[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2009/dsa-1{852,883,743}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2009/dsa-1743.wml	2014-04-30 13:16:18.000000000 +0600
+++ russian/security/2009/dsa-1743.wml	2016-08-20 16:34:50.338554901 +0500
@@ -1,35 +1,36 @@
- -<define-tag description>buffer overflows</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>пеÑ?еполнениÑ? бÑ?Ñ?еÑ?а</define-tag>
 <define-tag moreinfo>
- -<p>Two buffer overflows have been found in the GIF image parsing code of
- -Tk, a cross-platform graphical toolkit, which could lead to the execution
- -of arbitrary code. The Common Vulnerabilities and Exposures project
- -identifies the following problems:</p>
+<p>Ð? коде длÑ? гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а изобÑ?ажений в Ñ?оÑ?маÑ?е GIF в Tk,
+межплаÑ?Ñ?оÑ?менном набоÑ?е гÑ?аÑ?иÑ?еÑ?киÑ? инÑ?Ñ?Ñ?Ñ?менÑ?ов, бÑ?ло обнаÑ?Ñ?жено два пеÑ?еполнениÑ? бÑ?Ñ?еÑ?а,
+коÑ?оÑ?Ñ?е могÑ?Ñ? пÑ?иводиÑ?Ñ? к вÑ?полнениÑ? пÑ?оизволÑ?ного кода. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-5137";>CVE-2007-5137</a>
 
- -<p>It was discovered that libtk-img is prone to a buffer overflow via
- -specially crafted multi-frame interlaced GIF files.</p></li>
+<p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о libtk-img Ñ?одеÑ?жиÑ? пеÑ?еполнение бÑ?Ñ?еÑ?а, возникаÑ?Ñ?ее из-за
+Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?Ñ? Ñ?айлов GIF Ñ? Ñ?еÑ?едованием неÑ?колÑ?киÑ? кадÑ?ов.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-5378";>CVE-2007-5378</a>
 
- -<p>It was discovered that libtk-img is prone to a buffer overflow via
- -specially crafted GIF files with certain subimage sizes.</p></li>
+<p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о libtk-img Ñ?одеÑ?жиÑ? пеÑ?еполнение бÑ?Ñ?еÑ?а, возникаÑ?Ñ?ее из-за
+Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?Ñ? Ñ?айлов GIF Ñ? Ñ?аÑ?Ñ?Ñ?ми изобÑ?ажениÑ? опÑ?еделÑ?нного Ñ?азмеÑ?а.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (lenny), these problems have been fixed in
- -version 1.3-release-7+lenny1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.3-release-7+lenny1.</p>
 
- -<p>For the oldstable distribution (etch), these problems have been fixed in
- -version 1.3-15etch3.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.3-15etch3.</p>
 
- -<p>For the testing distribution (squeeze) and the unstable distribution
- -(sid), these problems have been fixed in version 1.3-release-8.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом (squeeze) и неÑ?Ñ?абилÑ?ном (sid) вÑ?пÑ?Ñ?каÑ?
+Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии 1.3-release-8.</p>
 
 
- -<p>We recommend that you upgrade your libtk-img packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? libtk-img.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2009/dsa-1852.wml	2009-08-07 21:43:52.000000000 +0600
+++ russian/security/2009/dsa-1852.wml	2016-08-20 16:23:12.679587954 +0500
@@ -1,32 +1,33 @@
- -<define-tag description>insufficient input validation</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>недоÑ?Ñ?аÑ?оÑ?наÑ? пÑ?овеÑ?ка вÑ?однÑ?Ñ? даннÑ?Ñ?</define-tag>
 <define-tag moreinfo>
- -<p>It was discovered that fetchmail, a full-featured remote mail retrieval
- -and forwarding utility, is vulnerable to the "Null Prefix Attacks Against
- -SSL/TLS Certificates" recently published at the Blackhat conference.
- -This allows an attacker to perform undetected man-in-the-middle attacks
- -via a crafted ITU-T X.509 certificate with an injected null byte in the
- -subjectAltName or Common Name fields.</p>
+<p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о fetchmail, полноÑ?Ñ?нкÑ?ионалÑ?наÑ? Ñ?Ñ?илиÑ?а длÑ? полÑ?Ñ?ениÑ? и пеÑ?еÑ?Ñ?лки
+поÑ?Ñ?Ñ?, Ñ?Ñ?звима к аÑ?аке, недавно пÑ?едÑ?Ñ?авленной на конÑ?еÑ?енÑ?ии Blackhat
+в Ñ?Ñ?аÑ?Ñ?е "Ð?Ñ?аки Null-пÑ?еÑ?икÑ?а на Ñ?еÑ?Ñ?иÑ?икаÑ?Ñ? SSL/TLS".
+ЭÑ?о позволÑ?еÑ? злоÑ?мÑ?Ñ?ленникÑ? вÑ?полнÑ?Ñ?Ñ? незамеÑ?еннÑ?Ñ? аÑ?акÑ? по пÑ?инÑ?ипÑ?
+Ñ?еловек-в-Ñ?еÑ?едине Ñ? помоÑ?Ñ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного Ñ?еÑ?Ñ?иÑ?икаÑ?а ITU-T X.509 Ñ? добавленнÑ?м null-байÑ?ом
+в полÑ?Ñ? subjectAltName или Common Name.</p>
 
- -<p>Note, as a fetchmail user you should always use strict certificate
- -validation through either these option combinations:
- -    sslcertck ssl sslproto ssl3    (for service on SSL-wrapped ports)
- -or
- -    sslcertck sslproto tls1        (for STARTTLS-based services)</p>
+<p>Ð?амеÑ?Ñ?Ñ?е, Ñ?Ñ?о как полÑ?зоваÑ?елÑ? fetchmail вам вÑ?егда Ñ?ледÑ?еÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ?огÑ?Ñ?
+пÑ?овеÑ?кÑ? Ñ?еÑ?Ñ?иÑ?икаÑ?ов Ñ? помоÑ?Ñ?Ñ? одной из Ñ?казаннÑ?Ñ? ниже комбинаÑ?ий наÑ?Ñ?Ñ?оек:
+    sslcertck ssl sslproto ssl3    (длÑ? Ñ?лÑ?жбÑ? на обÑ?Ñ?нÑ?Ñ?Ñ?Ñ? SSL поÑ?Ñ?аÑ?)
+или
+    sslcertck sslproto tls1        (длÑ? Ñ?лÑ?жб на оÑ?нове STARTTLS)</p>
 
 
- -<p>For the oldstable distribution (etch), this problem has been fixed in
- -version 6.3.6-1etch2.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 6.3.6-1etch2.</p>
 
- -<p>For the stable distribution (lenny), this problem has been fixed in
- -version 6.3.9~rc2-4+lenny1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 6.3.9~rc2-4+lenny1.</p>
 
- -<p>For the testing distribution (squeeze), this problem will be fixed soon.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?а пÑ?облема бÑ?деÑ? иÑ?пÑ?авлена позже.</p>
 
- -<p>For the unstable distribution (sid), this problem has been fixed in
- -version 6.3.9~rc2-6.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 6.3.9~rc2-6.</p>
 
 
- -<p>We recommend that you upgrade your fetchmail packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? fetchmail.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2009/dsa-1883.wml	2014-04-30 13:16:19.000000000 +0600
+++ russian/security/2009/dsa-1883.wml	2016-08-20 16:29:04.399351892 +0500
@@ -1,27 +1,28 @@
- -<define-tag description>missing input sanitising</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вие оÑ?иÑ?Ñ?ки вÑ?однÑ?Ñ? даннÑ?Ñ?</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been found in nagios2, a host/service/network
- -monitoring and management system. The Common Vulnerabilities and
- -Exposures project identifies the following problems:</p>
+<p>Ð? nagios2, Ñ?иÑ?Ñ?еме длÑ? мониÑ?оÑ?инга и Ñ?пÑ?авлениÑ? Ñ?злом/Ñ?лÑ?жбой/Ñ?еÑ?Ñ?Ñ?,
+бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей. Ð?Ñ?оекÑ? Common Vulnerabilities and
+Exposures опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 
- -<p>Several cross-site scripting issues via several parameters were
- -discovered in the CGI scripts, allowing attackers to inject arbitrary
- -HTML code. In order to cover the different attack vectors, these issues
- -have been assigned <a href="https://security-tracker.debian.org/tracker/CVE-2007-5624";>CVE-2007-5624</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2007-5803";>CVE-2007-5803</a> and <a href="https://security-tracker.debian.org/tracker/CVE-2008-1360";>CVE-2008-1360</a>.</p>
+<p>Ð? CGI-Ñ?Ñ?енаÑ?иÑ?Ñ? бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?лÑ?Ñ?аев межÑ?айÑ?ового Ñ?кÑ?ипÑ?инга
+из-за Ñ?Ñ?да паÑ?амеÑ?Ñ?ов, Ñ?Ñ?о позволÑ?еÑ? злоÑ?мÑ?Ñ?ленникам вводиÑ?Ñ? пÑ?оизволÑ?нÑ?й
+код HTML. Ð?лÑ? Ñ?ого, Ñ?Ñ?обÑ? покÑ?Ñ?Ñ?Ñ? Ñ?азлиÑ?нÑ?е векÑ?оÑ?Ñ? аÑ?ак, Ñ?Ñ?им пÑ?облемам
+бÑ?ли назнаÑ?енÑ? иденÑ?иÑ?икаÑ?оÑ?Ñ? <a href="https://security-tracker.debian.org/tracker/CVE-2007-5624";>CVE-2007-5624</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2007-5803";>CVE-2007-5803</a> и <a href="https://security-tracker.debian.org/tracker/CVE-2008-1360";>CVE-2008-1360</a>.</p>
 
 
- -<p>For the oldstable distribution (etch), these problems have been fixed in
- -version 2.6-2+etch4.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2.6-2+etch4.</p>
 
- -<p>The stable distribution (lenny) does not include nagios2, and nagios3 is
- -not affected by these problems.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) пакеÑ? nagios2 оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вÑ?еÑ?, а пакеÑ? nagios3
+не подвеÑ?жен Ñ?казаннÑ?м пÑ?облемам.</p>
 
- -<p>The testing distribution (squeeze) and the unstable distribution (sid)
- -do not contain nagios2, and nagios3 is not affected by these problems.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом (squeeze) и неÑ?Ñ?абилÑ?ном (sid) вÑ?пÑ?Ñ?каÑ?
+пакеÑ? nagios2 оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вÑ?еÑ?, а пакеÑ? nagios3 не подвеÑ?жен Ñ?казаннÑ?м пÑ?облемам.</p>
 
 
- -<p>We recommend that you upgrade your nagios2 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? nagios2.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXuEBdAAoJEF7nbuICFtKl5MsP/3D4FCTdKUCJcBSL7elvK5gL
NYnpyCAVjSX/jrS8CwbVcXUXd78ARdVWTk7L4aNDdp09Niii1H4d+cVxiODxNJK9
B0JbFE9o2piymf5dbNCC4jc4EYqf01ZcyUxX8c1C7BkWXA7zmqfsLDg2OeGzu3s4
K2T24TBrm16Vte1yoR9tAIIk2bpavgR1FS1XX+G/DMKGw95SdFHxRoXDHrV9bDTN
fxkvubXvWdcfQQnL1QjemlYaqhVaQnJgwFnRPiuWi4kErMB9RDnLZyu96JpkD/w9
tGuBvLR3M0Z+jxscoAuiWmu9LX6W8qV4bPIxiqg/F4a7mrkd6v5iHNp+0CUHakKt
YGWINvemhsN6gcSkIGZQpIee4u/hy309rC2MCRYuPd/iG3DpClu7+hkVmbvR9UkN
gAkSrb7REiCOTh+AuBxT8Ig8wvb8TTfOPbgtVu7JueAK4dvx7Go+d04RqSLajdo+
u9u+5bGjoDbNY0KWSwvFlwMBsPA5o08YTAE6sOcSiZfyNMA5fzayccldqz0wN+hH
bs6zCm7H7XPJA/hz9D+RQ8mP7g/v24I7csJzOQpUbIhZvh+GcVDCgeiFxb4M71NZ
V721akuphoJh7GgIoH2lYDV4jcXv+ztnym0DuAMJY3JeERHNS3dTNLUYPSszpw8J
wDlR5eg8NtJPXMbRp2vW
=fUeC
-----END PGP SIGNATURE-----
Reply to: