[DONE] wml://security/2016/dsa-36{38,39,40,43,44}.wml
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- --- english/security/2016/dsa-3638.wml 2016-08-06 23:53:04.000000000 +0500
+++ russian/security/2016/dsa-3638.wml 2016-08-12 22:25:42.087666101 +0500
@@ -1,33 +1,34 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
<define-tag moreinfo>
- -<p>Several vulnerabilities were discovered in cURL, an URL transfer library:</p>
+<p>Ð? cURL, библиоÑ?еке пеÑ?едаÑ?и URL, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей:</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2016-5419";>CVE-2016-5419</a>
- - <p>Bru Rom discovered that libcurl would attempt to resume a TLS session
- - even if the client certificate had changed.</p></li>
+ <p>Ð?Ñ?Ñ? Ром обнаÑ?Ñ?жил, Ñ?Ñ?о libcurl пÑ?Ñ?аеÑ?Ñ?Ñ? возобновиÑ?Ñ? Ñ?еÑ?Ñ?иÑ? TLS даже
+ в Ñ?ом Ñ?лÑ?Ñ?ае, еÑ?ли изменилÑ?Ñ? Ñ?еÑ?Ñ?иÑ?икаÑ? клиенÑ?а.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2016-5420";>CVE-2016-5420</a>
- - <p>It was discovered that libcurl did not consider client certificates
- - when reusing TLS connections.</p></li>
+ <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о libcurl не Ñ?Ñ?иÑ?Ñ?ваеÑ? Ñ?еÑ?Ñ?иÑ?икаÑ?Ñ? клиенÑ?ов
+ пÑ?и повÑ?оÑ?ном иÑ?полÑ?зовании TLS-Ñ?оединений.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2016-5421";>CVE-2016-5421</a>
- - <p>Marcelo Echeverria and Fernando Muñoz discovered that libcurl was
- - vulnerable to a use-after-free flaw.</p></li>
+ <p>Ð?аÑ?Ñ?ело ÐÑ?евеÑ?Ñ?иÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о библиоÑ?ека libcurl Ñ?одеÑ?жиÑ?
+ иÑ?полÑ?зование Ñ?казаÑ?елей поÑ?ле оÑ?вобождениÑ? памÑ?Ñ?и.</p></li>
</ul>
- -<p>For the stable distribution (jessie), these problems have been fixed in
- -version 7.38.0-4+deb8u4.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 7.38.0-4+deb8u4.</p>
- -<p>For the unstable distribution (sid), these problems have been fixed in
- -version 7.50.1-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 7.50.1-1.</p>
- -<p>We recommend that you upgrade your curl packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? curl.</p>
</define-tag>
# do not modify the following line
- --- english/security/2016/dsa-3639.wml 2016-08-03 20:29:15.000000000 +0500
+++ russian/security/2016/dsa-3639.wml 2016-08-12 22:28:17.898684307 +0500
@@ -1,14 +1,15 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
<define-tag moreinfo>
- -<p>Several vulnerabilities were discovered in wordpress, a web blogging
- -tool, which could allow remote attackers to compromise a site via
- -cross-site scripting, bypass restrictions, obtain sensitive
- -revision-history information, or mount a denial of service.</p>
+<p>Ð? wordpress, инÑ?Ñ?Ñ?Ñ?менÑ?е длÑ? ведениÑ? блога, бÑ?ло обнаÑ?Ñ?жено
+неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей, коÑ?оÑ?Ñ?е могÑ?Ñ? позволиÑ?Ñ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам компÑ?омеÑ?иÑ?оваÑ?Ñ? Ñ?айÑ?
+Ñ? помоÑ?Ñ?Ñ? межÑ?айÑ?ового Ñ?кÑ?ипÑ?инга, обÑ?ода огÑ?аниÑ?ений, полÑ?Ñ?ениÑ? Ñ?Ñ?вÑ?Ñ?виÑ?елÑ?ной
+инÑ?оÑ?маÑ?ии об иÑ?Ñ?оÑ?ии изменений или пÑ?Ñ?Ñ?м вÑ?зова оÑ?каза в обÑ?лÑ?живании.</p>
- -<p>For the stable distribution (jessie), these problems have been fixed in
- -version 4.1+dfsg-1+deb8u9.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 4.1+dfsg-1+deb8u9.</p>
- -<p>We recommend that you upgrade your wordpress packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? wordpress.</p>
</define-tag>
# do not modify the following line
- --- english/security/2016/dsa-3640.wml 2016-08-06 23:53:04.000000000 +0500
+++ russian/security/2016/dsa-3640.wml 2016-08-12 22:30:41.721178850 +0500
@@ -1,18 +1,19 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
<define-tag moreinfo>
- -<p>Multiple security issues have been found in the Mozilla Firefox web
- -browser: Multiple memory safety errors, buffer overflows and other
- -implementation errors may lead to the execution of arbitrary code,
- -cross-site scripting, information disclosure and bypass of the same-origin
- -policy.</p>
+<p>Ð? веб-бÑ?аÑ?зеÑ?е Mozilla Firefox бÑ?ли обнаÑ?Ñ?женÑ? многоÑ?иÑ?леннÑ?е пÑ?облемÑ?
+безопаÑ?ноÑ?Ñ?и: многоÑ?иÑ?леннÑ?е оÑ?ибки Ñ?елоÑ?Ñ?ноÑ?Ñ?и Ñ?одеÑ?жимого памÑ?Ñ?и, пеÑ?еполнениÑ? бÑ?Ñ?еÑ?а и дÑ?Ñ?гие
+оÑ?ибки Ñ?еализаÑ?ии могÑ?Ñ? пÑ?иводиÑ?Ñ? к вÑ?полнениÑ? пÑ?оизволÑ?ного кода,
+межÑ?айÑ?овомÑ? Ñ?кÑ?ипÑ?ингÑ?, Ñ?аÑ?кÑ?Ñ?Ñ?иÑ? инÑ?оÑ?маÑ?ии и обÑ?одÑ? пÑ?авила одного
+иÑ?Ñ?оÑ?ника.</p>
- -<p>For the stable distribution (jessie), these problems have been fixed in
- -version 45.3.0esr-1~deb8u1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 45.3.0esr-1~deb8u1.</p>
- -<p>For the unstable distribution (sid), these problems have been fixed in
- -version 45.3.0esr-1 for firefox-esr and 48.0-1 for firefox.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 45.3.0esr-1 пакеÑ?а firefox-esr и веÑ?Ñ?ии 48.0-1 пакеÑ?а firefox.</p>
- -<p>We recommend that you upgrade your firefox-esr packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? firefox-esr.</p>
</define-tag>
# do not modify the following line
- --- english/security/2016/dsa-3643.wml 2016-08-07 00:56:21.000000000 +0500
+++ russian/security/2016/dsa-3643.wml 2016-08-12 22:33:48.774602081 +0500
@@ -1,19 +1,20 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
<define-tag moreinfo>
- -<p>Andreas Cord-Landwehr discovered that kde4libs, the core libraries
- -for all KDE 4 applications, do not properly handle the extraction
- -of archives with "../" in the file paths. A remote attacker can
- -take advantage of this flaw to overwrite files outside of the
- -extraction folder, if a user is tricked into extracting a specially
- -crafted archive.</p>
+<p>Ð?ндÑ?еаÑ? Ð?оÑ?д-Ð?андвеÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о kde4libs, базовÑ?е библиоÑ?еки длÑ?
+вÑ?еÑ? пÑ?иложений KDE 4, непÑ?авилÑ?но обÑ?абаÑ?Ñ?ваÑ?Ñ? Ñ?аÑ?паковкÑ?
+аÑ?Ñ?ивов Ñ? "../" в пÑ?Ñ?Ñ?Ñ? Ñ?айлов. УдалÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ?
+иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? пеÑ?езапиÑ?и Ñ?айлов за пÑ?еделами
+папки, в коÑ?оÑ?Ñ?Ñ? оÑ?Ñ?Ñ?еÑ?Ñ?влÑ?еÑ?Ñ?Ñ? Ñ?аÑ?паковка, еÑ?ли полÑ?зоваÑ?елÑ? запÑ?Ñ?Ñ?иÑ? Ñ?аÑ?паковкÑ?
+Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного аÑ?Ñ?ива.</p>
- -<p>For the stable distribution (jessie), this problem has been fixed in
- -version 4:4.14.2-5+deb8u1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 4:4.14.2-5+deb8u1.</p>
- -<p>For the unstable distribution (sid), this problem has been fixed in
- -version 4:4.14.22-2.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 4:4.14.22-2.</p>
- -<p>We recommend that you upgrade your kde4libs packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? kde4libs.</p>
</define-tag>
# do not modify the following line
- --- english/security/2016/dsa-3644.wml 2016-08-08 21:38:12.000000000 +0500
+++ russian/security/2016/dsa-3644.wml 2016-08-12 22:39:48.627960826 +0500
@@ -1,19 +1,20 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
<define-tag moreinfo>
- -<p>Tobias Stoeckmann discovered that cache files are insufficiently
- -validated in fontconfig, a generic font configuration library. An
- -attacker can trigger arbitrary free() calls, which in turn allows double
- -free attacks and therefore arbitrary code execution. In combination with
- -setuid binaries using crafted cache files, this could allow privilege
- -escalation.</p>
+<p>ТобиаÑ? ШÑ?Ñ?кман обнаÑ?Ñ?жил, Ñ?Ñ?о пÑ?овеÑ?ка кеÑ?-Ñ?айлов в fontconfig,
+обÑ?ей библиоÑ?еке наÑ?Ñ?Ñ?ойки Ñ?Ñ?иÑ?Ñ?ов, вÑ?полнÑ?еÑ?Ñ?Ñ? недоÑ?Ñ?аÑ?оÑ?но. Ð?лоÑ?мÑ?Ñ?ленник
+можеÑ? вÑ?полниÑ?Ñ? пÑ?оизволÑ?нÑ?е вÑ?зовÑ? free(), Ñ?Ñ?о позволиÑ? емÑ? вÑ?полниÑ?Ñ?
+аÑ?аки по двойномÑ? оÑ?вобождениÑ? памÑ?Ñ?и и вÑ?полниÑ?Ñ? пÑ?оизволÑ?нÑ?й код. Ð?Ñ?ли двоиÑ?нÑ?е
+Ñ?айлÑ? имеÑ?Ñ? Ñ?лаг пÑ?ав доÑ?Ñ?Ñ?па, позволÑ?Ñ?Ñ?ий запÑ?Ñ?каÑ?Ñ? иÑ? оÑ? лиÑ?а владелÑ?Ñ?а, иÑ?полÑ?зÑ?Ñ?Ñ?Ñ?Ñ?
+вмеÑ?Ñ?е Ñ?о Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?ми кеÑ?-Ñ?айлами, Ñ?о Ñ?Ñ?о можеÑ? пÑ?ивеÑ?Ñ?и к повÑ?Ñ?ениÑ? пÑ?ивилегий.</p>
- -<p>For the stable distribution (jessie), this problem has been fixed in
- -version 2.11.0-6.3+deb8u1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 2.11.0-6.3+deb8u1.</p>
- -<p>For the unstable distribution (sid), this problem has been fixed in
- -version 2.11.0-6.5.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 2.11.0-6.5.</p>
- -<p>We recommend that you upgrade your fontconfig packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? fontconfig.</p>
</define-tag>
# do not modify the following line
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXrgnxAAoJEF7nbuICFtKlv6cQAKmVwJ5hpfoFeyTA2DZ5cmqQ
9SI8ww+NlVsotJ6MrxqNGmu2JHKAyeTiIyRqMZ9gpeT1eS06tlhYa1HTht3w2R7h
hnASNilUEKHcFqEWQUaBn6dDtuNMo65w1FW9W3Htxu9df92LT51KvUETN7xvXNRf
K8+aEwqB59Qyaxk+8moMUPGufagl4b2e9wVDzLZA0iIdUj85hjqfNKdRIjr86VHl
iVYbIy2eeLHd2C4yHkPqSARA9HtA4yKKOIaGIfv+O24kthUSd8n88HvJ330yWIYC
beEI8kXuKM+Q9WO6FviIm3hwTOnp9P4Y/YNPJPrQut6ejvThn4X+k18/W/HzXvxD
RqHwgiOJwk3MzC6J99P2+9OTlcDLbrJ1A3MH0/QA1hqY7frqtK8F++BvaK/yWPCS
NR1QEaLIva7Kyz/tDvrqn/yKS9QsS0JaawA5T6E5e7hQxp3RDV3+5vd3z2VdYQ0B
rV/NHNe42dPjIPRUtWTRH47ufJhG7izLDJUnPsUpu+SCCpsO7EA0GHgnnWCiCGAm
k75WEpF0vqXB+vuVhw8/Y3Dv98oYpU9YCqrlWkHKvi0a5fPOKZGfDWCXWb0WFiBj
uZQDqno71/xFCxHBtUpAYIWpBJBTSNG1HTrPZd4wIuHmpqAlqln8MP/DmHwhN5K0
e8ScgaGQoh5FC0ZMINhN
=xXTM
-----END PGP SIGNATURE-----
Reply to:
- Prev by Date:
Re: [DONE] wml://security/2012/dsa-2{427,516,573}.wml
- Next by Date:
[DONE] wml://security/2016/dsa-364{1,2,5,6,7}.wml
- Previous by thread:
[DONE] wml://{security/2016/dsa-3637.wml}
- Next by thread:
Re: [DONE] wml://security/2016/dsa-36{38,39,40,43,44}.wml
- Index(es):