[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2015/dla-{132,203}.wml



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2015/dla-132.wml	2016-04-09 01:32:23.000000000 +0500
+++ russian/security/2015/dla-132.wml	2016-05-16 22:43:52.155484886 +0500
@@ -1,51 +1,52 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Multiple vulnerabilities have been discovered in OpenSSL, a Secure
- -Sockets Layer toolkit. The Common Vulnerabilities and Exposures project
- -identifies the following issues:</p>
+<p>Ð? OpenSSL, набоÑ?е инÑ?Ñ?Ñ?Ñ?менÑ?ов Secure Sockets Layer, бÑ?ли обнаÑ?Ñ?женÑ?
+многоÑ?иÑ?леннÑ?е Ñ?Ñ?звимоÑ?Ñ?и. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-3570";>CVE-2014-3570</a>
 
- -    <p>Pieter Wuille of Blockstream reported that the bignum squaring
- -    (BN_sqr) may produce incorrect results on some platforms, which
- -    might make it easier for remote attackers to defeat cryptographic
- -    protection mechanisms.</p></li>
+    <p>Ð?иÑ?еÑ? Ð?Ñ?иллÑ? из Blockstream Ñ?ообÑ?ил, Ñ?Ñ?о возведение в квадÑ?аÑ? Ñ?веÑ?Ñ?болÑ?Ñ?иÑ?
+    Ñ?иÑ?ел (BN_sqr) можеÑ? на некоÑ?оÑ?Ñ?Ñ? плаÑ?Ñ?оÑ?маÑ? вÑ?даваÑ?Ñ? непÑ?авилÑ?нÑ?е Ñ?езÑ?лÑ?Ñ?аÑ?Ñ?, Ñ?Ñ?о
+    облегÑ?аеÑ? Ñ?далÑ?ннÑ?м полÑ?зоваÑ?елÑ?м обойÑ?и меÑ?анизмÑ? кÑ?ипÑ?огÑ?аÑ?иÑ?еÑ?кой
+    заÑ?иÑ?Ñ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-3571";>CVE-2014-3571</a>
 
- -    <p>Markus Stenberg of Cisco Systems, Inc. reported that a carefully
- -    crafted DTLS message can cause a segmentation fault in OpenSSL due
- -    to a NULL pointer dereference. A remote attacker could use this flaw
- -    to mount a denial of service attack.</p></li>
+    <p>Ð?аÑ?кÑ?Ñ? ШÑ?енбеÑ?г из Cisco Systems, Inc. Ñ?ообÑ?ил, Ñ?Ñ?о Ñ?пеÑ?иалÑ?но
+    Ñ?Ñ?оÑ?миÑ?ованное Ñ?ообÑ?ение DTLS можеÑ? вÑ?зÑ?ваÑ?Ñ? оÑ?ибкÑ? Ñ?егменÑ?иÑ?ованиÑ? в OpenSSL из-за
+    Ñ?азÑ?менованиÑ? NULL-Ñ?казаÑ?елÑ?. УдалÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? иÑ?полÑ?зоваÑ?Ñ? даннÑ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ?
+    длÑ? вÑ?зова оÑ?каза в обÑ?лÑ?живании.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-3572";>CVE-2014-3572</a>
 
- -    <p>Karthikeyan Bhargavan of the PROSECCO team at INRIA reported that an
- -    OpenSSL client would accept a handshake using an ephemeral ECDH
- -    ciphersuite if the server key exchange message is omitted. This
- -    allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks
- -    and trigger a loss of forward secrecy.</p></li>
+    <p>Ð?аÑ?Ñ?икеÑ?н Ð?Ñ?аÑ?гаван из командÑ? PROSECCO из INRIA Ñ?ообÑ?ил, Ñ?Ñ?о
+    клиенÑ? OpenSSL пÑ?инимаеÑ? Ñ?Ñ?копожаÑ?ие, иÑ?полÑ?зÑ?Ñ? недолговеÑ?нÑ?й набоÑ? Ñ?иÑ?Ñ?ов
+    ECDH в Ñ?лÑ?Ñ?ае, еÑ?ли пÑ?опÑ?Ñ?ено Ñ?ообÑ?ение Ñ?еÑ?веÑ?а по обменÑ? клÑ?Ñ?ей. ЭÑ?о
+    позволÑ?еÑ? Ñ?далÑ?ннÑ?м SSL-Ñ?еÑ?веÑ?ам вÑ?полнÑ?Ñ?Ñ? аÑ?аки по Ñ?нижениÑ? Ñ?Ñ?овнÑ? заÑ?иÑ?Ñ? ECDHE до ECDH
+    и вÑ?зÑ?ваÑ?Ñ? поÑ?еÑ?Ñ? заÑ?иÑ?Ñ?нноÑ?Ñ?и.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8275";>CVE-2014-8275</a>
 
- -    <p>Antti Karjalainen and Tuomo Untinen of the Codenomicon CROSS project
- -    and Konrad Kraszewski of Google reported various certificate
- -    fingerprint issues, which allow remote attackers to defeat a
- -    fingerprint-based certificate-blacklist protection mechanism.</p></li>
+    <p>Ð?нÑ?Ñ?и Ð?аÑ?Ñ?лаинен и ТÑ?омо УнÑ?инен из пÑ?оекÑ?а Codenomicon CROSS
+    и Ð?онÑ?ад Ð?Ñ?аÑ?евÑ?ки из Google Ñ?ообÑ?или о Ñ?азлиÑ?нÑ?Ñ? пÑ?облемаÑ? Ñ? оÑ?пеÑ?аÑ?ками
+    Ñ?еÑ?Ñ?иÑ?икаÑ?а, коÑ?оÑ?Ñ?е могÑ?Ñ? позволиÑ?Ñ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам обойÑ?и
+    меÑ?анизмÑ? заÑ?иÑ?Ñ? на оÑ?нове Ñ?Ñ?Ñ?ного Ñ?пиÑ?ка Ñ?еÑ?Ñ?иÑ?икаÑ?ов, Ñ?одеÑ?жаÑ?его оÑ?пеÑ?аÑ?ки.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-0204";>CVE-2015-0204</a>
 
- -    <p>Karthikeyan Bhargavan of the PROSECCO team at INRIA reported that
- -    an OpenSSL client will accept the use of an ephemeral RSA key in a
- -    non-export RSA key exchange ciphersuite, violating the TLS
- -    standard. This allows remote SSL servers to downgrade the security
- -    of the session.</p></li>
+    <p>Ð?аÑ?Ñ?икеÑ?н Ð?Ñ?аÑ?гаван из командÑ? PROSECCO из INRIA Ñ?ообÑ?ил, Ñ?Ñ?о
+    клиенÑ? OpenSSL пÑ?инимаеÑ? иÑ?полÑ?зование недолговеÑ?ного клÑ?Ñ?а RSA в
+    неÑ?кÑ?поÑ?Ñ?ном набоÑ?е Ñ?иÑ?Ñ?ов длÑ? обмена клÑ?Ñ?ами RSA, наÑ?Ñ?Ñ?аÑ? Ñ?Ñ?андаÑ?Ñ?
+    TLS. ЭÑ?о позволÑ?еÑ? Ñ?далÑ?ннÑ?м SSL-Ñ?еÑ?веÑ?ам Ñ?нижаÑ?Ñ? Ñ?Ñ?овенÑ? заÑ?иÑ?Ñ?нноÑ?Ñ?и
+    Ñ?еÑ?Ñ?ии.</p></li>
 
 </ul>
 
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in openssl version 0.9.8o-4squeeze19</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в openssl веÑ?Ñ?ии 0.9.8o-4squeeze19</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2015/dla-203.wml	2016-04-07 03:47:55.000000000 +0500
+++ russian/security/2015/dla-203.wml	2016-05-16 23:24:22.845963718 +0500
@@ -1,52 +1,53 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Multiple vulnerabilities were found in OpenLDAP, a free implementation
- -of the Lightweight Directory Access Protocol.</p>
+<p>Ð? OpenLDAP, Ñ?вободной Ñ?еализаÑ?ии пÑ?оÑ?окола LDAP, бÑ?ли обнаÑ?Ñ?женÑ?
+многоÑ?иÑ?леннÑ?е Ñ?Ñ?звимоÑ?Ñ?и.</p>
 
- -<p>Please carefully check whether you are affected by <a href="https://security-tracker.debian.org/tracker/CVE-2014-9713";>CVE-2014-9713</a>: if you
- -are, you will need to manually upgrade your configuration! See below for
- -more details on this. Just upgrading the packages might not be enough!</p>
+<p>Ð?нимаÑ?елÑ?но пÑ?овеÑ?Ñ?Ñ?е, подвеÑ?женÑ? ли ваÑ?и Ñ?иÑ?Ñ?емÑ? <a href="https://security-tracker.debian.org/tracker/CVE-2014-9713";>CVE-2014-9713</a>: еÑ?ли
+да, Ñ?о вам Ñ?ледÑ?еÑ? вÑ?Ñ?Ñ?нÑ?Ñ? обновиÑ?Ñ? ваÑ?и наÑ?Ñ?Ñ?ойки! Ð?одÑ?обноÑ?Ñ?и по Ñ?Ñ?омÑ? поводÑ?
+Ñ?м. ниже. Ð?бÑ?Ñ?ного обновлениÑ? пакеÑ?ов не доÑ?Ñ?аÑ?оÑ?но!</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-1164";>CVE-2012-1164</a>
 
- -    <p>Fix a crash when doing an attrsOnly search of a database configured
- -    with both the rwm and translucent overlays.</p></li>
+    <p>Ð?Ñ?пÑ?авление аваÑ?ийной оÑ?Ñ?ановке пÑ?и вÑ?полнении поиÑ?ка attrsOnly из базÑ? даннÑ?Ñ?, наÑ?Ñ?Ñ?оенной
+    Ñ? овеÑ?леÑ?ми rwm и translucent.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2013-4449";>CVE-2013-4449</a>
 
- -    <p>Michael Vishchers from Seven Principles AG discovered a denial of
- -    service vulnerability in slapd, the directory server implementation.
- -    When the server is configured to used the RWM overlay, an attacker
- -    can make it crash by unbinding just after connecting, because of an
- -    issue with reference counting.</p></li>
+    <p>Ð?иÑ?аÑ?лÑ? ФиÑ?еÑ?Ñ? из Seven Principles AG обнаÑ?Ñ?жил оÑ?каз в
+    обÑ?лÑ?живании в slapd, Ñ?еализаÑ?ии Ñ?еÑ?веÑ?а каÑ?алогов.
+    Ð?Ñ?ли Ñ?еÑ?веÑ? наÑ?Ñ?Ñ?оен на иÑ?полÑ?зование овеÑ?леÑ? RWM, Ñ?о злоÑ?мÑ?Ñ?ленник
+    можеÑ? аваÑ?ийно завеÑ?Ñ?иÑ?Ñ? его Ñ?абоÑ?Ñ? пÑ?Ñ?Ñ?м оÑ?менÑ? пÑ?ивÑ?зки поÑ?ле подклÑ?Ñ?ениÑ?, Ñ?Ñ?о пÑ?оиÑ?Ñ?одиÑ? из-за
+    пÑ?облемÑ? Ñ? подÑ?Ñ?Ñ?Ñ?ом Ñ?Ñ?Ñ?лок.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9713";>CVE-2014-9713</a>
 
- -    <p>The default Debian configuration of the directory database allows
- -    every users to edit their own attributes. When LDAP directories are
- -    used for access control, and this is done using user attributes, an
- -    authenticated user can leverage this to gain access to unauthorized
- -    resources.</p>
- -
- -    <p>Please note this is a Debian specific vulnerability.</p>
- -
- -    <p>The new package won't use the unsafe access control rule for new
- -    databases, but existing configurations won't be automatically
- -    modified. Administrators are incited to look at the README.Debian
- -    file provided by the updated package if they need to fix the access
- -    control rule.</p></li>
+    <p>Ð?аÑ?Ñ?Ñ?ойки базÑ? даннÑ?Ñ? каÑ?алогов в Debian по Ñ?молÑ?аниÑ? позволÑ?Ñ?Ñ?
+    каждомÑ? полÑ?зоваÑ?елÑ? Ñ?едакÑ?иÑ?оваÑ?Ñ? Ñ?обÑ?Ñ?веннÑ?е аÑ?Ñ?ибÑ?Ñ?Ñ?. Ð?Ñ?ли каÑ?алоги LDAP
+    иÑ?полÑ?зÑ?Ñ?Ñ?Ñ?Ñ? длÑ? Ñ?пÑ?авлениÑ? доÑ?Ñ?Ñ?пом, и Ñ?Ñ?о Ñ?делано Ñ?еÑ?ез полÑ?зоваÑ?елÑ?Ñ?кие аÑ?Ñ?ибÑ?Ñ?Ñ?,
+    Ñ?о аÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованнÑ?й полÑ?зоваÑ?елÑ? можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?о длÑ? полÑ?Ñ?ениÑ? доÑ?Ñ?Ñ?па к неавÑ?оÑ?изованнÑ?м
+    Ñ?еÑ?Ñ?Ñ?Ñ?ам.</p>
+
+    <p>Ð?амеÑ?Ñ?Ñ?е, Ñ?Ñ?о Ñ?Ñ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? каÑ?аеÑ?Ñ?Ñ? конкÑ?еÑ?но Debian.</p>
+
+    <p>Ð?овÑ?й пакеÑ? не иÑ?полÑ?зÑ?еÑ?Ñ?Ñ? небезопаÑ?ное пÑ?авило Ñ?пÑ?авлениÑ? доÑ?Ñ?Ñ?пом длÑ? новÑ?Ñ?
+    баз даннÑ?Ñ?, но Ñ?Ñ?Ñ?еÑ?Ñ?вÑ?Ñ?Ñ?ие наÑ?Ñ?Ñ?ойки не бÑ?дÑ?Ñ? измененÑ?
+    авÑ?омаÑ?иÑ?еÑ?ки. Ð?дминиÑ?Ñ?Ñ?аÑ?оÑ?ам Ñ?екомендÑ?еÑ?Ñ?Ñ? ознакомиÑ?Ñ?Ñ?Ñ? Ñ? Ñ?айлом README.Debian,
+    Ñ?одеÑ?жаÑ?емÑ?Ñ? в обновлÑ?нном пакеÑ?е в Ñ?ом Ñ?лÑ?Ñ?ае, еÑ?ли им Ñ?ледÑ?еÑ? иÑ?пÑ?авиÑ?Ñ? пÑ?авило
+    Ñ?пÑ?авлениÑ? доÑ?Ñ?Ñ?пом.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-1545";>CVE-2015-1545</a>
 
- -     <p>Ryan Tandy discovered a denial of service vulnerability in slapd.
- -     When using the deref overlay, providing an empty attribute list in
- -     a query makes the daemon crashes.</p></li>
+     <p>Райан ТÑ?нди обнаÑ?Ñ?жил оÑ?каз в обÑ?лÑ?живании в slapd.
+     Ð?Ñ?и иÑ?полÑ?зовании овеÑ?леÑ? deref пеÑ?едаÑ?а пÑ?Ñ?Ñ?ого Ñ?пиÑ?ка аÑ?Ñ?ибÑ?Ñ?ов в
+     запÑ?оÑ?е пÑ?иводиÑ? к аваÑ?ийной оÑ?Ñ?ановке Ñ?лÑ?жбÑ?.</p></li>
 
 </ul>
 
- -<p>Thanks to Ryan Tandy for preparing this update.</p>
+<p>Ð?Ñ?Ñ?ажаем благодаÑ?ноÑ?Ñ?Ñ? РайанÑ? ТÑ?нди за подгоÑ?овкÑ? данного обновлениÑ?.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXOhBZAAoJEF7nbuICFtKlLhwQAJ1yxCVCRgui0p5TOn/4kg2y
J/sfkFbEzPJsUGDNTX6utLLvYtD8eVJQGBulBrOjD6+N1hMkp9FeirUecB4Xn6tk
KyMk1vRrD0Wk17wme9imAG1yizuwjhLKPQG0TBbN/mPdcXUvhrCVrI96PewwkBEa
YIfPg/mQ73b331DQYwIP5x76zACN73TpPxjCP/3NjWYzzkc/05nQmf+q/i4j7y/G
+Q/fbEyANdGYT7fDsbej7854qSFSo+WoMz4amy+siwwK9rsQFjTc8ovr0yYfDxWF
/gkQ7q9Pp+TeE4eKDwTq6td3Y5tBReTQ2XtilRsXTbFQjgaLjmnt5e1MQw+wugac
qJucN8S2oL4snmZsDNO0EuFY+JuFbxfumb/GwGbVQn83fgy3UTAqCoVHiIee9Ska
Dkqc22MJHqhqYRhZPe61YQzscW6e9V74abTE2nk8INGSuY/3X6Stur8oDmCiuqbI
oGd7uJEsIEcFGzs9XjiXTx5SMnmmHxKGB7/+7XiRzR1aihS42Cm3Ycyv7QKKHiYq
LFnyk3U0zAhikG0wCKd09abXi7GEuAMl7B1SCbWct6jsCEreN9VWkFnIkxdJ3qyK
nBl+Aq0oOvxKZqU+p3poCa/lQzmXsYlCe0dDc/S+W56zTmgt5ZjFfi8nPomU6AoH
Y/jRMzOJ6BiQqZ+P4Rnf
=TxiR
-----END PGP SIGNATURE-----


Reply to: