ8DO7WvNGoJlmCuhA/HPHofTnB8qUTJ0/85EKBqvu8oEg1IiS81
eoKRHZscZyfIRGQqnDNmqQe7dL1Mg/E/eKNYzvuKTie4FTbehsuG+flXLSVxH/BV
GLOhgIE/+mxC/BiK+AMeJ8VFDXzsYKmTtSUdKNr4lKlvvHdE25k6Sn/azfW16wAR
iy8F0LFCESusCLSdHkAeFvBoKYKAi6fU9wF8JAP+SVUO9sHWGHmuLWMhzUxk3OYS
cTVQ2L8NUZL4g9Wv01WOeUDVeSuSe0IqYZ9Aqm4MgtinzUN/KFkh8/2a4MDTQzu+
BYbm+vmEQT68Sv9KOTz9Xj14VN6kWhbJUjt0KVlhIr2Tu1XRcIlKFtHhPLtGjM0S
1wS6JEE6pn0sQJpy/7ySmYlvOUnkhi7M5JKRU4O4T9RnADJiy5scpPlKh4kJIM+e
U9MWSOQsP0mw1BsY6FpTEfy6xDrgchT//2Lpq9lJeyP/ldE0MmsMXf0+/Joi0oR6
/RtpvdQSvTWzAGyBkw2EkZCDrBoe0SjNOgFAA2kc7xSetbc2K/ulH2rmiKYDLTkv
MEAe6+w4hRDcH30yAJKZJ+qudlnLFf1RnWy0jIhVJFTWYgMKrxpgMPqA2x0LLih+
GdCXdIst/a9nwYauTndp
=VfEN
-----END PGP SIGNATURE-----
Reply to: