[DONE] wml://security/2002/dsa-1{58,55,81}.wml

[Lev Lamberov <dogsleg@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2002/dsa-155.wml	2004-11-29 03:45:39.000000000 +0500
+++ russian/security/2002/dsa-155.wml	2016-08-27 18:57:02.841361540 +0500
@@ -1,28 +1,29 @@
- -<define-tag description>privacy escalation with Konqueror</define-tag>
+#use wml::debian::translation-check translation="1.5" maintainer="Lev Lamberov"
+<define-tag description>пÑ?облема пÑ?иваÑ?ноÑ?Ñ?и в Konqueror</define-tag>
 <define-tag moreinfo>
- -<p>Due to a security engineering oversight, the SSL library from KDE,
- -which Konqueror uses, doesn't check whether an intermediate
- -certificate for a connection is signed by the certificate authority as
- -safe for the purpose, but accepts it when it is signed.  This makes it
- -possible for anyone with a valid VeriSign SSL site certificate to
- -forge any other VeriSign SSL site certificate, and abuse Konqueror
- -users.</p>
+<p>Ð?з-за инженеÑ?ного недоÑ?Ñ?Ñ?а библиоÑ?ека SSL из KDE,
+иÑ?полÑ?зÑ?емаÑ? Konqueror, не вÑ?полнÑ?еÑ? пÑ?овеÑ?кÑ? Ñ?ого, Ñ?Ñ?о пÑ?омежÑ?Ñ?оÑ?нÑ?й
+Ñ?еÑ?Ñ?иÑ?икаÑ? Ñ?оединениÑ? подпиÑ?ан авÑ?оÑ?иÑ?еÑ?ом как безопаÑ?нÑ?й длÑ?
+Ñ?Ñ?ой Ñ?ели, но пÑ?инимаеÑ? Ñ?Ñ?оÑ? Ñ?еÑ?Ñ?иÑ?икаÑ?, еÑ?ли он вообÑ?е подпиÑ?ан.  ЭÑ?о позволÑ?еÑ?
+вÑ?Ñ?комÑ?, имеÑ?Ñ?емÑ? коÑ?Ñ?екÑ?нÑ?й SSL-Ñ?еÑ?Ñ?иÑ?икаÑ? VeriSign,
+подделÑ?ваÑ?Ñ? лÑ?бой дÑ?Ñ?гой SSL-Ñ?еÑ?Ñ?иÑ?икаÑ? VeriSign длÑ? Ñ?айÑ?а и вÑ?полнÑ?Ñ?Ñ?
+аÑ?аки на полÑ?зоваÑ?елей Konqueror.</p>
 
- -<p>A local root exploit using artsd has been discovered which exploited
- -an insecure use of a format string.  The exploit wasn't working on a
- -Debian system since artsd wasn't running setuid root.  Neither artsd
- -nor artswrapper need to be setuid root anymore since current computer
- -systems are fast enough to handle the audio data in time.</p>
+<p>Ð?Ñ?ла обнаÑ?Ñ?жена локалÑ?наÑ? Ñ?Ñ?звимоÑ?Ñ?Ñ? Ñ?Ñ?пеÑ?полÑ?зоваÑ?елÑ?, иÑ?полÑ?зÑ?Ñ?Ñ?аÑ? artsd, на
+оÑ?нове небезопаÑ?ного иÑ?полÑ?зованиÑ? Ñ?оÑ?маÑ?ной Ñ?Ñ?Ñ?оки.  ЭÑ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? не Ñ?абоÑ?аеÑ?
+в Ñ?иÑ?Ñ?еме Debian, поÑ?колÑ?кÑ? в ней artsd не имееÑ? setuid.  Ð?и artsd,
+ни artswrapper более не Ñ?Ñ?ебÑ?Ñ?Ñ?Ñ?Ñ? setuid, поÑ?колÑ?кÑ? Ñ?екÑ?Ñ?ие Ñ?иÑ?Ñ?емÑ?
+доÑ?Ñ?аÑ?оÑ?но бÑ?Ñ?Ñ?Ñ?Ñ? длÑ? обÑ?абоÑ?ки аÑ?диоданнÑ?Ñ? в Ñ?Ñ?ок.</p>
 
- -<p>These problems have been fixed in version 2.2.2-13.woody.2 for the
- -current stable distribution (woody).  The old stable
- -distribution (potato) is not affected, since it doesn't contain KDE
- -packages.  The unstable distribution (sid) is not yet fixed, but new
- -packages are expected in the future, the fixed version will be version
- -2.2.2-14 or higher.</p>
+<p>ЭÑ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии 2.2.2-13.woody.2 длÑ?
+Ñ?екÑ?Ñ?его Ñ?Ñ?абилÑ?ного вÑ?пÑ?Ñ?ка (woody).  Ð?Ñ?едÑ?дÑ?Ñ?ий Ñ?Ñ?абилÑ?нÑ?й
+вÑ?пÑ?Ñ?к (potato) не подвеÑ?жен Ñ?Ñ?ой пÑ?облеме, Ñ?ак как в нÑ?м пакеÑ?Ñ? KDE
+оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вÑ?Ñ?Ñ?.  ЭÑ?а пÑ?облема в неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) пока не иÑ?пÑ?авленÑ?,
+ожидаÑ?Ñ?Ñ?Ñ? новÑ?е пакеÑ?Ñ?, иÑ?пÑ?авление бÑ?деÑ? добавлено в веÑ?Ñ?иÑ?
+2.2.2-14 или вÑ?Ñ?е.</p>
 
- -<p>We recommend that you upgrade your kdelibs and libarts packages and
- -restart Konqueror.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? kdelibs и libarts, а Ñ?акже
+пеÑ?езапÑ?Ñ?Ñ?иÑ?Ñ? Konqueror.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2002/dsa-158.wml	2002-08-27 19:04:38.000000000 +0600
+++ russian/security/2002/dsa-158.wml	2016-08-27 18:45:03.353982466 +0500
@@ -1,28 +1,29 @@
- -<define-tag description>arbitrary program execution</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>пÑ?оизволÑ?ное вÑ?полнение пÑ?огÑ?амм</define-tag>
 <define-tag moreinfo>
- -<p>The developers of Gaim, an instant messenger client that combines
- -several different networks, found a vulnerability in the hyperlink
- -handling code.  The 'Manual' browser command passes an untrusted
- -string to the shell without escaping or reliable quoting, permitting
- -an attacker to execute arbitrary commands on the users machine.
- -Unfortunately, Gaim doesn't display the hyperlink before the user
- -clicks on it.  Users who use other inbuilt browser commands aren't
- -vulnerable.</p>
+<p>РазÑ?абоÑ?Ñ?ики Gaim, клиенÑ?а обмена мгновеннÑ?ми Ñ?ообÑ?ениÑ?ми, комбиниÑ?Ñ?Ñ?Ñ?его
+неÑ?колÑ?ко Ñ?азлиÑ?нÑ?Ñ? Ñ?еÑ?ей, обнаÑ?Ñ?жили Ñ?Ñ?звимоÑ?Ñ?Ñ? в коде обÑ?абоÑ?ки
+гипеÑ?Ñ?Ñ?Ñ?лок.  'Ð Ñ?Ñ?наÑ?' бÑ?аÑ?зеÑ?наÑ? команда пеÑ?едаÑ?Ñ? недовеÑ?еннÑ?Ñ?
+Ñ?Ñ?Ñ?окÑ? командной оболоÑ?ке без Ñ?кÑ?аниÑ?ованиÑ? или закавÑ?Ñ?иваниÑ?, Ñ?Ñ?о позволÑ?еÑ?
+злоÑ?мÑ?Ñ?ленникÑ? вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?е командÑ? на маÑ?ине полÑ?зоваÑ?елÑ?.
+Ð? Ñ?ожалениÑ?, Gaim не оÑ?обÑ?ажаеÑ? гипеÑ?Ñ?Ñ?Ñ?лки до Ñ?ого, как полÑ?зоваÑ?елÑ?
+кликнеÑ? на неÑ?.  Ð?олÑ?зоваÑ?ели, коÑ?оÑ?Ñ?е иÑ?полÑ?зÑ?Ñ?Ñ? дÑ?Ñ?гие вÑ?Ñ?Ñ?оеннÑ?е бÑ?аÑ?зеÑ?нÑ?е
+командÑ?, не подвеÑ?женÑ? Ñ?Ñ?ой Ñ?Ñ?звимоÑ?Ñ?и.</p>
 
- -<p>This problem has been fixed in version 0.58-2.2 for the current
- -stable distribution (woody) and in version 0.59.1-2 for the unstable
- -distribution (sid).  The old stable distribution (potato) is not
- -affected since it doesn't ship the Gaim program.</p>
+<p>ЭÑ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в веÑ?Ñ?ии 0.58-2.2 длÑ? Ñ?екÑ?Ñ?его
+Ñ?Ñ?абилÑ?ного вÑ?пÑ?Ñ?ка (woody) и в веÑ?Ñ?ии 0.59.1-2 длÑ? неÑ?Ñ?абилÑ?ного
+вÑ?пÑ?Ñ?ка (sid).  Ð?Ñ?едÑ?дÑ?Ñ?ий Ñ?Ñ?абилÑ?нÑ?й вÑ?пÑ?Ñ?к (potato) не
+подвеÑ?жен Ñ?Ñ?ой пÑ?облеме, поÑ?колÑ?кÑ? в нÑ?м пÑ?огÑ?амма Gaim оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вÑ?еÑ?.</p>
 
- -<p>The fixed version of Gaim no longer passes the user's manual browser
- -command to the shell.  Commands which contain the %s in quotes will
- -need to be amended, so they don't contain any quotes.  The 'Manual'
- -browser command can be edited in the 'General' pane of the
- -'Preferences' dialog, which can be accessed by clicking 'Options' from
- -the login window, or 'Tools' and then 'Preferences' from the menu bar
- -in the buddy list window.</p>
+<p>Ð?Ñ?пÑ?авленнаÑ? веÑ?Ñ?иÑ? Gaim более не пеÑ?едаÑ?Ñ? полÑ?зоваÑ?елÑ?Ñ?кÑ?Ñ? Ñ?Ñ?Ñ?нÑ?Ñ? бÑ?аÑ?зеÑ?нÑ?Ñ?
+командÑ? командной Ñ?Ñ?Ñ?оке.  Ð?омандÑ?, Ñ?одеÑ?жаÑ?ие %s в кавÑ?Ñ?каÑ?
+необÑ?одимо иÑ?пÑ?авиÑ?Ñ? Ñ?ак, Ñ?Ñ?обÑ? они не Ñ?одеÑ?жали кавÑ?Ñ?ек.  'Ð Ñ?Ñ?нÑ?е'
+бÑ?аÑ?зеÑ?нÑ?е командÑ? можно оÑ?Ñ?едакÑ?иÑ?оваÑ?Ñ? к окне 'Ð?бÑ?ее' диалога
+'Ð?аÑ?Ñ?Ñ?ойки', коÑ?оÑ?Ñ?й можно оÑ?кÑ?Ñ?Ñ?Ñ?, кликнÑ?в 'Ð?пÑ?ии' в
+окне вÑ?ода, либо 'Ð?нÑ?Ñ?Ñ?Ñ?менÑ?Ñ?', а заÑ?ем 'Ð?аÑ?Ñ?Ñ?ойки' в менÑ?
+в окне Ñ?о Ñ?пиÑ?ком Ñ?обеÑ?едников.</p>
 
- -<p>We recommend that you upgrade your gaim package immediately.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? как можно Ñ?коÑ?ее обновиÑ?Ñ? пакеÑ? gaim.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2002/dsa-181.wml	2002-10-22 20:49:37.000000000 +0600
+++ russian/security/2002/dsa-181.wml	2016-08-27 19:09:27.935825328 +0500
@@ -1,29 +1,30 @@
- -<define-tag description>cross site scripting</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>межÑ?айÑ?овÑ?й Ñ?кÑ?ипÑ?инг</define-tag>
 <define-tag moreinfo>
- -<p>Joe Orton discovered a cross site scripting problem in mod_ssl, an
- -Apache module that adds Strong cryptography (i.e. HTTPS support) to
- -the webserver.  The module will return the server name unescaped in
- -the response to an HTTP request on an SSL port.</p>
+<p>Ð?жо Ð?Ñ?Ñ?он обнаÑ?Ñ?жил межÑ?айÑ?овÑ?й Ñ?кÑ?ипÑ?инг в mod_ssl, модÑ?ле
+Apache, добавлÑ?Ñ?Ñ?ем веб-Ñ?еÑ?веÑ?Ñ? Ñ?Ñ?ойкое Ñ?иÑ?Ñ?ование (Ñ?о еÑ?Ñ?Ñ?,
+поддеÑ?жкÑ? HTTPS).  ЭÑ?оÑ? модÑ?лÑ? возвÑ?аÑ?аеÑ? имÑ? Ñ?еÑ?веÑ?а в неÑ?кÑ?аниÑ?ованном виде
+в оÑ?веÑ?е на HTTP-запÑ?оÑ? по поÑ?Ñ?Ñ? SSL.</p>
 
- -<p>Like the other recent Apache XSS bugs, this only affects servers using
- -a combination of "UseCanonicalName off" (default in the Debian package
- -of Apache) and wildcard DNS.  This is very unlikely to happen, though.
- -Apache 2.0/mod_ssl is not vulnerable since it already escapes this
- -HTML.</p>
+<p>Ð?одобно дÑ?Ñ?гим недавним XSS-оÑ?ибкам Apache Ñ?Ñ?а каÑ?аеÑ?Ñ?Ñ? Ñ?олÑ?ко Ñ?еÑ? Ñ?еÑ?веÑ?ов,
+на коÑ?оÑ?Ñ?Ñ? одновÑ?еменно иÑ?полÑ?зÑ?еÑ?Ñ?Ñ? "UseCanonicalName off" (по Ñ?молÑ?аниÑ? в пакеÑ?е
+Debian) и Ñ?аблон DNS.  ХоÑ?Ñ? Ñ?Ñ?о кÑ?айне маловеÑ?оÑ?Ñ?но.
+Apache 2.0/mod_ssl не Ñ?Ñ?звим, поÑ?колÑ?кÑ? в нÑ?м Ñ?Ñ?оÑ? код HTML
+Ñ?кÑ?анÑ?иÑ?Ñ?еÑ?Ñ?Ñ?.</p>
 
- -<p>With this setting turned on, whenever Apache needs to construct a
- -self-referencing URL (a URL that refers back to the server the
- -response is coming from) it will use ServerName and Port to form a
- -"canonical" name.  With this setting off, Apache will use the
- -hostname:port that the client supplied, when possible.  This also
- -affects SERVER_NAME and SERVER_PORT in CGI scripts.</p>
+<p>Ð?Ñ?ли вклÑ?Ñ?ена Ñ?казаннаÑ? наÑ?Ñ?Ñ?ойка, Ñ?о когда Apache Ñ?Ñ?ебÑ?еÑ?Ñ?Ñ? Ñ?оздаÑ?Ñ?
+Ñ?казÑ?ваÑ?Ñ?ий на Ñ?ебÑ? URL (URL, коÑ?оÑ?Ñ?й Ñ?казÑ?ваеÑ? на Ñ?еÑ?веÑ?, оÑ?
+коÑ?оÑ?ого оÑ?пÑ?авлен запÑ?оÑ?), Ñ?о он иÑ?полÑ?зÑ?еÑ? ServerName и Port длÑ?
+Ñ?оÑ?миÑ?ованиÑ? "канониÑ?еÑ?кого" имени.  Ð?Ñ?и оÑ?клÑ?Ñ?ении Ñ?Ñ?ой наÑ?Ñ?Ñ?ойки Apache иÑ?полÑ?зÑ?еÑ?
+по возможноÑ?Ñ?и hostname:port, пеÑ?еданнÑ?е клиенÑ?ом.  ЭÑ?о Ñ?акже
+каÑ?аеÑ?Ñ?Ñ? SERVER_NAME и SERVER_PORT в CGI-Ñ?Ñ?енаÑ?иÑ?Ñ?.</p>
 
- -<p>This problem has been fixed in version 2.8.9-2.1 for the current
- -stable distribution (woody), in version 2.4.10-1.3.9-1potato4 for the
- -old stable distribution (potato) and version 2.8.9-2.3 for the
- -unstable distribution (sid).</p>
+<p>ЭÑ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в веÑ?Ñ?ии 2.8.9-2.1 длÑ? Ñ?екÑ?Ñ?его
+Ñ?Ñ?абилÑ?ного вÑ?пÑ?Ñ?ка (woody), в веÑ?Ñ?ии 2.4.10-1.3.9-1potato4 длÑ?
+пÑ?едÑ?дÑ?Ñ?его Ñ?Ñ?абилÑ?ного вÑ?пÑ?Ñ?ка (potato) и в веÑ?Ñ?ии 2.8.9-2.3 длÑ?
+неÑ?Ñ?абилÑ?ного вÑ?пÑ?Ñ?ка (sid).</p>
 
- -<p>We recommend that you upgrade your libapache-mod-ssl package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? libapache-mod-ssl.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXwZ8aAAoJEF7nbuICFtKl9O4QAIP6jm/V80/Hv3Z3RY929jtm
OjLmy3esgPqb5WzMQaA2qQxALC6vrMT6Isk6jsdP0ZK9SvGwvZYBzT8ZBES/kLxP
DPb8UkDK851RcOl3QRTN6UH8wox0Ko9AyTztlXoGgcv6O06InB0d0nizmeXIN4J4
G//DOw4P1wNpjKRL0t4XGEz/cK+5FCA4Ks3ARJ+Pdm9FQdYFISPIbt2RR0Q0rCry
LHp2W7Q14zgRJlZGZMxP9xdzYkqkH4aEb096ncFsKiLB5mTk9W8dDYKjCWY1ROiP
jSpQshT1X6HMUH2/XCH5MfvxQP5qAowOUUNj/w0QZtbLX0Zx7BVNBG7s9DBNOVnd
ahz24XLfu08jBd1JLG89YTlrqQSN64OHY3pVNVLKCiTs7HnwbgQdm0gVi0li+rZm
bLXblaM775JXJXSFRJEfnvrCvp4gFforlTaXS7beEyOXB6X35SRIVtj/oHKM4DtO
4X9QrgZ+a0Rcd8kBsqizwePQ63k30N7WjiCQNMo2A3Ys2ib3h7OhT6Dy65x3Jhvs
cgEUfbQUj8hhASJzSfEEWQlmKw8cbrlt0i1iT5yFDzzEbz7C0533Lb+psVQorj1t
/SrsHCVvHeEMGF6vwdrNUv/Vs775kx5z2PAJIQZUtyY5Fth0MyItziiXO91hKvhj
o/UrU0MZqzic/LBt24xs
=9+Az
-----END PGP SIGNATURE-----