[DONE] wml://security/2015/dla-{317,145}.wml

[Lev Lamberov <dogsleg@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2015/dla-145.wml	2016-04-09 01:32:24.000000000 +0500
+++ russian/security/2015/dla-145.wml	2016-05-07 22:33:05.482301171 +0500
@@ -1,46 +1,47 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Brief introduction</p>
+<p>Ð?Ñ?аÑ?кое введение</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-0237";>CVE-2014-0237</a>
 
- -    <p>The cdf_unpack_summary_info function in cdf.c in the Fileinfo
- -    component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows
- -    remote attackers to cause a denial of service (performance
- -    degradation) by triggering many file_printf calls.</p></li>
+    <p>ФÑ?нкÑ?иÑ? cdf_unpack_summary_info в cdf.c в компоненÑ?е Fileinfo
+    длÑ? PHP до веÑ?Ñ?ии 5.4.29 в веÑ?ке 5.5.x до веÑ?Ñ?ии 5.5.13 позволÑ?еÑ?
+    Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании (Ñ?нижение
+    пÑ?оизводиÑ?елÑ?ноÑ?Ñ?и) пÑ?Ñ?Ñ?м многоÑ?иÑ?леннÑ?Ñ? вÑ?зовов file_printf.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-0238";>CVE-2014-0238</a>
 
- -    <p>The cdf_read_property_info function in cdf.c in the Fileinfo
- -    component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows
- -    remote attackers to cause a denial of service (infinite loop
- -    or out-of-bounds memory access) via a vector that (1) has zero
- -    length or (2) is too long.</p></li>
+    <p>ФÑ?нкÑ?иÑ? cdf_read_property_info в cdf.c в компоненÑ?е Fileinfo
+    длÑ? PHP до веÑ?Ñ?ии 5.4.29 и в веÑ?ке 5.5.x до веÑ?Ñ?ии 5.5.13 позволÑ?еÑ?
+    Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании (беÑ?конеÑ?нÑ?й Ñ?икл
+    или доÑ?Ñ?Ñ?п за пÑ?еделами вÑ?деленного бÑ?Ñ?еÑ?а памÑ?Ñ?и) Ñ? помоÑ?Ñ?Ñ? векÑ?оÑ?а, коÑ?оÑ?Ñ?й имееÑ? (1) нÑ?левÑ?Ñ?
+    длинÑ?, или (2) Ñ?лиÑ?ком болÑ?Ñ?Ñ?Ñ? длинÑ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-2270";>CVE-2014-2270</a>
 
- -    <p>softmagic.c in file before 5.17 and libmagic allows context
- -    dependent attackers to cause a denial of service (out-of-bounds
- -    memory access and crash) via crafted offsets in the softmagic
- -    of a PE executable.</p></li>
+    <p>softmagic.c в file до веÑ?Ñ?ии 5.17 и libmagic позволÑ?еÑ? злоÑ?мÑ?Ñ?ленникам в
+    завиÑ?имоÑ?Ñ?и оÑ? конÑ?екÑ?Ñ?е вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании (доÑ?Ñ?Ñ?п за пÑ?еделами вÑ?деленного
+    бÑ?Ñ?еÑ?а памÑ?Ñ?и и аваÑ?ийнаÑ? оÑ?Ñ?ановка) Ñ? помоÑ?Ñ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?Ñ? оÑ?Ñ?Ñ?Ñ?пов в softmagic
+    иÑ?полнÑ?емого Ñ?айла PE.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8117";>CVE-2014-8117</a>
 
- -    <p>- Stop reporting bad capabilities after the first few.
- -    - limit the number of program and section header number of sections
- -    - limit recursion level</p></li>
+    <p>- Ð?Ñ?екÑ?аÑ?ение вÑ?вода Ñ?ообÑ?ений о плоÑ?иÑ? Ñ?аÑ?акÑ?еÑ?иÑ?Ñ?икаÑ? поÑ?ле вÑ?вода неÑ?колÑ?киÑ? пеÑ?вÑ?Ñ? Ñ?ообÑ?ений.
+    - Ð?гÑ?аниÑ?ение Ñ?иÑ?ла пÑ?огÑ?амм и номеÑ?а заголовка Ñ?аздела Ñ? Ñ?азделов.
+    - огÑ?аниÑ?ение Ñ?Ñ?овнÑ? Ñ?екÑ?Ñ?Ñ?ии.</p></li>
 
 <li>CVE-2015-TEMP (no official CVE number available yet)
 
- -   <p>- null pointer deference (PHP bugs: 68739 68740)
- -   - out-of-bounds memory access (file bug: 398)
- -     additional patches from <a href="https://security-tracker.debian.org/tracker/CVE-2014-3478";>CVE-2014-3478</a> added</p></li>
+   <p>- РазÑ?менование null-Ñ?казаÑ?елÑ? (оÑ?ибки PHP: 68739 68740).
+   - Ð?оÑ?Ñ?Ñ?п за пÑ?еделами вÑ?деленного бÑ?Ñ?еÑ?а памÑ?Ñ?и (оÑ?ибка file: 398).
+     Ð?обавленÑ? дополниÑ?елÑ?нÑ?е заплаÑ?Ñ? из <a href="https://security-tracker.debian.org/tracker/CVE-2014-3478";>CVE-2014-3478</a>.</p></li>
 
 </ul>
 
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in php5 version 5.3.3-7+squeeze24</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в php5 веÑ?Ñ?ии 5.3.3-7+squeeze24</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2015/dla-317.wml	2016-04-07 03:10:36.000000000 +0500
+++ russian/security/2015/dla-317.wml	2016-05-07 22:24:56.393429240 +0500
@@ -1,43 +1,44 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Various issues have been fixed in Debian LTS (squeeze) for package
- -vorbis-tools.</p>
+<p>Ð? пакеÑ?е vorbis-tools в Debian LTS (squeeze) бÑ?ли иÑ?пÑ?авленÑ? Ñ?азлиÑ?нÑ?е
+пÑ?облемÑ?.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9638";>CVE-2014-9638</a>
 
- -    <p>A crafted WAV file with number of channels set to 0 will cause oggenc
- -    to crash due to a division by zero issue. This issue has been fixed
- -    upstream by providing a fix for <a href="https://security-tracker.debian.org/tracker/CVE-2014-9639";>CVE-2014-9639</a>. Reported upstream by
- -    <q>zuBux</q>.</p></li>
+    <p>СпеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?й Ñ?айл WAV Ñ? Ñ?Ñ?дом каналов, вÑ?Ñ?Ñ?авленнÑ?Ñ? в знаÑ?ение 0, пÑ?иводиÑ? к аваÑ?ийной
+    оÑ?Ñ?ановке oggenc из-за пÑ?облемÑ? Ñ? делением на нолÑ?. ЭÑ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена
+    в оÑ?новной веÑ?ке Ñ?азÑ?абоÑ?ки пÑ?Ñ?Ñ?м подгоÑ?овки заплаÑ?Ñ? длÑ? <a href="https://security-tracker.debian.org/tracker/CVE-2014-9639";>CVE-2014-9639</a>. Ð?вÑ?оÑ?ам оÑ?новной
+    веÑ?ки о пÑ?облеме Ñ?ообÑ?ил <q>zuBux</q>.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9639";>CVE-2014-9639</a>
 
- -    <p>An integer overflow issue was discovered in oggenc, related to the
- -    number of channels in the input WAV file. The issue triggers an
- -    out-of-bounds memory access which causes oggenc to crash here
- -    (audio.c). Reported upstream by <q>zuBux</q>.</p>
+    <p>Ð? oggenc бÑ?ло обнаÑ?Ñ?жено пеÑ?еполнение Ñ?елÑ?Ñ? Ñ?иÑ?ел, Ñ?вÑ?занное Ñ?
+    Ñ?иÑ?лом каналов во вÑ?одном Ñ?айле WAV. Ð?Ñ?облема возникаеÑ? пÑ?и
+    обÑ?аÑ?ении за пÑ?еделÑ? вÑ?деленного бÑ?Ñ?еÑ?а памÑ?Ñ?и, коÑ?оÑ?ое пÑ?иводиÑ? к аваÑ?ийной оÑ?Ñ?ановке oggenc
+    (audio.c). Ð?вÑ?оÑ?ам оÑ?новной веÑ?ки о пÑ?облеме Ñ?ообÑ?ил <q>zuBux</q>.</p>
 
- -    <p>The upstream fix for this has been backported to vorbis-tools in
+    <p>Ð?Ñ?пÑ?авление из оÑ?новной веÑ?ки Ñ?азÑ?абоÑ?ки бÑ?ло адапÑ?иÑ?овано длÑ? vorbis-tools в
     Debian LTS (squeeze).</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9640";>CVE-2014-9640</a>
 
- -     <p>Fix for a crash on closing raw input (dd if=/dev/zero bs=1 count=1 |
- -     oggenc -r - -o out.ogg). Reported upstream by <q>hanno</q>.</p>
+     <p>Ð?Ñ?пÑ?авление аваÑ?ийной оÑ?Ñ?ановки пÑ?и закÑ?Ñ?Ñ?ии необÑ?абоÑ?аннÑ?Ñ? вÑ?однÑ?Ñ? даннÑ?Ñ? (dd if=/dev/zero bs=1 count=1 |
+     oggenc -r - -o out.ogg). Ð?вÑ?оÑ?ам оÑ?новной веÑ?ки о пÑ?облеме Ñ?ообÑ?ил <q>hanno</q>.</p>
 
- -    <p>The upstream fix for this has been backported to vorbis-tools in
+    <p>Ð?Ñ?пÑ?авление из оÑ?новной веÑ?ки Ñ?азÑ?абоÑ?ки бÑ?ло адапÑ?иÑ?овано длÑ? vorbis-tools в
     Debian LTS (squeeze).</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-6749";>CVE-2015-6749</a>
 
- -    <p>Buffer overflow in the aiff_open function in oggenc/audio.c in
- -    vorbis-tools 1.4.0 and earlier allowed remote attackers to cause a
- -    denial of service (crash) via a crafted AIFF file. Reported upstream
- -    by <q>pengsu</q>.</p>
+    <p>Ð?еÑ?еполнение бÑ?Ñ?еÑ?а в Ñ?Ñ?нкÑ?ии aiff_open в oggenc/audio.c в
+    vorbis-tools веÑ?Ñ?ии 1.4.0 или более Ñ?анниÑ? позволÑ?еÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам вÑ?зваÑ?Ñ?
+    оÑ?каз в обÑ?лÑ?живании (аваÑ?ийнаÑ? оÑ?Ñ?ановка) Ñ? помоÑ?Ñ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного Ñ?айла AIFF. Ð?вÑ?оÑ?ам оÑ?новной веÑ?ки
+    о пÑ?облеме Ñ?ообÑ?ил <q>pengsu</q>.</p>
 
- -    <p>The upstream fix for this has been backported to vorbis-tools in
+    <p>Ð?Ñ?пÑ?авление из оÑ?новной веÑ?ки Ñ?азÑ?абоÑ?ки бÑ?ло адапÑ?иÑ?овано длÑ? vorbis-tools в
     Debian LTS (squeeze).</p></li>
 
 </ul>
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXLibVAAoJEF7nbuICFtKlC4sP/jAM146lzZUhYS7zNvoUJoy1
rSmMtjKzN6GmthBfn0NZC9xLcvDw+I7YHvhRrvUfY6aai6Qqv4roSvYFeu7EyRb6
k5YcPmoYMeGY/qTJgny3Bky3d4J8VyOx744E3vnu6SGKUSB89+6Jev7VYD0GGyxZ
dKXRwo8PXdrNJ8FPk2KmEqwr/dNycTZUOkLWz0tuxUodwVjeN/F7NMOOTTVWWm8t
ijXG1mpqvNmSP0/a1qUb/nNdXUtF5iiJWLOzBpvFrVRVc0IS3MJmJVXxgblM3Gf1
lgTkdMY1gZmGOQoltnR13biyAuJtkUIDLdlUltz3ywCCP9WZqVZZpC28Mn8Arzp9
cWJFZ5MMAYSNdBfuYRJn+ylLmo3BOyCgZ7AmF8VLZSIAiGnAutaLveMjrjZLqFW0
W9iRAmz+D1SAbZCde9jKQVyitFHowv/LAbAwtcON14AAnwW6G03HlyjpY3K+Z+oj
szZvFQcjhToFhqtrN/Qgl+8DtMevWenuTwuZ7Oy4bS0yhlzERp3ZWnNn+p/ZYpA7
Qq93aUqu7n4aTSjLZHOLBFfI4lN78VJndZS8cQJIHEYgUz157mWdvo6TPeH8CnRh
WpaAilP9FI2V51+HtbYBc4EwRx+mnVO0uUyJdC3pvdoZqoWlYW9tDY5s+EX5WNK1
S9hPRiXpkNN6LWetWqRA
=KaxH
-----END PGP SIGNATURE-----