[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2015/dla-{160,233}.wml



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2015/dla-160.wml	2016-04-07 03:10:33.000000000 +0500
+++ russian/security/2015/dla-160.wml	2016-05-04 14:03:48.151467870 +0500
@@ -1,38 +1,40 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>This update fixes the CVEs described below.</p>
+<p>Ð?анное обновление иÑ?пÑ?авлÑ?еÑ? опиÑ?аннÑ?е ниже CVE.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-0106";>CVE-2014-0106</a>
 
- -    <p>Todd C. Miller reported that if the env_reset option is disabled
- -    in the sudoers file, the env_delete option is not correctly
- -    applied to environment variables specified on the command line.  A
- -    malicious user with sudo permissions may be able to run arbitrary
- -    commands with elevated privileges by manipulating the environment
- -    of a command the user is legitimately allowed to run.</p></li>
+    <p>Тодд Ð?иллеÑ? Ñ?ообÑ?ил, Ñ?Ñ?о еÑ?ли опÑ?иÑ? env_reset оÑ?клÑ?Ñ?ена в
+    Ñ?айле sudoers, Ñ?о опÑ?иÑ? env_delete непÑ?авилÑ?но пÑ?именÑ?еÑ?Ñ?Ñ?
+    к пеÑ?еменнÑ?м окÑ?Ñ?жениÑ?, Ñ?казаннÑ?м в командной Ñ?Ñ?Ñ?оке.  Ð?лоÑ?мÑ?Ñ?ленник
+    Ñ? пÑ?авами на иÑ?полÑ?зование sudo можеÑ? запÑ?Ñ?Ñ?иÑ?Ñ? пÑ?оизволÑ?нÑ?е
+    командÑ? Ñ? повÑ?Ñ?еннÑ?ми пÑ?авами доÑ?Ñ?Ñ?па пÑ?Ñ?Ñ?м изменениÑ? окÑ?Ñ?жениÑ?
+    командÑ?, коÑ?оÑ?Ñ?Ñ? Ñ?Ñ?омÑ? полÑ?зоваÑ?елÑ? Ñ?азÑ?еÑ?ено запÑ?Ñ?каÑ?Ñ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9680";>CVE-2014-9680</a>
 
- -    <p>Jakub Wilk reported that sudo preserves the TZ variable from a
- -    user's environment without any sanitization. A user with sudo
- -    access may take advantage of this to exploit bugs in the C library
- -    functions which parse the TZ environment variable or to open files
- -    that the user would not otherwise be able to open. The latter
- -    could potentially cause changes in system behavior when reading
- -    certain device special files or cause the program run via sudo to
- -    block.</p></li>
+    <p>ЯкÑ?б Ð?илк Ñ?ообÑ?ил, Ñ?Ñ?о sudo Ñ?оÑ?Ñ?анÑ?еÑ? пеÑ?еменнÑ?Ñ? TZ из полÑ?зоваÑ?елÑ?Ñ?кого
+    окÑ?Ñ?жениÑ? без какой-либо еÑ? оÑ?иÑ?Ñ?ки. Ð?олÑ?зоваÑ?елÑ? Ñ? доÑ?Ñ?Ñ?пом к sudo
+    можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?о длÑ? Ñ?ого, Ñ?Ñ?обÑ? иÑ?полÑ?зоваÑ?Ñ? оÑ?ибки в Ñ?Ñ?нкÑ?иÑ?Ñ? библиоÑ?еки
+    C, коÑ?оÑ?Ñ?е вÑ?полнÑ?Ñ?Ñ? гÑ?аммаÑ?иÑ?еÑ?кий Ñ?азбоÑ? пеÑ?еменной окÑ?Ñ?жениÑ? TZ, или длÑ? оÑ?кÑ?Ñ?Ñ?иÑ?
+    Ñ?айлов, коÑ?оÑ?Ñ?е в пÑ?оÑ?ивном Ñ?лÑ?Ñ?ае Ñ?Ñ?омÑ? полÑ?зоваÑ?елÑ? оÑ?кÑ?Ñ?ваÑ?Ñ?
+    нелÑ?зÑ?. Ð?оÑ?леднее можеÑ? поÑ?енÑ?иалÑ?но вÑ?зваÑ?Ñ? изменениÑ?
+    в поведении Ñ?иÑ?Ñ?емÑ? пÑ?и Ñ?Ñ?ении опÑ?еделÑ?ннÑ?Ñ?
+    Ñ?пеÑ?иалÑ?нÑ?Ñ? Ñ?айлов Ñ?Ñ?Ñ?Ñ?ойÑ?Ñ?в или вÑ?зваÑ?Ñ? блокиÑ?овкÑ? запÑ?Ñ?ка пÑ?огÑ?аммÑ?
+    Ñ?еÑ?ез sudo.</p></li>
 
 </ul>
 
- -<p>For the oldstable distribution (squeeze), these problems have been fixed
- -in version 1.7.4p4-2.squeeze.5.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 1.7.4p4-2.squeeze.5.</p>
 
- -<p>For the stable distribution (wheezy), they have been fixed in version
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (wheezy) они бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии
 1.8.5p2-1+nmu2.</p>
 
- -<p>We recommend that you upgrade your sudo packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? sudo.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2015/dla-233.wml	2016-04-07 03:10:34.000000000 +0500
+++ russian/security/2015/dla-233.wml	2016-05-04 14:08:11.917514741 +0500
@@ -1,20 +1,21 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Upstream published version 0.98.7.  This update updates sqeeze-lts to the
- -latest upstream release in line with the approach used for other Debian
- -releases.</p>
+<p>Ð?вÑ?оÑ?Ñ? оÑ?новной веÑ?ки Ñ?азÑ?абоÑ?ки опÑ?бликовали веÑ?Ñ?иÑ? 0.98.7.  Ð?анное обновление обновлÑ?еÑ? sqeeze-lts до
+поÑ?леднего вÑ?пÑ?Ñ?ка оÑ?новной веÑ?ки Ñ?азÑ?абоÑ?ки, Ñ?Ñ?о Ñ?ооÑ?веÑ?Ñ?Ñ?вÑ?еÑ? подÑ?одÑ?, иÑ?полÑ?зÑ?емомÑ? в дÑ?Ñ?гиÑ?
+вÑ?пÑ?Ñ?каÑ? Debian.</p>
 
- -<p>The changes are not strictly required for operation, but users of the previous
- -version in Squeeze may not be able to make use of all current virus signatures
- -and might get warnings.</p>
+<p>ЭÑ?и изменениÑ? не Ñ?Ñ?ебÑ?Ñ?Ñ?Ñ?Ñ? длÑ? Ñ?абоÑ?Ñ?, но полÑ?зоваÑ?ели пÑ?едÑ?дÑ?Ñ?ей
+веÑ?Ñ?ии в Squeeze могÑ?Ñ? оказаÑ?Ñ? неÑ?поÑ?обнÑ? иÑ?полÑ?зоваÑ?Ñ? вÑ?е Ñ?екÑ?Ñ?ие Ñ?игнаÑ?Ñ?Ñ?Ñ? виÑ?Ñ?Ñ?ов
+и могÑ?Ñ? полÑ?Ñ?иÑ?Ñ? пÑ?едÑ?пÑ?еждениÑ? об Ñ?Ñ?ом.</p>
 
- -<p>The bug fixes that are part of this release include security fixes related
- -to packed or crypted files (<a href="https://security-tracker.debian.org/tracker/CVE-2014-9328";>CVE-2014-9328</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2015-1461";>CVE-2015-1461</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2015-1462";>CVE-2015-1462</a>,
- -<a href="https://security-tracker.debian.org/tracker/CVE-2015-1463";>CVE-2015-1463</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2015-2170";>CVE-2015-2170</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2015-2221";>CVE-2015-2221</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2015-2222";>CVE-2015-2222</a>, and <a href="https://security-tracker.debian.org/tracker/CVE-2015-2668";>CVE-2015-2668</a>)
- -and several fixes to the embedded libmspack library, including a potential
- -infinite loop in the Quantum decoder (<a href="https://security-tracker.debian.org/tracker/CVE-2014-9556";>CVE-2014-9556</a>).</p>
+<p>ЧаÑ?Ñ?Ñ?Ñ? Ñ?Ñ?ого вÑ?пÑ?Ñ?ка Ñ?влÑ?Ñ?Ñ?Ñ?Ñ? и иÑ?пÑ?авлениÑ? оÑ?ибок, вклÑ?Ñ?аÑ? иÑ?пÑ?авлениÑ? безопаÑ?ноÑ?Ñ?и, Ñ?вÑ?заннÑ?е
+Ñ? запакованнÑ?ми или заÑ?иÑ?Ñ?ованнÑ?ми Ñ?айлами (<a href="https://security-tracker.debian.org/tracker/CVE-2014-9328";>CVE-2014-9328</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2015-1461";>CVE-2015-1461</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2015-1462";>CVE-2015-1462</a>,
+<a href="https://security-tracker.debian.org/tracker/CVE-2015-1463";>CVE-2015-1463</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2015-2170";>CVE-2015-2170</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2015-2221";>CVE-2015-2221</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2015-2222";>CVE-2015-2222</a> и <a href="https://security-tracker.debian.org/tracker/CVE-2015-2668";>CVE-2015-2668</a>),
+а Ñ?акже неÑ?колÑ?ко иÑ?пÑ?авлениÑ? вÑ?Ñ?Ñ?оенной библиоÑ?еки libmspack, вклÑ?Ñ?аÑ? поÑ?енÑ?иалÑ?нÑ?й
+беÑ?конеÑ?нÑ?й Ñ?икл в декодеÑ?е Quantum (<a href="https://security-tracker.debian.org/tracker/CVE-2014-9556";>CVE-2014-9556</a>).</p>
 
- -<p>If you use clamav, we strongly recommend that you upgrade to this version.</p>
+<p>Ð?Ñ?ли вÑ? иÑ?полÑ?зÑ?еÑ?е clamav, Ñ?о вам наÑ?Ñ?оÑ?Ñ?елÑ?но Ñ?екомендÑ?еÑ?Ñ?Ñ? вÑ?полниÑ?Ñ? обновление до Ñ?Ñ?ой веÑ?Ñ?ии.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXKbv+AAoJEF7nbuICFtKlJlwQAKL2DD1eTV2z/n5FEzeWXvYA
1JCAmiP6TTrTX5z+pzKm1t3Ol5WtPPCZa48TPqaTnqPGVjolgJkxt/mFTEYlaRW7
t6sUd3m8c/QIjfCtnb3InXo3p7K2BXqlE1krvbvOqd4UeeRUH+SLDRPxpamCpA2s
FL/VBUXoX+bOXE0k3CTlN+GeKD0T+59OdJgrDHf6dtQYV37Wu8OHtA1f1gnWy5KT
nqOlKuTXxZZFxJV6v1LUd7Q+rFa22vbq941FWVyFQPGp2cmxnJHChlbWZ5uxzYAN
Qqtn0LcOmg6VvmYXnAHcx6UvbVsb0TJxMD+dqBBWBHXfVrqrdqZAJwCmTLbEJe7M
hUbtccwHI3QvFUqFo/ZmUQuaZOPn7jtxjOJ4RQWZnkrjNphyJo66qRjxqlaptkrY
0K7pEvwxx6YwiyoDViHOX3IPNH3jAIvFnIDuHyN1Rad3Yl3U8Z6GLpSiRR9Nlibx
ytdcGADlgiH+Cb1yDuvkMqT3dfZtnhWGmHPo4Dr7Z/25HtTY03jsBzvAgtArpBPU
OcrWnvGAgHjK4Y8rQrzIjbUyT8Q6P4Mm88lLg6sppe7Xhk0/jP7FKENrJDwLR35/
znu+QOjs0fxd9pROuqZgmmbw8I8Hix7+5lPAQVKuW+i2iBWBIF/bqWsVnBZF9vIG
whA38cl4BDlIALRo1PM+
=d23n
-----END PGP SIGNATURE-----


Reply to: