[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2015/dla-{221,324}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2015/dla-221.wml	2016-04-07 03:10:34.000000000 +0500
+++ russian/security/2015/dla-221.wml	2016-05-06 22:42:55.481397254 +0500
@@ -1,45 +1,46 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in the LibTIFF library
- -and utilities for the Tag Image File Format.  These could lead to a
- -denial of service, information disclosure or privilege escalation.</p>
+<p>Ð? LibTIFF, библиоÑ?еке и Ñ?Ñ?илиÑ?аÑ? длÑ? Ñ?абоÑ?Ñ? Ñ? изобÑ?ажениÑ?ми в Ñ?оÑ?маÑ?е TIFF, бÑ?ло
+обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей.  ЭÑ?и пÑ?облемÑ? пÑ?иводÑ?Ñ? к
+оÑ?казÑ? в обÑ?лÑ?живании, Ñ?аÑ?кÑ?Ñ?Ñ?иÑ? инÑ?оÑ?маÑ?ии или повÑ?Ñ?ениÑ? пÑ?ивилегий.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8128";>CVE-2014-8128</a>
 
- -    <p>William Robinet discovered that out-of-bounds writes are triggered
- -    in several of the LibTIFF utilities when processing crafted TIFF
- -    files.  Other applications using LibTIFF are also likely to be
- -    affected in the same way.</p></li>
+    <p>УилÑ?Ñ?м Робине обнаÑ?Ñ?жил, Ñ?Ñ?о в неÑ?колÑ?киÑ? Ñ?Ñ?илиÑ?аÑ? LibTIFF можеÑ? возникаÑ?Ñ?
+    запиÑ?Ñ? за пÑ?еделами вÑ?деленного бÑ?Ñ?еÑ?а пÑ?и обÑ?абоÑ?ке Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?Ñ? Ñ?айлов
+    TIFF.  Ð?Ñ?Ñ?гие пÑ?иложениÑ?, иÑ?полÑ?зÑ?Ñ?Ñ?ие LibTIFF, Ñ?коÑ?ее вÑ?его Ñ?оже
+    подвеÑ?женÑ? Ñ?Ñ?ой пÑ?облеме.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8129";>CVE-2014-8129</a>
 
- -    <p>William Robinet discovered that out-of-bounds reads and writes are
- -    triggered in tiff2pdf when processing crafted TIFF files.  Other
- -    applications using LibTIFF are also likely to be affected in the same
- -    way.</p></li>
+    <p>УилÑ?Ñ?м Робине обнаÑ?Ñ?жил, Ñ?Ñ?о Ñ?Ñ?ение и запиÑ?Ñ? за пÑ?еделами вÑ?деленного бÑ?Ñ?еÑ?а
+    могÑ?Ñ? возникаÑ?Ñ? в tiff2pdf пÑ?и обÑ?абоÑ?ке Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?Ñ? Ñ?айлов TIFF.  Ð?Ñ?Ñ?гие
+    пÑ?иложениÑ?, иÑ?полÑ?зÑ?Ñ?Ñ?ие LibTIFF, Ñ?коÑ?ее вÑ?его Ñ?оже подвеÑ?женÑ? Ñ?Ñ?ой
+    пÑ?облеме.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9330";>CVE-2014-9330</a>
 
- -    <p>Paris Zoumpouloglou discovered that out-of-bounds reads and writes are
- -    triggered in bmp2tiff when processing crafted BMP files.</p></li>
+    <p>Ð?аÑ?иÑ? Ð?Ñ?мпоÑ?логлÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о в bmp2tiff пÑ?и обÑ?абоÑ?ке Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?Ñ? Ñ?айлов
+    BMP можеÑ? возникаÑ?Ñ? Ñ?Ñ?ение и запиÑ?Ñ? за пÑ?еделами вÑ?деленного бÑ?Ñ?еÑ?а.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9655";>CVE-2014-9655</a>
 
- -    <p>Michal Zalewski discovered that out-of-bounds reads and writes are
- -    triggered in LibTIFF when processing crafted TIFF files.</p></li>
+    <p>Ð?иÑ?ал Ð?алевÑ?ки обнаÑ?Ñ?жил, Ñ?Ñ?о в LibTIFF пÑ?и обÑ?абоÑ?ке Ñ?айлов TIFF могÑ?Ñ? возникаÑ?Ñ?
+    Ñ?Ñ?ениÑ? и запиÑ?Ñ? за пÑ?еделами вÑ?деленного бÑ?Ñ?еÑ?а.</p></li>
 
 </ul>
 
- -<p>For the oldoldstable distribution (squeeze), these problems have been
- -fixed in version 3.9.4-5+squeeze12.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?аÑ?ом Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли
+иÑ?пÑ?авленÑ? в веÑ?Ñ?ии 3.9.4-5+squeeze12.</p>
 
- -<p>For the oldstable distribution (wheezy), these problems will be fixed
- -soon.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?и пÑ?облемÑ? бÑ?дÑ?Ñ? иÑ?пÑ?авленÑ?
+позже.</p>
 
- -<p>The stable distribution (jessie) was not affected by these problems as
- -they were fixed before release.</p>
+<p>СÑ?абилÑ?нÑ?й вÑ?пÑ?Ñ?к (jessie) не подвеÑ?жен Ñ?Ñ?им пÑ?облемам, Ñ?ак как они бÑ?ли
+иÑ?пÑ?авленÑ? до моменÑ?а вÑ?пÑ?Ñ?ка jessie.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2015/dla-324.wml	2016-04-08 01:24:54.000000000 +0500
+++ russian/security/2015/dla-324.wml	2016-05-06 22:51:22.889167883 +0500
@@ -1,43 +1,44 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?нÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>This update fixes several issues as described below.</p>
+<p>Ð?анное обновление иÑ?пÑ?авлÑ?еÑ? неÑ?колÑ?ко пÑ?облем, опиÑ?аннÑ?Ñ? ниже.</p>
 
 <ul>
 
- -<li>PR ld/12613 (no CVE assigned)
+<li>PR ld/12613 (иденÑ?иÑ?икаÑ?оÑ? CVE не пÑ?иÑ?воен)
 
- -    <p>Niranjan Hasabnis discovered that passing an malformed linker
- -    script to GNU ld, part of binutils, may result in a stack buffer
- -    overflow.  If the linker is used with untrusted object files, this
- -    would allow remote attackers to cause a denial of service (crash)
- -    or possibly privilege escalation.</p></li>
+    <p>Ð?иÑ?анджан ХаÑ?абниÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о пеÑ?едаÑ?а некоÑ?Ñ?екÑ?ного Ñ?Ñ?енаÑ?иÑ?
+    компоновÑ?ика GNU ld, Ñ?аÑ?Ñ?и binutils, можеÑ? пÑ?иводиÑ?Ñ? к пеÑ?еполнениÑ?
+    бÑ?Ñ?еÑ?а.  Ð?Ñ?ли компоновÑ?ик иÑ?полÑ?зÑ?еÑ?Ñ?Ñ? Ñ? недовеÑ?еннÑ?ми обÑ?екÑ?нÑ?ми Ñ?айлами, Ñ?о Ñ?Ñ?о
+    можеÑ? позволиÑ?Ñ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам вÑ?зваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании (аваÑ?ийнаÑ? оÑ?Ñ?ановка)
+    или повÑ?Ñ?ение пÑ?ивилегий.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-3509";>CVE-2012-3509</a>, #688951
 
- -    <p>Sang Kil Cha discovered that a buffer size calculation in
- -    libiberty, part of binutils, may result in integer overflow and
- -    then a heap buffer overflow.  If libiberty or the commands in
- -    binutils are used to read untrusted binaries, this would allow
- -    remote attackers to cause a denial of service (crash) or possibly
- -    privilege escalation.</p></li>
- -
- -<li>>PR binutils/18750 (no CVE assigned)
- -
- -    <p>Joshua Rogers reported that passing a malformed ihex (Intel
- -    hexadecimal) file to to various commands in binutils may result in
- -    a stack buffer overflow.  A similar issue was found in readelf.
- -    If these commands are used to read untrusted binaries, this would
- -    allow remote attackers to cause a denial of service (crash) or
- -    possibly privilege escalation.</p></li>
+    <p>Санг Ð?ил Ча обнаÑ?Ñ?жил, Ñ?Ñ?о вÑ?Ñ?иÑ?ление Ñ?азмеÑ?а бÑ?Ñ?еÑ?а в
+    libiberty, Ñ?аÑ?Ñ?и binutils, можеÑ? пÑ?иводиÑ?Ñ? к пеÑ?еполнениÑ? Ñ?елÑ?Ñ? Ñ?иÑ?ел и
+    пеÑ?еполнениÑ? динамиÑ?еÑ?кой памÑ?Ñ?и.  Ð?Ñ?ли libiberty или командÑ? из
+    binutils иÑ?полÑ?зÑ?Ñ?Ñ?Ñ?Ñ? длÑ? Ñ?Ñ?ениÑ? недовеÑ?еннÑ?Ñ? двоиÑ?нÑ?Ñ? Ñ?айлов, Ñ?о Ñ?Ñ?о можеÑ? позволиÑ?Ñ?
+    Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам вÑ?зваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании (аваÑ?ийнаÑ? оÑ?Ñ?ановка) или
+    поÑ?енÑ?иалÑ?ное повÑ?Ñ?ение пÑ?ивилегий.</p></li>
+
+<li>>PR binutils/18750 (иденÑ?иÑ?икаÑ?оÑ? CVE не пÑ?иÑ?воен)
+
+    <p>Ð?жоÑ?Ñ?а РоджеÑ?Ñ? Ñ?ообÑ?ил, Ñ?Ñ?о пеÑ?едаÑ?а некоÑ?Ñ?екÑ?ного Ñ?айла ihex (Ñ?еÑ?Ñ?надÑ?аÑ?еÑ?иÑ?нÑ?й
+    Ñ?оÑ?маÑ? Intel) Ñ?азлиÑ?нÑ?м командам из binutils можеÑ? пÑ?иводиÑ?Ñ? к
+    пеÑ?еполнениÑ? бÑ?Ñ?еÑ?а.  СÑ?ожаÑ? пÑ?облема бÑ?ла обнаÑ?Ñ?жена в readelf.
+    Ð?Ñ?ли Ñ?Ñ?и командÑ? иÑ?полÑ?зÑ?Ñ?Ñ?Ñ?Ñ? длÑ? Ñ?Ñ?ениÑ? недовеÑ?еннÑ?Ñ? двоиÑ?нÑ?Ñ? Ñ?айлов, Ñ?о Ñ?Ñ?о можеÑ?
+    позволиÑ?Ñ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам вÑ?зваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании (аваÑ?ийнаÑ? оÑ?Ñ?ановка) или
+    поÑ?енÑ?иалÑ?ное повÑ?Ñ?ение пÑ?ивилегий.</p></li>
 
 </ul>
 
- -<p>For the oldoldstable distribution (squeeze), these problems have been
- -fixed in version 2.20.1-16+deb6u2.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?аÑ?ом Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли
+иÑ?пÑ?авленÑ? в веÑ?Ñ?ии 2.20.1-16+deb6u2.</p>
 
- -<p>For the oldstable distribution (wheezy) and the stable distribution
- -(jessie), PR ld/12613 and <a href="https://security-tracker.debian.org/tracker/CVE-2012-3509";>CVE-2012-3509</a> were fixed before release, and
- -PR binutils/18750 will be fixed in a later update.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном (wheezy) и Ñ?Ñ?абилÑ?ном (jessie) вÑ?пÑ?Ñ?каÑ?
+PR ld/12613 и <a href="https://security-tracker.debian.org/tracker/CVE-2012-3509";>CVE-2012-3509</a> бÑ?ли иÑ?пÑ?авленÑ? до моменÑ?а вÑ?пÑ?Ñ?ка, а
+PR binutils/18750 бÑ?деÑ? иÑ?пÑ?авлена позже.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXLNmfAAoJEF7nbuICFtKlZ4EP/RHH9Y+t6zkHCoF9vhULPeQN
sFaVJTg0RfTgcOmNVJpFhMdQUzsRCEwZkBcts68976ziI//YVtjpt9g9e8u7ssSN
uT+ZD1gQ9JO8nBhX1kOGjR4q5HPd98bohq5oWl3Prx7tbYXFmBAKTVc2Uaiw/o8R
gD1zFQV95lrajPz9LC/0RoPOqlBIAZYDZ5JeEtarDnx0zQXXMIr9Xhf6s+wOj6rv
j3K4E8i5znL67QjHxZloe8Ojt/XbbavfjAThDm03CJ68/4phaeut8Bec1e+pSBzi
6nu35BT9uNO841D0tBBto6/aMD3hF1umuP5/2Oc8+fMtEbc7gFd0ygBphW1uI8JC
l7lhWH296V2UKOtHq4qotg88sAFDfokmI5B/fXkrFqGTTqBJ5y7Fhj519p8Ye5pO
cRPFOs7oCRUzJ9diU+gkAe/84VGjIkLsq9gDuKHf3/LNrb86EgzUZLQA1Lhi2VFq
vhCg7f7NAAQxDsVeirS0CbjQ15r0itTXADpwdiYJc8fAMMKcvTceELxu1JGHa7z6
NFaWFQVd/CFSNatpM8GRYsDIV0L8y0gcJ4JrIRhF2Xk7cUXD5Z2+TM34tDviTHV2
fOmeuMrDzrhyiXxlxgGf+UObeAtD/gPUp37diaSw2OmMszZs9W8G/7PqhPz8Livm
JHeMIKETusqt4GmHdICB
=Fxl2
-----END PGP SIGNATURE-----
Reply to: