[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2002/dsa-1{20,77,91}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2002/dsa-120.wml	2002-03-11 03:48:15.000000000 +0500
+++ russian/security/2002/dsa-120.wml	2016-08-27 18:21:59.688284594 +0500
@@ -1,25 +1,26 @@
- -<define-tag description>buffer overflow</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>пеÑ?еполнение бÑ?Ñ?еÑ?а</define-tag>
 <define-tag moreinfo>
- -<p>Ed Moyle recently
+<p>Эд Ð?оил недавно
 <a href="http://archives.neohapsis.com/archives/bugtraq/2002-02/0313.html";>\
- -found</a> a buffer overflow in Apache-SSL and mod_ssl.
- -With session caching enabled, mod_ssl will serialize SSL session
- -variables to store them for later use.  These variables were stored in
- -a buffer of a fixed size without proper boundary checks.</p>
+обнаÑ?Ñ?жил</a> пеÑ?еполнение бÑ?Ñ?еÑ?а в Apache-SSL и mod_ssl.
+Ð?Ñ?ли вклÑ?Ñ?ено кеÑ?иÑ?ование Ñ?еÑ?Ñ?ии, Ñ?о mod_ssl вÑ?полнÑ?еÑ? Ñ?еÑ?иализаÑ?иÑ? пеÑ?еменнÑ?Ñ?
+Ñ?еÑ?Ñ?ии SSL Ñ? Ñ?елÑ?Ñ? иÑ? Ñ?оÑ?Ñ?анениÑ? длÑ? далÑ?нейÑ?его иÑ?полÑ?зованиÑ?.  ЭÑ?и пеÑ?еменнÑ?Ñ? Ñ?оÑ?Ñ?анÑ?Ñ?Ñ?Ñ?Ñ?
+в бÑ?Ñ?еÑ?е Ñ?икÑ?иÑ?ованного Ñ?азмеÑ?а, а пÑ?овеÑ?ка гÑ?аниÑ? не пÑ?оизводиÑ?Ñ?Ñ?.</p>
 
- -<p>To exploit the overflow, the server must be configured to require client
- -certificates, and an attacker must obtain a carefully crafted client
- -certificate that has been signed by a Certificate Authority which is
- -trusted by the server. If these conditions are met, it would be possible
- -for an attacker to execute arbitrary code on the server.</p>
+<p>Ð?лÑ? Ñ?ого, Ñ?Ñ?обÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?о пеÑ?еполнение, Ñ?еÑ?веÑ? должен Ñ?Ñ?ебоваÑ?Ñ? клиенÑ?Ñ?кие
+Ñ?еÑ?Ñ?иÑ?икаÑ?Ñ?, а злоÑ?мÑ?Ñ?ленник должен полÑ?Ñ?иÑ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?й клиенÑ?Ñ?кий
+Ñ?еÑ?Ñ?иÑ?икаÑ?, подпиÑ?аннÑ?й авÑ?оÑ?иÑ?еÑ?ом, коÑ?оÑ?омÑ? довеÑ?Ñ?еÑ? Ñ?Ñ?оÑ?
+Ñ?еÑ?веÑ?. Ð?Ñ?ли Ñ?Ñ?и Ñ?Ñ?ловиÑ? вÑ?полненÑ?, Ñ?о злоÑ?мÑ?Ñ?ленник можеÑ?
+вÑ?полниÑ?Ñ? пÑ?оизволÑ?нÑ?й код на Ñ?еÑ?веÑ?е.</p>
 
- -<p>This problem has been fixed in version 1.3.9.13-4 of Apache-SSL and
- -version 2.4.10-1.3.9-1potato1 of libapache-mod-ssl for the stable
- -Debian distribution as well as in version 1.3.23.1+1.47-1 of
- -Apache-SSL and version 2.8.7-1 of libapache-mod-ssl for the testing
- -and unstable distribution of Debian.</p>
+<p>ЭÑ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в веÑ?Ñ?ии 1.3.9.13-4 пакеÑ?а Apache-SSL и
+в веÑ?Ñ?ии 2.4.10-1.3.9-1potato1 пакеÑ?а libapache-mod-ssl длÑ? Ñ?Ñ?абилÑ?ного
+вÑ?пÑ?Ñ?ка Debian, а Ñ?акже в веÑ?Ñ?ии 1.3.23.1+1.47-1 пакеÑ?а
+Apache-SSL и в веÑ?Ñ?ии 2.8.7-1 пакеÑ?а libapache-mod-ssl длÑ? Ñ?еÑ?Ñ?иÑ?Ñ?емого
+и неÑ?Ñ?абилÑ?ного вÑ?пÑ?Ñ?ков Debian.</p>
 
- -<p>We recommend that you upgrade your Apache-SSL and mod_ssl packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? Apache-SSL и mod_ssl.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2002/dsa-177.wml	2002-10-31 20:25:34.000000000 +0500
+++ russian/security/2002/dsa-177.wml	2016-08-27 18:29:19.058310940 +0500
@@ -1,27 +1,28 @@
- -<define-tag description>serious security violation</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>Ñ?еÑ?Ñ?Ñ?зное наÑ?Ñ?Ñ?ение безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>A serious security violation in PAM was discovered.
- -Disabled passwords (i.e. those with '*' in the
- -password file) were classified as empty password and access to such
- -accounts is granted through the regular login procedure (getty,
- -telnet, ssh).  This works for all such accounts whose shell field in
- -the password file does not refer to <code>/bin/false</code>.
- -Only version 0.76 of PAM seems to be affected by this problem.</p>
+<p>Ð? PAM бÑ?ло обнаÑ?Ñ?жено Ñ?еÑ?Ñ?Ñ?зное наÑ?Ñ?Ñ?ение безопаÑ?ноÑ?Ñ?и.
+Ð?Ñ?клÑ?Ñ?еннÑ?е паÑ?оли (Ñ?о еÑ?Ñ?Ñ?, паÑ?оли Ñ? '*' в
+Ñ?айле паÑ?олей) клаÑ?Ñ?иÑ?иÑ?иÑ?Ñ?Ñ?Ñ?Ñ?Ñ? как пÑ?Ñ?Ñ?Ñ?е паÑ?оли, доÑ?Ñ?Ñ?п к Ñ?аким
+Ñ?Ñ?Ñ?Ñ?нÑ?м запиÑ?Ñ?м даÑ?Ñ?Ñ?Ñ? Ñ?еÑ?ез обÑ?Ñ?нÑ?Ñ? пÑ?оÑ?едÑ?Ñ?Ñ? вÑ?ода (getty,
+telnet, ssh).  ЭÑ?о Ñ?абоÑ?аеÑ? длÑ? вÑ?еÑ? Ñ?Ñ?Ñ?Ñ?нÑ?Ñ? запиÑ?ей, Ñ? коÑ?оÑ?Ñ?Ñ? поле командной Ñ?Ñ?Ñ?оки в
+Ñ?айле паÑ?олей не Ñ?одеÑ?жиÑ? <code>/bin/false</code>.
+Ð?ак кажеÑ?Ñ?Ñ?, Ñ?Ñ?ой пÑ?облеме подвеÑ?жена Ñ?олÑ?ко веÑ?Ñ?иÑ? 0.76 PAM.</p>
 
- -<p>This problem has been fixed in version 0.76-6 for the current unstable
- -distribution (sid).  The stable distribution (woody), the old stable
- -distribution (potato) and the testing distribution (sarge) are not
- -affected by this problem.</p>
+<p>ЭÑ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в веÑ?Ñ?ии 0.76-6 Ñ?екÑ?Ñ?его неÑ?Ñ?абилÑ?ного
+вÑ?пÑ?Ñ?ка (sid).  СÑ?абилÑ?нÑ?й (woody), пÑ?едÑ?дÑ?Ñ?ий Ñ?Ñ?абилÑ?нÑ?й
+(potato) и Ñ?еÑ?Ñ?иÑ?Ñ?емÑ?й (sarge) вÑ?пÑ?Ñ?ки не
+подвеÑ?женÑ? Ñ?Ñ?ой пÑ?облеме.</p>
 
- -<p>As stated in the Debian security team <a href="$(HOME)/security/faq">\
- -FAQ</a>, testing
- -and unstable are rapidly moving targets and the security team does not
- -have the resources needed to properly support those.  This security
- -advisory is an exception to that rule, due to the seriousness of the
- -problem.</p>
+<p>Ð?ак Ñ?казано в <a href="$(HOME)/security/faq">\
+ЧÐ?Ð?Ð?</a> командÑ? безопаÑ?ноÑ?Ñ?и Debian, Ñ?еÑ?Ñ?иÑ?Ñ?емÑ?й
+и неÑ?Ñ?абилÑ?нÑ?й вÑ?пÑ?Ñ?ки Ñ?азвиваÑ?Ñ?Ñ?Ñ? Ñ?Ñ?Ñ?емиÑ?елÑ?но, а Ñ? командÑ? безопаÑ?ноÑ?Ñ?и
+неÑ? Ñ?еÑ?Ñ?Ñ?Ñ?ов, коÑ?оÑ?Ñ?е нÑ?жнÑ? длÑ? полноÑ?енной поддеÑ?жки Ñ?Ñ?иÑ? вÑ?пÑ?Ñ?ков.  Ð?аннаÑ? Ñ?екомендаÑ?иÑ?
+по безопаÑ?ноÑ?Ñ?и Ñ?влÑ?еÑ?Ñ?Ñ? иÑ?клÑ?Ñ?ением из Ñ?Ñ?ого пÑ?авила в Ñ?вÑ?зи Ñ? Ñ?еÑ?Ñ?Ñ?зноÑ?Ñ?Ñ?Ñ?
+пÑ?облемÑ?.</p>
 
- -<p>We recommend that you upgrade your PAM packages immediately if you are
- -running Debian/unstable.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? как можно Ñ?коÑ?ее обновиÑ?Ñ? пакеÑ?Ñ? PAM в Ñ?лÑ?Ñ?ае, еÑ?ли вÑ?
+иÑ?полÑ?зÑ?еÑ?е неÑ?Ñ?абилÑ?нÑ?й вÑ?пÑ?Ñ?к Debian.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2002/dsa-191.wml	2002-11-08 14:43:55.000000000 +0500
+++ russian/security/2002/dsa-191.wml	2016-08-27 18:35:42.257233026 +0500
@@ -1,30 +1,31 @@
- -<define-tag description>cross site scripting</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>межÑ?айÑ?овÑ?й Ñ?кÑ?ипÑ?инг</define-tag>
 <define-tag moreinfo>
- -<p>Several cross site scripting vulnerabilities have been found in
- -squirrelmail, a feature-rich webmail package written in PHP4.  The
- -Common Vulnerabilities and Exposures (CVE) project identified the
- -following vulnerabilities:</p>
+<p>Ð? squirrelmail, полноÑ?Ñ?нкÑ?ионалÑ?ном пакеÑ?е веб-поÑ?Ñ?Ñ? на Ñ?зÑ?ке PHP4, бÑ?ло
+обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей, пÑ?иводÑ?Ñ?иÑ? к межÑ?айÑ?овомÑ? Ñ?кÑ?ипÑ?ингÑ?.
+Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures (CVE) опÑ?еделÑ?еÑ?
+Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ol>
- -<li>CAN-2002-1131: User input is not always sanitized so execution of
- -    arbitrary code on a client computer is possible.  This can happen
- -    after following a malicious URL or by viewing a malicious
- -    addressbook entry.</li>
+<li>CAN-2002-1131: Ð?олÑ?зоваÑ?елÑ?Ñ?кие вÑ?однÑ?е даннÑ?е не вÑ?егда оÑ?иÑ?аÑ?Ñ?Ñ?Ñ?, поÑ?Ñ?омÑ?
+    на клиенÑ?Ñ?ком компÑ?Ñ?Ñ?еÑ?е возможно вÑ?полнение пÑ?оизволÑ?ного кода.  ЭÑ?о можеÑ?
+    пÑ?оизойÑ?и поÑ?ле оÑ?кÑ?Ñ?Ñ?иÑ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного URL или пÑ?и пÑ?оÑ?моÑ?Ñ?е
+    Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованной запиÑ?и адÑ?еÑ?ной книги.</li>
 
- -<li>CAN-2002-1132: Another problem could make it possible for an
- -    attacker to gain sensitive information under some conditions.
- -    When a malformed argument is appended to a link, an error page
- -    will be generated which contains the absolute pathname of the
- -    script.  However, this information is available through the
- -    Contents file of the distribution anyway.</li>
+<li>CAN-2002-1132: Ð?Ñ?Ñ?гаÑ? пÑ?облема можеÑ? позволиÑ?Ñ? злоÑ?мÑ?Ñ?ленникÑ? пÑ?и опÑ?еделÑ?ннÑ?Ñ?
+    Ñ?Ñ?ловиÑ?Ñ? полÑ?Ñ?иÑ?Ñ? Ñ?Ñ?вÑ?Ñ?виÑ?елÑ?нÑ?Ñ? инÑ?оÑ?маÑ?иÑ?.
+    Ð?Ñ?и добавлении к Ñ?Ñ?Ñ?лке Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного аÑ?гÑ?менÑ?а Ñ?оздаÑ?Ñ?Ñ?Ñ? Ñ?Ñ?Ñ?аниÑ?а
+    Ñ? Ñ?ообÑ?ением об оÑ?ибке, Ñ?одеÑ?жаÑ?аÑ? абÑ?олÑ?Ñ?нÑ?й пÑ?Ñ?Ñ?
+    Ñ?Ñ?енаÑ?иÑ?.  Тем не менее, Ñ?Ñ?а инÑ?оÑ?маÑ?иÑ? вÑ?Ñ? Ñ?авно доÑ?Ñ?Ñ?пна Ñ?еÑ?ез
+    Ñ?айл Contents диÑ?Ñ?Ñ?ибÑ?Ñ?ива.</li>
 </ol>
 
- -<p>These problems have been fixed in version 1.2.6-1.1 for the current stable
- -distribution (woody) and in version 1.2.8-1.1 for the unstable
- -distribution (sid).  The old stable distribution (potato) is not
- -affected since it doesn't contain a squirrelmail package.</p>
+<p>ЭÑ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии 1.2.6-1.1 длÑ? Ñ?екÑ?Ñ?его Ñ?Ñ?абилÑ?ного
+вÑ?пÑ?Ñ?ка (woody) и в веÑ?Ñ?ии 1.2.8-1.1 длÑ? неÑ?Ñ?абилÑ?ного
+вÑ?пÑ?Ñ?ка (sid).  Ð?Ñ?едÑ?дÑ?Ñ?ий Ñ?Ñ?абилÑ?нÑ?й вÑ?пÑ?Ñ?к (potato) не
+подвеÑ?жен Ñ?Ñ?им пÑ?облемам, поÑ?колÑ?кÑ? в нÑ?м оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вÑ?еÑ? пакеÑ? squirrelmail.</p>
 
- -<p>We recommend that you upgrade your squirrelmail package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? squirrelmail.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXwZcxAAoJEF7nbuICFtKlKrsQAKc+7GM+hpemba6RbwHTIWXH
U5CRrkA500765VJtGjjqlX5fESFgOcqVcrgCGcAamgctbY9rK20jpEtzJJFYxGIf
rknBVzeskCq3zXb4CtthPVjrM0m0WhzLExdhOu3BRVDuc4Y10roRRzmem1ugBk+9
/EJarBTRrA+D0N50y2tCwaLikXvrQeHkAKPF/8GOOBxbiIdtGYjR9JdJUatm4AYr
UZQxo1SAjtD+2uqDkiRd38lsVsQHzjhNK+smQTSgwKgIMAPrWF/zWt5tqFYzf9VN
hZzPHvPOJ8rxXXCEspEUhdYmdYjWQoEJDcikOkZBaAxzBboAF7d3kj9tKdncyy1a
RGO31sMyIdED6irDxjQAmQM8DiexuVXLsmdLHcn/rSkqi7ry/HblYVfNFky1fLKh
8DG1jjeOXZDcxwF4E4hn9eoqqldObrg1GaQCL0U756OHbamcXSU/HQLtxNq2sfl6
vTW0NWD21KC+HlhUCbJb7P2v8U5qPKGGJOtr+s639Zpbno4EJ9Z04A4npekPAn4G
HYDkRcjL7LOiMyXssGKeMKHNC19w4BFYa7wFYDw4v/9qa1f2k7ZkPgdy3P/Y0Nt8
HuZQ4GNVLDkO0VYwZciodGRseAkDotFF+AC7gvT1AyJSwGqDb/4t0FxSzFWhl51W
UUk1CEApY9Ec8n9qWPDn
=GB55
-----END PGP SIGNATURE-----
Reply to: