[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2015/dla-{293,154,169}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2015/dla-154.wml	2016-04-09 01:32:24.000000000 +0500
+++ russian/security/2015/dla-154.wml	2016-04-27 14:17:07.778837179 +0500
@@ -1,24 +1,25 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>nss 3.12.8-1+squeeze11 fixes two security issues:</p>
+<p>nss 3.12.8-1+squeeze11 иÑ?пÑ?авлÑ?еÑ? две пÑ?облемÑ? безопаÑ?ноÑ?Ñ?и:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-3389";>CVE-2011-3389</a>
 
- -    <p>SSL 3.0 and TLS 1.0 connections were vulnerable to some chosen
- -    plaintext attacks which allowed man-in-the middle attackers to obtain
- -    plaintext HTTP headers on an HTTPS session. This issue is known as
- -    the <q>BEAST</q> attack.</p></li>
+    <p>СоединениÑ? SSL 3.0 и TLS 1.0 Ñ?Ñ?звимÑ? к некоÑ?оÑ?Ñ?м избÑ?аннÑ?м
+    аÑ?акам Ñ?еÑ?ез оÑ?кÑ?Ñ?Ñ?Ñ?й Ñ?екÑ?Ñ?, Ñ?Ñ?о позволÑ?еÑ? злоÑ?мÑ?Ñ?ленникам, иÑ?полÑ?зÑ?Ñ?Ñ?им пÑ?инÑ?ипÑ? аÑ?аки Ñ?еловек-в-Ñ?еÑ?едине, полÑ?Ñ?аÑ?Ñ?
+    HTTP-заголовки в виде оÑ?кÑ?Ñ?Ñ?ого Ñ?екÑ?Ñ?а из Ñ?еÑ?Ñ?ии HTTPS. ЭÑ?а пÑ?облема извеÑ?Ñ?наÑ? как
+    аÑ?ака <q>BEAST</q>.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-1569";>CVE-2014-1569</a>
 
- -    <p>Possible information leak with too-permissive ASN.1 DER decoding of
- -    length.</p></li>
+    <p>Ð?озможнаÑ? Ñ?Ñ?еÑ?ка инÑ?оÑ?маÑ?ии пÑ?и Ñ?лиÑ?ком неÑ?Ñ?Ñ?огом ASN.1 DER декодиÑ?овании
+    длинÑ?.</p></li>
 
 </ul>
 
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in nss version 3.12.8-1+squeeze11</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в nss веÑ?Ñ?ии 3.12.8-1+squeeze11</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2015/dla-169.wml	2016-04-09 01:32:24.000000000 +0500
+++ russian/security/2015/dla-169.wml	2016-04-27 14:20:18.430799771 +0500
@@ -1,17 +1,18 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- - <p>A vulnerability was fixed in axis, a SOAP implementation in Java:</p>
+ <p>Ð? axis, Ñ?еализаÑ?ии SOAP на Java, бÑ?ла иÑ?пÑ?авлена Ñ?Ñ?звимоÑ?Ñ?Ñ?:</p>
 
- - <p>The getCN function in Apache Axis 1.4 and earlier does not properly verify
- - that the server hostname matches a domain name in the subject's Common Name
- - (CN) or subjectAltName field of the X.509 certificate, which allows
- - man-in-the-middle attackers to spoof SSL servers via a certificate with a
- - subject that specifies a common name in a field that is not the CN field.</p>
+ <p>ФÑ?нкÑ?иÑ? getCN в Apache Axis 1.4 и более Ñ?анниÑ? веÑ?Ñ?иÑ?Ñ? непÑ?авилÑ?но вÑ?полнÑ?еÑ?
+ пÑ?овеÑ?кÑ? Ñ?ого, Ñ?Ñ?о имÑ? Ñ?зла Ñ?еÑ?веÑ?а Ñ?овпадаеÑ? Ñ? именем домена в Ñ?еме Common Name
+ (CN) или поле subjectAltName Ñ?еÑ?Ñ?иÑ?икаÑ?а X.509, Ñ?Ñ?о позволÑ?еÑ?
+ злоÑ?мÑ?Ñ?ленникам, иÑ?полÑ?зÑ?Ñ?Ñ?им пÑ?инÑ?ип Ñ?еловек-в-Ñ?еÑ?едине, вÑ?даваÑ?Ñ? Ñ?ебÑ? за Ñ?еÑ?веÑ?Ñ? SSL Ñ? помоÑ?Ñ?Ñ? Ñ?еÑ?Ñ?иÑ?икаÑ?а Ñ?
+ Ñ?емой, опÑ?еделÑ?Ñ?Ñ?ей обÑ?ее имÑ? в поле, коÑ?оÑ?ое не Ñ?влÑ?еÑ?Ñ?Ñ? полем CN.</p>
 
- - <p>Thanks to Markus Koschany for providing the fixed package and David Jorm
- - and Arun Neelicattu (Red Hat Product Security) for providing the patch.</p>
+ <p>Ð?лагодаÑ?им Ð?аÑ?кÑ?Ñ?а Ð?оÑ?ани за пÑ?едоÑ?Ñ?авление иÑ?пÑ?авленного пакеÑ?а, а Ñ?акже Ð?Ñ?вида Ð?оÑ?ма
+ и Ð?Ñ?Ñ?на Ð?иликаÑ?Ñ?Ñ? (Red Hat Product Security) за пÑ?едоÑ?Ñ?авление заплаÑ?Ñ?.</p>
 
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in axis version 1.4-12+deb6u1</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в axis веÑ?Ñ?ии 1.4-12+deb6u1</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2015/dla-293.wml	2016-04-08 01:27:56.000000000 +0500
+++ russian/security/2015/dla-293.wml	2016-04-27 14:14:23.140065310 +0500
@@ -1,22 +1,23 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>C. Michael Pilato, from CollabNet, reported an issue in the version
- -control system Subversion.</p>
+<p>Ð?айкл Ð?илаÑ?о из CollabNet Ñ?ообÑ?ил о пÑ?облеме в Subversion, Ñ?иÑ?Ñ?еме
+Ñ?пÑ?авлениÑ? веÑ?Ñ?иÑ?ми.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-3187";>CVE-2015-3187</a>
 
- -    <p>Subversion servers revealed some sensible paths hidden by path-based
- -    authorization. Remote authenticated users were allowed to obtain
- -    path information by reading the history of a node that has been
- -    moved from a hidden path. The vulnerability only revealed the path,
- -    though it didn't reveal its content.</p></li>
+    <p>СеÑ?веÑ?Ñ? Subversion Ñ?аÑ?кÑ?Ñ?ваÑ?Ñ? некоÑ?оÑ?Ñ?е Ñ?Ñ?вÑ?Ñ?виÑ?елÑ?нÑ?е пÑ?Ñ?и, Ñ?кÑ?Ñ?Ñ?Ñ?е меÑ?анизмом авÑ?оÑ?изаÑ?ии
+    на оÑ?нове пÑ?Ñ?ей. УдалÑ?ннÑ?е аÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованнÑ?е полÑ?зоваÑ?ели могÑ?Ñ? полÑ?Ñ?иÑ?Ñ?
+    инÑ?оÑ?маÑ?иÑ? о пÑ?Ñ?Ñ?Ñ?, Ñ?иÑ?аÑ? иÑ?Ñ?оÑ?иÑ? нодÑ?, коÑ?оÑ?Ñ?е бÑ?ла
+    пеÑ?емеÑ?ена из Ñ?кÑ?Ñ?Ñ?ого пÑ?Ñ?и. ЭÑ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? Ñ?аÑ?кÑ?Ñ?ваеÑ? Ñ?олÑ?ко пÑ?Ñ?Ñ?,
+    не Ñ?аÑ?кÑ?Ñ?ваÑ? Ñ?одеÑ?жимое Ñ?Ñ?ого пÑ?Ñ?и.</p></li>
 
 </ul>
 
- -<p>For Debian 6 <q>Squeeze</q>, this issue has been fixed in subversion
- -1.6.12dfsg-7+deb6u3. We recommend to upgrade your subversion packages.</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в subversion
+веÑ?Ñ?ии 1.6.12dfsg-7+deb6u3. РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? subversion.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXIIRVAAoJEF7nbuICFtKlGLEP/37MnMbFc20VwBbLJSY2qq6U
EZw4ScYVKP5DWTRNsMj2aHbXyJ3I/e1u9w5KQXsd1e3tSlcl0BgnymoUyhELHgBo
6ZPS8GWlTxB/5l5F47ygjQsljkb5h5ELG+/LvIo8Y6/nsG3i95GQe9PjEJKo7tgK
i4HjLSYv+CgFJqtjDVpaUSlg+4+k+sYy7TBnmn+GXGdVDhBswXwaqcOjj6NLGB/C
/eWemMP3GQjDu7WbnoJayymEsLIVrD+MyCWaKnPVlGWFJiHQ5MyxDNAjv97f6QoZ
PLW6QcSUQ4XzO0skHTaxfaYCvtYb7oisn57oDVEWRjzvn+vBZVaJhvHZ6KGidb5w
1IHsizXbrnLCWzZrfga0yE1aupx8yTPEKkUR2myKrb5f9AYr/MH2cBs+sLVM9sQ/
0Wa/icnaHZ2gfSLy5MCcRMguwKR9FzL51Lc0B1hdP7YyZylDIa6oHu+M8hYq3DA5
WH1vwnpi7/Gnxixj6gYpoS5d/uCBVfnJ99QwrEXP2h8mwn2rQpBzw4djEado8q2/
orSA0JnYGaa5b4Lz7gB4bu0pHf0gdkt6UmrCvVWshF4+cLgJ+euCprEyUwwJ0dKW
Y7dbMptRp6HTSj0GJGaXWBCWk8Tz4tCRNVAgeYg2wsulKpCfeAtJt5qyAm9rh/Xd
QvIkeXNhcxb4YZI5v4PN
=Y8Eh
-----END PGP SIGNATURE-----
Reply to: