[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2015/dla-1{31,88}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2015/dla-131.wml	2016-04-09 01:32:23.000000000 +0500
+++ russian/security/2015/dla-131.wml	2016-05-04 13:37:46.071086989 +0500
@@ -1,38 +1,39 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Multiple security issues have been found in file, a tool/library to
- -determine a file type. Processing a malformed file could result in
- -denial of service. Most of the changes are related to parsing ELF
- -files.</p>
- -
- -<p>As part of the fixes, several limits on aspects of the detection were
- -added or tightened, sometimes resulting in messages like <q>recursion
- -limit exceeded</q> or <q>too many program header sections</q>.</p>
- -
- -<p>To mitigate such shortcomings, these limits are controllable by a new
- -"-R"/"--recursion" parameter in the file program. Note: A future
- -upgrade for file in squeeze-lts might replace this with the "-P"
- -parameter to keep usage consistent across all distributions.</p>
+<p>Ð? file, инÑ?Ñ?Ñ?Ñ?менÑ?е/библиоÑ?еке длÑ? опÑ?еделениÑ? Ñ?ипа Ñ?айлов, бÑ?ли
+обнаÑ?Ñ?женÑ? многоÑ?иÑ?леннÑ?е пÑ?облемÑ? безопаÑ?ноÑ?Ñ?и. Ð?бÑ?абоÑ?ка Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?Ñ? Ñ?айлов можеÑ? пÑ?иводиÑ?Ñ? к
+оÑ?казÑ? в обÑ?лÑ?живании. Ð?олÑ?Ñ?инÑ?Ñ?во изменений Ñ?вÑ?занÑ? Ñ? гÑ?аммаÑ?иÑ?еÑ?ким Ñ?азбоÑ?ом Ñ?айлов
+ELF.</p>
+
+<p>Ð? каÑ?еÑ?Ñ?ве иÑ?пÑ?авлений в Ñ?Ñ?де Ñ?лÑ?Ñ?аев бÑ?ли добавленÑ? новÑ?е или Ñ?Ñ?иленÑ? Ñ?Ñ?Ñ?еÑ?Ñ?вÑ?Ñ?Ñ?ие огÑ?аниÑ?ениÑ?
+аÑ?пекÑ?ов опÑ?еделениÑ?, Ñ?Ñ?о иногда пÑ?иводиÑ? к Ñ?ообÑ?ениÑ?м вида <q>иÑ?Ñ?еÑ?пан
+лимиÑ? Ñ?екÑ?Ñ?Ñ?ии</q> или <q>Ñ?лиÑ?ком много Ñ?азделов заголовков пÑ?огÑ?аммÑ?</q>.</p>
+
+<p>Ð?лÑ? Ñ?ого, Ñ?Ñ?обÑ? обойÑ?и подобнÑ?е заÑ?Ñ?Ñ?днениÑ?, Ñ?Ñ?и огÑ?аниÑ?ениÑ? можно измениÑ?Ñ? Ñ? помоÑ?Ñ?Ñ? нового
+паÑ?амеÑ?Ñ?а "-R"/"--recursion" в пÑ?огÑ?амме file. Ð?нимание: бÑ?дÑ?Ñ?ее
+обновление file в squeeze-lts можеÑ? замениÑ?Ñ? Ñ?Ñ?оÑ? паÑ?амеÑ?Ñ? на паÑ?амеÑ?Ñ? "-P"
+длÑ? Ñ?ого, Ñ?Ñ?обÑ? иÑ?полÑ?зование данной Ñ?Ñ?илиÑ?Ñ? во вÑ?еÑ? вÑ?пÑ?Ñ?каÑ? бÑ?ло одинаковÑ?м.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8116";>CVE-2014-8116</a>
 
- -    <p>The ELF parser (readelf.c) allows remote attackers to cause a
- -    denial of service (CPU consumption or crash).</p></li>
+    <p>Ð?од длÑ? гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а ELF (readelf.c) позволÑ?еÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам вÑ?зÑ?ваÑ?Ñ?
+    оÑ?каз в обÑ?лÑ?живании (Ñ?Ñ?езмеÑ?ное поÑ?Ñ?ебление Ñ?еÑ?Ñ?Ñ?Ñ?ов ЦÐ? или аваÑ?ийнаÑ? оÑ?Ñ?ановка).</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8117";>CVE-2014-8117</a>
 
- -    <p>softmagic.c does not properly limit recursion, which allows remote
- -    attackers to cause a denial of service (CPU consumption or crash).</p>
+    <p>softmagic.c непÑ?авилÑ?но огÑ?аниÑ?иваеÑ? Ñ?екÑ?Ñ?Ñ?иÑ?, Ñ?Ñ?о позволÑ?еÑ? Ñ?далÑ?ннÑ?м
+    злоÑ?мÑ?Ñ?ленникам вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании (Ñ?Ñ?езмеÑ?ное поÑ?Ñ?ебление Ñ?еÑ?Ñ?Ñ?Ñ?ов ЦÐ? или аваÑ?ийнаÑ? оÑ?Ñ?ановка).</p>
 
- -<p>(no identifier has been assigned so far)</p>
+<p>(иденÑ?иÑ?икаÑ?оÑ? пока не назнаÑ?ен)</p>
 
- -    <p>out-of-bounds memory access</p></li>
+    <p>Ð?оÑ?Ñ?Ñ?п за пÑ?еделами вÑ?деленного бÑ?Ñ?еÑ?а памÑ?Ñ?и</p></li>
 
 </ul>
 
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in file version 5.04-5+squeeze9</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в file веÑ?Ñ?ии 5.04-5+squeeze9</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2015/dla-188.wml	2016-04-07 03:10:34.000000000 +0500
+++ russian/security/2015/dla-188.wml	2016-05-04 13:43:03.029843101 +0500
@@ -1,32 +1,33 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Multiple vulnerabilities have been discovered in arj, an open source
- -version of the arj archiver. The Common Vulnerabilities and Exposures
- -project identifies the following problems:</p>
+<p>Ð? arj, веÑ?Ñ?ии аÑ?Ñ?иваÑ?оÑ?а arj Ñ? оÑ?кÑ?Ñ?Ñ?Ñ?м иÑ?Ñ?однÑ?м кодом, бÑ?ли обнаÑ?Ñ?женÑ?
+многоÑ?иÑ?леннÑ?е Ñ?Ñ?звимоÑ?Ñ?и. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-0556";>CVE-2015-0556</a>
 
- -    <p>Jakub Wilk discovered that arj follows symlinks created during
- -    unpacking of an arj archive. A remote attacker could use this flaw
- -    to perform a directory traversal attack if a user or automated
- -    system were tricked into processing a specially crafted arj archive.</p></li>
+    <p>ЯкÑ?б Ð?илк обнаÑ?Ñ?жил, Ñ?Ñ?о arj пеÑ?еÑ?одиÑ? по Ñ?имволÑ?нÑ?м Ñ?Ñ?Ñ?лкам, Ñ?оздаваемÑ?м во вÑ?емÑ?
+    Ñ?аÑ?паковки аÑ?Ñ?ива arj. УдалÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ?
+    длÑ? вÑ?полнениÑ? обÑ?ода каÑ?алога в Ñ?ом Ñ?лÑ?Ñ?ае, еÑ?ли полÑ?зоваÑ?елÑ? или авÑ?омаÑ?изиÑ?ованнаÑ?
+    Ñ?иÑ?Ñ?ема запÑ?Ñ?каеÑ? обÑ?абоÑ?кÑ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного аÑ?Ñ?ива arj.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-0557";>CVE-2015-0557</a>
 
- -    <p>Jakub Wilk discovered that arj does not sufficiently protect from
- -    directory traversal while unpacking an arj archive containing file
- -    paths with multiple leading slashes. A remote attacker could use
- -    this flaw to write to arbitrary files if a user or automated system
- -    were tricked into processing a specially crafted arj archive.</p></li>
+    <p>ЯкÑ?б Ð?илк обнаÑ?Ñ?жил, Ñ?Ñ?о arj недоÑ?Ñ?аÑ?оÑ?но заÑ?иÑ?Ñ?н оÑ?
+    обÑ?ода каÑ?алога пÑ?и Ñ?аÑ?паковке аÑ?Ñ?ива arj, Ñ?одеÑ?жаÑ?его пÑ?Ñ?и к Ñ?айлам, Ñ?одеÑ?жаÑ?ими
+    в наÑ?але многоÑ?иÑ?леннÑ?е коÑ?Ñ?е Ñ?еÑ?Ñ?Ñ?. УдалÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? иÑ?полÑ?зоваÑ?Ñ?
+    Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? запиÑ?и пÑ?оизволÑ?нÑ?й Ñ?айлов в Ñ?ом Ñ?лÑ?Ñ?ае, еÑ?ли полÑ?зоваÑ?елÑ? или авÑ?омаÑ?изиÑ?ованнаÑ? Ñ?иÑ?Ñ?ема
+    запÑ?Ñ?каеÑ? обÑ?абоÑ?кÑ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного аÑ?Ñ?ива arj.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-2782";>CVE-2015-2782</a>
 
- -    <p>Jakub Wilk and Guillem Jover discovered a buffer overflow
- -    vulnerability in arj. A remote attacker could use this flaw to cause
- -    an application crash or, possibly, execute arbitrary code with the
- -    privileges of the user running arj.</p></li>
+    <p>ЯкÑ?б Ð?илк и Ð?илÑ?ом Ð?овÑ?е обнаÑ?Ñ?жили пеÑ?еполнение бÑ?Ñ?еÑ?а
+    в arj. УдалÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? иÑ?полÑ?зоваÑ?Ñ? даннÑ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? вÑ?зова
+    аваÑ?ийной оÑ?Ñ?ановки пÑ?иложениÑ? или поÑ?енÑ?иалÑ?ного вÑ?полнениÑ? пÑ?оизволÑ?ного кода Ñ?
+    пÑ?авами полÑ?зоваÑ?елÑ?, запÑ?Ñ?Ñ?ивÑ?его arj.</p></li>
 
 </ul>
 </define-tag>
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXKbYZAAoJEF7nbuICFtKljpIP/j9boyVl1G5889FRGa4Tr8Ov
+/TYhr4oAkqg6UXeDQ+tF9ggjSFPG0GXshw2MO4xpln/hyrXtBScx3usl8hCZv6S
Se9L31WboledMwmbHhgw3NuYHXOnjIrBd9DZ0P/gvUbnnnoyh9/N5ZWY1iMm8BCj
IlQL3nPXsPdLNi4Hb3Ink5qEF065mxGWRp2sNYx6NFxvVn0YSOA67M5p2YKEENHB
jvi46QfTh6AvPg+GZArjAKYjRy+QdRUHGW/ZZZN9HM6ex/DtJvuVP18obbetvQ05
+mPLo/8EsEavvnLKE8u9WcOZuUwGytanybEwdAQB3Oifvp6KBWyBqytVWTePiBCn
45CJNrfo5U+NTf+0607Te0eorp4mU+6N5tlJBxc5g2K2UJMTCJbBw1gxkyqzOuWz
K/jTIJuMacSdPpTSp9r6bosSdT6RX7UjJVXrMnKqph6rg35gPHv0N9akftcq2nrC
oiMn8sZt6iquAA7xDqNM4UyezEYGTNwQ9TQRwGMQFlXjFZ0B1Wx3sfjQtjGvdFRa
OKWXw2yqLeW7Q/EBiJ+LFpbl1gyjPuZC6LrYNiH4dPVTgMQ7IAbJyxhhj4vf5N50
EPIgVAdSWmKwJPLnSRS/xsBLeUsv7ASWRHQZW743UGeHYpoMvaJmuuc75AehdqIJ
k0B0RFsigzeIcMiX0GZ0
=+bEq
-----END PGP SIGNATURE-----
Reply to: