[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://{security/2015/dla-212.wml}



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2015/dla-212.wml	2016-04-08 00:21:20.000000000 +0500
+++ russian/security/2015/dla-212.wml	2016-06-03 20:46:32.598693806 +0500
@@ -1,66 +1,67 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9705";>CVE-2014-9705</a>
 
- -    <p>Heap-based buffer overflow in the enchant_broker_request_dict
- -    function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x
- -    before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers
- -    to execute arbitrary code via vectors that trigger creation of
- -    multiple dictionaries.</p></li>
+    <p>Ð?еÑ?еполнение динамиÑ?еÑ?кой памÑ?Ñ?и в Ñ?Ñ?нкÑ?ии enchant_broker_request_dict
+    в ext/enchant/enchant.c в PHP до веÑ?Ñ?ии 5.4.38, 5.5.x
+    до веÑ?Ñ?ии 5.5.22 и 5.6.x до веÑ?Ñ?ии 5.6.6 позволÑ?еÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам
+    вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код Ñ?еÑ?ез векÑ?оÑ?Ñ?, вÑ?полнÑ?Ñ?Ñ?ие Ñ?оздание
+    неÑ?колÑ?киÑ? Ñ?ловаÑ?ей.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-0232";>CVE-2015-0232</a>
 
- -    <p>The exif_process_unicode function in ext/exif/exif.c in PHP
- -    before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5
- -    allows remote attackers to execute arbitrary code or cause a
- -    denial of service (uninitialized pointer free and application
- -    crash) via crafted EXIF data in a JPEG image.</p></li>
+    <p>ФÑ?нкÑ?иÑ? exif_process_unicode в ext/exif/exif.c в PHP
+    до веÑ?Ñ?ии 5.4.37, 5.5.x до веÑ?Ñ?ии 5.5.21 и 5.6.x до веÑ?Ñ?ии 5.6.5
+    позволÑ?еÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код или вÑ?зÑ?ваÑ?Ñ?
+    оÑ?каз в обÑ?лÑ?живании (оÑ?вобождение неиниÑ?иализиÑ?ованного Ñ?казаÑ?елÑ? и аваÑ?ийнаÑ?
+    оÑ?Ñ?ановка пÑ?иложениÑ?) Ñ?еÑ?ез Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?е даннÑ?е EXIF в изобÑ?ажениÑ?Ñ? в Ñ?оÑ?маÑ?е JPEG.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-2301";>CVE-2015-2301</a>
 
- -    <p>Use-after-free vulnerability in the phar_rename_archive function
- -    in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6
- -    allows remote attackers to cause a denial of service or possibly
- -    have unspecified other impact via vectors that trigger an attempted
- -    renaming of a Phar archive to the name of an existing file.</p></li>
+    <p>Ð?Ñ?полÑ?зование Ñ?казаÑ?елей поÑ?ле оÑ?вобождениÑ? в Ñ?Ñ?нкÑ?ии phar_rename_archive
+    в phar_object.c в PHP до веÑ?Ñ?ии 5.5.22 и 5.6.x до веÑ?Ñ?ии 5.6.6
+    позволÑ?еÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании или поÑ?енÑ?иалÑ?но
+    оказÑ?ваÑ?Ñ? дÑ?Ñ?гое влиÑ?ние на безопаÑ?ноÑ?Ñ?Ñ? Ñ?еÑ?ез векÑ?оÑ?Ñ?, вÑ?полнÑ?Ñ?Ñ?ие попÑ?Ñ?кÑ?
+    пеÑ?еименованиÑ? аÑ?Ñ?ива Phar в имÑ? Ñ?Ñ?Ñ?еÑ?Ñ?вÑ?Ñ?Ñ?его Ñ?айла.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-2331";>CVE-2015-2331</a>
 
- -    <p>Integer overflow in the _zip_cdir_new function in zip_dirent.c
- -    in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP
- -    before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and
- -    other products, allows remote attackers to cause a denial of
- -    service (application crash) or possibly execute arbitrary code
- -    via a ZIP archive that contains many entries, leading to a
- -    heap-based buffer overflow.</p></li>
+    <p>Ð?еÑ?еполнение Ñ?елÑ?Ñ? Ñ?иÑ?ел в Ñ?Ñ?нкÑ?ии _zip_cdir_new в zip_dirent.c
+    в libzip 0.11.2 и более Ñ?анниÑ? веÑ?Ñ?иÑ?Ñ?, иÑ?полÑ?зÑ?емой в Ñ?аÑ?Ñ?иÑ?ении ZIP в PHP
+    до веÑ?Ñ?ии 5.4.39, 5.5.x до веÑ?Ñ?ии 5.5.23 и 5.6.x до веÑ?Ñ?ии 5.6.7
+    и дÑ?Ñ?гиÑ? пÑ?одÑ?кÑ?аÑ? позволÑ?еÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам вÑ?зÑ?ваÑ?Ñ? оÑ?каз в
+    обÑ?лÑ?живании (аваÑ?ийнаÑ? оÑ?Ñ?ановка пÑ?иложениÑ?) или поÑ?енÑ?иалÑ?но вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код
+    Ñ? помоÑ?Ñ?Ñ? ZIP-аÑ?Ñ?ива, Ñ?одеÑ?жаÑ?его много запиÑ?ей, Ñ?Ñ?о пÑ?иводиÑ?
+    к пеÑ?еполнениÑ? динамиÑ?еÑ?кой памÑ?Ñ?и.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-2783";>CVE-2015-2783</a>
 
- -    <p>Buffer Over-read in unserialize when parsing Phar</p></li>
+    <p>ЧÑ?ение за пÑ?еделами вÑ?деленного бÑ?Ñ?еÑ?а памÑ?Ñ?и в коде деÑ?еÑ?иализаÑ?ии пÑ?и вÑ?полнении гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а Phar</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-2787";>CVE-2015-2787</a>
 
- -    <p>Use-after-free vulnerability in the process_nested_data function
- -    in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x
- -    before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to
- -    execute arbitrary code via a crafted unserialize call that
- -    leverages use of the unset function within an __wakeup function,
- -    a related issue to <a href="https://security-tracker.debian.org/tracker/CVE-2015-0231";>CVE-2015-0231</a>.</p></li>
+    <p>Ð?Ñ?полÑ?зование Ñ?казаÑ?елей поÑ?ле оÑ?вобождениÑ? памÑ?Ñ?и в Ñ?Ñ?нкÑ?ии process_nested_data
+    в ext/standard/var_unserializer.re в PHP до веÑ?Ñ?ии 5.4.39, 5.5.x
+    до веÑ?Ñ?ии 5.5.23 и 5.6.x до веÑ?Ñ?ии 5.6.7 позволÑ?еÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам
+    вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код Ñ?еÑ?ез Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?й деÑ?еÑ?иализованнÑ?й вÑ?зов,
+    иÑ?полÑ?зÑ?Ñ?Ñ?ий Ñ?Ñ?нкÑ?иÑ? unset в Ñ?Ñ?нкÑ?ии __wakeup.
+    ЭÑ?а пÑ?облема Ñ?вÑ?зана Ñ? <a href="https://security-tracker.debian.org/tracker/CVE-2015-0231";>CVE-2015-0231</a>.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-3329";>CVE-2015-3329</a>
 
- -    <p>Buffer Overflow when parsing tar/zip/phar in phar_set_inode)</p></li>
+    <p>Ð?еÑ?еполнение бÑ?Ñ?еÑ?а пÑ?и вÑ?полнении гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а tar/zip/phar в phar_set_inode</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-3330";>CVE-2015-3330</a>
 
- -    <p>PHP potential remote code execution with apache 2.4 apache2handler</p>
+    <p>Ð?оÑ?енÑ?иалÑ?но Ñ?далÑ?нное вÑ?полнение кода PHP Ñ? apache 2.4 apache2handler</p>
 
 <li>CVE-2015-temp-68819
- -    
- -    <p>denial of service when processing a crafted file with Fileinfo</p></li>
+
+    <p>Ð?Ñ?каз в обÑ?лÑ?живании пÑ?и обÑ?абоÑ?ке Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного Ñ?айла Ñ? Fileinfo</p></li>
 
 </ul>
 </define-tag>
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXUaafAAoJEF7nbuICFtKlDSMP/0RyYCB8LGKn7+PdiDRrEy4N
BGY6S+QMYgU6QB8erIc0EWyGt9xW2RkC4SuNKRMWK18zYaDL+hWwiUxuk+QrgBie
A+ymRF1b/pdYAqH2JrUvXlnS98Z0nZ8qA+5KMNjCqNa3/35rYF3nkLyM/v+PRgmX
dBsELhNLc1V5iEzNjqWHT23kB7KLvNbtE/0BTXGI1pFtD4vqKk0OukNwK/BCwAYE
jEa2bTr1awDg4hHPcd8bdMpfrjsWfDmr61hvv2RcOPXBQK4WSPngG9cV0Du4nbiv
rBwI9ShWmQiqzqXJlRt80cXEDEbCs8Uo4h5jDsmpRLgUnDd3819TMIIY7cgtjkqz
Q0CwNFErXBXWmaK3fapGXRe43/0hp1OekTYE375y40GeWFWDEWZbYsHEHhpbismm
joFpUlAYwd66m69NrSiRUVailrYQUQZRIBndGqGsg2pNgndSTB0brYzTzwjHaC3C
gbpk+FluUthPPjqsqKOu8YdPQadEIj5MMNSMLg4bJdpWsNfmynhQD69gmh330UBu
Wmz1jVMGpwsFFrih1t5lgy8ebQUaxe/dNwZW5zbTfD+uia3YzBdS1EJZzU4lUncu
3pzmeditsNmzzS9+Ot0COzRuPAtOv/tKJ0vvp+xQybi9DHe5PS7U3Mn+jE6piZ+g
RCqaNWz2gjfv1t2Kl7V5
=5sBB
-----END PGP SIGNATURE-----


Reply to: