[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2014/dla-{25,20,79}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2014/dla-20.wml	2016-05-22 10:07:41.275015693 +0500
+++ russian/security/2014/dla-20.wml	2016-06-24 23:06:10.160054567 +0500
@@ -1,19 +1,21 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>[ Christoph Biedl ]</p>
+<p>[ Ð?Ñ?иÑ?Ñ?оÑ? Ð?идлÑ? ]</p>
 <ul>
- -<li>munin-node: more secure state file handling, introducing a new plugin
- -  state directory root, owned by uid 0. Then each plugin runs in its own
- -  UID plugin state directory, owned by that UID. (Closes: #684075),
- -  (Closes: #679897), closes <a href="https://security-tracker.debian.org/tracker/CVE-2012-3512";>CVE-2012-3512</a>.</li>
- -<li>plugins: use runtime $ENV{MUNIN_PLUGSTATE}. So all properly written
- -  plugins will use /var/lib/munin-node/plugin-state/$uid/$some_file now   please report plugins that are still using /var/lib/munin/plugin-state/   as those  might pose a security risk!</li>
- -<li>Don't abort data collection for a node due to malicious node, fixing
+<li>munin-node: более безопаÑ?наÑ? Ñ?абоÑ?а Ñ? Ñ?айлом Ñ?оÑ?Ñ?оÑ?ний, добавление нового коÑ?невого каÑ?алога Ñ?оÑ?Ñ?оÑ?ний
+  дополнений, владелÑ?Ñ?ем коÑ?оÑ?ого Ñ?влÑ?еÑ?Ñ?Ñ? полÑ?зоваÑ?елÑ? Ñ? иденÑ?иÑ?икаÑ?оÑ?ом 0. ТепеÑ?Ñ? каждое дополнение Ñ? UID запÑ?Ñ?каеÑ?Ñ?Ñ? в Ñ?обÑ?Ñ?венном
+  каÑ?алоге Ñ?оÑ?Ñ?оÑ?ний дополнениÑ?, владелÑ?Ñ?ем коÑ?оÑ?ого Ñ?влÑ?еÑ?Ñ?Ñ? Ñ?Ñ?оÑ? UID. (Ð?акÑ?Ñ?ваеÑ? оÑ?ибкÑ? #684075),
+  (Ð?акÑ?Ñ?ваеÑ? оÑ?ибкÑ? #679897), закÑ?Ñ?ваеÑ? <a href="https://security-tracker.debian.org/tracker/CVE-2012-3512";>CVE-2012-3512</a>.</li>
+<li>plugins: иÑ?полÑ?зование пеÑ?еменной вÑ?емени иÑ?полнениÑ? $ENV{MUNIN_PLUGSTATE}. Ð?Ñ?е пÑ?авилÑ?но запиÑ?аннÑ?е
+  дополнениÑ? Ñ?епеÑ?Ñ? бÑ?дÑ?Ñ? иÑ?полÑ?зоваÑ?Ñ? /var/lib/munin-node/plugin-state/$uid/$some_file, Ñ?ообÑ?айÑ?е о дополнениÑ?Ñ?, коÑ?оÑ?Ñ?е
+  иÑ?полÑ?зÑ?Ñ? /var/lib/munin/plugin-state/, поÑ?колÑ?кÑ? Ñ?Ñ?о можеÑ? бÑ?Ñ?Ñ? опаÑ?но Ñ? Ñ?оÑ?ки зÑ?ениÑ? безопаÑ?ноÑ?Ñ?и!</li>
+<li>Ð?е пÑ?еÑ?Ñ?ваÑ?Ñ? Ñ?боÑ? даннÑ?Ñ? длÑ? нодÑ? из-за вÑ?едоноÑ?ной нодÑ?, иÑ?пÑ?авлÑ?еÑ?
   munin#1397, <a href="https://security-tracker.debian.org/tracker/CVE-2013-6048";>CVE-2013-6048</a>.</li>
- -<li>Validate multigraph plugin name, <a href="https://security-tracker.debian.org/tracker/CVE-2013-6359";>CVE-2013-6359</a>.</li>
+<li>Ð?Ñ?овеÑ?ка имени дополнениÑ? multigraph, <a href="https://security-tracker.debian.org/tracker/CVE-2013-6359";>CVE-2013-6359</a>.</li>
 </ul>
 
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in munin version 1.4.5-3+deb6u1</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в пакеÑ?е munin веÑ?Ñ?ии 1.4.5-3+deb6u1</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2014/dla-25.wml	2016-05-22 10:07:41.311011154 +0500
+++ russian/security/2014/dla-25.wml	2016-06-24 23:00:43.961843306 +0500
@@ -1,31 +1,32 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>A regression has been identified in the python2.6 update of DLA-25-1,
- -which may cause python applications to abort if they were running during
- -the upgrade but they had not already imported the 'os' module, and do so
- -after the upgrade. This update fixes this upgrade scenario.</p>
+<p>Ð? обновлении DLA-25-1 длÑ? python2.6 бÑ?ла обнаÑ?Ñ?жена Ñ?егÑ?еÑ?Ñ?иÑ?,
+коÑ?оÑ?аÑ? можеÑ? пÑ?иводиÑ?Ñ? к Ñ?омÑ?, Ñ?Ñ?о пÑ?иложениÑ? на Ñ?зÑ?ке Python пÑ?еÑ?Ñ?ваÑ?Ñ?Ñ?Ñ? в Ñ?ом Ñ?лÑ?Ñ?ае, еÑ?ли они Ñ?абоÑ?аÑ?Ñ? во вÑ?емÑ?
+вÑ?полнениÑ? обновлениÑ?, но еÑ?Ñ? не импоÑ?Ñ?иÑ?овали модÑ?лÑ? 'os', Ñ?о же Ñ?амое пÑ?оиÑ?Ñ?одиÑ? и поÑ?ле
+вÑ?полнениÑ? обновлениÑ?. Ð?анное обновление иÑ?пÑ?авлÑ?еÑ? Ñ?Ñ?оÑ? Ñ?Ñ?енаÑ?ий обновлениÑ?.</p>
 
- -<p>For reference, the original advisory text follows.</p>
+<p>Ð?иже пÑ?иводиÑ?Ñ?Ñ? изнаÑ?алÑ?нÑ?й Ñ?екÑ?Ñ? Ñ?екомендаÑ?ии.</p>
 
- -<p>Multiple vulnerabilities were discovered in python2.6. The more
- -relevant are:</p>
+<p>Ð? python2.6 бÑ?ли обнаÑ?Ñ?женÑ? многоÑ?иÑ?леннÑ?е Ñ?Ñ?звимоÑ?Ñ?и. Ð?аиболее
+важнÑ? из ниÑ? Ñ?ледÑ?Ñ?Ñ?ие:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2013-4238";>CVE-2013-4238</a>
 
- -    <p>Incorrect handling of NUL bytes in certificate hostnames may allow
- -    server spoofing via specially-crafted certificates signed by
- -    a trusted Certification Authority.</p></li>
+    <p>Ð?екоÑ?Ñ?екÑ?наÑ? обÑ?абоÑ?ка NUL-байÑ? в Ñ?еÑ?Ñ?иÑ?икаÑ?аÑ? имÑ?н Ñ?злов можеÑ? позволиÑ?Ñ?
+    вÑ?полнÑ?Ñ?Ñ? подделкÑ? Ñ?еÑ?веÑ?а Ñ? помоÑ?Ñ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?Ñ? Ñ?еÑ?Ñ?иÑ?икаÑ?ов, подпиÑ?аннÑ?Ñ?
+    довеÑ?еннÑ?м авÑ?оÑ?иÑ?еÑ?ом.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-1912";>CVE-2014-1912</a>
 
- -    <p>Buffer overflow in socket.recvfrom_into leading to application
- -    crash and possibly code execution.</p></li>
+    <p>Ð?еÑ?еполнение бÑ?Ñ?еÑ?а в socket.recvfrom_into, пÑ?иводÑ?Ñ?ее к аваÑ?ийной оÑ?Ñ?ановке
+    пÑ?иложениÑ? и возможномÑ? вÑ?полнениÑ? кода.</p></li>
 
 </ul>
 
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in python2.6 version 2.6.6-8+deb6u2</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в пакеÑ?е python2.6 веÑ?Ñ?ии 2.6.6-8+deb6u2</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2014/dla-79.wml	2016-04-09 01:32:22.000000000 +0500
+++ russian/security/2014/dla-79.wml	2016-06-24 23:11:56.039639690 +0500
@@ -1,28 +1,29 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.5" maintainer="Lev Lamberov"
+<define-tag description>обовление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>This fixes a possibility of bypasswing the wiki authentication when an Active
- -Directory is used for LDAP authentication. These two CVE are almost the same,
- -one apparently being a superset of the other. They are fixed together.</p>
+<p>Ð?анное обновление иÑ?пÑ?авлÑ?еÑ? возможноÑ?Ñ?Ñ? обÑ?ода аÑ?Ñ?енÑ?иÑ?икаÑ?ии в wiki, еÑ?ли длÑ?
+LDAP-аÑ?Ñ?енÑ?иÑ?икаÑ?ии иÑ?полÑ?зÑ?еÑ?Ñ?Ñ? Active Directory. ЭÑ?и два CVE поÑ?Ñ?и Ñ?овпадаÑ?Ñ?,
+один Ñ?вно Ñ?влÑ?еÑ?Ñ?Ñ? надмножеÑ?Ñ?вом дÑ?Ñ?гого. Ð?ни иÑ?пÑ?авленÑ? одновÑ?еменно.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8763";>CVE-2014-8763</a>
 
- -    <p>DokuWiki before 2014-05-05b, when using Active Directory for LDAP
- -    authentication, allows remote attackers to bypass authentication via a
- -    password starting with a null (\0) character and a valid user name, which
- -    triggers an unauthenticated bind.</p></li>
+    <p>DokuWiki до веÑ?Ñ?ии 2014-05-05b пÑ?и иÑ?полÑ?зовании Active Directory длÑ?
+    LDAP-аÑ?Ñ?енÑ?иÑ?икаÑ?ии позволÑ?еÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам обойÑ?и аÑ?Ñ?енÑ?иÑ?икаÑ?иÑ? Ñ? помоÑ?Ñ?Ñ?
+    паÑ?олÑ?, наÑ?инаÑ?Ñ?егоÑ?Ñ? Ñ? нÑ?левого Ñ?имвола (\0) и коÑ?Ñ?екÑ?ного имени полÑ?зоваÑ?елÑ?, Ñ?Ñ?о
+    пÑ?иводиÑ? к неаÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованномÑ? Ñ?вÑ?зÑ?ваниÑ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8764";>CVE-2014-8764</a>
 
- -    <p>DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP
- -    authentication, allows remote attackers to bypass authentication via a
- -    user name and password starting with a null (\0) character, which triggers
- -    an anonymous bind.</p></li>
+    <p>DokuWiki 2014-05-05a или более Ñ?анниÑ? веÑ?Ñ?ий пÑ?и иÑ?полÑ?зовании Active Directory длÑ?
+    LDAP-аÑ?Ñ?енÑ?иÑ?икаÑ?ии позволÑ?еÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам обÑ?одиÑ?Ñ? аÑ?Ñ?енÑ?иÑ?икаÑ?иÑ? Ñ? помоÑ?Ñ?Ñ? имени
+    полÑ?зоваÑ?елÑ? и паÑ?олÑ?, наÑ?инаÑ?Ñ?иÑ?Ñ?Ñ? Ñ? нÑ?левого Ñ?имвола (\0), Ñ?Ñ?о пÑ?иводиÑ? к
+    анонимномÑ? Ñ?вÑ?зÑ?ваниÑ?.</p></li>
 
 </ul>
 
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in dokuwiki version 0.0.20091225c-10+squeeze3</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в пакеÑ?е dokuwiki веÑ?Ñ?ии 0.0.20091225c-10+squeeze3</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXbXgXAAoJEF7nbuICFtKlYF8P+wSqt/VCwJiqaBnAxObSfdY3
j/ardt0HRJc50xYAIBO0H32Fq0wobXgdMNf16kj8VFu8/Qqt/kekqDhckZdFZ3+Z
3Lq0NR0J5+ZNct13lDLhdpB3Xjgs21E83kPwMdRqQ36mSgpoAh9STAfuLGAEh+BZ
1WKiefXvMvqDFUE5zV1uF5gzTPyeloqKAXX6rkpCzhOzKF+k6+xCEqT9AW1a8NhK
hn56XhAa2YOsd3RgqGR62r32hooqs6OyiYlbsxwpf8kUdneNjm9Gtlj8uBranXZR
eax4/7CvUmmmBhscR78WkJpIoexHWf/aYmL2BvMMgxQCaNly0d4W/tMbhBVKHqbS
jRNWFwOCUNDJcwzF5lnFmJ/67Oh0Jr7hXhjiVGtaVgmVtf3Olv7L2JfMGYgoFA8p
qWKiVR4wimeO0YvLL8wLmF2tFfA9Xl5h6CqvnMmXtQmiOgqBw6RnQxqdMzLb+1KD
eaNSxn9e3X/SrN7N8mBoNfKA2vX6HNDlZEYBLpgjz1cKC5KktNX9qqFJKYpJXNX/
mx6vkR++NiUlpCMx5PgXDrBe+beHNd7BAIn4x0UI7ekfS+oz2A3RnHhPJNooLnyd
MpJvnFlKeMfRt9h63yCZcK+eStUU2IUI8ihDfT/4+xhg6suiRGhYXvaCVL3YX1zc
cIXF4kXL7EOaBBIA6PsC
=KVr6
-----END PGP SIGNATURE-----
Reply to: