[DONE] wml://security/2008/dsa-1{497,608,640}.wml

[Lev Lamberov <dogsleg@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2008/dsa-1497.wml	2014-04-30 13:16:15.000000000 +0600
+++ russian/security/2008/dsa-1497.wml	2016-07-08 18:52:40.079561853 +0500
@@ -1,33 +1,34 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.5" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in the Clam anti-virus
- -toolkit, which may lead to the execution of arbitrary or local denial
- -of service. The Common Vulnerabilities and Exposures project identifies
- -the following problems:</p>
+<p>Ð? Clam, набоÑ?е анÑ?ивиÑ?Ñ?Ñ?нÑ?Ñ? инÑ?Ñ?Ñ?Ñ?менÑ?ов, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко
+Ñ?Ñ?звимоÑ?Ñ?ей, коÑ?оÑ?Ñ?е могÑ?Ñ? пÑ?иводиÑ?Ñ? к вÑ?полнениÑ? пÑ?оизволÑ?ного кода или локалÑ?номÑ? оÑ?казÑ?
+в обÑ?лÑ?живании. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures опÑ?еделÑ?еÑ?
+Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-6595";>CVE-2007-6595</a>
 
- -    <p>It was discovered that temporary files are created insecurely,
- -    which may result in local denial of service by overwriting files.</p></li>
+    <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о вÑ?еменнÑ?е Ñ?айлÑ? Ñ?оздаÑ?Ñ?Ñ?Ñ? небезопаÑ?нÑ?м обÑ?азом,
+    Ñ?Ñ?о можеÑ? пÑ?иводиÑ?Ñ? к локалÑ?номÑ? оÑ?казÑ? в обÑ?лÑ?живании из-за пеÑ?езапиÑ?и Ñ?айлов.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-0318";>CVE-2008-0318</a>
 
- -    <p>Silvio Cesare discovered an integer overflow in the parser for PE
- -    headers.</p></li>
+    <p>СилÑ?вио ЦезаÑ?е обнаÑ?Ñ?жил пеÑ?еполнение Ñ?елÑ?Ñ? Ñ?иÑ?ел в коде длÑ? гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а
+    заголовков PE.</p></li>
 
 </ul>
 
- -<p>The version of clamav in the old stable distribution (sarge) is no
- -longer supported with security updates.</p>
+<p>Ð?еÑ?Ñ?иÑ? clamav в пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sarge) более не
+поддеÑ?живаеÑ?Ñ?Ñ? обновлениÑ?ми безопаÑ?ноÑ?Ñ?и.</p>
 
- -<p>For the stable distribution (etch), these problems have been fixed in
- -version 0.90.1dfsg-3etch10. In addition to these fixes, this update
- -also incorporates changes from the upcoming point release of the
- -stable distribution (non-free RAR handling code was removed).</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 0.90.1dfsg-3etch10. Ð? дополнение к Ñ?Ñ?им иÑ?пÑ?авлениÑ?м Ñ?Ñ?о обновление
+Ñ?акже вклÑ?Ñ?аеÑ? в Ñ?ебÑ? изменениÑ? из гоÑ?овÑ?Ñ?ейÑ?Ñ? Ñ?едакÑ?ии
+Ñ?Ñ?абилÑ?ного вÑ?пÑ?Ñ?ка (Ñ?даление неÑ?вободного кода длÑ? Ñ?абоÑ?Ñ? Ñ? аÑ?Ñ?ивами RAR).</p>
 
- -<p>We recommend that you upgrade your clamav packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? clamav.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2008/dsa-1608.wml	2014-04-30 13:16:15.000000000 +0600
+++ russian/security/2008/dsa-1608.wml	2016-07-08 19:00:38.864141485 +0500
@@ -1,23 +1,24 @@
- -<define-tag description>authorization bypass</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>обÑ?од авÑ?оÑ?изаÑ?ии</define-tag>
 <define-tag moreinfo>
- -<p>Sergei Golubchik discovered that MySQL, a widely-deployed database
- -server, did not properly validate optional data or index directory
- -paths given in a CREATE TABLE statement, nor would it (under proper
- -conditions) prevent two databases from using the same paths for data
- -or index files.  This permits an authenticated user with authorization
- -to create tables in one database to read, write or delete data from
- -tables subsequently created in other databases, regardless of other
- -GRANT authorizations.  The Common Vulnerabilities and Exposures
- -project identifies this weakness as <a href="https://security-tracker.debian.org/tracker/CVE-2008-2079";>CVE-2008-2079</a>.</p>
+<p>СеÑ?гей Ð?олÑ?бÑ?ик обнаÑ?Ñ?жил, Ñ?Ñ?о MySQL, Ñ?иÑ?око иÑ?полÑ?зÑ?емÑ?й Ñ?еÑ?веÑ?
+баз даннÑ?Ñ?, непÑ?авилÑ?но вÑ?полнÑ?еÑ? пÑ?овеÑ?кÑ? опÑ?ионалÑ?нÑ?Ñ? даннÑ?Ñ? или пÑ?Ñ?ей Ñ?казаÑ?елÑ?
+каÑ?алогов, пеÑ?едаваемÑ?Ñ? в Ñ?Ñ?веÑ?ждении CREATE TABLE, а Ñ?акже не (пÑ?и Ñ?ооÑ?веÑ?Ñ?Ñ?вÑ?Ñ?Ñ?иÑ?
+Ñ?Ñ?ловиÑ?Ñ?) пÑ?едоÑ?вÑ?аÑ?аеÑ? иÑ?полÑ?зование двÑ?мÑ? базами даннÑ?Ñ? одни и Ñ?еÑ? же пÑ?Ñ?ей длÑ? Ñ?айлов
+даннÑ?Ñ? или Ñ?казаÑ?елей.  ЭÑ?о позволÑ?еÑ? аÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованномÑ? полÑ?зоваÑ?елÑ? Ñ? пÑ?авом на
+Ñ?оздание Ñ?аблиÑ? в одной базе даннÑ?Ñ? Ñ?Ñ?иÑ?Ñ?ваÑ?Ñ?, вÑ?полнÑ?Ñ?Ñ? запиÑ?Ñ? или Ñ?далÑ?Ñ?Ñ? даннÑ?е из
+Ñ?аблиÑ?, коÑ?оÑ?Ñ?е впоÑ?ледÑ?Ñ?вии Ñ?оздаÑ?Ñ?Ñ?Ñ? в дÑ?Ñ?гиÑ? базаÑ? даннÑ?Ñ?, незавиÑ?имо оÑ? дÑ?Ñ?гиÑ?
+авÑ?оÑ?изаÑ?ий GRANT.  Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? как <a href="https://security-tracker.debian.org/tracker/CVE-2008-2079";>CVE-2008-2079</a>.</p>
 
- -<p>For the stable distribution (etch), this problem has been fixed in
- -version 5.0.32-7etch6.  Note that the fix applied will have the
- -consequence of disallowing the selection of data or index paths
- -under the database root, which on a Debian system is /var/lib/mysql;
- -database administrators needing to control the placement of these
- -files under that location must do so through other means.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 5.0.32-7etch6.  Ð?амеÑ?Ñ?Ñ?е, Ñ?Ñ?о пÑ?именÑ?нное иÑ?пÑ?авление в каÑ?еÑ?Ñ?ве
+Ñ?ледÑ?Ñ?виÑ? имееÑ? запÑ?еÑ? вÑ?боÑ?а пÑ?Ñ?ей даннÑ?Ñ? или Ñ?казаÑ?елей
+длÑ? коÑ?невой базÑ? даннÑ?Ñ?, коÑ?оÑ?аÑ? в Ñ?иÑ?Ñ?еме Debian наÑ?одиÑ?Ñ?Ñ? в /var/lib/mysql;
+админиÑ?Ñ?Ñ?аÑ?оÑ?ам баз даннÑ?Ñ?, коÑ?оÑ?Ñ?м нÑ?жно Ñ?пÑ?авлÑ?Ñ?Ñ? Ñ?аÑ?положением
+Ñ?айлов в Ñ?Ñ?ом меÑ?Ñ?е, Ñ?ледÑ?еÑ? вÑ?полнÑ?Ñ?Ñ? Ñ?Ñ?о дÑ?Ñ?гими Ñ?поÑ?обами.</p>
 
- -<p>We recommend that you upgrade your mysql-dfsg-5.0 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? mysql-dfsg-5.0.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2008/dsa-1640.wml	2014-04-30 13:16:16.000000000 +0600
+++ russian/security/2008/dsa-1640.wml	2016-07-08 19:07:03.697174613 +0500
@@ -1,27 +1,28 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.5" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Simon Willison discovered that in Django, a Python web framework, the
- -feature to retain HTTP POST data during user reauthentication allowed
- -a remote attacker to perform unauthorized modification of data through
- -cross site request forgery. This is possible regardless of the Django
- -plugin to prevent cross site request forgery being enabled. The Common
- -Vulnerabilities and Exposures project identifies this issue as
+<p>Саймон УиллиÑ?он обнаÑ?Ñ?жил, Ñ?Ñ?о в Django, веб-инÑ?Ñ?аÑ?Ñ?Ñ?Ñ?кÑ?Ñ?Ñ?е Python,
+возможноÑ?Ñ?Ñ? Ñ?оÑ?Ñ?анениÑ? даннÑ?Ñ? HTTP POST во вÑ?емÑ? повÑ?оÑ?ной аÑ?Ñ?енÑ?иÑ?икаÑ?ии полÑ?зоваÑ?елÑ? позволÑ?еÑ?
+Ñ?далÑ?нномÑ? злоÑ?мÑ?Ñ?ленникÑ? вÑ?полнÑ?Ñ?Ñ? неавÑ?оÑ?изованное изменение даннÑ?Ñ? Ñ? помоÑ?Ñ?Ñ?
+подделки межÑ?айÑ?ового запÑ?оÑ?а. ЭÑ?о возможно вне завиÑ?имоÑ?Ñ?и оÑ? Ñ?ого, вклÑ?Ñ?енÑ? ли дополнениÑ? Django,
+пÑ?едоÑ?вÑ?аÑ?аÑ?Ñ?ие подделкÑ? межÑ?айÑ?овÑ?Ñ? запÑ?оÑ?ов. Ð?Ñ?оекÑ? Common
+Vulnerabilities and Exposures опÑ?еделÑ?еÑ? Ñ?Ñ?Ñ? пÑ?облемÑ? как
 <a href="https://security-tracker.debian.org/tracker/CVE-2008-3909";>CVE-2008-3909</a>.</p>
 
- -<p>In this update the affected feature is disabled; this is in accordance
- -with upstream's preferred solution for this situation.</p>
+<p>Ð? данном обновлении Ñ?казаннаÑ? возможноÑ?Ñ?Ñ? оÑ?клÑ?Ñ?ена; Ñ?Ñ?о Ñ?ооÑ?веÑ?Ñ?Ñ?вÑ?еÑ?
+избÑ?анномÑ? в оÑ?новной веÑ?ке Ñ?еÑ?ениÑ? данной Ñ?иÑ?Ñ?аÑ?ии.</p>
 
- -<p>This update takes the opportunity to also include a relatively minor
- -denial of service attack in the internationalisation framework, known
- -as <a href="https://security-tracker.debian.org/tracker/CVE-2007-5712";>CVE-2007-5712</a>.</p>
+<p>Ð?Ñ?оме Ñ?ого, данное обновление вклÑ?Ñ?аеÑ? в Ñ?ебÑ? иÑ?пÑ?авление оÑ?ноÑ?иÑ?елÑ?но неболÑ?Ñ?ого
+оÑ?каза в обÑ?лÑ?живании в инÑ?Ñ?аÑ?Ñ?Ñ?Ñ?кÑ?Ñ?Ñ?е длÑ? инÑ?еÑ?наÑ?ионализаÑ?ии, извеÑ?Ñ?ного
+как <a href="https://security-tracker.debian.org/tracker/CVE-2007-5712";>CVE-2007-5712</a>.</p>
 
- -<p>For the stable distribution (etch), these problems have been fixed in
- -version 0.95.1-1etch2.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 0.95.1-1etch2.</p>
 
- -<p>For the unstable distribution (sid), these problems have been fixed in
- -version 1.0-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.0-1.</p>
 
- -<p>We recommend that you upgrade your python-django package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? python-django.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXf7OKAAoJEF7nbuICFtKlTE4P/3lz5exqQWviGtuHqCaCTXdR
SwXZCTOGt3dAPZoQLNoBfBEqRlDKn+qjCr+2F1mkpzQ0syEd+sOoOt9lE0Yq0RuK
iGtw+mDcslmI0HPsoQJ4joQR7l+QG8gemNPheCn2TAJ80/3/+TwAtv/L3HjvZ6JG
CuB7v8g3tjVn9DR1CCKLsO2RybMCGhwe4UD+VPIVNb4QrbEMCSfwEEFtLamjyDJH
R6NFrnpCOaN2Qqez8i6DlnbZpsvyzqdYOK4c5HePeREWm127Irbh0EFnYs3jC96R
P3miII+Q7OIZY3FXYY4GsfKzbz6OUQJGiE1z7jO+L2WflgXg3sCbq8l7gPmRv9Z1
6GIne2y2uy989BCUqsdSPNYC8Ug2owToJdTZxoeNjxlqNOsTb+lAcjIP08o9jcxZ
wpbpkdUQbkYzktoD/3u1Rw+eioumXJab0K+V5JN1ItTp7vD5bRxDYC2nqcTd1YdL
d6r7vXKL5Y8KPH1FKscwBaAMeQdWel6wHxdWDRGy5Yrryxaeky/U3x5NOjEZbJDZ
X0nokRO/s0AvpV5DZIAHqBIrlQrL4QrIqhG2y+viDzJX9CIaBx9D8DaRzwYXzpzg
7Q3+T1HkyCCqooDhrvGfn9JBcHQd2woLTyTo9Fo+YOp4ukJbiLhRJXTLe2KVdOR6
BFM0iwzU1nh9F3ONQkrh
=SHyB
-----END PGP SIGNATURE-----