[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2015/dla-{158,239}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2015/dla-158.wml	2016-04-07 03:10:33.000000000 +0500
+++ russian/security/2015/dla-158.wml	2016-05-04 12:19:28.743074913 +0500
@@ -1,36 +1,37 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Multiple vulnerabilities have been discovered in Request Tracker, an
- -extensible trouble-ticket tracking system. The Common Vulnerabilities
- -and Exposures project identifies the following problems:</p>
+<p>Ð? Request Tracker, Ñ?аÑ?Ñ?иÑ?Ñ?емой Ñ?иÑ?Ñ?еме оÑ?Ñ?леживаниÑ? билеÑ?ов, бÑ?ли
+обнаÑ?Ñ?женÑ? многоÑ?иÑ?леннÑ?е Ñ?Ñ?звимоÑ?Ñ?и. Ð?Ñ?оекÑ? Common Vulnerabilities
+and Exposures опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9472";>CVE-2014-9472</a>
 
- -    <p>Christian Loos discovered a remote denial of service vulnerability,
- -    exploitable via the email gateway and affecting any installation
- -    which accepts mail from untrusted sources. Depending on RT's
- -    logging configuration, a remote attacker can take advantage of
- -    this flaw to cause CPU and excessive disk usage.</p></li>
+    <p>Ð?Ñ?иÑ?Ñ?иан Ð?ооÑ? обнаÑ?Ñ?жил вÑ?зÑ?ваемÑ?й Ñ?далÑ?нно оÑ?каз в обÑ?лÑ?живании,
+    коÑ?оÑ?Ñ?й можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? Ñ?еÑ?ез Ñ?зел Ñ?лекÑ?Ñ?онной поÑ?Ñ?Ñ? и коÑ?оÑ?Ñ?й каÑ?аеÑ?Ñ?Ñ? лÑ?бой Ñ?Ñ?Ñ?ановки,
+    пÑ?инимаÑ?Ñ?ей поÑ?Ñ?Ñ? из недовеÑ?еннÑ?Ñ? иÑ?Ñ?оÑ?ников. Ð? завиÑ?имоÑ?Ñ?и оÑ? наÑ?Ñ?Ñ?оек жÑ?Ñ?налиÑ?ованиÑ?
+    в RT Ñ?далÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? иÑ?полÑ?зоваÑ?Ñ?
+    даннÑ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? Ñ?Ñ?езмеÑ?ного поÑ?Ñ?еблениÑ? Ñ?еÑ?Ñ?Ñ?Ñ?ов ЦÐ? и пÑ?оÑ?Ñ?Ñ?анÑ?Ñ?ва на диÑ?ке.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-1165";>CVE-2015-1165</a>
 
- -    <p>Christian Loos discovered an information disclosure flaw which may
- -    reveal RSS feeds URLs, and thus ticket data.</p></li>
+    <p>Ð?Ñ?иÑ?Ñ?иан Ð?ооÑ? обнаÑ?Ñ?жил Ñ?аÑ?кÑ?Ñ?Ñ?ие инÑ?оÑ?маÑ?ии, коÑ?оÑ?Ñ?е можеÑ? пÑ?иводиÑ?Ñ? к
+    Ñ?аÑ?кÑ?Ñ?Ñ?иÑ? URL RSS-ленÑ? и, Ñ?аким обÑ?азом, даннÑ?Ñ? билеÑ?ов.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-1464";>CVE-2015-1464</a>
 
- -    <p>It was discovered that RSS feed URLs can be leveraged to perform
- -    session hijacking, allowing a user with the URL to log in as the
- -    user that created the feed.</p></li>
+    <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о URL RSS-ленÑ? могÑ?Ñ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? длÑ? Ñ?иÑ?ениÑ?
+    Ñ?еÑ?Ñ?ии, позволÑ?Ñ? полÑ?зоваÑ?елÑ?, имеÑ?Ñ?емÑ? Ñ?ооÑ?веÑ?Ñ?Ñ?вÑ?Ñ?Ñ?ий URL, вÑ?одиÑ?Ñ? оÑ? лиÑ?а
+    полÑ?зоваÑ?елÑ?, Ñ?оздавÑ?его ленÑ?Ñ?.</p></li>
 
 </ul>
 
- -<p>For the oldstable distribution (squeeze), these problems have been fixed
- -in version 3.8.8-7+squeeze9.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?аÑ?ом Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 3.8.8-7+squeeze9.</p>
 
- -<p>We recommend that you upgrade your request-tracker3.8 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? request-tracker3.8.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2015/dla-239.wml	2016-04-07 03:10:34.000000000 +0500
+++ russian/security/2015/dla-239.wml	2016-05-04 12:27:30.873391987 +0500
@@ -1,33 +1,34 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Two critical vulnerabilities have been found in the CUPS printing
- -system:</p>
+<p>Ð? Ñ?иÑ?Ñ?еме пеÑ?аÑ?и CUPS бÑ?ло обнаÑ?Ñ?жено две кÑ?иÑ?иÑ?еÑ?киÑ?
+Ñ?Ñ?звимоÑ?Ñ?и:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-1158";>CVE-2015-1158</a>
 
- -<p>- Improper Update of Reference Count
- -    Cupsd uses reference-counted strings with global scope. When parsing
- -    a print job request, cupsd over-decrements the reference count for a
- -    string from the request. As a result, an attacker can prematurely
- -    free an arbitrary string of global scope. They can use this to
- -    dismantle ACLâ??s protecting privileged operations, and upload a
- -    replacement configuration file, and subsequently run arbitrary code
- -    on a target machine.</p>
- -
- -    <p>This bug is exploitable in default configurations, and does not
- -    require any special permissions other than the basic ability to
- -    print.</p></li>
+<p>- Ð?епÑ?авилÑ?ное обновление Ñ?Ñ?Ñ?Ñ?Ñ?ика загÑ?Ñ?зок
+    Cupsd иÑ?полÑ?зÑ?еÑ? Ñ?Ñ?Ñ?оки длÑ? подÑ?Ñ?Ñ?Ñ?а загÑ?Ñ?зок в глобалÑ?ном конÑ?екÑ?Ñ?е. Ð?Ñ?и вÑ?полнении гÑ?аммаÑ?иÑ?еÑ?кого
+    Ñ?азбоÑ?а запÑ?оÑ?а о задаÑ?е пеÑ?аÑ?и cupsd Ñ?лиÑ?ком Ñ?менÑ?Ñ?аеÑ? Ñ?Ñ?Ñ?Ñ?Ñ?ик загÑ?Ñ?зок длÑ?
+    Ñ?Ñ?Ñ?оки из запÑ?оÑ?а. Ð? Ñ?езÑ?лÑ?Ñ?аÑ?е злоÑ?мÑ?Ñ?ленник можеÑ? пÑ?еждевÑ?еменно
+    оÑ?вободиÑ?Ñ? пÑ?оизволÑ?нÑ?Ñ? Ñ?Ñ?Ñ?окÑ? в глобалÑ?ном конÑ?екÑ?Ñ?е. ЭÑ?о можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ?
+    длÑ? Ñ?нÑ?Ñ?иÑ? заÑ?иÑ?Ñ? ACL длÑ? пÑ?ивилегиÑ?ованнÑ?Ñ? опеÑ?аÑ?ий, длÑ? загÑ?Ñ?зки
+    заменÑ? Ñ?айла наÑ?Ñ?Ñ?оек, а Ñ?акже поÑ?ледÑ?Ñ?Ñ?его запÑ?Ñ?ка пÑ?оизволÑ?ного кода
+    на Ñ?елевой маÑ?ине.</p>
+
+    <p>Ð?аннаÑ? оÑ?ибка можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? пÑ?и наÑ?Ñ?Ñ?ойкаÑ? по Ñ?молÑ?аниÑ?, длÑ? Ñ?Ñ?ого не
+    Ñ?Ñ?ебÑ?Ñ?Ñ?Ñ?Ñ? какие-либо Ñ?пеÑ?иалÑ?нÑ?е пÑ?ава доÑ?Ñ?Ñ?па, оÑ?лиÑ?нÑ?е оÑ? обÑ?Ñ?ной возможноÑ?Ñ?и
+    пеÑ?аÑ?аÑ?Ñ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-1159";>CVE-2015-1159</a>
 
- -<p>- Cross-Site Scripting
- -    A cross-site scripting bug in the CUPS templating engine allows the
- -    above bug to be exploited when a user browses the web. This XSS is
- -    reachable in the default configuration for Linux instances of CUPS,
- -    and allows an attacker to bypass default configuration settings that
- -    bind the CUPS scheduler to the â??localhostâ?? or loopback interface.</p></li>
+<p>- Ð?ежÑ?айÑ?овÑ?й Ñ?кÑ?ипÑ?инг
+    Ð?ежÑ?айÑ?овÑ?й Ñ?кÑ?ипÑ?инг в движке Ñ?аблонов CUPS позволÑ?еÑ? иÑ?полÑ?зоваÑ?Ñ?
+    Ñ?казаннÑ?Ñ? вÑ?Ñ?е оÑ?ибкÑ? в Ñ?ом Ñ?лÑ?Ñ?ае, когда полÑ?зоваÑ?елÑ? пÑ?оÑ?маÑ?Ñ?иваеÑ? веб. ЭÑ?оÑ? XSS
+    можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? пÑ?и наÑ?Ñ?Ñ?ойкаÑ? по Ñ?молÑ?аниÑ? длÑ? CUPS в Linux,
+    он позволÑ?еÑ? злоÑ?мÑ?Ñ?ленникÑ? обÑ?одиÑ?Ñ? наÑ?Ñ?Ñ?ойки по Ñ?молÑ?аниÑ?, пÑ?ивÑ?зÑ?ваÑ?Ñ?ие
+    планиÑ?овÑ?ик CUPS к â??localhostâ?? или пеÑ?левомÑ? инÑ?еÑ?Ñ?ейÑ?Ñ?.</p></li>
 
 </ul>
 </define-tag>
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXKaRlAAoJEF7nbuICFtKlVdcQAJHoUCSE+0sOsJGimruIGOCj
AEpzjdG5/vRa2ki2yvAJhVe10jNdRV77+SWdmIctlVzQjCU3HgmpNU7b8VE2VW/n
nuo9gyh+nY9ppRFO7Nqb1FM6V4DnLbHhAwYw/S7OK9G0rbxHpM+u6ZvFQQiuXfrc
4Vlk01gOIojBYR7nEH7bc6H2FlbdyALOvZhblK9Xj/AtIpRxh2qpuwFFLJ3cnz80
IUCZUA8P7QJ7D0QQD3/1uRSILWe2nKzJEtdsLufl5KJyJhQYaD21e93IpWIV13ja
f/3XNai88mmecSK9h0MQGxhZuskoNkifnx1Sq5bLAPC/Y7a0ExSJ/NuhqCZPPnzs
u0VGL/QwqQz+SxFQrGNDoeUjsAf8x9bdnT2NhwbtVUPhmHzzKxLnclQpIlZF2xGw
oxqKePKskucv1NwOC9UAebsdAcT6PwgJk/tzjdphWVETzuiYI0IRG0BchLmEJ1Yr
LvOO2Gd3iz8S/Fm6GJd2s1tGwNshvqTl66FaGOUk7qjLEuhZpYoMBj2AA2MDsCt9
tOiK1A5Ip0qOxRtMv6SLZPyCyFk/70oLsYWzCVkE8r67iTQ4zlP924p77vMt7nmf
qOujsUdbp584NTlq4HZvPoKdm6LHoUGx40ZBCNnW1AuYwG/K4euDgrjFsk+8bIm8
INZDTev2L3p8eYTpSWTt
=51U1
-----END PGP SIGNATURE-----
Reply to: