[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2015/dla-3{2,4}0.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2015/dla-320.wml	2016-04-08 01:24:54.000000000 +0500
+++ russian/security/2015/dla-320.wml	2016-05-03 23:22:47.418035666 +0500
@@ -1,25 +1,26 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Pali Rohár <a href="http://www.openwall.com/lists/oss-security/2015/09/27/1";>discovered</a> a possible DoS attack in any software which uses
- -the Email::Address Perl module for parsing string input to a list of
- -email addresses.</p>
+<p>Ð?али РоÑ?аÑ? <a href="http://www.openwall.com/lists/oss-security/2015/09/27/1";>обнаÑ?Ñ?жил</a> поÑ?енÑ?иалÑ?нÑ?Ñ? аÑ?акÑ? Ñ? Ñ?елÑ?Ñ? вÑ?зова оÑ?каза в обÑ?лÑ?живании на лÑ?бое Ð?Ð?, иÑ?полÑ?зÑ?Ñ?Ñ?ее
+модÑ?лÑ? Email::Address длÑ? Perl длÑ? вÑ?полнениÑ? гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а вÑ?однÑ?Ñ? Ñ?Ñ?Ñ?ок Ñ?пиÑ?ка
+адÑ?еÑ?ов Ñ?лекÑ?Ñ?онной поÑ?Ñ?Ñ?.</p>
 
- -<p>By default Email::Address module, version v1.907 (and all before) tries to
- -understand nestable comments in an input string with depth level 2.</p>
+<p>Ð?о Ñ?молÑ?аниÑ? модÑ?лÑ? Email::Address веÑ?Ñ?ии v1.907 (и более Ñ?анниÑ?) пÑ?Ñ?аеÑ?Ñ?Ñ?
+опÑ?еделиÑ?Ñ? вложеннÑ?е комменÑ?аÑ?ии во вÑ?одной Ñ?Ñ?Ñ?оке Ñ? Ñ?Ñ?овнем глÑ?бинÑ? 2.</p>
 
- -<p>With specially crafted inputs, parsing nestable comments can become too
- -slow and  can cause high CPU load, freeze the application and end in
- -Denial of Service.</p>
+<p>С помоÑ?Ñ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?Ñ? вÑ?однÑ?Ñ? даннÑ?Ñ? гÑ?аммаÑ?иÑ?еÑ?кий Ñ?азбоÑ? вложеннÑ?Ñ? комменÑ?аÑ?иев можеÑ? Ñ?Ñ?аÑ?Ñ?
+Ñ?лиÑ?ком медленнÑ?м и можеÑ? пÑ?иводиÑ?Ñ? к вÑ?Ñ?окой нагÑ?Ñ?зке на ЦÐ?, Ñ?Ñ?о пÑ?иводиÑ? к завиÑ?аниÑ? пÑ?иложениÑ? и
+оÑ?казÑ? в обÑ?лÑ?живании.</p>
 
- -<p>Because input strings for Email::Address module come from external
- -sources (e.g. from email sent by an attacker) it is a security problem
- -impacting on all software applications which parse email messages using
- -the Email::Address Perl module.</p>
+<p>Ð?оÑ?колÑ?кÑ? вÑ?однÑ?е Ñ?Ñ?Ñ?оки длÑ? модÑ?лÑ? Email::Address пÑ?оиÑ?Ñ?одÑ?Ñ? из внеÑ?него
+иÑ?Ñ?оÑ?ника (напÑ?., из Ñ?ообÑ?ениÑ? Ñ?лекÑ?Ñ?онной поÑ?Ñ?Ñ?, оÑ?пÑ?авленного злоÑ?мÑ?Ñ?ленником), поÑ?Ñ?олÑ?кÑ? Ñ?Ñ?а пÑ?облема
+безопаÑ?ноÑ?Ñ?и влиÑ?еÑ? на вÑ?е пÑ?иложениÑ?, вÑ?полнÑ?Ñ?Ñ?ие гÑ?аммаÑ?иÑ?еÑ?кий Ñ?азбоÑ? Ñ?ообÑ?ений Ñ?лекÑ?Ñ?онной поÑ?Ñ?Ñ? Ñ? помоÑ?Ñ?Ñ?
+модÑ?лÑ? Email::Address длÑ? Perl.</p>
 
- -<p>With this upload of libemail-address-perl, the default value of nestable
- -comments has been set to depth level 1 (as proposed by upstream). Please
- -note that this is not proper a fix, just a workaround for pathological
- -inputs with nestable comments.</p>
+<p>Ð? данной загÑ?Ñ?зке libemail-address-perl по Ñ?молÑ?аниÑ? знаÑ?ение вложеннÑ?Ñ?
+комменÑ?аÑ?иев Ñ?Ñ?Ñ?ановлено в Ñ?Ñ?овенÑ? глÑ?бинÑ? 1 (Ñ?Ñ?о бÑ?ло пÑ?едложено авÑ?оÑ?ами оÑ?новной веÑ?ки Ñ?азÑ?абоÑ?ки). Ð?амеÑ?Ñ?Ñ?е,
+Ñ?Ñ?о Ñ?Ñ?о не полноÑ?енное иÑ?пÑ?авление, а Ñ?олÑ?ко вÑ?еменное обÑ?одное Ñ?еÑ?ение длÑ? паÑ?ологиÑ?нÑ?Ñ?
+вÑ?однÑ?Ñ? даннÑ?Ñ? Ñ? вложеннÑ?ми комменÑ?аÑ?иÑ?ми.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2015/dla-340.wml	2016-04-07 03:10:36.000000000 +0500
+++ russian/security/2015/dla-340.wml	2016-05-03 23:35:31.900160701 +0500
@@ -1,31 +1,32 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities were discovered in krb5, the MIT implementation
- -of Kerberos. The Common Vulnerabilities and Exposures project identifies
- -the following problems:</p>
+<p>Ð? krb5, Ñ?еализаÑ?ии Kerberos оÑ? MIT, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко
+Ñ?Ñ?звимоÑ?Ñ?ей. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures опÑ?еделÑ?еÑ?
+Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-2695";>CVE-2015-2695</a>
 
- -   <p>It was discovered that applications which call gss_inquire_context()
- -   on a partially-established SPNEGO context can cause the GSS-API
- -   library to read from a pointer using the wrong type, leading to a
- -   process crash.</p></li>
+   <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о пÑ?иложениÑ?, вÑ?зÑ?ваÑ?Ñ?ие gss_inquire_context() на
+   Ñ?аÑ?Ñ?иÑ?но Ñ?Ñ?Ñ?ановленном конÑ?екÑ?Ñ?е SPNEGO, могÑ?Ñ? пÑ?иводиÑ?Ñ? к Ñ?омÑ?, Ñ?Ñ?о библиоÑ?ека GSS-API
+   вÑ?полниÑ?Ñ? Ñ?Ñ?ение из Ñ?казаÑ?елÑ?, иÑ?полÑ?зÑ?Ñ? непÑ?авилÑ?нÑ?й Ñ?ип, Ñ?Ñ?о пÑ?иводиÑ?
+   к аваÑ?ийной оÑ?Ñ?ановке пÑ?оÑ?еÑ?Ñ?а.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-2697";>CVE-2015-2697</a>
 
- -    <p>It was discovered that the build_principal_va() function incorrectly
- -    handles input strings. An authenticated attacker can take advantage
- -    of this flaw to cause a KDC to crash using a TGS request with a
- -    large realm field beginning with a null byte.</p></li>
+    <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о Ñ?Ñ?нкÑ?иÑ? build_principal_va() непÑ?авилÑ?но
+    обÑ?абаÑ?Ñ?ваеÑ? вÑ?однÑ?е Ñ?Ñ?Ñ?оки. Ð?Ñ?Ñ?енÑ?иÑ?иÑ?иÑ?ованнÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? иÑ?полÑ?зоваÑ?Ñ?
+    Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? вÑ?зова аваÑ?ийной оÑ?Ñ?ановки KDC, иÑ?полÑ?зÑ?Ñ? запÑ?оÑ? TGS Ñ?
+    болÑ?Ñ?им полем realm, наÑ?инаÑ?Ñ?имÑ?Ñ? Ñ? null-байÑ?а.</p></li>
 
 </ul>
 
- -<p>For the oldoldstable distribution (squeeze), these problems have been
- -fixed in version 1.8.3+dfsg-4squeeze10.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?аÑ?ом Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли
+иÑ?пÑ?авленÑ? в веÑ?Ñ?ии 1.8.3+dfsg-4squeeze10.</p>
 
- -<p>We recommend that you upgrade your krb5 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? krb5.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXKO93AAoJEF7nbuICFtKlndIP/RHiVKU+xWNPp/9uZUDwH+9e
3FkU+vuVQXhs35BHtLF7b0KgBi9J7NJ9vcP8/RaT0c9zmo7or/SvN1i/c6pWTA6H
3cYaJr1P7TujzdR35qlwI93o/bxnm3teNXVg+0T2QTiApiyg+XoU2MrlwQOSneDY
LQJLooAnlkxgJuepiTTmRAPd0YxUv1+Md8M6276LywGKGrnUAF/Wug6/glkAf0+C
yl/eo2tSg0pklCLyZHvcY/cK9XtvYXedI4s69uzhY5jrMTxAQYMWgbmj6Vp6sFzb
Z26y4BaexQIwYtZ+RW2kfAlDdQ9VVBy2IfjwoqiShpOQs4SVbLZY044DkHl1Drw5
PdBcP1zvOexWUkl/S2RRDNhYoKh/sj0ot8DVoxU/hyB04A+TTeYy5YCc/ouh2aOM
Dg+cBUmUPjjjtLaucHtgGacmF/31k5MwthFvKKY180+eAWcB+koBBFSjJtNkAWS+
XdIdvP/Njv7zdOe5KVQAJS2PTQOcTyFdN43cpge2F0TxjBmK4kh8yaN/Ht81BXCG
2+eJ6aEvp/wKVZe7dP4nL6q+cUysGAl+wbytXU3+aDyCN4LuZNMAh9ZZuG9wRKe4
XdeH2Rc76SkW9rnIlcNFbWg8dX9fUYW4S06QIXkoXW2HkAAaWxgdcJGNfIcTHTh7
hitsbQxiCxwlxj8DENqd
=sTis
-----END PGP SIGNATURE-----
Reply to: