[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2005/dsa-{666,893,756}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2005/dsa-666.wml	2005-02-10 02:24:16.000000000 +0500
+++ russian/security/2005/dsa-666.wml	2016-08-26 13:15:16.507348508 +0500
@@ -1,25 +1,26 @@
- -<define-tag description>design flaw</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>пÑ?облема Ñ?азÑ?абоÑ?ки</define-tag>
 <define-tag moreinfo>
- -<p>The Python development team has discovered a flaw in their language
- -package.  The SimpleXMLRPCServer library module could permit remote
- -attackers unintended access to internals of the registered object or
- -its module or possibly other modules.  The flaw only affects Python
- -XML-RPC servers that use the register_instance() method to register an
- -object without a _dispatch() method.  Servers using only
- -register_function() are not affected.</p>
+<p>Ð?оманда Ñ?азÑ?абоÑ?ки Python обнаÑ?Ñ?жила Ñ?Ñ?звимоÑ?Ñ?Ñ? в иÑ?
+Ñ?зÑ?ке.  Ð?одÑ?лÑ? библиоÑ?еки SimpleXMLRPCServer можеÑ? позволиÑ?Ñ? Ñ?далÑ?ннÑ?м
+злоÑ?мÑ?Ñ?ленникам полÑ?Ñ?иÑ?Ñ? доÑ?Ñ?Ñ?п к внÑ?Ñ?Ñ?енним Ñ?аÑ?Ñ?Ñ?м заÑ?егиÑ?Ñ?Ñ?иÑ?ованного обÑ?екÑ?а или
+его модÑ?лÑ?, либо поÑ?енÑ?иалÑ?но к дÑ?Ñ?гим модÑ?лÑ?м.  ЭÑ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? каÑ?аеÑ?Ñ?Ñ? Ñ?олÑ?ко
+Ñ?еÑ?веÑ?ов XML-RPC длÑ? Python, иÑ?полÑ?зÑ?Ñ?Ñ?иÑ? меÑ?од register_instance() длÑ? Ñ?егиÑ?Ñ?Ñ?аÑ?ии
+обÑ?екÑ?а без меÑ?ода _dispatch().  СеÑ?веÑ?Ñ?, иÑ?полÑ?зÑ?Ñ?Ñ?ие Ñ?олÑ?ко
+меÑ?од register_function(), не подвеÑ?женÑ? Ñ?Ñ?ой пÑ?облеме.</p>
 
- -<p>For the stable distribution (woody) this problem has been fixed in
- -version 2.2.1-4.7.  No other version of Python in woody is affected.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (woody) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 2.2.1-4.7.  Ð?Ñ?Ñ?гие веÑ?Ñ?ии Python в woody не подвеÑ?женÑ? Ñ?Ñ?ой пÑ?облеме.</p>
 
- -<p>For the testing (sarge) and unstable (sid) distributions the following
- -matrix explains which version will contain the correction in which
- -version:</p>
+<p>Ð?лÑ? Ñ?еÑ?Ñ?иÑ?Ñ?емого (sarge) и неÑ?Ñ?абилÑ?ного (sid) вÑ?пÑ?Ñ?ков Ñ?ледÑ?Ñ?Ñ?аÑ?
+Ñ?аблиÑ?а обÑ?Ñ?Ñ?нÑ?еÑ? Ñ?о, какие веÑ?Ñ?ии бÑ?дÑ?Ñ? Ñ?одеÑ?жаÑ?Ñ?
+иÑ?пÑ?авление:</p>
 
 <table border="1" cellspacing="0" cellpadding="2">
   <tr>
     <th>&nbsp;</th>
- -    <th>testing</th>
- -    <th>unstable</th>
+    <th>Ñ?еÑ?Ñ?иÑ?Ñ?емÑ?й вÑ?пÑ?Ñ?к</th>
+    <th>неÑ?Ñ?абилÑ?нÑ?й вÑ?пÑ?Ñ?к</th>
   </tr>
   <tr>
     <td>Python 2.2</td>
@@ -38,7 +39,7 @@
   </tr>
 </table>
 
- -<p>We recommend that you upgrade your Python packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? Python.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2005/dsa-756.wml	2005-07-13 23:19:26.000000000 +0600
+++ russian/security/2005/dsa-756.wml	2016-08-26 13:23:57.707881211 +0500
@@ -1,36 +1,37 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in Squirrelmail, a
- -commonly used webmail system.  The Common Vulnerabilities and
- -Exposures project identifies the following problems:</p>
+<p>Ð? Squirrelmail, Ñ?иÑ?око иÑ?полÑ?зÑ?емой Ñ?иÑ?Ñ?еме веб-поÑ?Ñ?Ñ?, бÑ?ло
+обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей.  Ð?Ñ?оекÑ? Common Vulnerabilities and
+Exposures опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1769";>CAN-2005-1769</a>
 
- -    <p>Martijn Brinkers discovered cross-site scripting vulnerabilities
- -    that allow remote attackers to inject arbitrary web script or HTML
- -    in the URL and e-mail messages.</p>
+    <p>Ð?аÑ?Ñ?ийн Ð?Ñ?инкеÑ?Ñ? обнаÑ?Ñ?жил межÑ?айÑ?овÑ?й Ñ?кÑ?ипÑ?инг, позволÑ?Ñ?Ñ?ий
+    Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам вводиÑ?Ñ? пÑ?оизволÑ?нÑ?й веб-Ñ?Ñ?енаÑ?ий или код HTML
+    в URL и Ñ?ообÑ?ениÑ? Ñ?лекÑ?Ñ?онной поÑ?Ñ?Ñ?.</p>
 
 <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2095";>CAN-2005-2095</a>
 
- -    <p>James Bercegay of GulfTech Security discovered a vulnerability in
- -    the variable handling which could lead to attackers altering other
- -    people's preferences and possibly reading them, writing files at
- -    any location writable for www-data and cross site scripting.</p>
+    <p>Ð?жеймÑ? Ð?еÑ?Ñ?егай из GulfTech Security обнаÑ?Ñ?жил Ñ?Ñ?звимоÑ?Ñ?Ñ? в
+    коде обÑ?абоÑ?ки пеÑ?еменной, коÑ?оÑ?аÑ? можеÑ? пÑ?иводиÑ?Ñ? к Ñ?омÑ?, Ñ?Ñ?о злоÑ?мÑ?Ñ?ленники Ñ?могÑ?Ñ? измениÑ?Ñ?
+    наÑ?Ñ?Ñ?ойки дÑ?Ñ?гиÑ? полÑ?зоваÑ?елей, а Ñ?акже Ñ?Ñ?иÑ?аÑ?Ñ? иÑ?, запиÑ?Ñ?ваÑ?Ñ? Ñ?айлÑ?
+    в лÑ?бое меÑ?Ñ?о, оÑ?кÑ?Ñ?Ñ?ое длÑ? запиÑ?и полÑ?зоваÑ?елÑ? www-data, и вÑ?полнÑ?Ñ?Ñ? аÑ?аки по межÑ?айÑ?овомÑ? Ñ?кÑ?ипÑ?ингÑ?.</p>
 
 </ul>
 
- -<p>For the old stable distribution (woody) these problems have been fixed in
- -version 1.2.6-4.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (woody) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.2.6-4.</p>
 
- -<p>For the stable distribution (sarge) these problems have been fixed in
- -version 1.4.4-6sarge1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sarge) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.4.4-6sarge1.</p>
 
- -<p>For the unstable distribution (sid) these problems have been fixed in
- -version 1.4.4-6sarge1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.4.4-6sarge1.</p>
 
- -<p>We recommend that you upgrade your squirrelmail package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? squirrelmail.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2005/dsa-893.wml	2005-11-14 17:02:29.000000000 +0500
+++ russian/security/2005/dsa-893.wml	2016-08-26 13:20:06.744507955 +0500
@@ -1,29 +1,30 @@
- -<define-tag description>missing input sanitising</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вие оÑ?иÑ?Ñ?ки вÑ?однÑ?Ñ? даннÑ?Ñ?</define-tag>
 <define-tag moreinfo>
- -<p>Remco Verhoef has discovered a vulnerability in acidlab, Analysis
- -Console for Intrusion Databases, and in acidbase, Basic Analysis and
- -Security Engine, which can be exploited by malicious users to conduct
- -SQL injection attacks.</p>
- -
- -<p>The maintainers of Analysis Console for Intrusion Databases (ACID) in Debian,
- -of which BASE is a fork off, after a security audit of both BASE and ACID
- -have determined that the flaw found not only affected the base_qry_main.php (in
- -BASE) or acid_qry_main.php (in ACID) component but was also found in other
- -elements of the consoles due to improper parameter validation and filtering.</p>
- -
- -<p>All the SQL injection bugs and Cross Site Scripting bugs found have been
- -fixed in the Debian package, closing all the different attack vectors detected.</p>
- -
- -<p>For the old stable distribution (woody) this problem has been fixed in
- -version 0.9.6b20-2.1.</p>
+<p>Ремко Ð?кÑ?Ñ?оÑ? обнаÑ?Ñ?жил Ñ?Ñ?звимоÑ?Ñ?и в acidlab, Analysis
+Console for Intrusion Databases, и в acidbase, Basic Analysis and
+Security Engine, коÑ?оÑ?Ñ?е могÑ?Ñ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? злоÑ?мÑ?Ñ?ленниками длÑ? вÑ?полнениÑ?
+SQL-инÑ?екÑ?ий.</p>
+
+<p>СопÑ?овождаÑ?Ñ?ие Analysis Console for Intrusion Databases (ACID) в Debian,
+оÑ?веÑ?вление коÑ?оÑ?ого Ñ?влÑ?еÑ?Ñ?Ñ? BASE, поÑ?ле аÑ?диÑ?а безопаÑ?ноÑ?Ñ?и BASE и ACID
+опÑ?еделили, Ñ?Ñ?о Ñ?Ñ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? каÑ?аеÑ?Ñ?Ñ? не Ñ?олÑ?ко компоненÑ?ов base_qry_main.php (в
+BASE) или acid_qry_main.php (в ACID), но пÑ?иÑ?Ñ?Ñ?Ñ?Ñ?вÑ?еÑ? и в дÑ?Ñ?гиÑ?
+Ñ?леменÑ?аÑ? конÑ?олей из-за непÑ?авилÑ?ного пÑ?овеÑ?ки и Ñ?илÑ?Ñ?Ñ?аÑ?ии паÑ?амеÑ?Ñ?ов.</p>
+
+<p>Ð?Ñ?е обнаÑ?Ñ?женнÑ?е оÑ?ибки, Ñ?вÑ?заннÑ?е Ñ? SQL-инÑ?екÑ?ией и межÑ?айÑ?овÑ?м Ñ?кÑ?ипÑ?ингом, бÑ?ли
+иÑ?пÑ?авленÑ? в пакеÑ?е Debian, закÑ?Ñ?Ñ?Ñ? вÑ?е вÑ?Ñ?вленнÑ?е  векÑ?оÑ?Ñ? аÑ?ак.</p>
+
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (woody) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 0.9.6b20-2.1.</p>
 
- -<p>For the stable distribution (sarge) this problem has been fixed in
- -version 0.9.6b20-10.1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sarge) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 0.9.6b20-10.1.</p>
 
- -<p>For the unstable distribution (sid) this problem has been fixed in
- -version 0.9.6b20-13 and in version 1.2.1-1 of acidbase.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 0.9.6b20-13 и в веÑ?Ñ?ии 1.2.1-1 пакеÑ?а acidbase.</p>
 
- -<p>We recommend that you upgrade your acidlab and acidbase package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? acidlab и acidbase.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXv/ygAAoJEF7nbuICFtKlA98P/AjVb8pCPdahx3rAXI8op/co
+OV8SkDbUV6WqpqddnSeJmTccodccplcG+MkmaWd9lEtF5KeLumNGAdbOy6t3vxY
Or/67Kwio57/GWDOj6hEV0At0nDCEwH9VlSd4GEOJao98m9pfxajrV/MHj7mUrAE
BOcIvy/apabFirGZILJVJKv9azbZaw/GgxcbHVgzUaEsqrjO4AhZsvV6lCIx6Iq6
EotOCdZPVZJk1XivX9ZWvdtj+BzDRTNFUoM2Bo4VDyNORVERXOiplI9stEF5ViK1
7BNN1dbNMxnqoYfllSnQT3fx5fNdrgvH7PaTsnmdoxGTvn3vrS6m6CdU6Ge+umOB
lyZHd4epIJ0kQVrfxdKvKhi/bm0D8isBJdniU9MRqIYlwDSHJzLSafY6TCK5Z7ib
EdxleZR1reK7NnpHvtgYVpXwpgMDNcvpB8bnJrjVdv7jQYwDbAvpIYpy5aOXqaQX
6do7jQ4BwmRp9ELyTLHgZzy9ENVn77FktNGXMZTxYX/AXQORNxg+1XI+W+SlVB/l
Lj6pJPTmuyWI5++79FecPjQ05/sfk2ZnA5zzUkInMY1eYRk3VkighQvOKtrMoah4
CKDYygMKeyDfWjH92YFjOlTxkYc5wQntFfIGJFSkJ6x26Yk6uqE2EyVovXbtIsGT
Qoe/zxLtOasWplG3C1Yc
=eJL5
-----END PGP SIGNATURE-----
Reply to: