[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2012/dsa-2{489,544,423}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2012/dsa-2423.wml	2012-03-03 02:14:23.000000000 +0600
+++ russian/security/2012/dsa-2423.wml	2016-08-23 22:58:33.407016253 +0500
@@ -1,32 +1,33 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities were discovered in Movable Type, a blogging
- -system:</p>
+<p>Ð? Movable Type, Ñ?иÑ?Ñ?еме длÑ? ведениÑ? блога, бÑ?ло обнаÑ?Ñ?жено
+неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей:</p>
 
- -<p>Under certain circumstances, a user who has <q>Create Entries</q> or
- -<q>Manage Blog</q> permissions may be able to read known files on the local
- -file system.</p>
+<p>Ð?Ñ?и опÑ?еделÑ?ннÑ?Ñ? обÑ?Ñ?оÑ?Ñ?елÑ?Ñ?Ñ?ваÑ? полÑ?зоваÑ?елÑ?, имеÑ?Ñ?ий пÑ?ава на <q>Ñ?оздание запиÑ?ей</q> или
+<q>Ñ?пÑ?авление блогом</q>, можеÑ? Ñ?Ñ?иÑ?Ñ?ваÑ?Ñ? извеÑ?Ñ?нÑ?е Ñ?айлÑ? из локалÑ?ной Ñ?айловой
+Ñ?иÑ?Ñ?емÑ?.</p>
 
- -<p>The file management system contains shell command injection
- -vulnerabilities, the most serious of which may lead to arbitrary OS
- -command execution by a user who has a permission to sign-in to the
- -admin script and also has a permission to upload files.</p>
+<p>СиÑ?Ñ?ема Ñ?пÑ?авлениÑ? Ñ?айлами Ñ?одеÑ?жиÑ? Ñ?Ñ?звимоÑ?Ñ?и, пÑ?иводÑ?Ñ?ие к введениÑ?
+команд командной оболоÑ?ки, наиболее Ñ?еÑ?Ñ?Ñ?знаÑ? из коÑ?оÑ?Ñ?Ñ? можеÑ? пÑ?иводиÑ?Ñ? к вÑ?полнениÑ? пÑ?оизволÑ?нÑ?Ñ?
+команд Ð?С полÑ?зоваÑ?елем, имеÑ?Ñ?им пÑ?ава на вÑ?од в
+Ñ?Ñ?енаÑ?ий админиÑ?Ñ?Ñ?иÑ?ованиÑ?, а Ñ?акже на загÑ?Ñ?зкÑ? Ñ?айлов.</p>
 
- -<p>Session hijack and cross-site request forgery vulnerabilities exist in
- -the commenting and the community script. A remote attacker could
- -hijack the user session or could execute arbitrary script code on
- -victim's browser under the certain circumstances.</p>
+<p>Ð? Ñ?Ñ?енаÑ?иÑ?Ñ? комменÑ?иÑ?ованиÑ? и Ñ?ообÑ?еÑ?Ñ?ва имеÑ?Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?и, позволÑ?Ñ?Ñ?ие пеÑ?еÑ?ваÑ?Ñ?ваÑ?Ñ?
+Ñ?еÑ?Ñ?иÑ? и вÑ?полнÑ?Ñ?Ñ? подделкÑ? межÑ?айÑ?овÑ?Ñ? запÑ?оÑ?ов. УдалÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник пÑ?и опÑ?еделÑ?ннÑ?Ñ?
+обÑ?Ñ?оÑ?Ñ?елÑ?Ñ?Ñ?ваÑ? можеÑ? пеÑ?еÑ?ваÑ?иÑ?Ñ? Ñ?еÑ?Ñ?иÑ? полÑ?зоваÑ?елÑ? или можеÑ? вÑ?полниÑ?Ñ? пÑ?оизволÑ?нÑ?й
+Ñ?Ñ?енаÑ?ий в бÑ?аÑ?зеÑ?е жеÑ?Ñ?вÑ?.</p>
 
- -<p>Templates which do not escape variable properly and mt-wizard.cgi
- -contain cross-site scripting vulnerabilities.</p>
+<p>ШаблонÑ?, в коÑ?оÑ?Ñ?Ñ? Ñ?войÑ?Ñ?ва пеÑ?еменнÑ?Ñ? не Ñ?кÑ?аниÑ?Ñ?Ñ?Ñ?Ñ?Ñ?, а Ñ?акже mt-wizard.cgi
+Ñ?одеÑ?жаÑ? межÑ?айÑ?овÑ?й Ñ?кÑ?ипÑ?инг.</p>
 
- -<p>For the stable distribution (squeeze), these problems have been fixed
- -in version 4.3.8+dfsg-0+squeeze2.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 4.3.8+dfsg-0+squeeze2.</p>
 
- -<p>For the testing distribution (wheezy) and the unstable distribution
- -(sid), these problems have been fixed in version 5.1.3+dfsg-1.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом (wheezy) и неÑ?Ñ?абилÑ?ном (sid) вÑ?пÑ?Ñ?каÑ?
+Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии 5.1.3+dfsg-1.</p>
 
- -<p>We recommend that you upgrade your movabletype-opensource packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? movabletype-opensource.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2012/dsa-2489.wml	2014-04-30 13:16:29.000000000 +0600
+++ russian/security/2012/dsa-2489.wml	2016-08-23 22:42:51.988500327 +0500
@@ -1,35 +1,36 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been found in the Iceape internet suite,
- -an unbranded version of Seamonkey.</p>
+<p>Ð? Iceape, набоÑ?е Ð?нÑ?еÑ?неÑ?-пÑ?огÑ?амм, безбÑ?ендовой веÑ?Ñ?ии Seamonkey, бÑ?ло
+обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-1937";>CVE-2012-1937</a>
 
- -  <p>Mozilla developers discovered several memory corruption bugs,
- -  which may lead to the execution of arbitrary code.</p></li>
+  <p>РазÑ?абоÑ?Ñ?ики Mozilla обнаÑ?Ñ?жили неÑ?колÑ?ко оÑ?ибок, Ñ?вÑ?заннÑ?Ñ? Ñ? повÑ?еждением Ñ?одеÑ?жимого
+  памÑ?Ñ?и, коÑ?оÑ?Ñ?е могÑ?Ñ? пÑ?иводиÑ?Ñ? к вÑ?полнениÑ? пÑ?оизволÑ?ного кода.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-1940";>CVE-2012-1940</a>
 
- -  <p>Abhishek Arya discovered a use-after-free problem when working
- -  with column layout with absolute positioning in a container that
- -  changes size, which may lead to the execution of arbitrary code.</p></li>
+  <p>Ð?бÑ?иÑ?ек Ð?Ñ?Ñ?Ñ? обнаÑ?Ñ?жил иÑ?полÑ?зование Ñ?казаÑ?елей поÑ?ле оÑ?вобождениÑ? памÑ?Ñ?и, коÑ?оÑ?ое пÑ?оÑ?влÑ?еÑ?Ñ?Ñ? пÑ?и
+  Ñ?абоÑ?е Ñ? вÑ?Ñ?Ñ?Ñ?кой колонок Ñ? абÑ?олÑ?Ñ?нÑ?м позиÑ?иониÑ?ованием в конÑ?ейнеÑ?е, изменÑ?Ñ?Ñ?им
+  Ñ?азмеÑ?, Ñ?Ñ?о можеÑ? пÑ?иводиÑ?Ñ? к вÑ?полнениÑ? пÑ?оизволÑ?ного кода.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-1947";>CVE-2012-1947</a>
 
- -  <p>Abhishek Arya discovered a heap buffer overflow in utf16 to latin1
- -  character set conversion, allowing to execute arbitrary code.</p></li>
+  <p>Ð?бÑ?иÑ?ек Ð?Ñ?Ñ?Ñ? обнаÑ?Ñ?жил пеÑ?еполнение динамиÑ?еÑ?кой памÑ?Ñ?и в коде пÑ?еобÑ?азованиÑ? набоÑ?ов
+  Ñ?имволов utf16 в latin1, позволÑ?Ñ?Ñ?ее вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (squeeze), this problem has been fixed in
- -version 2.0.11-13.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 2.0.11-13.</p>
 
- -<p>For the testing distribution (wheezy) and unstable distribution (sid),
- -this problem will be fixed soon.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом (wheezy) и неÑ?Ñ?абилÑ?ном (sid) вÑ?пÑ?Ñ?каÑ?
+Ñ?Ñ?а пÑ?облема бÑ?деÑ? иÑ?пÑ?авлена позже.</p>
 
- -<p>We recommend that you upgrade your iceape packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? iceape.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2012/dsa-2544.wml	2014-04-30 13:16:29.000000000 +0600
+++ russian/security/2012/dsa-2544.wml	2016-08-23 22:52:15.079920177 +0500
@@ -1,36 +1,37 @@
- -<define-tag description>denial of service</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>оÑ?каз в обÑ?лÑ?живании</define-tag>
 <define-tag moreinfo>
- -<p>Multiple denial of service vulnerabilities have been discovered in Xen,
- -an hypervisor. The Common Vulnerabilities and Exposures project identifies
- -the following problems:</p>
+<p>Ð? гипеÑ?визоÑ?е Xen бÑ?ли обнаÑ?Ñ?женÑ? многоÑ?иÑ?леннÑ?е оÑ?казÑ? в
+обÑ?лÑ?живании. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures опÑ?еделÑ?еÑ?
+Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-3494";>CVE-2012-3494</a>:
 
- -    <p>It was discovered that set_debugreg allows writes to reserved bits
- -    of the DR7 debug control register on amd64 (x86-64) paravirtualised
- -    guests, allowing a guest to crash the host.</p></li>
+    <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о set_debugreg позволÑ?еÑ? вÑ?полнÑ?Ñ?Ñ? запиÑ?Ñ? в заÑ?езеÑ?виÑ?ованнÑ?е биÑ?Ñ?
+    Ñ?пÑ?авлÑ?Ñ?Ñ?его Ñ?егиÑ?Ñ?Ñ?а оÑ?ладки DR7 на паÑ?авиÑ?Ñ?Ñ?ализованнÑ?й гоÑ?Ñ?евÑ?Ñ? Ñ?иÑ?Ñ?емаÑ? Ñ?
+    аÑ?Ñ?иÑ?екÑ?Ñ?Ñ?ой amd64 (x86-64), позволÑ?Ñ? гоÑ?Ñ?евой Ñ?иÑ?Ñ?еме аваÑ?ийно завеÑ?Ñ?аÑ?Ñ? Ñ?абоÑ?Ñ? оÑ?новной Ñ?иÑ?Ñ?емÑ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-3496";>CVE-2012-3496</a>:
 
- -    <p>Matthew Daley discovered that XENMEM_populate_physmap, when called
- -    with the MEMF_populate_on_demand flag set, a BUG (detection routine)
- -    can be triggered if a translating paging mode is not being used,
- -    allowing a guest to crash the host.</p></li>
+    <p>Ð?Ñ?Ñ?Ñ?Ñ? Ð?оли обнаÑ?Ñ?жил, Ñ?Ñ?о XENMEM_populate_physmap, пÑ?и вÑ?зове
+    Ñ? набоÑ?ом Ñ?лагов MEMF_populate_on_demand, можеÑ? вÑ?зÑ?ваÑ?Ñ? BUG (Ñ?Ñ?нкÑ?иÑ?-опÑ?еделиÑ?елÑ?)
+    в Ñ?лÑ?Ñ?ае, когда не иÑ?полÑ?зÑ?еÑ?Ñ?Ñ? Ñ?ежим пеÑ?евода Ñ?Ñ?Ñ?аниÑ?,
+    Ñ?Ñ?о позволÑ?еÑ? гоÑ?Ñ?евой Ñ?иÑ?Ñ?еме аваÑ?ийно завеÑ?Ñ?аÑ?Ñ? Ñ?абоÑ?Ñ? оÑ?новной Ñ?иÑ?Ñ?емÑ?.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (squeeze), these problems have been fixed in
- -version 4.0.1-5.4.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 4.0.1-5.4.</p>
 
- -<p>For the testing distribution (wheezy), these problems will be fixed
- -soon.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?и пÑ?облемÑ? бÑ?дÑ?Ñ? иÑ?пÑ?авленÑ?
+позже.</p>
 
- -<p>For the unstable distribution (sid), these problems have been fixed in
- -version 4.1.3-2.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 4.1.3-2.</p>
 
- -<p>We recommend that you upgrade your xen packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? xen.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXvI7MAAoJEF7nbuICFtKlvwEP/RjrDYGpOa7ncH+nJ1emBD4j
PLbGyRkAsms6aVJt/Ivn/oRKjspdB5h3uoErnAxtiJfPHxtUaXDMPae5Bs3JATV/
W8uqUTv6QBkmmqv8ZfehoUH61N+cMp0lGZkNAnoZ97Z1JwMNnIaFnkegE4/MZev9
bcxc8CARMSKCGuG9FlKM2ruBQEt9J1hcZzu2StliQgnfwHxL1Je09vOoyLYA+v1Y
l+enCAa/B/ZGfhhaHn7gOIa4x93wkfGYMiAEJHwd2fwYr6LDfi8+wpgDskQx+cF1
sofcFhe9Y5IkjajIG9hadP2ByXcLm7CsfmqjszGInB1++7ObXSv8GQD/bqKHLk5d
4hxPfT+pC0siUmUivkzDc9vpK1LEgSO5QFCkrkvqlfoHI1oXTmVB9uPBHC1FfR3f
A4lMaOn7oMidBI3yLTrW+Fd5zY3yFWsuf/lQN1L1k5WtcuNmynKU/loA9/6FBSN4
Xu3poLscnvVuAQ12p0wWqI4yqUp85d+Hauz3Q7rmQM2YEkZk8e+OWx8zwJG8CBGY
BcxxGj1gXGss2KOyNnm6ebo1YbUyOMZXtLX9dRwleAAY80KETE6xGBWB9p9m/8cC
jQRu0N1Ppe8RBQ3vL4QCfNY/fdpXo2PKHea/2VXtTKnSYZxkBbMiNWGmzrcH3pT6
ZTgONr34Q+qET1jWCdjE
=bOy3
-----END PGP SIGNATURE-----
Reply to: