[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2008/dsa-1{580,473,526}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2008/dsa-1473.wml	2014-04-30 13:16:14.000000000 +0600
+++ russian/security/2008/dsa-1473.wml	2016-07-08 18:20:13.217031229 +0500
@@ -1,27 +1,28 @@
- -<define-tag description>design flaw</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>оÑ?ибка Ñ?азÑ?абоÑ?ки</define-tag>
 <define-tag moreinfo>
- -<p>Joachim Breitner discovered that Subversion support in scponly is
- -inherently insecure, allowing execution of arbitrary commands.  Further
- -investigation showed that rsync and Unison support suffer from similar
- -issues.  This set of issues has been assigned <a href="https://security-tracker.debian.org/tracker/CVE-2007-6350";>CVE-2007-6350</a>.</p>
+<p>Ð?оаÑ?им Ð?Ñ?айÑ?неÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о поддеÑ?жка Subversion в scponly
+небезопаÑ?на и позволÑ?еÑ? вÑ?полнение пÑ?оизволÑ?нÑ?Ñ? команд.  Ð?алÑ?нейÑ?ее
+иÑ?Ñ?ледование показало, Ñ?Ñ?о поддеÑ?жка rsync и Unison Ñ?Ñ?Ñ?адаеÑ? оÑ? Ñ?еÑ? же
+пÑ?облем.  ЭÑ?оÑ? набоÑ? пÑ?облем полÑ?Ñ?ил иденÑ?иÑ?икаÑ?оÑ? <a href="https://security-tracker.debian.org/tracker/CVE-2007-6350";>CVE-2007-6350</a>.</p>
 
- -<p>In addition, it was discovered that it was possible to invoke scp
- -with certain options that may lead to the execution of arbitrary commands
+<p>Ð?Ñ?оме Ñ?ого, бÑ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о можно вÑ?зваÑ?Ñ? scp
+Ñ? опÑ?еделÑ?ннÑ?ми опÑ?иÑ?ми, Ñ?Ñ?о можеÑ? пÑ?иводиÑ?Ñ? к вÑ?полнениÑ? пÑ?оизволÑ?нÑ?Ñ? команд
 (<a href="https://security-tracker.debian.org/tracker/CVE-2007-6415";>CVE-2007-6415</a>).</p>
 
- -<p>This update removes Subversion, rsync and Unison support from the
- -scponly package, and prevents scp from being invoked with the dangerous
- -options.</p>
+<p>Ð?анное обновление Ñ?далÑ?еÑ? поддеÑ?жкÑ? Subversion, rsync и Unison из
+пакеÑ?а scponly, а Ñ?акже не позволÑ?еÑ? вÑ?зÑ?ваÑ?Ñ? scp Ñ? опаÑ?нÑ?ми
+опÑ?иÑ?ми.</p>
 
- -<p>For the old stable distribution (sarge), these problems have been fixed
- -in version 4.0-1sarge2.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sarge) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 4.0-1sarge2.</p>
 
- -<p>For the stable distribution (etch), these problems have been fixed in
- -version 4.6-1etch1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 4.6-1etch1.</p>
 
- -<p>The unstable distribution (sid) will be fixed soon.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?дÑ?Ñ? иÑ?пÑ?авленÑ? позже.</p>
 
- -<p>We recommend that you upgrade your scponly package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? scponly.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2008/dsa-1526.wml	2014-04-30 13:16:15.000000000 +0600
+++ russian/security/2008/dsa-1526.wml	2016-07-08 18:30:37.843757531 +0500
@@ -1,30 +1,31 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.6" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Steve Kemp from the Debian Security Audit project discovered several local
- -vulnerabilities in xwine, a graphical user interface for the WINE emulator.</p>
+<p>СÑ?ив Ð?Ñ?мп из пÑ?оекÑ?а Debian Security Audit обнаÑ?Ñ?жил неÑ?колÑ?ко локалÑ?нÑ?Ñ?
+Ñ?Ñ?звимоÑ?Ñ?ей в xwine, гÑ?аÑ?иÑ?еÑ?ком полÑ?зоваÑ?елÑ?Ñ?ком инÑ?еÑ?Ñ?ейÑ?е длÑ? Ñ?мÑ?лÑ?Ñ?оÑ?а WINE.</p>
 
- -<p>The Common Vulnerabilities and Exposures project identifies the following
- -problems:</p>
+<p>Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие
+пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-0930";>CVE-2008-0930</a>
- -  <p>The xwine command makes unsafe use of local temporary files when
- -  printing.  This could allow the removal of arbitrary files belonging
- -  to users who invoke the program.</p></li>
+  <p>Ð?оманда xwine небезопаÑ?но иÑ?полÑ?зÑ?еÑ? вÑ?еменнÑ?е Ñ?айлÑ? пÑ?и
+  пеÑ?аÑ?и.  ЭÑ?о можеÑ? позволиÑ?Ñ? Ñ?далиÑ?Ñ? пÑ?оизволÑ?нÑ?е Ñ?айлÑ?, пÑ?инадлежаÑ?ие
+  полÑ?зоваÑ?елÑ?м, запÑ?Ñ?Ñ?ивÑ?им пÑ?огÑ?аммÑ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-0931";>CVE-2008-0931</a>
- -  <p>The xwine command changes the permissions of the global WINE configuration
- -  file such that it is world-writable.  This could allow local users to edit
- -  it such that arbitrary commands could be executed whenever any local user
- -  executed a program under WINE.</p></li>
+  <p>Ð?оманда xwine изменÑ?еÑ? пÑ?ава глобалÑ?ного Ñ?айла наÑ?Ñ?Ñ?оек WINE
+  Ñ?аким обÑ?азом, Ñ?Ñ?о он Ñ?Ñ?ановиÑ?Ñ?Ñ? оÑ?кÑ?Ñ?Ñ?Ñ?м длÑ? запиÑ?и вÑ?ем полÑ?зоваÑ?елÑ?м.  ЭÑ?о можеÑ? позволиÑ?Ñ? локалÑ?нÑ?м полÑ?зоваÑ?елÑ?м
+  измениÑ?Ñ? его Ñ?ак, Ñ?Ñ?обÑ? пÑ?и запÑ?Ñ?ке лÑ?бой пÑ?огÑ?аммÑ? под WINE лÑ?бÑ?м локалÑ?нÑ?м
+  полÑ?зоваÑ?елем запÑ?Ñ?калиÑ?Ñ? пÑ?оизволÑ?нÑ?е командÑ?.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (etch), these problems have been fixed in version
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии
 1.0.1-1etch1.</p>
 
- -<p>We recommend that you upgrade your xwine package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? xwine.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2008/dsa-1580.wml	2008-05-20 18:00:27.000000000 +0600
+++ russian/security/2008/dsa-1580.wml	2016-07-08 18:15:55.860358998 +0500
@@ -1,25 +1,26 @@
- -<define-tag description>programming error</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>оÑ?ибка пÑ?огÑ?аммиÑ?ованиÑ?</define-tag>
 <define-tag moreinfo>
- -<p>It was discovered that phpGedView, an application to provide online access
- -to genealogical data, allowed remote attackers to gain administrator
- -privileges due to a programming error.</p>
+<p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о phpGedView, пÑ?иложение, пÑ?едоÑ?Ñ?авлÑ?Ñ?Ñ?ее онлайн-доÑ?Ñ?п
+к генеалогиÑ?еÑ?ким даннÑ?м, позволÑ?еÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам полÑ?Ñ?иÑ?Ñ? пÑ?ава
+админиÑ?Ñ?Ñ?аÑ?оÑ?а из-за оÑ?ибки пÑ?огÑ?аммиÑ?ованиÑ?.</p>
 
- -<p><em>Note:</em> this problem was a fundamental design flaw in the interface (API) to
- -connect phpGedView with external programs like content management systems.
- -Resolving this problem was only possible by completely reworking the API,
- -which is not considered appropriate for a security update. Since these are
- -peripheral functions probably not used by the large majority of package
- -users, it was decided to remove these interfaces. If you require that
- -interface nonetheless, you are advised to use a version of phpGedView
- -backported from Debian Lenny, which has a completely redesigned API.</p>
+<p><em>Ð?нимание:</em> Ñ?Ñ?а пÑ?облема пÑ?едÑ?Ñ?авлÑ?еÑ? Ñ?обой недоÑ?Ñ?аÑ?ок пÑ?оекÑ?иÑ?ованиÑ? инÑ?еÑ?Ñ?ейÑ?а (API)
+длÑ? подклÑ?Ñ?ениÑ? phpGedView к внеÑ?ним пÑ?огÑ?аммам, Ñ?аким как Ñ?иÑ?Ñ?емÑ? Ñ?пÑ?авлениÑ? Ñ?одеÑ?жимÑ?м.
+РазÑ?еÑ?ение Ñ?Ñ?ой пÑ?облемÑ? бÑ?ло возможно Ñ?олÑ?ко пÑ?Ñ?Ñ?м полной пеÑ?еÑ?абоÑ?ки API,
+Ñ?Ñ?о не можеÑ? Ñ?Ñ?иÑ?аÑ?Ñ?Ñ?Ñ? подÑ?одÑ?Ñ?им иÑ?пÑ?авлением длÑ? обновлениÑ? безопаÑ?ноÑ?Ñ?и. Ð?оÑ?колÑ?кÑ? Ñ?Ñ?о
+пеÑ?иÑ?еÑ?ийнÑ?е Ñ?Ñ?нкÑ?ии, коÑ?оÑ?Ñ?е возможно не иÑ?полÑ?зÑ?Ñ?Ñ?Ñ?Ñ? болÑ?Ñ?им колиÑ?еÑ?Ñ?вом полÑ?зоваÑ?елей
+пакеÑ?а, бÑ?ло Ñ?еÑ?ено Ñ?далиÑ?Ñ? Ñ?Ñ?и инÑ?еÑ?Ñ?ейÑ?Ñ?. Ð?Ñ?ли вам вÑ?Ñ? Ñ?авно Ñ?Ñ?ебÑ?Ñ?Ñ?Ñ?Ñ? Ñ?Ñ?и
+инÑ?еÑ?Ñ?ейÑ?Ñ?, вам Ñ?екомендÑ?еÑ?Ñ?Ñ? иÑ?полÑ?зоваÑ?Ñ? веÑ?Ñ?иÑ? phpGedView,
+адапÑ?иÑ?ованнÑ?Ñ? из вÑ?пÑ?Ñ?ка Debian Lenny, коÑ?оÑ?аÑ? имееÑ? полноÑ?Ñ?Ñ?Ñ? пеÑ?еÑ?абоÑ?аннÑ?й API.</p>
 
- -<p>For the stable distribution (etch), this problem has been fixed in version
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в веÑ?Ñ?ии
 4.0.2.dfsg-4.</p>
 
- -<p>For the unstable distribution (sid), this problem has been fixed in
- -version 4.1.e+4.1.5-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 4.1.e+4.1.5-1.</p>
 
- -<p>We recommend that you upgrade your phpgedview package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? phpgedview.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXf6sCAAoJEF7nbuICFtKlryAP/R4UhLJLskZtxxmQMUayBXik
mZMDpikU+OpqyGycqhND33Wayu4lv/BjjLjgIp41w61CbtT6icWe9k/k1sqg16aS
XduMR2oR8xUKOzrlP/qlfFkO6yQ4KaCJS9rqk8RRxM9CDwnI9Huyo+tN0DZeZkaW
/8D+gp4bZoQG3kgn8ABIVRA+sQGvbM2dxYYFrepUjpwUwZ1PqctUKl4qApEmMJEf
87OhaL1KRNi5O886LWwKthJ3iIEm5LWtgTMI1qcKrjaxRk2iLCvEn3VaPMWipCcW
5lwUMaLGSo9wFwMhjjyK8tTPtCti52dO50mP/jahceuktY9ykKqiNxvw0lCIjO+4
imsZ5+PysKDeGdPMsfaGZPryoGBbXR6Mb1g7CgS9pComfFMFQ4g6GDNHIsXmcJhB
CYgf/p+TF63rCRPxqGwwZl2XcRG14WZpW7drDfRjO7Wg/wChe1De0J5shM8OJE/u
1C8F5ICzbuuOXT53WCJIRf97tT58UGAO2ibHASCJeoOIgW1GmdUfNg1dmb1I2mQg
awoGhnRBbRJZM+jgd4CKlK7ovcOAEcJQ3z4+99HC5dUhvDdgSGYG8cYpvvMRtgFZ
nPRDn9byBbWA+Hwv8+wVFOL8p13I60yIY5rUpFagho68SJJnfcGc6aX+Y6wiTvql
4Iytkrcp4CEQU4q2PGqk
=/g4R
-----END PGP SIGNATURE-----
Reply to: