[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://{security/2016/dla-410.wml}

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2016/dla-410.wml	2016-04-08 01:54:44.000000000 +0500
+++ russian/security/2016/dla-410.wml	2016-04-18 12:49:51.443626212 +0500
@@ -1,84 +1,85 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
 
- -<p>Several vulnerabilities have been discovered in OpenJDK, an
- -implementation of the Oracle Java platform, resulting in breakouts of
- -the Java sandbox, information disclosure, denial of service and insecure
- -cryptography.</p>
+<p>Ð? OpenJDK, Ñ?еализаÑ?ии плаÑ?Ñ?оÑ?мÑ? Oracle Java, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко
+Ñ?Ñ?звимоÑ?Ñ?ей, коÑ?оÑ?Ñ?е пÑ?иводÑ?Ñ? к вÑ?Ñ?одÑ? за пÑ?еделÑ?
+пеÑ?оÑ?ниÑ?Ñ? Java, Ñ?аÑ?кÑ?Ñ?Ñ?иÑ? инÑ?оÑ?маÑ?ии, оÑ?казам в обÑ?лÑ?живании и небезопаÑ?номÑ?
+Ñ?иÑ?Ñ?ованиÑ?.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7575";>CVE-2015-7575</a>
 
- -        <p>A flaw was found in the way TLS 1.2 could use the MD5 hash
- -        function for signing ServerKeyExchange and Client
- -        Authentication packets during a TLS handshake.</p></li>
+        <p>Ð?Ñ?ла обнаÑ?Ñ?жена Ñ?Ñ?звимоÑ?Ñ?Ñ? в Ñ?поÑ?обе иÑ?полÑ?зованиÑ? TLS 1.2 Ñ?еÑ?-Ñ?Ñ?нкÑ?ии MD5
+        длÑ? подпиÑ?Ñ?ваниÑ? пакеÑ?ов ServerKeyExchange и Client
+        Authentication во вÑ?емÑ? Ñ?Ñ?копожаÑ?иÑ? TLS.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8126";>CVE-2015-8126</a>
 
- -        <p>Multiple buffer overflows in the (1) png_set_PLTE and (2)
- -        png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x
- -        before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before
- -        1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause
- -        a denial of service (application crash) or possibly have
- -        unspecified other impact via a small bit-depth value in an IHDR
- -        (aka image header) chunk in a PNG image.</p></li>
+        <p>Ð?ногоÑ?иÑ?леннÑ?е пеÑ?еполнениÑ? бÑ?Ñ?еÑ?а в Ñ?Ñ?нкÑ?иÑ?Ñ? (1) png_set_PLTE и (2)
+        png_get_PLTE в libpng до веÑ?Ñ?ии 1.0.64, 1.1.x до веÑ?Ñ?ии 1.2.x
+        до веÑ?Ñ?ии 1.2.54, 1.3.x и 1.4.x до веÑ?Ñ?ии 1.4.17, 1.5.x до веÑ?Ñ?ии
+        1.5.24 и 1.6.x до веÑ?Ñ?ии 1.6.19 позволÑ?Ñ?Ñ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам вÑ?зÑ?ваÑ?Ñ?
+        оÑ?каз в обÑ?лÑ?живании (аваÑ?ийнаÑ? оÑ?Ñ?ановка пÑ?иложениÑ?), либо могÑ?Ñ? как-Ñ?о по-дÑ?Ñ?гомÑ?
+        влиÑ?Ñ?Ñ? на безопаÑ?ноÑ?Ñ?Ñ?. Ð?еÑ?еполнениÑ? бÑ?Ñ?еÑ?а вÑ?зÑ?ваÑ?Ñ?Ñ?Ñ? пÑ?и помоÑ?и неболÑ?Ñ?ого знаÑ?ениÑ? глÑ?бинÑ? Ñ?веÑ?а в Ñ?аÑ?Ñ?и IHDR
+        (извеÑ?Ñ?ной как заголовок изобÑ?ажениÑ?) в изобÑ?ажении PNG.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8472";>CVE-2015-8472</a>
 
- -        <p>Buffer overflow in the png_set_PLTE function in libpng before
- -        1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before
- -        1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows
- -        remote attackers to cause a denial of service (application
- -        crash) or possibly have unspecified other impact via a small
- -        bit-depth value in an IHDR (aka image header) chunk in a PNG
- -        image. NOTE: this vulnerability exists because of an incomplete
- -        fix for <a href="https://security-tracker.debian.org/tracker/CVE-2015-8126";>CVE-2015-8126</a>.</p></li>
+        <p>Ð?еÑ?еполнение бÑ?Ñ?еÑ?а в Ñ?Ñ?нкÑ?ии png_set_PLTE в libpng до веÑ?Ñ?ии
+        1.0.65, 1.1.x и 1.2.x до веÑ?Ñ?ии 1.2.55, 1.3.x, 1.4.x до веÑ?Ñ?ии
+        1.4.18, 1.5.x до веÑ?Ñ?ии 1.5.25 и 1.6.x до веÑ?Ñ?ии 1.6.20 позволÑ?еÑ?
+        Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании (аваÑ?ийнаÑ? оÑ?Ñ?ановка
+        пÑ?иложениÑ?), либо могÑ?Ñ? как-Ñ?о по-дÑ?Ñ?гомÑ? влиÑ?Ñ?Ñ? на безопаÑ?ноÑ?Ñ?Ñ?. Ð?еÑ?еполнение бÑ?Ñ?еÑ?а вÑ?зÑ?ваеÑ?Ñ?Ñ? пÑ?и помоÑ?и
+        неболÑ?Ñ?ого знаÑ?ениÑ? глÑ?бинÑ? Ñ?веÑ?а в Ñ?аÑ?Ñ?и IHDR (извеÑ?Ñ?ной как заголовок изобÑ?ажениÑ?) в изобÑ?ажении
+        PNG. Ð?Ð?Ð?Ð?Ð?Ð?Ð?Ð?: Ñ?Ñ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? имееÑ? меÑ?Ñ?о из-за неполного
+        иÑ?пÑ?авлениÑ? <a href="https://security-tracker.debian.org/tracker/CVE-2015-8126";>CVE-2015-8126</a>.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-0402";>CVE-2016-0402</a>
 
- -        <p>Unspecified vulnerability in the Java SE and Java SE Embedded
- -        components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE
- -        Embedded 8u65 allows remote attackers to affect integrity via
- -        unknown vectors related to Networking.</p></li>
+        <p>Ð?еÑ?казаннаÑ? Ñ?Ñ?звимоÑ?Ñ?Ñ? в компоненÑ?аÑ? Java SE и Java SE Embedded
+        в Oracle Java SE 6u105, 7u91 и 8u66, а Ñ?акже в Java SE
+        Embedded 8u65 позволÑ?еÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам влиÑ?Ñ?Ñ? на Ñ?елоÑ?Ñ?ноÑ?Ñ?Ñ? даннÑ?Ñ? пÑ?и помоÑ?и
+        неизвеÑ?Ñ?нÑ?Ñ? векÑ?оÑ?ов, Ñ?вÑ?заннÑ?Ñ? Ñ? поддеÑ?жкой Ñ?абоÑ?Ñ? Ñ?еÑ?и.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-0448";>CVE-2016-0448</a>
 
- -        <p>Unspecified vulnerability in the Java SE and Java SE Embedded
- -        components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE
- -        Embedded 8u65 allows remote authenticated users to affect
- -        confidentiality via vectors related to JMX.</p></li>
+        <p>Ð?еÑ?казаннаÑ? Ñ?Ñ?звимоÑ?Ñ?Ñ? в компоненÑ?аÑ? Java SE и Java SE Embedded
+        в Oracle Java SE 6u105, 7u91 и 8u66, а Ñ?акже в Java SE
+        Embedded 8u65 позволÑ?еÑ? Ñ?далÑ?ннÑ?м аÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованнÑ?м полÑ?зоваÑ?елÑ?м влиÑ?Ñ?Ñ? на
+        конÑ?иденÑ?иалÑ?ноÑ?Ñ?Ñ? пÑ?и помоÑ?и векÑ?оÑ?ов, Ñ?вÑ?заннÑ?Ñ? Ñ? JMX.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-0466";>CVE-2016-0466</a>
 
- -        <p>It was discovered that the JAXP component in OpenJDK did not
- -        properly enforce the totalEntitySizeLimit limit. An attacker
- -        able to make a Java application process a specially crafted XML
- -        file could use this flaw to make the application consume an
- -        excessive amount of memory.</p></li>
+        <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о компоненÑ? JAXP в OpenJDK непÑ?авилÑ?но
+        Ñ?ледиÑ? за Ñ?облÑ?дением огÑ?аниÑ?ениÑ? totalEntitySizeLimit. Ð?лоÑ?мÑ?Ñ?ленник,
+        Ñ?поÑ?обнÑ?й заÑ?Ñ?авиÑ?Ñ? Java-пÑ?иложение обÑ?абаÑ?Ñ?ваÑ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?й Ñ?айл
+        XML, можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? Ñ?ого, Ñ?Ñ?обÑ? Ñ?Ñ?о пÑ?иложение
+        иÑ?полÑ?зовало Ñ?Ñ?езмеÑ?нÑ?й обÑ?Ñ?м памÑ?Ñ?и.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-0483";>CVE-2016-0483</a>
 
- -        <p>Unspecified vulnerability in the Java SE, Java SE Embedded, and
- -        JRockit components in Oracle Java SE 6u105, 7u91, and 8u66;
- -        Java SE Embedded 8u65; and JRockit R28.3.8 allows remote
- -        attackers to affect confidentiality, integrity, and
- -        availability via vectors related to AWT.</p></li>
+        <p>Ð?еÑ?казаннаÑ? Ñ?Ñ?звимоÑ?Ñ?Ñ? в компоненÑ?аÑ? Java SE, Java SE Embedded и
+        JRockit в Oracle Java SE 6u105, 7u91 и 8u66, а Ñ?акже
+        Java SE Embedded 8u65 и JRockit R28.3.8 позволÑ?еÑ? Ñ?далÑ?ннÑ?м
+        злоÑ?мÑ?Ñ?ленникам влиÑ?Ñ?Ñ? на конÑ?иденÑ?иалÑ?ноÑ?Ñ?Ñ?, Ñ?елоÑ?Ñ?ноÑ?Ñ?Ñ? даннÑ?Ñ? и
+        доÑ?Ñ?Ñ?пноÑ?Ñ?Ñ? Ñ? помоÑ?Ñ?Ñ? векÑ?оÑ?ов, Ñ?вÑ?заннÑ?Ñ? Ñ? AWT.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-0494";>CVE-2016-0494</a>
 
- -        <p>Unspecified vulnerability in the Java SE and Java SE Embedded
- -        components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE
- -        Embedded 8u65 allows remote attackers to affect
- -        confidentiality, integrity, and availability via
- -        unknown vectors related to 2D.</p></li>
+        <p>Ð?еÑ?казаннаÑ? Ñ?Ñ?звимоÑ?Ñ?Ñ? в компоненÑ?аÑ? Java SE и Java SE Embedded
+        в Oracle Java SE 6u105, 7u91 и 8u66, а Ñ?акже Java SE
+        Embedded 8u65 позволÑ?еÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам влиÑ?Ñ?Ñ?
+        на конÑ?иденÑ?иалÑ?ноÑ?Ñ?Ñ?, Ñ?елоÑ?Ñ?ноÑ?Ñ?Ñ? даннÑ?Ñ? и доÑ?Ñ?Ñ?пноÑ?Ñ?Ñ? Ñ? помоÑ?Ñ?Ñ?
+        неизвеÑ?Ñ?нÑ?Ñ? векÑ?оÑ?ов, Ñ?вÑ?заннÑ?Ñ? Ñ? 2D.</p></li>
 
 </ul>
 
- -<p>For Debian 6 <q>Squeeze</q>, these problems have been fixed in version
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии
 6b38-1.13.10-1~deb6u1.</p>
 
- -<p>We recommend that you upgrade your openjdk-6 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? openjdk-6.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXFJGiAAoJEF7nbuICFtKlxOwP/2gmZ1OkGWtF+00YnBkyCret
/ZnWKpjsxeptWv3JmxcIhGEvQIXG1YVC3jbo0q0+S908611HOc12p2Rhx6+sQkEO
khJ/ylTqo88ON3PAG56GDyMwfIqKURjtUkFUWJuNXGJiDpRQYLjc1XfhYAWMZpM0
FC5z+8w9Df7d9K/+BBAgE+hfnTHyVx/gL/U5aSYVpCStIhuVSJ6zTUZyB7YjzEm1
6TT6jPz4Vqzh96lk1zfOy+1Q4v9H2JRX57hkTFSZ5jhnJ+Evz0z871bOSC1iTket
TZxFW5s+ptcxvzpEniPWkE3lz6b65I0CqSfJVmYhioZ+Fp80H4r0bm98okTQVJ0F
Iz0D9HZFKuaDe/WutYludzuXxetYauyEUpXwU4zMbXDcMsr528i8E4yr3TjSPR2R
pcLksaXS4bo2pDUBPu5y2P7GB0pV5Mf6JJegP3oPqdgHa1DgJqEov58Vz5pR2Izv
DrmcgLnD3KCQ0XTpRLqxBcxd7v17YkfaxebWC8l9grNH+84Z/KuXOstHqUHzrXGl
/wHl2XTrPp0ahQwnqCmeyD1jHlyRvy6/bPv46IqVLttgigd+9lrkiNdAi9pouFhZ
ZjttM1Ni8yZat9MHCrYAQbxsUj3dShwIFKB4kb060E2jwBP4fTsraQ0bGmxydWxX
UX7TNiJaRa+2uQSaxetg
=zWds
-----END PGP SIGNATURE-----
Reply to: