[DONE] wml://security/2014/dla-{53,84,74}.wml
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- --- english/security/2014/dla-53.wml 2016-05-22 10:07:41.702961735 +0500
+++ russian/security/2014/dla-53.wml 2016-06-22 15:38:39.988491245 +0500
@@ -1,14 +1,15 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
<define-tag moreinfo>
- -<p>It was discovered that APT, the high level package manager, does not
- -properly invalidate unauthenticated data (<a
+<p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о APT, вÑ?Ñ?окоÑ?Ñ?овневÑ?й менеджеÑ? пакеÑ?ов, непÑ?авилÑ?но
+вÑ?полнÑ?еÑ? пÑ?овеÑ?кÑ? неаÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованнÑ?Ñ? даннÑ?Ñ? (<a
href="https://security-tracker.debian.org/tracker/CVE-2014-0488";>CVE-2014-0488</a>),
- -performs incorrect verification of 304 replies (<a
+вÑ?полнÑ?еÑ? непÑ?авилÑ?нÑ?Ñ? пÑ?овеÑ?кÑ? оÑ?веÑ?ов 304 (<a
href="https://security-tracker.debian.org/tracker/CVE-2014-0487";>CVE-2014-0487</a>)
- -and does not perform the checksum check when the Acquire::GzipIndexes option is used
+и не вÑ?полнÑ?еÑ? пÑ?овеÑ?кÑ? конÑ?Ñ?олÑ?нÑ?Ñ? Ñ?Ñ?мм пÑ?и иÑ?полÑ?зовании опÑ?ии Acquire::GzipIndexes
(<a href="https://security-tracker.debian.org/tracker/CVE-2014-0489";>CVE-2014-0489</a>).</p>
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in apt version 0.8.10.3+squeeze3</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в пакеÑ?е apt веÑ?Ñ?ии 0.8.10.3+squeeze3</p>
</define-tag>
# do not modify the following line
- --- english/security/2014/dla-74.wml 2016-04-09 01:32:21.000000000 +0500
+++ russian/security/2014/dla-74.wml 2016-06-22 15:44:49.049445338 +0500
@@ -1,16 +1,17 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
<define-tag moreinfo>
- -<p>This updates fixes a potential integer overflow in option parsing.</p>
+<p>Ð?анное обновление иÑ?пÑ?авлÑ?еÑ? поÑ?енÑ?иалÑ?ное пеÑ?еполнение Ñ?елÑ?Ñ? Ñ?иÑ?ел в коде длÑ? гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а опÑ?ий.</p>
- -<p>A user in the group <q>dip</q> could provide a specially crafted
- -configuration file of more than 2G and generate an integer overflow.
- -This may enable an attacker to overwrite the heap and thereby corrupt
- -security-relevant variables.</p>
+<p>Ð?олÑ?зоваÑ?елÑ? из гÑ?Ñ?ппÑ? <q>dip</q> можеÑ? пеÑ?едаÑ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?й
+Ñ?айл наÑ?Ñ?Ñ?оек Ñ?азмеÑ?ом более 2Ð?Ð?, Ñ?Ñ?о вÑ?зовеÑ? пеÑ?еполнение Ñ?елÑ?Ñ? Ñ?иÑ?ел.
+ÐÑ?о можеÑ? позволиÑ?Ñ? злоÑ?мÑ?Ñ?ленникÑ? пеÑ?езапиÑ?аÑ?Ñ? динамиÑ?еÑ?кÑ?Ñ? памÑ?Ñ?и и повÑ?едиÑ?Ñ? Ñ?ем Ñ?амÑ?м
+знаÑ?ениÑ? важнÑ?Ñ? длÑ? безопаÑ?ноÑ?Ñ?и пеÑ?еменнÑ?Ñ?.</p>
- -<p>See details in the upstream commit:
+<p>Ð?одÑ?обноÑ?Ñ?и Ñ?моÑ?Ñ?иÑ?е в оÑ?новной веÑ?ке Ñ?азÑ?абоÑ?ки:
<a href="https://github.com/paulusmack/ppp/commit/7658e8257183f062dc01f87969c140707c7e52cb";>https://github.com/paulusmack/ppp/commit/7658e8257183f062dc01f87969c140707c7e52cb</a></p>
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in ppp version 2.4.5-4+deb6u1</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в пакеÑ?е ppp веÑ?Ñ?ии 2.4.5-4+deb6u1</p>
</define-tag>
# do not modify the following line
- --- english/security/2014/dla-84.wml 2016-04-09 01:32:22.000000000 +0500
+++ russian/security/2014/dla-84.wml 2016-06-22 15:42:00.618042364 +0500
@@ -1,16 +1,17 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
<define-tag moreinfo>
- -<p>Symeon Paraschoudis discovered that the curl_easy_duphandle() function
- -in cURL, an URL transfer library, has a bug that can lead to libcurl
- -eventually sending off sensitive data that was not intended for sending,
- -while performing a HTTP POST operation.</p>
+<p>Симеон Ð?аÑ?аÑ?Ñ?диÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о Ñ?Ñ?нкÑ?иÑ? curl_easy_duphandle()
+в cURL, библиоÑ?еке пеÑ?едаÑ?и URL, Ñ?одеÑ?жиÑ? оÑ?ибкÑ?, коÑ?оÑ?аÑ? можеÑ? пÑ?иводиÑ?Ñ? к Ñ?омÑ?, Ñ?Ñ?о libcurl
+Ñ?лÑ?Ñ?айно оÑ?пÑ?авлÑ?еÑ? Ñ?Ñ?вÑ?Ñ?виÑ?елÑ?нÑ?е даннÑ?е, не пÑ?едназнаÑ?еннÑ?е длÑ? оÑ?пÑ?авки,
+в Ñ?оде вÑ?полнениÑ? HTTP-опеÑ?аÑ?ии POST.</p>
- -<p>This bug requires CURLOPT_COPYPOSTFIELDS and curl_easy_duphandle() to be
- -used in that order, and then the duplicate handle must be used to
- -perform the HTTP POST. The curl command line tool is not affected by
- -this problem as it does not use this sequence.</p>
+<p>Ð?аннаÑ? оÑ?ибка Ñ?Ñ?ебÑ?еÑ?, Ñ?Ñ?обÑ? иÑ?полÑ?зовалиÑ?Ñ? по поÑ?Ñ?дкÑ? CURLOPT_COPYPOSTFIELDS и curl_easy_duphandle(),
+а заÑ?ем должен иÑ?полÑ?зоваÑ?Ñ? код обÑ?абоÑ?ки дÑ?бликаÑ?ов длÑ?
+вÑ?полнениÑ? HTTP POST. Ð?оманда curl не подвеÑ?жена
+Ñ?Ñ?ой пÑ?облеме, поÑ?колÑ?кÑ? она не иÑ?полÑ?зÑ?еÑ? Ñ?казаннÑ?Ñ? поÑ?ледоваÑ?елÑ?ноÑ?Ñ?Ñ?.</p>
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in curl version 7.21.0-2.1+squeeze10</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в пакеÑ?е curl веÑ?Ñ?ии 7.21.0-2.1+squeeze10</p>
</define-tag>
# do not modify the following line
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXamwkAAoJEF7nbuICFtKlUcEP/3r1VF8aW9VJexZ35t9IHBnR
fO9Uk6+3JeA4gXqkauSYdvjZXaT07N9yh9L7BfXEFAsxSKRLRW5UfGsoC6olXetE
Ng1VFTZVCMqmIxoht6AvNSNUI53NGi4M21mlcFcN5LQpM11zLnny/UTe17c7+dbU
zIHacActM5Q9WAI2nXZ0Z8jSP+lDzaIOUNdkk8m9s+hNMVbaro081p6YGneux5Wb
vHOb7YVCBuSpoJyhu2RIldJzQkVdQUY9JDnV1KkJXh57Ph0DiJMJa5KUzmZPjjUI
SG0G17BX3MOMtdBRwtS7zmCd7Oztlmx1gm2Ar/7jcYKjVuR9Jdmfy9VQ8a75J+QS
GFpi5ViBFayLzFTkVWcsfpnS5ypitsCBRrMkjbIqTJ6LT4AGLR2JK82ngH49PJRE
dJpDIoHXI6HnP8CHin7Vg6Ip8KftG/JSB5Pdpn4skhM5j6l6/ArCKmK4tytht1q8
xQ+NlqvVGNbfxJ7tloOqLkxBPgM+iuvINqzr1fgvA9Avgz/d8hASGKY4J2V7Gmrd
/hk738yJdO0Qpn/+Ei+Qq2h5xOnffql3hhtPmMWPL0PKbStXzXQfLqV/UKjG2p2+
cNSDG+WoAXxv8x+uxubGhE5zSdnh4YDjGzWMouPqnzxZ4wXtd3/2vBAa49d7y0B8
8z47H/X2xHRxbLjAwPsY
=yltW
-----END PGP SIGNATURE-----
Reply to: