[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2015/dla-{352,120}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2015/dla-120.wml	2016-04-09 01:32:23.000000000 +0500
+++ russian/security/2015/dla-120.wml	2016-04-30 22:45:45.133766657 +0500
@@ -1,19 +1,20 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Andreas Cord-Landwehr reported an issue where the X.Org Xserver would
- -often crash with an arithmetic exception when maximizing application
- -windows.</p>
+<p>Ð?ндÑ?еаÑ? Ð?оÑ?д-Ð?андвеÑ? Ñ?ообÑ?ил о пÑ?облеме, пÑ?и коÑ?оÑ?ой X.Org Xserver
+Ñ?аÑ?Ñ?о аваÑ?ийно завеÑ?Ñ?аеÑ? Ñ?абоÑ?Ñ? Ñ? аÑ?иÑ?меÑ?иÑ?еÑ?ким иÑ?клÑ?Ñ?ением пÑ?и Ñ?азвоÑ?аÑ?ивании
+во веÑ?Ñ? Ñ?кÑ?ан окон пÑ?иложений.</p>
 
- -<p>This issue (<a href="https://security-tracker.debian.org/tracker/CVE-2015-3418";>CVE-2015-3418</a>) is a regression which got introduced by fixing
- -<a href="https://security-tracker.debian.org/tracker/CVE-2014-8092";>CVE-2014-8092</a>. The above referenced version of xorg-server in Debian
- -squeeze-lts fixes this regression in the following way:</p>
+<p>ЭÑ?а пÑ?облема (<a href="https://security-tracker.debian.org/tracker/CVE-2015-3418";>CVE-2015-3418</a>) Ñ?влÑ?еÑ?Ñ?Ñ? Ñ?егÑ?еÑ?Ñ?ом, коÑ?оÑ?Ñ?й поÑ?вилÑ?Ñ? из-за иÑ?пÑ?авлениÑ?
+<a href="https://security-tracker.debian.org/tracker/CVE-2014-8092";>CVE-2014-8092</a>. УказаннаÑ? вÑ?Ñ?е веÑ?Ñ?иÑ? xorg-server в Debian
+squeeze-lts иÑ?пÑ?авлÑ?еÑ? Ñ?Ñ?оÑ? Ñ?егÑ?еÑ?Ñ? Ñ?ледÑ?Ñ?Ñ?им Ñ?поÑ?обом:</p>
 
- -<p>The length checking code validates PutImage height and byte width by
- -making sure that <tt>byte-width &gt;= INT32_MAX / height</tt>. If height is zero,
- -this generates a divide by zero exception. Allow zero height requests
- -explicitly, bypassing the INT32_MAX check (in dix/dispatch.c).</p>
+<p>Ð?оде пÑ?овеÑ?ки длинÑ? пÑ?овеÑ?Ñ?еÑ? вÑ?Ñ?оÑ?Ñ? PutImage и байÑ?овÑ?Ñ? Ñ?иÑ?инÑ?,
+Ñ?Ñ?обÑ? <tt>байÑ?оваÑ?-Ñ?иÑ?ина &gt;= INT32_MAX / вÑ?Ñ?оÑ?а</tt>. Ð?Ñ?ли вÑ?Ñ?оÑ?а Ñ?авна нÑ?лÑ?,
+Ñ?о возникаеÑ? иÑ?клÑ?Ñ?ение <q>деление на нолÑ?</q>. РазÑ?еÑ?аÑ?Ñ?Ñ?Ñ? Ñ?внÑ?е запÑ?оÑ?Ñ?
+Ñ? нÑ?левой вÑ?Ñ?оÑ?ой, Ñ?Ñ?о обÑ?одиÑ? пÑ?овеÑ?кÑ? INT32_MAX (в dix/dispatch.c).</p>
 
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in xorg-server version 2:1.7.7-18+deb6u3</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в xorg-server веÑ?Ñ?ии 2:1.7.7-18+deb6u3</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2015/dla-352.wml	2016-04-07 03:10:36.000000000 +0500
+++ russian/security/2015/dla-352.wml	2016-04-30 22:38:23.166653358 +0500
@@ -1,20 +1,21 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>The Apache commons collection suffered from security issues, making
- -applications to accept serialized objects from untrusted sources. Remote
- -attackers might take advantage of these issues to execute arbitrary Java
- -functions and even inject manipulated bytecode.</p>
+<p>Ð?абоÑ? обÑ?иÑ? блоков Apache Ñ?одеÑ?жиÑ? пÑ?облемÑ? безопаÑ?ноÑ?Ñ?и, Ñ?Ñ?о пÑ?иводиÑ?
+к Ñ?омÑ?, Ñ?Ñ?о пÑ?иложениÑ? пÑ?инимаÑ?Ñ? Ñ?еÑ?иализованнÑ?е обÑ?екÑ?Ñ? из недовеÑ?еннÑ?Ñ? иÑ?Ñ?оÑ?ников. УдалÑ?ннÑ?е
+злоÑ?мÑ?Ñ?ленники могÑ?Ñ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?и пÑ?облемÑ? длÑ? вÑ?полнениÑ? пÑ?оизволÑ?нÑ?Ñ? Ñ?Ñ?нкÑ?ий Java
+и даже инÑ?екÑ?ии изменÑ?нного байÑ?-кода.</p>
 
- -<p>This release of libcommons-collection3-java prevents these issues by disabling
- -the deserialization of the functors classes, unless the system property
- -org.apache.commons.collections.enableUnsafeSerialization is set to <q>true</q>.
- -Classes considered unsafe are: CloneTransformer, ForClosure,
+<p>Ð?аннÑ?й вÑ?пÑ?Ñ?к libcommons-collection3-java пÑ?едоÑ?вÑ?аÑ?аеÑ? Ñ?казаннÑ?е пÑ?облемÑ? пÑ?Ñ?Ñ?м оÑ?клÑ?Ñ?ениÑ?
+деÑ?еÑ?иализаÑ?ии клаÑ?Ñ?ов Ñ?Ñ?нкÑ?оÑ?ов в Ñ?ом Ñ?лÑ?Ñ?ае, еÑ?ли Ñ?иÑ?Ñ?емное Ñ?войÑ?Ñ?во
+org.apache.commons.collections.enableUnsafeSerialization не Ñ?Ñ?Ñ?ановлено в знаÑ?ение <q>true</q>.
+Ð?ебезопаÑ?нÑ?ми Ñ?Ñ?иÑ?аÑ?Ñ?Ñ?Ñ? Ñ?ледÑ?Ñ?Ñ?ие клаÑ?Ñ?Ñ?: CloneTransformer, ForClosure,
 InstantiateFactory, InstantiateTransformer, InvokerTransformer,
- -PrototypeCloneFactory, PrototypeSerializationFactory and WhileClosure.</p>
+PrototypeCloneFactory, PrototypeSerializationFactory и WhileClosure.</p>
 
- -<p>For Debian 6 <q>Squeeze</q>, these problems have been fixed in
- -libcommons-collections3-java version 3.2.1-4+deb6u1. We recommend you to
- -upgrade your libcommons-collections3-java packages.</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+libcommons-collections3-java веÑ?Ñ?ии 3.2.1-4+deb6u1. РекомендÑ?еÑ?Ñ?Ñ?
+обновиÑ?Ñ? пакеÑ?Ñ? libcommons-collections3-java.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXJO9MAAoJEF7nbuICFtKlo+AP/1nHVzh+5RnBRN91VGxMG2Or
Miu8rZ2eDIGaBceZkh69CwXGRwkasMEJctod8RzXLULyRpFVL0g+grHROzNJTJiW
QdX6PKRQEYxGTc+y57mA7tD7qat+LGAfAwv0ROpjPnJkiC+UqKmm4LTp1L9zuU3X
AItq0Tuz2dI3PyTRy4f6rAkUGkQ2Mi5sHZULceX46V+vdVfMXL0D3Vz83P0tiMPd
u4liN7KCn5ZpYrzZSGNJp0Kd5RECf+VAlL1EkCcsbH6O3BBU/RYX7QpgETVP43MP
jXy+dL53bZAt4dBI8BAqvFBH7dlhJSHO3SUPNiON102shLywaQdltCsXtCMG2noW
scwIr8ec4CaRWGy+P2Pn/VFEkDX7koI2a0/VwWjFM2RhzFg2rYqqDqEyxL9O3cYg
pvLFvh0LOCUgvS+mgFCZF1HrKts92IQGIZIYcgu7bkFQhT35YeLJa2JwAYYDIJlR
0j980GiLq8EBfnETeEXFhTmiRT7yxzUMFgIkRf3YlODiOBOz5NsrAYxETTpmgLP0
Df1VOC8uZF13Z3R2clrVxQeqeiRQobWHmT77sGxQJ655q1fZ1VhWIDJMsY8+/evL
2QgJN+Eswh4OdmoQx7Jnx0WbhsWtho5CIFssPT063l5atcwvlS2DzOYI38FX2TIu
MU6QRmonsm/9jKiOz1MQ
=MMZ5
-----END PGP SIGNATURE-----
Reply to: