[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2015/dla-2{40,84,44}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2015/dla-240.wml	2016-04-07 03:10:34.000000000 +0500
+++ russian/security/2015/dla-240.wml	2016-04-27 13:40:28.776763147 +0500
@@ -1,18 +1,19 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>An information disclosure flaw due to incorrect JkMount/JkUnmount
- -directives processing was found in the Apache 2 module mod_jk to forward
- -requests from the Apache web server to Tomcat. A JkUnmount rule for a subtree
- -of a previous JkMount rule could be ignored. This could allow a remote attacker
- -to potentially access a private artifact in a tree that would otherwise not be
- -accessible to them.</p>
+<p>Ð? mod_jk длÑ? Apache, модÑ?ле длÑ? пеÑ?енапÑ?авлениÑ? запÑ?оÑ?ов оÑ? веб-Ñ?еÑ?веÑ?а Apache
+к Tomcat, бÑ?ло обнаÑ?Ñ?жено Ñ?аÑ?кÑ?Ñ?Ñ?ие инÑ?оÑ?маÑ?ии из-за некоÑ?Ñ?екÑ?ной обÑ?абоÑ?ки диÑ?екÑ?ив
+JkMount/JkUnmount. Ð?Ñ?авило JkUnmount длÑ? поддеÑ?ева
+пÑ?едÑ?дÑ?Ñ?его пÑ?авила JkMount можеÑ? игноÑ?иÑ?оваÑ?Ñ?Ñ?Ñ?. ЭÑ?о позволÑ?еÑ? Ñ?далÑ?нномÑ? злоÑ?мÑ?Ñ?ленникÑ?
+поÑ?енÑ?иалÑ?но полÑ?Ñ?аÑ?Ñ? доÑ?Ñ?Ñ?п к закÑ?Ñ?Ñ?омÑ? аÑ?Ñ?еÑ?акÑ?Ñ? в деÑ?еве, к коÑ?оÑ?омÑ? в обÑ?Ñ?ном Ñ?лÑ?Ñ?ае
+он не имел бÑ? доÑ?Ñ?Ñ?па.</p>
 
- -<p>For the squeeze distribution, this problem has been fixed in version
+<p>Ð? вÑ?пÑ?Ñ?ке squeeze Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в веÑ?Ñ?ии
 1:1.2.30-1squeeze2.</p>
 
- -<p>We recommend that you upgrade your libapache-mod-jk packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? libapache-mod-jk.</p>
 
- -<p>This update has been prepared by Markus Koschany.</p>
+<p>Ð?анное обновление бÑ?ла подгоÑ?овлено Ð?аÑ?кÑ?Ñ?ом Ð?оÑ?ани.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2015/dla-244.wml	2016-04-08 01:24:54.000000000 +0500
+++ russian/security/2015/dla-244.wml	2016-04-27 13:59:37.474521078 +0500
@@ -1,16 +1,17 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Alexander E. Patrakov discovered an issue in strongSwan, an IKE/IPsec
- -suite used to establish IPsec protected links.</p>
+<p>Ð?лекÑ?андÑ? Ð?аÑ?Ñ?аков обнаÑ?Ñ?жил пÑ?облемÑ? в strongSwan, набоÑ?е IKE/IPsec,
+иÑ?полÑ?зÑ?емом длÑ? Ñ?Ñ?Ñ?ановлениÑ? IPsec-заÑ?иÑ?Ñ?ннÑ?Ñ? Ñ?оединений.</p>
 
- -<p>When a client authenticate the server with certificates and the client
- -authenticates using pre-shared key or EAP, the constraints on the server
- -certificate are only enforced by the client after all authentication
- -steps are completed successfully. A rogue server which can authenticate
- -using a valid certificate issued by any CA trusted by the client could
- -trick the user into continuing the authentication, revealing the
- -username and password digest (for EAP) or even the cleartext password
- -(if EAP-GTC is accepted).</p>
+<p>Ð?огда клиенÑ? аÑ?Ñ?енÑ?иÑ?иÑ?иÑ?Ñ?еÑ? Ñ?еÑ?веÑ? Ñ? помоÑ?Ñ?Ñ? Ñ?еÑ?Ñ?иÑ?икаÑ?ов, и когда Ñ?Ñ?оÑ? клиенÑ?
+иÑ?полÑ?зÑ?еÑ?Ñ?Ñ? пÑ?едваÑ?иÑ?елÑ?но опÑ?бликованнÑ?й клÑ?Ñ? или EAP, Ñ?о огÑ?аниÑ?ениÑ? Ñ?еÑ?веÑ?ного
+Ñ?еÑ?Ñ?иÑ?икаÑ?а иÑ?полÑ?зÑ?Ñ?Ñ?Ñ?Ñ? клиенÑ?ом Ñ?олÑ?ко поÑ?ле Ñ?Ñ?пеÑ?ного и полного вÑ?полнениÑ? вÑ?еÑ?
+Ñ?агов аÑ?Ñ?енÑ?иÑ?икаÑ?ии. Ð?лоÑ?мÑ?Ñ?ленник, владеÑ?Ñ?ий Ñ?еÑ?веÑ?ом, коÑ?оÑ?Ñ?е можеÑ? бÑ?Ñ?Ñ? аÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ован
+клиенÑ?ом Ñ? помоÑ?Ñ?Ñ? коÑ?Ñ?екÑ?ного Ñ?еÑ?Ñ?иÑ?икаÑ?а, вÑ?данного довеÑ?еннÑ?м авÑ?оÑ?иÑ?еÑ?ом, можеÑ?
+обманом вÑ?нÑ?диÑ?Ñ? полÑ?зоваÑ?елÑ? пÑ?одолжиÑ?Ñ? аÑ?Ñ?енÑ?иÑ?икаÑ?иÑ?, Ñ?аÑ?кÑ?Ñ?ваÑ?
+имÑ? полÑ?зоваÑ?елÑ? и Ñ?еÑ?-Ñ?Ñ?ммÑ? паÑ?олÑ? (длÑ? EAP), либо даже паÑ?олÑ? в виде оÑ?кÑ?Ñ?Ñ?ого Ñ?екÑ?Ñ?а
+(еÑ?ли пÑ?инÑ?Ñ? EAP-GTC).</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2015/dla-284.wml	2016-04-08 01:24:54.000000000 +0500
+++ russian/security/2015/dla-284.wml	2016-04-27 13:46:05.530744602 +0500
@@ -1,23 +1,24 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>A vulnerability has been found in the Apache HTTP Server.</p>
+<p>Ð? HTTP-Ñ?еÑ?веÑ?е Apache бÑ?ла обнаÑ?Ñ?жена Ñ?Ñ?звимоÑ?Ñ?Ñ?.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-3183";>CVE-2015-3183</a>
 
- -    <p>Apache HTTP Server did not properly parse chunk headers, which
- -    allowed remote attackers to conduct HTTP request smuggling via a
- -    crafted request. This flaw relates to mishandling of large
- -    chunk-size values and invalid chunk-extension characters in
+    <p>Http-Ñ?еÑ?веÑ? Apache непÑ?авилÑ?но вÑ?полнÑ?еÑ? гÑ?аммаÑ?иÑ?еÑ?кой Ñ?азбоÑ? заголовков поÑ?Ñ?ии даннÑ?Ñ?, Ñ?Ñ?о
+    позволÑ?еÑ? Ñ?далÑ?ннÑ?Ñ? злоÑ?мÑ?Ñ?ленникам вÑ?полнÑ?Ñ?Ñ? подделкÑ? HTTP-запÑ?оÑ?ов Ñ? помоÑ?Ñ?Ñ?
+    Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?Ñ? запÑ?оÑ?ов. ЭÑ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? Ñ?вÑ?зана Ñ? непÑ?авилÑ?ной обÑ?абоÑ?кой болÑ?Ñ?иÑ? знаÑ?ений, имеÑ?Ñ?иÑ?
+    Ñ?азмеÑ? поÑ?Ñ?ии даннÑ?Ñ?, и некоÑ?Ñ?екÑ?нÑ?Ñ? Ñ?имволов Ñ?аÑ?Ñ?иÑ?ениÑ? поÑ?Ñ?ий в
     modules/http/http_filters.c.</p></li>
 
 </ul>
 
- -<p>For the squeeze distribution, these issues have been fixed in version
- -2.2.16-6+squeeze15 of apache2.</p>
+<p>Ð? вÑ?пÑ?Ñ?ке squeeze Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?и
+2.2.16-6+squeeze15 пакеÑ?а apache2.</p>
 
- -<p>We recommend you to upgrade your apache2 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? apache2.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXIH98AAoJEF7nbuICFtKlmGgP/jE/wdFaGfj6Qu3U6JmhQAvw
BVHOLP3yfcOGzAQ+RNtVh6E4gBUvdqY5dAY7NLcB8sa711Tq4r5mrgLtStgyelnn
Fxu5MiIBw9PdNUcsZvu06V1L3g3w9JcfsbLAuNJ81AsfafMoHe82o6gF5tzjdg8m
NcEWFUE1Ox7fLnb7VhRxM4Jx0ZbDJIIYED04U+Vohx2XRPQqApXSqjyNijEzDfKi
Txr/ugEWNCx7fAFu4Xi9Duw8BSpp0VA6coABjCMjs9KpAs6aZxVl5YwDYL9U/oEd
uTJ9x5t+ASVrboO7KWNZoDxNhWMlbdf14++VPkFm0iUuZuX0oBZwiuGM4W5LMeUL
WCl+qjufJJH0X+siUtcD9oTz0KEOX9F1I2j0xTxgCyOKD/UWKLlrCjha/04VLqxG
/VyB52BjzIcLLSR4Q5zY1IF/jASdKJ4gH7pWtgTcwDw3i1I72ysMKrPF7E2LUv2Z
mT7q9AYz3CYKIPl/UBA8ltxtIgv63fgB0VUt3nsJjiRkd4Q5hHO/XHG+Pb71jQ5I
OzfBNCjW6KtTDkMLNlEZdteM0Fvffe8NdwMO8PGHTgD5mgHlgzmV9aeR27vk8iv4
oglSq1Aforr32xmL7mTSdIBM22e+5iRDk1hQuILmQN7qxaeYTUku2fmTNfJQPsWS
BgESzVMzufVMAHidsqF5
=E/wC
-----END PGP SIGNATURE-----
Reply to: