[DONE] wml://security/2015/dla-{222,323}.wml
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- --- english/security/2015/dla-222.wml 2016-04-07 03:47:55.000000000 +0500
+++ russian/security/2015/dla-222.wml 2016-05-04 14:17:48.183903836 +0500
@@ -1,30 +1,31 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
<define-tag moreinfo>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2012-5783";>CVE-2012-5783</a>
- -<p>and <a href="https://security-tracker.debian.org/tracker/CVE-2012-6153";>CVE-2012-6153</a>
- - Apache Commons HttpClient 3.1 did not verify that the server hostname
- - matches a domain name in the subject's Common Name (CN) or subjectAltName
- - field of the X.509 certificate, which allows man-in-the-middle attackers to
- - spoof SSL servers via an arbitrary valid certificate.
- - Thanks to Alberto Fernandez Martinez for the patch.</p></li>
+<p>и <a href="https://security-tracker.debian.org/tracker/CVE-2012-6153";>CVE-2012-6153</a>
+ Apache Commons HttpClient 3.1 не вÑ?полнÑ?еÑ? пÑ?овеÑ?кÑ? Ñ?ого, Ñ?Ñ?о имÑ? Ñ?еÑ?веÑ?а
+ Ñ?овпадаеÑ? Ñ? именем домена в поле Common Name (CN) или subjectAltName
+ Ñ?еÑ?Ñ?иÑ?икаÑ?а X.509, Ñ?Ñ?о позволÑ?еÑ? злоÑ?мÑ?Ñ?ленникам вÑ?полнÑ?Ñ?Ñ? аÑ?акÑ? по пÑ?инÑ?ипÑ? Ñ?еловек-в-Ñ?еÑ?едине длÑ?
+ подделки SSL Ñ?еÑ?веÑ?ов Ñ? помоÑ?Ñ?Ñ? пÑ?оизволÑ?ного коÑ?Ñ?екÑ?ного Ñ?еÑ?Ñ?иÑ?икаÑ?а.
+ Ð?Ñ?Ñ?ажаем благодаÑ?ноÑ?Ñ?Ñ? Ð?лбеÑ?Ñ?о ФеÑ?нандезÑ? Ð?аÑ?Ñ?инезÑ? за Ñ?Ñ?Ñ? заплаÑ?Ñ?.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2014-3577";>CVE-2014-3577</a>
- - <p>It was found that the fix for <a href="https://security-tracker.debian.org/tracker/CVE-2012-6153";>CVE-2012-6153</a> was incomplete: the code added
- - to check that the server hostname matches the domain name in a subject's
- - Common Name (CN) field in X.509 certificates was flawed. A man-in-the-middle
- - attacker could use this flaw to spoof an SSL server using a specially
- - crafted X.509 certificate. The fix for <a href="https://security-tracker.debian.org/tracker/CVE-2012-6153";>CVE-2012-6153</a> was intended to address
- - the incomplete patch for <a href="https://security-tracker.debian.org/tracker/CVE-2012-5783";>CVE-2012-5783</a>. The issue is now completely resolved
- - by applying this patch and the one for the previous CVEs</p></li>
+ <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о иÑ?пÑ?авление <a href="https://security-tracker.debian.org/tracker/CVE-2012-6153";>CVE-2012-6153</a> неполно: код, добавленнÑ?й
+ длÑ? пÑ?овеÑ?ки Ñ?ого, Ñ?Ñ?о имÑ? Ñ?еÑ?веÑ?а Ñ?овпадаеÑ? Ñ? именем домена в поле
+ Common Name (CN) Ñ?еÑ?Ñ?иÑ?икаÑ?ов X.509, оказалÑ?Ñ? Ñ?Ñ?звим. Ð?лоÑ?мÑ?Ñ?ленник, иÑ?полÑ?зÑ?Ñ? пÑ?инÑ?ип Ñ?еловек-в-Ñ?еÑ?едине, можеÑ?
+ иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? подделки SSL Ñ?еÑ?веÑ?а, иÑ?полÑ?зÑ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?й
+ Ñ?еÑ?Ñ?иÑ?икаÑ? X.509. Ð?Ñ?пÑ?авление длÑ? <a href="https://security-tracker.debian.org/tracker/CVE-2012-6153";>CVE-2012-6153</a> должно бÑ?ло иÑ?пÑ?авиÑ?Ñ?
+ неполнÑ?Ñ? заплаÑ?Ñ? длÑ? <a href="https://security-tracker.debian.org/tracker/CVE-2012-5783";>CVE-2012-5783</a>. Ð?аннаÑ? пÑ?облема Ñ?епеÑ?Ñ? полноÑ?Ñ?Ñ?Ñ? Ñ?еÑ?ена
+ пÑ?Ñ?Ñ?м пÑ?именениÑ? Ñ?казанной заплаÑ?Ñ? и заплаÑ?Ñ? длÑ? пÑ?едÑ?дÑ?Ñ?ей пÑ?облемÑ? CVE.</p></li>
</ul>
- -<p>This upload was prepared by Markus Koschany.</p>
+<p>Ð?аннаÑ? загÑ?Ñ?зка бÑ?ла подгоÑ?овлена Ð?аÑ?кÑ?Ñ?ом Ð?оÑ?ани.</p>
</define-tag>
# do not modify the following line
- --- english/security/2015/dla-323.wml 2016-04-07 03:10:36.000000000 +0500
+++ russian/security/2015/dla-323.wml 2016-05-04 14:30:06.436562812 +0500
@@ -1,38 +1,41 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
<define-tag moreinfo>
- -<p>The following two issues have recently been fixed in Debian LTS (squeeze)
- -for the fuseiso package.</p>
+<p>Ð? пакеÑ?е fuseiso в Debian LTS (squeeze) недавно бÑ?ли иÑ?пÑ?авленÑ?
+две пÑ?облемÑ?.</p>
- -<p>Issue 1</p>
+<p>Ð?Ñ?облема 1</p>
- - <p>An integer overflow, leading to a heap-based buffer overflow flaw was
- - found in the way FuseISO, a FUSE module to mount ISO filesystem
- - images, performed reading of certain ZF blocks of particular inodes.
- - A remote attacker could provide a specially-crafted ISO file that,
- - when mounted via the fuseiso tool would lead to fuseiso binary crash.</p>
+ <p>Ð? Ñ?поÑ?обе, иÑ?полÑ?зÑ?емом FuseISO, модÑ?ле FUSE длÑ? монÑ?иÑ?ованиÑ?
+ обÑ?азов Ñ?айловÑ?Ñ? Ñ?иÑ?Ñ?ем ISO, бÑ?ло обнаÑ?Ñ?жено пеÑ?еполнение Ñ?елÑ?Ñ?
+ Ñ?иÑ?ел, пÑ?оводÑ?Ñ?ее к пеÑ?еполнениÑ? бÑ?Ñ?еÑ?а и возникаÑ?Ñ?ее пÑ?и Ñ?Ñ?ении
+ опÑ?еделÑ?ннÑ?Ñ? блоков ZF опÑ?еделÑ?ннÑ?Ñ? индекÑ?нÑ?Ñ? деÑ?кÑ?ипÑ?оÑ?ов.
+ УдалÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? пеÑ?едаÑ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?й Ñ?айл ISO, коÑ?оÑ?Ñ?й пÑ?и
+ его монÑ?иÑ?овании Ñ?еÑ?ез инÑ?Ñ?Ñ?Ñ?менÑ? fuseiso пÑ?иведÑ?Ñ? к аваÑ?ийной оÑ?Ñ?ановке двоиÑ?ного Ñ?айла fuseiso.</p>
- - <p>This issue was discovered by Florian Weimer of Red Hat Product
+ <p>Ð?аннаÑ? пÑ?облема бÑ?ла обнаÑ?Ñ?жена ФлоÑ?ианом Ð?аймеÑ?ом из Red Hat Product
Security Team.</p>
- - <p>The issue got resolve by bailing out before ZF blocks that exceed the
- - supported block size of 2^17 are to be read.</p>
+ <p>Ð?Ñ?облема бÑ?ла Ñ?еÑ?ена пÑ?Ñ?Ñ?м оÑ?Ñ?ановки до Ñ?ого моменÑ?а, как блоки ZF, пÑ?евÑ?Ñ?аÑ?Ñ?ие
+ поддеÑ?живаемÑ?й Ñ?азмеÑ? блока в 2^17, бÑ?дÑ?Ñ? пÑ?оÑ?иÑ?анÑ?.</p>
- -<p>Issue 2</p>
+<p>Ð?Ñ?облема 2</p>
- - <p>A stack-based buffer overflow flaw was found in the way FuseISO, a
- - FUSE module to mount ISO filesystem images, performed expanding of
- - directory portions for absolute path filename entries. A remote
- - attacker could provide a specially-crafted ISO file that, when
- - mounted via fuseiso tool would lead to fuseiso binary crash or,
- - potentially, arbitrary code execution with the privileges of the user
- - running the fuseiso executable.</p>
+ <p>Ð? Ñ?поÑ?обе, иÑ?полÑ?зÑ?емом FuseISO, модÑ?ле FUSE длÑ? монÑ?иÑ?ованиÑ?
+ обÑ?азов Ñ?айловÑ?Ñ? Ñ?иÑ?Ñ?ем ISO, бÑ?ло обнаÑ?Ñ?жено пеÑ?еполнение бÑ?Ñ?еÑ?а,
+ возникаÑ?Ñ?ее пÑ?и Ñ?аÑ?кÑ?Ñ?Ñ?ии Ñ?аÑ?Ñ?ей каÑ?алога длÑ? абÑ?олÑ?Ñ?нÑ?Ñ? пÑ?Ñ?ей имÑ?н
+ Ñ?айлов. УдалÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? пеÑ?едаÑ?Ñ?
+ Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?й Ñ?айл ISO, коÑ?оÑ?Ñ?й пÑ?и его
+ монÑ?иÑ?овании Ñ?еÑ?ез инÑ?Ñ?Ñ?Ñ?менÑ? fuseiso пÑ?иведÑ?Ñ? к аваÑ?ийной оÑ?Ñ?ановке двоиÑ?ного Ñ?айла fuseiso или
+ поÑ?енÑ?иалÑ?номÑ? вÑ?полнениÑ? пÑ?оизволÑ?ного кода Ñ? пÑ?авами полÑ?зоваÑ?елÑ?,
+ запÑ?Ñ?Ñ?ивÑ?его иÑ?полнÑ?емÑ?й Ñ?айл fuseiso.</p>
- - <p>This issue was discovered by Florian Weimer of Red Hat Product
+ <p>ÐÑ?а пÑ?облема бÑ?ла обнаÑ?Ñ?жена ФлоÑ?ианом Ð?аймеÑ?ом из Red Hat Product
Security Team.</p>
- - <p>The issue got resolved by checking the resulting length of an
- - absolute path name and by bailing out if the platform's PATH_MAX
- - value gets exceeded.</p>
+ <p>Ð?Ñ?облема бÑ?ла Ñ?еÑ?ена пÑ?Ñ?Ñ?м вÑ?полнениÑ? пÑ?овеÑ?ки оконÑ?аÑ?елÑ?ной длинÑ?
+ абÑ?олÑ?Ñ?ного пÑ?Ñ?и и оÑ?Ñ?ановки в Ñ?ом Ñ?лÑ?Ñ?ае, еÑ?ли знаÑ?ение PATH_MAX
+ данной плаÑ?Ñ?оÑ?мÑ? Ñ?же пÑ?евÑ?Ñ?ено.</p>
</define-tag>
# do not modify the following line
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXKcEgAAoJEF7nbuICFtKlLjMP/jbYlZIJo+NUtw6S3wsO895h
GoQd2IS00303OUbZBwmpx8J5INv98mvajVV3vTjPHbegFr8ltctzRkGlS7Tjc6os
ueHH8KbYE0Qs8MuyTmxiMS6DHahLtbtW4KMpDgrjEJ5qQT/3yh1ZJQE6N1UXW5Ca
5K00cHgwmuedWcmWG3FBN34kNhMKY9bKC8XxSINEdN1N4OXU5B1o6EnyAHD9Q4k4
YkmmA4PLton0qYUeYy8aUSJ0nokQTkxloOjWP6lwQOTCHJSnXxapiGU7lDxbcoTa
TiNljSOSpxaRbp38aXQQTfNTnijZX2zcl2DaqxdsI6lK5wD+OqNFOFKHhnHN6lm6
glN362DB3+F5YTtjjDdSvI3CBIAujgVeIlF82roY9i9KVMCL0tza/7b0NtHkcfPJ
OjDs9rNNIvA8+8+9Rm9oSBe6yHFB2+lqGytWJ7WtBQnjFzf/MIa37bZmTl2CSPrT
BJ07/FUPFKb4LQqCAFEOYe1Z85p90k36lGAnC4dL9l31yWQzCA0SbbiRq+09Z7xE
OYkhNmeI1Yvl/439WJI0GYgLgZvWY/A4RsRza1JxX8VSh2vRUmYrpEmeaGUoGvkK
QYBNzdvfGNLhtTvLSPTXbJ8JYHF4XWQSElzKYNIQQCJC691GiyaGIYIMWOzpqCPy
p1YOFTLUqOVaQ7xPNNfg
=2ase
-----END PGP SIGNATURE-----
Reply to: