[DONE] wml://security/2015/dla-2{72,68}.wml
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- --- english/security/2015/dla-268.wml 2016-04-08 00:21:20.000000000 +0500
+++ russian/security/2015/dla-268.wml 2016-05-04 13:30:45.729915969 +0500
@@ -1,29 +1,30 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
<define-tag moreinfo>
- -<p>Three vulnerabilities have been fixed in the Debian squeeze-lts version of
- -VirtualBox (package name: virtualbox-ose), a x86 virtualisation solution.</p>
+<p>Ð? веÑ?Ñ?ии VirtualBox (пакеÑ?: virtualbox-ose), Ñ?еÑ?ении длÑ? виÑ?Ñ?Ñ?ализаÑ?ии длÑ? аÑ?Ñ?иÑ?екÑ?Ñ?Ñ?Ñ? x86,
+вÑ?одÑ?Ñ?ей в Ñ?оÑ?Ñ?ав Debian squeeze-lts, бÑ?ло обнаÑ?Ñ?жено Ñ?Ñ?и Ñ?Ñ?звимоÑ?Ñ?и.</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-0377">CVE-2015-0377</a>
- - <p>Avoid VirtualBox allowing local users to affect availability via
- - unknown vectors related to Core, which might result in denial of
- - service. (Other issue than <a href="https://security-tracker.debian.org/tracker/CVE-2015-0418">CVE-2015-0418</a>).</p></li>
+ <p>Ð?е допÑ?Ñ?ение VirtualBox Ñ?азÑ?еÑ?аÑ?Ñ? локалÑ?нÑ?м полÑ?зоваÑ?елÑ?м влиÑ?Ñ?Ñ? на доÑ?Ñ?Ñ?пноÑ?Ñ?Ñ? Ñ?еÑ?ез
+ неизвеÑ?Ñ?нÑ?е векÑ?оÑ?Ñ?, Ñ?вÑ?заннÑ?е Ñ? Core, Ñ?Ñ?о можеÑ? пÑ?иводиÑ?Ñ? к оÑ?казÑ? в
+ обÑ?лÑ?живании. (ÐÑ?о оÑ?лиÑ?наÑ? оÑ? <a href="https://security-tracker.debian.org/tracker/CVE-2015-0418">CVE-2015-0418</a> пÑ?облема).</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-0418">CVE-2015-0418</a>
- - <p>Avoid VirtualBox allowing local users to affect availability via
- - unknown vectors related to Core, which might result in denial of
- - service. (Other issue than <a href="https://security-tracker.debian.org/tracker/CVE-2015-0377">CVE-2015-0377</a>).</p></li>
+ <p>Ð?е допÑ?Ñ?ение VirtualBox Ñ?азÑ?еÑ?аÑ?Ñ? локалÑ?нÑ?м полÑ?зоваÑ?елÑ?м влиÑ?Ñ?Ñ? на доÑ?Ñ?Ñ?пноÑ?Ñ?Ñ? Ñ?еÑ?ез
+ неизвеÑ?Ñ?нÑ?е векÑ?оÑ?Ñ?, Ñ?вÑ?заннÑ?е Ñ? Core, Ñ?Ñ?о можеÑ? пÑ?иводиÑ?Ñ? к оÑ?казÑ? в
+ обÑ?лÑ?живании. (ÐÑ?о оÑ?лиÑ?наÑ? оÑ? <a href="https://security-tracker.debian.org/tracker/CVE-2015-0377">CVE-2015-0377</a> пÑ?облема).</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-3456">CVE-2015-3456</a>
- - <p>The Floppy Disk Controller (FDC) in QEMU, also used in VirtualBox and
- - other virtualization products, allowed local guest users to cause a
- - denial of service (out-of-bounds write and guest crash) or possibly
- - execute arbitrary code via the (1) FD_CMD_READ_ID, (2)
- - FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands,
+ <p>Ð?онÑ?Ñ?оллеÑ? гибкиÑ? магниÑ?нÑ?Ñ? диÑ?ков (FDC) в QEMU, иÑ?полÑ?зÑ?емÑ?й в VirtualBox и
+ в дÑ?Ñ?гиÑ? пÑ?одÑ?кÑ?аÑ? длÑ? виÑ?Ñ?Ñ?ализаÑ?ии, позволÑ?еÑ? локалÑ?нÑ?м полÑ?зоваÑ?елÑ?м гоÑ?Ñ?евой Ñ?иÑ?Ñ?емÑ? вÑ?зÑ?ваÑ?Ñ?
+ оÑ?каз в обÑ?лÑ?живании (запиÑ?Ñ? за пÑ?еделами вÑ?деленного бÑ?Ñ?еÑ?а памÑ?Ñ?и и аваÑ?ийнаÑ? оÑ?Ñ?ановка гоÑ?Ñ?евой Ñ?иÑ?Ñ?емÑ?) или
+ поÑ?енÑ?иалÑ?но вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код Ñ? помоÑ?Ñ?Ñ? (1) FD_CMD_READ_ID, (2)
+ FD_CMD_DRIVE_SPECIFICATION_COMMAND, либо вÑ?полнÑ?Ñ?Ñ? дÑ?Ñ?гие неопÑ?еделÑ?ннÑ?е командÑ?,
aka VENOM.</p></li>
</ul>
- --- english/security/2015/dla-272.wml 2016-04-07 03:10:35.000000000 +0500
+++ russian/security/2015/dla-272.wml 2016-05-04 12:34:26.547711512 +0500
@@ -1,35 +1,36 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
<define-tag moreinfo>
- -<p>Several vulnerabilities were discovered in Django, a high-level Python web
- -development framework:</p>
+<p>Ð? Django, вÑ?Ñ?окоÑ?Ñ?овневой инÑ?Ñ?аÑ?Ñ?Ñ?Ñ?кÑ?Ñ?Ñ?е веб-Ñ?азÑ?абоÑ?ки на Ñ?зÑ?ке Python, бÑ?ло
+обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей:</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-2317">CVE-2015-2317</a>
- - <p>Daniel Chatfield discovered that python-django, a high-level Python
- - web development framework, incorrectly handled user-supplied redirect
- - URLs. A remote attacker could use this flaw to perform a cross-site
- - scripting attack.</p></li>
+ <p>Ð?Ñ?ниелÑ? ЧаÑ?Ñ?илд обнаÑ?Ñ?жил, Ñ?Ñ?о python-django, вÑ?Ñ?окоÑ?Ñ?овневаÑ? инÑ?Ñ?аÑ?Ñ?Ñ?Ñ?кÑ?Ñ?Ñ?а веб-Ñ?азÑ?абоÑ?ки
+ на Ñ?зÑ?ке Python, непÑ?авилÑ?но обÑ?абаÑ?Ñ?ваеÑ? пеÑ?едаваемÑ?е полÑ?зоваÑ?елем пеÑ?енапÑ?авлениÑ?
+ URL. УдалÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? пÑ?облемÑ? длÑ? вÑ?полнениÑ? межÑ?айÑ?ового
+ Ñ?кÑ?ипÑ?инга.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-5143">CVE-2015-5143</a>
- - <p>Eric Peterson and Lin Hua Cheng discovered that a new empty record
- - used to be created in the session storage every time a session was
- - accessed and an unknown session key was provided in the request
- - cookie. This could allow remote attackers to saturate the session
- - store or cause other users' session records to be evicted.</p></li>
+ <p>ÐÑ?ик Ð?еÑ?еÑ?Ñ?он и Ð?инÑ? Ð¥Ñ?а ЧÑ?н обнаÑ?Ñ?жили, Ñ?Ñ?о новÑ?е пÑ?Ñ?Ñ?Ñ?е запиÑ?и
+ иÑ?полÑ?зÑ?Ñ?Ñ?Ñ?Ñ? длÑ? Ñ?озданиÑ? Ñ?еÑ?Ñ?ионного Ñ?Ñ?анилиÑ?а каждÑ?й Ñ?аз, когда пÑ?оиÑ?Ñ?одиÑ?
+ обÑ?аÑ?ение к Ñ?еÑ?Ñ?ии и пÑ?едоÑ?Ñ?авлÑ?еÑ?Ñ?Ñ? неизвеÑ?Ñ?нÑ?й клÑ?Ñ? Ñ?еÑ?Ñ?ии в запÑ?оÑ?е
+ кÑ?ки. ÐÑ?о позволÑ?еÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам заполнÑ?Ñ?Ñ? Ñ?еÑ?Ñ?ионное Ñ?Ñ?анилиÑ?е
+ или Ñ?далÑ?Ñ?Ñ? Ñ?еÑ?Ñ?ионнÑ?е запиÑ?и дÑ?Ñ?гиÑ? полÑ?зоваÑ?елей.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-5144">CVE-2015-5144</a>
- - <p>Sjoerd Job Postmus discovered that some built-in validators did not
- - properly reject newlines in input values. This could allow remote
- - attackers to inject headers in emails and HTTP responses.</p></li>
+ <p>СÑ?Ñ?Ñ?д Ð?об Ð?оÑ?Ñ?мÑ?Ñ? обнаÑ?Ñ?жил, Ñ?Ñ?о некоÑ?оÑ?Ñ?е вÑ?Ñ?Ñ?оеннÑ?е меÑ?анизмÑ? пÑ?овеÑ?ки непÑ?авилÑ?но
+ оÑ?клонÑ?Ñ?Ñ? новÑ?е Ñ?Ñ?Ñ?оки во вÑ?однÑ?Ñ? знаÑ?ениÑ?Ñ?. ÐÑ?о можеÑ? позволиÑ?Ñ? Ñ?далÑ?ннÑ?м
+ злоÑ?мÑ?Ñ?ленникам вводиÑ?Ñ? заголовки в Ñ?ообÑ?ениÑ? Ñ?лекÑ?Ñ?онной поÑ?Ñ?Ñ? и запÑ?оÑ?Ñ? HTTP.</p></li>
</ul>
- -<p>For the oldoldstable distribution (squeeze), these problems have been fixed in
- -version 1.2.3-3+squeeze13.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?аÑ?ом Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.2.3-3+squeeze13.</p>
</define-tag>
# do not modify the following line
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXKbM6AAoJEF7nbuICFtKlcJEP+wU5RZenBf9+gXIZN13wIKJG
OG6o6q1M2CUFI/YfmzAg9Dflgh5hCweSDoP//sB9MKP/N5UIKaU8ixgHvL4+vB/6
1xOrRbYizNn4/wuABl6Vrg7LqAYnoksIgQ7dmIqtYZvKUBeuyxFDJtRu+dqC46bE
xA+eLnPI6R0m+W/qp/wlG/q8hBnqLHyUV7C4oSo2/jHRYRa1+FIEQOt01hCzh4w5
sGIBdZn6ed0VVSnqVOeau4rEXjz3hX1dGnMwmPFOifSmsgK2X9HbmysAKy1w6A3K
q72rwkdZ6zW82PDm4OwRYYLMFMXouWx4vJD4WFUW6trMepg5ws6jeWIGVG1gIguI
ZpywnKoBCbB1JT9uXHXD47yh/OfvZNXOKFk1bh+7btF8yXYlLrLR99QDmpbqZDGv
ilMUxlPbmsXdOdGPXJ1BbC/n+PJHPYzzTZOH0VelSgH7AMo97BVym/46MFBonzVR
uRAVArvzEi3cXrqgiVONJdkKLTBk/dsQe6AehR9rgi/tNDIOTpgJr+EgVzov5HRx
Q5TBlv8SG3QODRWwDs3zUDDwTlW/nMpnTGA2cJgb/qtAH22le2vNd1VUlSdErfed
8owSlVfQWOzApMwAXXNHoB+CNAKf+db3HX8cBOtQVt2hrDvyzecz8caYexXT74ti
hrG5LU+lnPRWGw45II8S
=fLhQ
-----END PGP SIGNATURE-----
Reply to: