[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2015/dla-{361,134,276}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2015/dla-134.wml	2016-04-09 01:32:23.000000000 +0500
+++ russian/security/2015/dla-134.wml	2016-04-26 20:56:41.414490377 +0500
@@ -1,13 +1,14 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Andrey Labunets of Facebook discovered that cURL, an URL transfer
- -library, fails to properly handle URLs with embedded end-of-line
- -characters. An attacker able to make an application using libcurl to
- -access a specially crafted URL via an HTTP proxy could use this flaw to
- -do additional requests in a way that was not intended, or insert
- -additional request headers into the request.</p>
+<p>Ð?ндÑ?ей Ð?абÑ?неÑ? из Facebook обнаÑ?Ñ?жил, Ñ?Ñ?о cURL, библиоÑ?ека
+пеÑ?едаÑ?и URL, непÑ?авилÑ?но обÑ?абаÑ?Ñ?ваеÑ? URL, Ñ?одеÑ?жаÑ?ие Ñ?имволÑ?
+конÑ?а Ñ?Ñ?Ñ?оки. Ð?лоÑ?мÑ?Ñ?ленник, Ñ?поÑ?обнÑ?й Ñ?оздаÑ?Ñ? пÑ?иложение, иÑ?полÑ?зÑ?Ñ?Ñ?ее libcurl длÑ?
+полÑ?Ñ?ениÑ? доÑ?Ñ?Ñ?па к Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованномÑ? URL Ñ?еÑ?ез HTTP-пÑ?окÑ?и, можеÑ? иÑ?полÑ?зоваÑ?Ñ? даннÑ?Ñ?
+Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? вÑ?полнениÑ? дополниÑ?елÑ?нÑ?Ñ? ненамеÑ?еннÑ?Ñ? запÑ?оÑ?ов, либо вÑ?Ñ?авлÑ?Ñ?Ñ?
+дополниÑ?елÑ?нÑ?е заголовки в запÑ?оÑ?.</p>
 
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in curl version 7.21.0-2.1+squeeze11</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в curl веÑ?Ñ?ии 7.21.0-2.1+squeeze11</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2015/dla-276.wml	2016-04-08 00:21:20.000000000 +0500
+++ russian/security/2015/dla-276.wml	2016-04-26 20:59:14.859308866 +0500
@@ -1,14 +1,15 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Adam, upstream author of inspircd found the Debian
- -patch that fixed <a href="https://security-tracker.debian.org/tracker/CVE-2012-1836";>CVE-2012-1836</a> was incomplete. Furthermore, it
- -introduced an issue, since invalid dns packets caused an infinite loop.
- -This upload corrects these problems.</p>
+<p>Ð?дам, авÑ?оÑ? оÑ?новной веÑ?ки Ñ?азÑ?абоÑ?ки inspircd, обнаÑ?Ñ?жил, Ñ?Ñ?о заплаÑ?а длÑ? Debian,
+иÑ?пÑ?авлÑ?Ñ?Ñ?аÑ? <a href="https://security-tracker.debian.org/tracker/CVE-2012-1836";>CVE-2012-1836</a>, неполна. Ð?олее Ñ?ого, она
+вноÑ?иÑ? пÑ?облемÑ?, поÑ?колÑ?кÑ? непÑ?авилÑ?нÑ?е DNS-пакеÑ?Ñ? вÑ?зÑ?ваÑ?Ñ? возникновение беÑ?конеÑ?ного Ñ?икла.
+Ð?аннаÑ? загÑ?Ñ?зка иÑ?пÑ?авлÑ?еÑ? Ñ?Ñ?и пÑ?облемÑ?.</p>
 
- -<p>As of today, no CVEs has been assigned to these Debian-specific flaws.</p>
+<p>Ð? наÑ?Ñ?оÑ?Ñ?ее вÑ?емÑ? иденÑ?иÑ?икаÑ?оÑ? CVE Ñ?казаннÑ?м пÑ?облем на назнаÑ?ен.</p>
 
- -<p>For the Squeeze distribution, these issues have been fixed in version
- -1.1.22+dfsg-4+squeeze2 of inspircd.</p>
+<p>Ð? вÑ?пÑ?Ñ?ке Squeeze Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии
+1.1.22+dfsg-4+squeeze2 пакеÑ?а inspircd.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2015/dla-361.wml	2016-04-08 01:27:56.000000000 +0500
+++ russian/security/2015/dla-361.wml	2016-04-26 20:53:55.024710388 +0500
@@ -1,15 +1,16 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>The Bouncy Castle Java library before 1.51 does not validate that a point
- -is within the elliptic curve, which makes it easier for remote attackers
- -to obtain private keys via a series of crafted elliptic curve Diffie
- -Hellman (ECDH) key exchanges, aka an "invalid curve attack."</p>
+<p>Ð?иблиоÑ?ека Bouncy Castle Java до веÑ?Ñ?ии 1.51 не вÑ?полнÑ?еÑ? пÑ?овеÑ?кÑ? Ñ?ого, Ñ?Ñ?о Ñ?оÑ?ка
+наÑ?одиÑ?Ñ?Ñ? в пÑ?еделаÑ? Ñ?ллипÑ?иÑ?еÑ?кой кÑ?ивой, Ñ?Ñ?о облегÑ?аеÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам
+полÑ?Ñ?ение закÑ?Ñ?Ñ?Ñ?Ñ? клÑ?Ñ?ей Ñ? помоÑ?Ñ?Ñ? Ñ?еÑ?ии Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?Ñ? обменов клÑ?Ñ?ей по пÑ?оÑ?околÑ? Ð?иÑ?Ñ?и-Хеллмана
+Ñ? пÑ?именением Ñ?ллипÑ?иÑ?еÑ?киÑ? кÑ?ивÑ?Ñ? (ECDH), Ñ?Ñ?о Ñ?акже извеÑ?Ñ?но как <q>аÑ?ака Ñ?еÑ?ез непÑ?авилÑ?нÑ?Ñ? кÑ?ивÑ?Ñ?</q>.</p>
 
- -<p>For Debian 6 <q>Squeeze</q>, this issue has been fixed in version
- -1.44+dfsg-2+deb6u1 of bouncycastle.</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в веÑ?Ñ?ии
+1.44+dfsg-2+deb6u1 пакеÑ?а bouncycastle.</p>
 
- -<p>Many thanks to upstream author Peter Dettmann who reviewed the backport
- -that we prepared.</p>
+<p>Ð?Ñ?Ñ?ажаем благодаÑ?ноÑ?Ñ?Ñ? авÑ?оÑ?Ñ? оÑ?новной веÑ?ки Ñ?азÑ?абоÑ?ки Ð?еÑ?еÑ?Ñ? Ð?еÑ?Ñ?манÑ?, коÑ?оÑ?Ñ?й пÑ?овеÑ?ил
+подгоÑ?овленнÑ?й нами пеÑ?еноÑ? иÑ?пÑ?авлениÑ?.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXH5BYAAoJEF7nbuICFtKlyU4P/34JvL37AmVKL9uH7DudUFKQ
m5m1kPOMr9KcsgH7I4OHydLR5uC4b186C9RzjFUbW2vJqKbWqvbe9NA0vvEJ192D
aERkeA3XnpcBC1KmuTVaI7zS+eARAEPDXMP5G2DFhhKSt87GwKrkDE6JXwrTwj1o
BsB5AnhlAraBBcpBlAdK4OiPaUOM2iT2oniYjduA0avFTIz+4//s3RoXuN2lcnrO
5YkfthkQUHF1ZgFQE9muNZFARtNEhwfP5uH+dpP2MMv+dMhR+U/i4rN0D+Hl1Ex/
LhrlJGcVeK+7rdJiZu1ZKzvFdEAIWbegNlH3nMfIGuRAh24opoHMGRdTUJq5glIZ
80CZTzft3TKIYSnCoCQFhJiPBTkiwleiAoDfIyv8aUtNomKQxWu3PHBw9uB8kUeH
Pa+qa7SyPg7b7zfDt4Ji7V2iesA2u2IOlSSNzAWKn13gNCviXpTuiUOt7JGFwC8I
kYmgodDwfA7WP33FEyUVlfUhAa/wW4e36gr+E4s3/SZn8XX/LL6HjF4mVPtQBKH9
5JSEX9Ni4C3TRZOLs5ZAahCaFh+9pAd3OdDkn6AJ8ee8pwxrguB6EW3/XPyyPg3k
dJEWB9NQ5vM+WujpWyvPTsDkNIoMPsZMXRPlq3r0TCxI1WPyxsB/G/cm/P+JIFXD
o+pElalLeYmO9EbFmbif
=zYbj
-----END PGP SIGNATURE-----
Reply to: