[DONE] wml://security/2015/dla-{253,350,367}.wml

[Lev Lamberov <dogsleg@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2015/dla-253.wml	2016-04-08 01:24:54.000000000 +0500
+++ russian/security/2015/dla-253.wml	2016-04-27 13:20:37.793949368 +0500
@@ -1,22 +1,23 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>The following vulnerabilities were discovered in the Windows Metafile
- -conversion library when reading BMP images embedded into WMF files:</p>
+<p>Ð? библиоÑ?еке длÑ? пÑ?еобÑ?азованиÑ? меÑ?аÑ?айлов Windows бÑ?ли обнаÑ?Ñ?женÑ? Ñ?ледÑ?Ñ?Ñ?ие Ñ?Ñ?звимоÑ?Ñ?и, возникаÑ?Ñ?ие
+пÑ?и Ñ?Ñ?ении изобÑ?ажений в Ñ?оÑ?маÑ?е BMP, вÑ?Ñ?Ñ?оеннÑ?Ñ? в Ñ?айлÑ? WMF:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-0848";>CVE-2015-0848</a>
 
- -    <p>A heap overflow when decoding embedded BMP images that don't use 8 bits per
- -    pixel.</p></li>
+    <p>Ð?еÑ?еполнение динамиÑ?еÑ?кой памÑ?Ñ?и пÑ?и декодиÑ?овании вÑ?Ñ?Ñ?оеннÑ?Ñ? изобÑ?ажений в Ñ?оÑ?маÑ?е BMP, коÑ?оÑ?Ñ?е не иÑ?полÑ?зÑ?Ñ?Ñ?
+    8 биÑ? на пикÑ?елÑ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-4588";>CVE-2015-4588</a>
 
- -    <p>A missing check in the RLE decoding of embedded BMP images.</p></li>
+    <p>Ð?Ñ?Ñ?Ñ?Ñ?Ñ?Ñ?вие пÑ?овеÑ?ки в RLE-декодиÑ?овании вÑ?Ñ?Ñ?оеннÑ?Ñ? изобÑ?ажений в Ñ?оÑ?маÑ?е BMP.</p></li>
 
 </ul>
 
- -<p>We recommend that you update your libwmf packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? libwmf.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2015/dla-350.wml	2016-04-07 03:10:36.000000000 +0500
+++ russian/security/2015/dla-350.wml	2016-04-27 13:22:37.670764761 +0500
@@ -1,13 +1,14 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>The strxfrm() function is vulnerable to integer overflows when computing
- -memory allocation sizes (similar to <a href="https://security-tracker.debian.org/tracker/CVE-2012-4412";>CVE-2012-4412</a>). Furthermore since
- -it fallbacks to use alloca() when malloc() fails, it is vulnerable to
- -stack-based buffer overflows (similar to <a href="https://security-tracker.debian.org/tracker/CVE-2012-4424";>CVE-2012-4424</a>).</p>
+<p>ФÑ?нкÑ?иÑ? strxfrm() Ñ?Ñ?звима к оÑ?Ñ?иÑ?аÑ?елÑ?номÑ? пеÑ?еполнениÑ? Ñ?елÑ?Ñ? Ñ?иÑ?ел пÑ?и вÑ?Ñ?иÑ?лении
+Ñ?азмеÑ?ов вÑ?делениÑ? памÑ?Ñ?и (Ñ?Ñ?оже Ñ? <a href="https://security-tracker.debian.org/tracker/CVE-2012-4412";>CVE-2012-4412</a>). Ð?олее Ñ?ого, Ñ?ак как
+Ñ?Ñ?нкÑ?иÑ? пÑ?и оÑ?ибке malloc() возвÑ?аÑ?аеÑ?Ñ?Ñ? к alloca(), она Ñ?Ñ?звима к
+пеÑ?еполнениÑ?м бÑ?Ñ?еÑ?а (Ñ?Ñ?оже Ñ? <a href="https://security-tracker.debian.org/tracker/CVE-2012-4424";>CVE-2012-4424</a>).</p>
 
- -<p>Those issues have been fixed in Debian 6 Squeeze with eglibc
- -2.11.3-4+deb6u8. We recommend that you upgrade libc6 and other
- -packages provided by eglibc.</p>
+<p>ЭÑ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в Debian 6 Squeeze в eglibc
+2.11.3-4+deb6u8. РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? libc6 и дÑ?Ñ?гие
+пакеÑ?Ñ?, пÑ?едоÑ?Ñ?авлÑ?емÑ?е eglibc.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2015/dla-367.wml	2016-04-08 01:27:56.000000000 +0500
+++ russian/security/2015/dla-367.wml	2016-04-27 13:25:40.002024179 +0500
@@ -1,16 +1,17 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>It has been reported that kdelibs uses the insecure mktemp() function
- -to create the temporary directory it uses to host user-specific sockets.
- -It is thus possible for another user to hijack this temporary directory
- -and gain socket accesses it should not have.</p>
+<p>СообÑ?аеÑ?Ñ?Ñ?, Ñ?Ñ?о kdelibs иÑ?полÑ?зÑ?еÑ? небезопаÑ?нÑ?Ñ? Ñ?Ñ?нкÑ?иÑ? mktemp()
+длÑ? Ñ?озданиÑ? вÑ?еменного каÑ?алога, иÑ?полÑ?зÑ?емого длÑ? Ñ?азмеÑ?ениÑ? полÑ?зоваÑ?елÑ?Ñ?киÑ? Ñ?океÑ?ов.
+ЭÑ?о позволÑ?еÑ? дÑ?Ñ?гомÑ? полÑ?зоваÑ?елÑ? поÑ?иÑ?иÑ?Ñ? Ñ?казаннÑ?й вÑ?еменнÑ?й каÑ?алог
+и полÑ?Ñ?иÑ?Ñ? доÑ?Ñ?Ñ?п к Ñ?океÑ?Ñ?, к коÑ?оÑ?омÑ? Ñ?Ñ?оÑ? полÑ?зоваÑ?елÑ? доÑ?Ñ?Ñ?па не имееÑ?.</p>
 
- -<p>In Debian 6 <q>Squeeze</q>, this issue has been addressed in kdelibs
- -3.5.10.dfsg.1-5+deb6u1 with the use of the safer mkdtemp() function.
- -We recommend that you upgrade your kdelibs packages.</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в kdelibs
+веÑ?Ñ?ии 3.5.10.dfsg.1-5+deb6u1 пÑ?Ñ?Ñ?м иÑ?полÑ?зованиÑ? более безопаÑ?ной Ñ?Ñ?нкÑ?ии mkdtemp().
+РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? kdelibs.</p>
 
- -<p>Other Debian releases have newer versions of the libraries (kdelibs4) that
- -are not affected by this problem.</p>
+<p>Ð?Ñ?Ñ?гие вÑ?пÑ?Ñ?ки Debian Ñ?одеÑ?жаÑ? более новÑ?е веÑ?Ñ?ии библиоÑ?ек (kdelibs4), коÑ?оÑ?Ñ?е
+не подвеÑ?женÑ? данной пÑ?облеме.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXIHeIAAoJEF7nbuICFtKlYb0P/iYSHHhj7LiscF5vHiPjfEfP
uVrVmlmZjup7Zzz1nEH2zGXY6ID3/qL5b7k/RQ7yTfJ6mQRUHmQm38n1/7n+1EIr
eZtm8aDU2Bybwen2RMO4HiWJBeTHtUmnLn64uqTi9CoxUN8ifV63SmtiSD1DInFG
w0F4yy+ofF6fcIAQeREWaP7l0HlEBY1Mi/2hUsNBP8ZALeHhtW9X22G9qB6qwiIL
DJOaHloTos3/epfQORHWQxW3+igJ0oyTsh5+GdkLL21C+coomgMbNUHlRPYZRZEj
WNXvBhwfzE4HExvjWCHUf7ecj7QJRpMDL5XVz0eqzw5cPE3UrNGwlqFZO4OUu4Xg
2ScuJp43IW8AgCIMFvHPGobyZ6YaNdyEBR9lxlRJ/zAQP8vBV3di1qwKYvFUKmAI
ZpaK6Wp21JL1RdPOB6iFlgvPggzXF7gW3JPDuS/YMRmnEDdTEqoWXmNNDCwqeb5p
us7D7OJU/rN5bDM4g03RFuCzkHFWzF7dO9wkByhaR8fzy1eZTuiwqKdzuZfwY6Ek
qDlg0Vxjad5MvWEoTdJZ2SDy88J1Q5I1/JYqN1D1FfXp318Kzf6U3P5KV9qv6lcN
qMlbAwEPvYyzQ5IOygH5jt23r/dERtRy9UHZQRFrfCmIp6dL6Hf6y+NkrxZxvyBq
UZd/JElI6YHUUpzr2aMw
=xKLs
-----END PGP SIGNATURE-----