[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2002/dsa-{097,115,161}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2002/dsa-097.wml	2002-01-04 02:58:12.000000000 +0500
+++ russian/security/2002/dsa-097.wml	2016-08-27 18:05:19.224366675 +0500
@@ -1,24 +1,25 @@
- -<define-tag description>Uncontrolled program execution</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>неконÑ?Ñ?олиÑ?Ñ?емое вÑ?полнение пÑ?огÑ?амм</define-tag>
 <define-tag moreinfo>
- -<p>Patrice Fournier discovered a bug in all versions of Exim older than
- -Exim 3.34 and Exim 3.952.</p>
+<p>Ð?аÑ?Ñ?иÑ? ФÑ?Ñ?Ñ?е обнаÑ?Ñ?жил оÑ?ибкÑ? во вÑ?еÑ? веÑ?Ñ?иÑ?Ñ? Exim младÑ?е
+Exim 3.34 и Exim 3.952.</p>
 
- -<p>The Exim maintainer, Philip Hazel,
+<p>СопÑ?овождаÑ?Ñ?ий Exim, Филип ХаÑ?елÑ?,
 <a href="http://www.exim.org/pipermail/exim-announce/2001q4/000048.html";>\
- -writes</a> about this issue: "The
- -problem exists only in the case of a run time configuration which
- -directs or routes an address to a pipe transport without checking the
- -local part of the address in any way.  This does not apply, for
- -example, to pipes run from alias or forward files, because the local
- -part is checked to ensure that it is the name of an alias or of a
- -local user.  The bug's effect is that, instead of obeying the correct
- -pipe command, a broken Exim runs the command encoded in the local part
- -of the address."</p>
+пиÑ?еÑ?</a> об Ñ?Ñ?ой пÑ?облеме: "Ð?Ñ?облема
+имееÑ? меÑ?Ñ?о Ñ?олÑ?ко в Ñ?лÑ?Ñ?ае наÑ?Ñ?Ñ?оек вÑ?емени иÑ?полнениÑ?, коÑ?оÑ?Ñ?е
+напÑ?авлÑ?Ñ?Ñ? или маÑ?Ñ?Ñ?Ñ?Ñ?изиÑ?Ñ?Ñ?Ñ? адÑ?еÑ? в каналÑ?нÑ?й Ñ?Ñ?анÑ?поÑ?Ñ? без какой-либо
+пÑ?овеÑ?ки локалÑ?ной Ñ?аÑ?Ñ?и адÑ?еÑ?а.  ЭÑ?о, напÑ?имеÑ?, не каÑ?аеÑ?Ñ?Ñ?
+каналов, запÑ?Ñ?еннÑ?Ñ? из пÑ?евдонимов или Ñ?айлов пеÑ?еÑ?Ñ?лки, поÑ?колÑ?кÑ? пÑ?овеÑ?ка
+локалÑ?ной Ñ?аÑ?Ñ?и вÑ?полнÑ?еÑ?Ñ?Ñ? Ñ? Ñ?елÑ?Ñ? вÑ?Ñ?Ñ?нениÑ? Ñ?ого, Ñ?Ñ?о поÑ?леднÑ?Ñ? Ñ?влÑ?еÑ?Ñ?Ñ? именем пÑ?евдонима
+или локалÑ?нÑ?м полÑ?зоваÑ?елем.  СледÑ?Ñ?вие Ñ?Ñ?ой оÑ?ибки Ñ?оÑ?Ñ?оиÑ? в Ñ?ом, Ñ?Ñ?о вмеÑ?Ñ?о Ñ?ого, Ñ?Ñ?обÑ? вÑ?полнÑ?Ñ?Ñ?
+пÑ?авилÑ?нÑ?Ñ? каналÑ?нÑ?Ñ? командÑ?, Exim запÑ?Ñ?каеÑ? командÑ?, закодиÑ?ованнÑ?Ñ? в локалÑ?ной Ñ?аÑ?Ñ?и
+адÑ?еÑ?а."</p>
 
- -<p>This problem has been fixed in Exim version 3.12-10.2 for the stable
- -distribution Debian GNU/Linux 2.2 and 3.33-1.1 for the testing and
- -unstable distribution.  We recommend that you upgrade your exim
- -package.</p>
+<p>ЭÑ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в Exim веÑ?Ñ?ии 3.12-10.2 длÑ? Ñ?Ñ?абилÑ?ного
+вÑ?пÑ?Ñ?ка Debian GNU/Linux 2.2 и в веÑ?Ñ?ии 3.33-1.1 длÑ? Ñ?еÑ?Ñ?иÑ?Ñ?емого и
+неÑ?Ñ?абилÑ?ного вÑ?пÑ?Ñ?ков.  РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?
+exim.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2002/dsa-115.wml	2002-03-02 15:25:26.000000000 +0500
+++ russian/security/2002/dsa-115.wml	2016-08-27 18:11:25.121548378 +0500
@@ -1,15 +1,16 @@
- -<define-tag description>broken boundary check and more</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>Ñ?ломаннаÑ? пÑ?овеÑ?ка гÑ?аниÑ? маÑ?Ñ?ив и дÑ?Ñ?гое</define-tag>
 <define-tag moreinfo>
- -<p>Stefan Esser, who is also a member of the PHP team, found several
- -<a href="http://security.e-matters.de/advisories/012002.html";>flaws</a>
- -in the way PHP handles multipart/form-data POST requests (as
- -described in RFC1867) known as POST fileuploads.  Each of the flaws
- -could allow an attacker to execute arbitrary code on the victim's
- -system.</p>
- -
- -<p>For PHP3 flaws contain a broken boundary check and an arbitrary heap
- -overflow.  For PHP4 they consist of a broken boundary check and a heap
- -off by one error.</p>
- -
- -<p>For the stable release of Debian these problems are fixed in version
- -3.0.18-0potato1.1 of PHP3 and version 4.0.3pl1-0potato3 of PHP4.</p>
+<p>ШÑ?еÑ?ан ЭÑ?Ñ?еÑ?, коÑ?оÑ?Ñ?е Ñ?влÑ?еÑ?Ñ?Ñ? Ñ?леном командÑ? PHP, обнаÑ?Ñ?жил неÑ?колÑ?ко
+<a href="http://security.e-matters.de/advisories/012002.html";>Ñ?Ñ?звимоÑ?Ñ?ей</a>
+в Ñ?поÑ?обе, иÑ?полÑ?зÑ?емом PHP длÑ? обÑ?абоÑ?ки многокомпоненÑ?Ñ?Ñ? POST-запÑ?оÑ?ов или запÑ?оÑ?ов
+вида Ñ?оÑ?ма-даннÑ?е (опиÑ?аннÑ?Ñ? в RFC1867), извеÑ?Ñ?нÑ?Ñ? как загÑ?Ñ?зки Ñ?айлов Ñ?еÑ?ез POST.  Ð?аждаÑ? из Ñ?Ñ?иÑ?
+Ñ?Ñ?звимоÑ?Ñ?ей можеÑ? позволиÑ?Ñ? злоÑ?мÑ?Ñ?ленникÑ? вÑ?полниÑ?Ñ? пÑ?оизволÑ?нÑ?й код в Ñ?иÑ?Ñ?еме
+жеÑ?Ñ?вÑ?.</p>
+
+<p>Ð? PHP3 Ñ?Ñ?еди Ñ?Ñ?звимоÑ?Ñ?ей пÑ?иÑ?Ñ?Ñ?Ñ?Ñ?вÑ?Ñ?Ñ? Ñ?ломаннаÑ? пÑ?овеÑ?ка гÑ?аниÑ? маÑ?Ñ?ива и пÑ?оизволÑ?ное
+пеÑ?еполнение динамиÑ?еÑ?кой памÑ?Ñ?и.  Ð? PHP4 они Ñ?оÑ?Ñ?оÑ?Ñ? из Ñ?ломанной пÑ?овеÑ?ки гÑ?аниÑ? маÑ?Ñ?ива и
+оÑ?ибки на единиÑ?Ñ?.</p>
+
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке Debian Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии
+3.0.18-0potato1.1 пакеÑ?а PHP3 и в веÑ?Ñ?ии 4.0.3pl1-0potato3 пакеÑ?а PHP4.</p>

- -<p>For the unstable and testing release of Debian these problems are
- -fixed in version 3.0.18-22 of PHP3 and version 4.1.2-1 of PHP4.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном и Ñ?еÑ?Ñ?иÑ?Ñ?емом вÑ?пÑ?Ñ?каÑ? Debian Ñ?Ñ?и пÑ?облемÑ? бÑ?ли
+иÑ?пÑ?авленÑ? в веÑ?Ñ?ии 3.0.18-22 пакеÑ?а PHP3 и в веÑ?Ñ?ии 4.1.2-1 пакеÑ?а  PHP4.</p>

- -<p>There is no PHP4 in the stable and unstable distribution for the arm
- -architecture due to a compiler error.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном и неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке из-за оÑ?ибки компилÑ?Ñ?оÑ?а  оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вÑ?Ñ?Ñ?
+пакеÑ?Ñ? PHP4 длÑ? аÑ?Ñ?иÑ?екÑ?Ñ?Ñ?Ñ? arm.</p>

- -<p>We recommend that you upgrade your PHP packages immediately.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? как можно Ñ?коÑ?ее обновиÑ?Ñ? пакеÑ?Ñ? PHP.</p>
 </define-tag>

 # do not modify the following line
- --- english/security/2002/dsa-161.wml	2002-09-04 20:49:58.000000000 +0600
+++ russian/security/2002/dsa-161.wml	2016-08-27 18:16:32.754409401 +0500
@@ -1,27 +1,28 @@
- -<define-tag description>privilege escalation</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>повÑ?Ñ?ение пÑ?ивилегий</define-tag>
 <define-tag moreinfo>
- -<p>A problem with user privileges has been discovered in the Mantis
- -package, a PHP based bug tracking system.  The Mantis system didn't
- -check whether a user is permitted to view a bug, but displays it right
- -away if the user entered a valid bug id.</p>
- -
- -<p>Another bug in Mantis caused the 'View Bugs' page to list bugs from
- -both public and private projects when no projects are accessible to
- -the current user.</p>
- -
- -<p>These problems have been fixed in version 0.17.1-2.5 for the current
- -stable distribution (woody) and in version 0.17.5-2 for the unstable
- -distribution (sid).  The old stable distribution (potato) is not
- -affected, since it doesn't contain the mantis package.</p>
+<p>Ð? пакеÑ?е Mantis, Ñ?иÑ?Ñ?еме оÑ?Ñ?леживаниÑ? оÑ?ибок на оÑ?нове PHP, бÑ?ла
+обнаÑ?Ñ?жена пÑ?облема, каÑ?аÑ?Ñ?аÑ?Ñ?Ñ? пÑ?ав полÑ?зоваÑ?елей.  СиÑ?Ñ?ема Mantis не
+вÑ?полнÑ?еÑ? пÑ?овеÑ?кÑ? Ñ?ого, Ñ?азÑ?еÑ?ено ли полÑ?зоваÑ?елÑ? пÑ?оÑ?маÑ?Ñ?иваÑ?Ñ? Ñ?ообÑ?ение об оÑ?ибке,
+а пÑ?оÑ?Ñ?о оÑ?обÑ?ажаеÑ? его пÑ?и Ñ?Ñ?ловии, Ñ?Ñ?о полÑ?зоваÑ?елÑ? ввÑ?л пÑ?авилÑ?нÑ?й иденÑ?иÑ?икаÑ?оÑ? Ñ?ообÑ?ениÑ?.</p>
+
+<p>Ð?Ñ?Ñ?гаÑ? оÑ?ибка в Mantis пÑ?иводиÑ? к Ñ?омÑ?, Ñ?Ñ?о на Ñ?Ñ?Ñ?аниÑ?е 'View Bugs' вÑ?водиÑ?Ñ?Ñ? Ñ?пиÑ?ок оÑ?ибок
+и из оÑ?кÑ?Ñ?Ñ?Ñ?Ñ?, и из закÑ?Ñ?Ñ?Ñ?Ñ? пÑ?оекÑ?ов пÑ?и Ñ?Ñ?ловии, Ñ?Ñ?о Ñ?екÑ?Ñ?ий полÑ?зоваÑ?елÑ? не имееÑ?
+доÑ?Ñ?Ñ?па ни к каким пÑ?оекÑ?ам.</p>
+
+<p>ЭÑ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии 0.17.1-2.5 длÑ? Ñ?екÑ?Ñ?его
+Ñ?Ñ?абилÑ?ного вÑ?пÑ?Ñ?ка (woody) и в веÑ?Ñ?ии 0.17.5-2 длÑ? неÑ?Ñ?абилÑ?ного
+вÑ?пÑ?Ñ?ка (sid).  Ð?Ñ?едÑ?дÑ?Ñ?ий Ñ?Ñ?абилÑ?нÑ?й вÑ?пÑ?Ñ?к (potato) не
+подвеÑ?жен даннÑ?м пÑ?облемам, поÑ?колÑ?кÑ? пакеÑ? mantis в нÑ?м оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вÑ?еÑ?.</p>
 
- -<p>Additional information:</p>
+<p>Ð?ополниÑ?елÑ?наÑ? инÑ?оÑ?маÑ?иÑ?:</p>
 
 <ul>
- -<li><a href="http://mantisbt.sourceforge.net/advisories/2002/2002-06.txt";>Mantis Advisory/2002-06</a>
- -<li><a href="http://mantisbt.sourceforge.net/advisories/2002/2002-07.txt";>Mantis Advisory/2002-07</a>
+<li><a href="http://mantisbt.sourceforge.net/advisories/2002/2002-06.txt";>РекомендаÑ?иÑ? Mantis/2002-06</a>
+<li><a href="http://mantisbt.sourceforge.net/advisories/2002/2002-07.txt";>РекомендаÑ?иÑ? Mantis/2002-07</a>
 </ul>
 
- -<p>We recommend that you upgrade your mantis packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? mantis.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXwZK0AAoJEF7nbuICFtKlTXsP/RDj1vhXGnvCl/i+YsRE2C12
7HZh5SZD5quhqQRloTrRqu9QUcewjwtyoSZd/Nm3RTOcWPkktbkVIBKy3x/HylwT
7qTqg9DFGJZes2VvExH0fXYw7t9f7yjQgnXUhruTLEVHl2Iz2RJXI7SWHtFQrGWz
RfKUCDxxTRwkcpSji+obAMFwLpaPtjUAEkKeRZsm5ZadjwPsONajLk9TuuJIbEhW
nxxRx1XBTMoNYWMJtwRpWxEWRBG1MNLiXFq1bkaxdfb3k4x5Vdab7mo8XXlhEonk
cP/8lJPGFek952tbX9ym576XzPEb/6CIAYr0lFQfk5LBw5WMF0np6jYZLShWttLt
2EdxJDEMVy+t8NAp1a1NGfWOjnneeC5otwWv1CgmPkEE9pIviE12lDEXq5a36H3g
bkCn5DqprHdlX1gVIoOnzHGPuWyUl38C0Bg8gU5z/db8t/29NjXSb/TROGdietoy
p2g6NVB4eAvVEb8XpUQTLTTZgCodzi1lPYdov/JYuX9I0VH+fUhd3WJByxPBuvrE
OBIbfgE2SwCnrL8I3RozqZ6CLYFRu8Rc3nfaEcwi9o8xaMoqAAz8hByXLSWmaRSn
Rx1BlEp5eGgKKL0qjXu+BJpfa1kp1Kd4op2MGfGDb2MSOc69qERLR3F25UG4XfW/
k6vDzH5+h5z4xbtNlABj
=4L1s
-----END PGP SIGNATURE-----
Reply to: