[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2014/dla-1{0,1}6.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2014/dla-106.wml	2016-04-09 01:32:21.000000000 +0500
+++ russian/security/2014/dla-106.wml	2016-06-27 22:05:25.819082716 +0500
@@ -1,39 +1,40 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in getmail4, a mail retriever
- -with support for POP3, IMAP4 and SDPS, that could allow man-in-the-middle
- -attacks.</p>
+<p>Ð? getmail4, пÑ?огÑ?амме длÑ? полÑ?Ñ?ениÑ? Ñ?лекÑ?Ñ?онной поÑ?Ñ?Ñ?, поддеÑ?живаÑ?Ñ?ей
+POP3, IMAP4 и SDPS, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей, коÑ?оÑ?Ñ?е позволÑ?Ñ?Ñ?
+вÑ?полнÑ?Ñ?Ñ? аÑ?аки по пÑ?инÑ?ипÑ? Ñ?еловек-в-Ñ?еÑ?едине.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-7273";>CVE-2014-7273</a>
 
- -    <p>The IMAP-over-SSL implementation in getmail 4.0.0 through 4.43.0 does
- -    not verify X.509 certificates from SSL servers, which allows
- -    man-in-the-middle attackers to spoof IMAP servers and obtain sensitive
- -    information via a crafted certificate.</p></li>
+    <p>РеализаÑ?иÑ? IMAP-Ñ?еÑ?ез-SSL в getmail Ñ? веÑ?Ñ?ии 4.0.0 до веÑ?Ñ?ии 4.43.0
+    не вÑ?полнÑ?еÑ? пÑ?овеÑ?кÑ? Ñ?еÑ?Ñ?иÑ?икаÑ?ов X.509 SSL-Ñ?еÑ?веÑ?ов, Ñ?Ñ?о позволÑ?еÑ?
+    злоÑ?мÑ?Ñ?ленникам подделÑ?ваÑ?Ñ? Ñ?еÑ?веÑ?Ñ? IMAP и полÑ?Ñ?аÑ?Ñ? Ñ?Ñ?вÑ?Ñ?виÑ?елÑ?нÑ?Ñ?
+    инÑ?оÑ?маÑ?иÑ? Ñ? помоÑ?Ñ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного Ñ?еÑ?Ñ?иÑ?икаÑ?а.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-7274";>CVE-2014-7274</a>
 
- -    <p>The IMAP-over-SSL implementation in getmail 4.44.0 does not verify
- -    that the server hostname matches a domain name in the subject's Common
- -    Name (CN) field of the X.509 certificate, which allows
- -    man-in-the-middle attackers to spoof IMAP servers and obtain sensitive
- -    information via a crafted certificate from a recognized Certification
- -    Authority.</p></li>
+    <p>РеализаÑ?иÑ? IMAP-Ñ?еÑ?ез-SSL в getmail веÑ?Ñ?ии 4.44.0 не вÑ?полнÑ?еÑ? пÑ?овеÑ?кÑ?
+    Ñ?ого, Ñ?Ñ?о имÑ? Ñ?зла Ñ?еÑ?веÑ?а Ñ?овпадаеÑ? Ñ? именем домена в поле Common Name (CN)
+    Ñ?еÑ?Ñ?иÑ?икаÑ?а X.509, Ñ?Ñ?о позволÑ?еÑ? злоÑ?мÑ?Ñ?ленникам
+    подделÑ?ваÑ?Ñ? Ñ?еÑ?веÑ?Ñ? IMAP и полÑ?Ñ?аÑ?Ñ? Ñ?Ñ?вÑ?Ñ?виÑ?елÑ?нÑ?Ñ?
+    инÑ?оÑ?маÑ?иÑ? Ñ? помоÑ?Ñ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного Ñ?еÑ?Ñ?иÑ?икаÑ?а оÑ? Ñ?знаваемого
+    авÑ?оÑ?иÑ?еÑ?а.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-7275";>CVE-2014-7275</a>
 
- -    <p>The POP3-over-SSL implementation in getmail 4.0.0 through 4.44.0 does
- -    not verify X.509 certificates from SSL servers, which allows
- -    man-in-the-middle attackers to spoof POP3 servers and obtain sensitive
- -    information via a crafted certificate.</p>
+    <p>РеализаÑ?иÑ? POP3-Ñ?еÑ?ез-SSL в getmail Ñ? веÑ?Ñ?ии 4.0.0 до веÑ?Ñ?ии 4.44.0
+    не вÑ?полнÑ?еÑ? пÑ?овеÑ?кÑ? Ñ?еÑ?Ñ?иÑ?икаÑ?ов X.509 SSL-Ñ?еÑ?веÑ?ов, Ñ?Ñ?о позволÑ?еÑ?
+    злоÑ?мÑ?Ñ?ленникам подделÑ?ваÑ?Ñ? Ñ?еÑ?веÑ?Ñ? POP3 и полÑ?Ñ?аÑ?Ñ? Ñ?Ñ?вÑ?Ñ?виÑ?елÑ?нÑ?Ñ?
+    инÑ?оÑ?маÑ?иÑ? Ñ? помоÑ?Ñ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного Ñ?еÑ?Ñ?иÑ?икаÑ?а.</p>
 
 </ul>
 
- -<p>For the squeeze distribution, those problems have been fixed by importing
- -a new upstream version: 4.46.0-1~deb6u1. The updated package has been
- -prepared by Osamu Aoki.</p>
+<p>Ð? вÑ?пÑ?Ñ?ке squeeze Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? пÑ?Ñ?Ñ?м импоÑ?Ñ?а
+новой веÑ?Ñ?ии из оÑ?новной веÑ?ки Ñ?азÑ?абоÑ?ки: 4.46.0-1~deb6u1. Ð?бновлÑ?ннÑ?й пакеÑ?
+бÑ?л подгоÑ?овлен Ð?Ñ?амÑ? Ð?оки.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2014/dla-116.wml	2016-04-06 03:02:53.000000000 +0500
+++ russian/security/2014/dla-116.wml	2016-06-27 22:14:08.255615381 +0500
@@ -1,45 +1,46 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities were discovered in the ntp package, an
- -implementation of the Network Time Protocol.</p>
+<p>Ð? пакеÑ?е ntp, Ñ?еализаÑ?ии пÑ?оÑ?окола Ñ?еÑ?евого вÑ?емени, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко
+Ñ?Ñ?звимоÑ?Ñ?ей.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9293";>CVE-2014-9293</a>
 
- -    <p>ntpd generated a weak key for its internal use, with full
- -    administrative privileges.  Attackers could use this key to
- -    reconfigure ntpd (or to exploit other vulnerabilities).</p></li>
+    <p>ntpd Ñ?оздаÑ?Ñ? Ñ?лабÑ?й клÑ?Ñ? длÑ? внÑ?Ñ?Ñ?еннего иÑ?полÑ?зованиÑ?, клÑ?Ñ? имееÑ? полнÑ?е
+    админиÑ?Ñ?Ñ?аÑ?ивнÑ?е пÑ?ава.  Ð?лоÑ?мÑ?Ñ?ленники могÑ?Ñ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?оÑ? клÑ?Ñ?
+    длÑ? изменениÑ? наÑ?Ñ?Ñ?оек ntpd (или длÑ? иÑ?полÑ?зованиÑ? дÑ?Ñ?гиÑ? Ñ?Ñ?звимоÑ?Ñ?ей).</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9294";>CVE-2014-9294</a>
 
- -    <p>The ntp-keygen utility generated weak MD5 keys with insufficient
- -    entropy.</p></li>
+    <p>УÑ?илиÑ?а ntp-keygen Ñ?оздаÑ?Ñ? Ñ?лабÑ?е клÑ?Ñ?и MD5 Ñ? недоÑ?Ñ?аÑ?оÑ?ной
+    Ñ?нÑ?Ñ?опией.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9295";>CVE-2014-9295</a>
 
- -    <p>ntpd had several buffer overflows (both on the stack and in the
- -    data section), allowing remote authenticated attackers to crash
- -    ntpd or potentially execute arbitrary code.</p></li>
+    <p>ntpd Ñ?одеÑ?жиÑ? неÑ?колÑ?ко пеÑ?еполнений бÑ?Ñ?еÑ?а (Ñ?вÑ?занÑ? и Ñ?о Ñ?Ñ?еком, и Ñ?
+    даннÑ?ми), Ñ?Ñ?о позволÑ?еÑ? Ñ?далÑ?ннÑ?м аÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованнÑ?м злоÑ?мÑ?Ñ?ленникам аваÑ?ийно завеÑ?Ñ?аÑ?Ñ?
+    Ñ?абоÑ?Ñ? ntpd или поÑ?енÑ?иалÑ?но вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9296";>CVE-2014-9296</a>
 
- -    <p>The general packet processing function in ntpd did not handle an
- -    error case correctly.</p></li>
+    <p>Ð?бÑ?аÑ? Ñ?Ñ?нкÑ?иÑ? длÑ? вÑ?полнениÑ? гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а пакеÑ?ов в ntpd непÑ?авилÑ?но
+    обÑ?абаÑ?Ñ?ваеÑ? оÑ?ибки.</p></li>
 
 </ul>
 
- -<p>The default ntpd configuration in Debian restricts access to localhost
- -(and possible the adjacent network in case of IPv6).</p>
+<p>Ð?о Ñ?молÑ?аниÑ? наÑ?Ñ?Ñ?ойки ntpd в Debian огÑ?аниÑ?иваÑ?Ñ? доÑ?Ñ?Ñ?п к локалÑ?ной маÑ?ине
+(возможно, Ñ?акже и Ñ?межной Ñ?еÑ?и в Ñ?лÑ?Ñ?ае иÑ?полÑ?зованиÑ? IPv6).</p>
 
- -<p>Keys explicitly generated by "ntp-keygen -M" should be regenerated.</p><
+<p>Ð?лÑ?Ñ?и, Ñ?озданнÑ?е Ñ?внÑ?м обÑ?азом Ñ? помоÑ?Ñ?Ñ? "ntp-keygen -M", Ñ?ледÑ?еÑ? Ñ?оздаÑ?Ñ? заново.</p><
 
- -<p>For the oldstable distribution (squeeze), these problems have been fixed in
- -version 4.2.6.p2+dfsg-1+deb6u1.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 4.2.6.p2+dfsg-1+deb6u1.</p>
 
- -<p>We recommend that you upgrade your heirloom-mailx packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? heirloom-mailx.</p>
 
- -<p>Thanks to the Florian Weimer for the Red Hat security update.</p>
+<p>Ð?лагодаÑ?им ФлоÑ?иана Ð?аймеÑ?а за обновление безопаÑ?ноÑ?Ñ?и длÑ? Red Hat.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXcV7lAAoJEF7nbuICFtKlTZUQAIQLWp7MAXrocwThplNvtS/O
Ma9yuUC82w+hWkRZhwR1hPBqAJmp6L3PjxcqMqY6mOjitdOFnXL2XXAXGDhxqEZn
SmTFK9eOOH+GxwcVRO8LbHxn7mcLa/lubZLGPPxFywq5fopn/t39CbXlWVORW5/W
RaocazujPFu3k+vcVdYdt0J1C7/1RTUETMyexvR+2TT+h8XPywolaAZjAfjoRbom
jsiY6dZ6jkma+SOOTQVcSBRLM1L0Mfj/D7sGjYMsBpMQDZ5YV3rpcDCyWWt4QNaO
yxc1YIBLLY8IDtBnfYDDXUJwUp5qQNihfrxq0zBwXkeNRIlVuQOKRzYkoIiV2K4m
XNj3B5yKo6msTtDrg1QeVHdMr/81Rc9p5veNUzh5YHoFYLaG/7xLek+hbKA+vFAy
7MSdovB3+ef9X8+squM+9zmILTa/oZ8F3fql+Q0ZrJCsCfUhy9ZYA3XEwqb1ZBbg
+pbQTBgJt7+J2ukLql97xbdr2yNk5DdkVuHLhWllj9ayQjWkav1CiCf9kMe5DBtl
svosifVwNENrkBk35UZGcyc2uPfL+ICE8KqVYzuR2Kudahto0PA6VqPWAF/352hY
sLjcwHO9hnLj5CkksViVgfhMelBhnfWNBaVpY6zDrvc8nxa5m4X5SQ48G061he+f
pxz5kH2OI9l2XBt8FFUx
=wToC
-----END PGP SIGNATURE-----
Reply to: