[DONE] wml://security/2012/dsa-25{01,28,18}.wml

[Lev Lamberov <dogsleg@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2012/dsa-2501.wml	2014-04-30 13:16:29.000000000 +0600
+++ russian/security/2012/dsa-2501.wml	2016-08-28 15:02:01.805117156 +0500
@@ -1,40 +1,41 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities were discovered in Xen, a hypervisor.</p>
+<p>Ð? гипеÑ?визоÑ?е Xen бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-0217";>CVE-2012-0217</a>
 
- -	<p>Xen does not properly handle uncanonical return addresses on
- -	Intel amd64 CPUs, allowing amd64 PV guests to elevate to
- -	hypervisor privileges.  AMD processors, HVM and i386 guests
- -	are not affected.</p></li>
+	<p>Xen непÑ?авилÑ?но обÑ?абаÑ?Ñ?ваеÑ? неканониÑ?нÑ?е возвÑ?аÑ?аемÑ?е адÑ?еÑ?а
+	на ЦÐ? Intel amd64, позволÑ?Ñ? гоÑ?Ñ?евÑ?м PV-Ñ?иÑ?Ñ?емам amd64 повÑ?Ñ?аÑ?Ñ?
+	пÑ?ивилегии до Ñ?Ñ?овнÑ? гипеÑ?визоÑ?а.  Ð?Ñ?оÑ?еÑ?Ñ?оÑ?Ñ? AMD, гоÑ?Ñ?евÑ?е Ñ?иÑ?Ñ?емÑ? HVM и i386
+	не подвеÑ?женÑ? данной Ñ?Ñ?звимоÑ?Ñ?и.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-0218";>CVE-2012-0218</a>
 
- -	<p>Xen does not properly handle SYSCALL and SYSENTER instructions
- -	in PV guests, allowing unprivileged users inside a guest
- -	system to crash the guest system.</p></li>
+	<p>Xen непÑ?авилÑ?но обÑ?абаÑ?Ñ?ваеÑ? инÑ?Ñ?Ñ?Ñ?кÑ?ии SYSCALL и SYSENTER
+	в гоÑ?Ñ?евÑ?Ñ? PV-Ñ?иÑ?Ñ?емаÑ?, позволÑ?Ñ? непÑ?ивилегиÑ?ованнÑ?м полÑ?зоваÑ?елÑ?м, наÑ?одÑ?Ñ?имиÑ?Ñ?
+        за пÑ?еделами гоÑ?Ñ?евой Ñ?иÑ?Ñ?емÑ?, вÑ?зÑ?ваÑ?Ñ? аваÑ?ийнÑ?Ñ? оÑ?Ñ?ановкÑ? гоÑ?Ñ?евой Ñ?иÑ?Ñ?емÑ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-2934";>CVE-2012-2934</a>
 
- -	<p>Xen does not detect old AMD CPUs affected by AMD Erratum #121.</p></li>
+	<p>Xen не опÑ?еделÑ?еÑ? Ñ?Ñ?аÑ?Ñ?е ЦÐ? AMD, подвеÑ?женнÑ?е AMD Erratum #121.</p></li>
 
 </ul>
 
- -<p>For <a href="https://security-tracker.debian.org/tracker/CVE-2012-2934";>CVE-2012-2934</a>,
- -Xen refuses to start domUs on affected systems
- -unless the <q>allow_unsafe</q> option is passed.</p>
+<p>Ð?Ñ?и оÑ?ибке <a href="https://security-tracker.debian.org/tracker/CVE-2012-2934";>CVE-2012-2934</a>
+Xen оÑ?казÑ?ваеÑ?Ñ?Ñ? запÑ?Ñ?каÑ?Ñ? domU, пока не бÑ?деÑ?
+пеÑ?едана опÑ?иÑ? <q>allow_unsafe</q>.</p>
 
- -<p>For the stable distribution (squeeze), these problems have been fixed
- -in version 4.0.1-5.2.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 4.0.1-5.2.</p>
 
- -<p>For the testing distribution (wheezy) and the unstable distribution
- -(sid), these problems have been fixed in version
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом (wheezy) и неÑ?Ñ?абилÑ?ном (sid) вÑ?пÑ?Ñ?каÑ?
+Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии
 4.1.3~rc1+hg-20120614.a9c0a89c08f2-1.</p>
 
- -<p>We recommend that you upgrade your xen packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? xen.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2012/dsa-2518.wml	2014-04-30 13:16:29.000000000 +0600
+++ russian/security/2012/dsa-2518.wml	2016-08-28 15:14:08.203158357 +0500
@@ -1,40 +1,41 @@
- -<define-tag description>denial of service and remote code execution</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>оÑ?каз в обÑ?лÑ?живании и Ñ?далÑ?нное вÑ?полнение кода</define-tag>
 <define-tag moreinfo>
- -<p>Emmanuel Bouillon from NCI Agency discovered multiple vulnerabilities in MIT
- -Kerberos, a daemon implementing the network authentication protocol.</p>
+<p>ЭмманÑ?Ñ?лÑ? Ð?Ñ?илÑ?он из NCI Agency обнаÑ?Ñ?жил многоÑ?иÑ?леннÑ?е Ñ?Ñ?звимоÑ?Ñ?и в MIT
+Kerberos, Ñ?лÑ?жбе, Ñ?еализÑ?Ñ?Ñ?ей пÑ?оÑ?окол Ñ?еÑ?евой аÑ?Ñ?енÑ?иÑ?икаÑ?ии.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-1014";>CVE-2012-1014</a>
 
- -	<p>By sending specially crafted AS-REQ (Authentication Service Request) to a KDC
- -	(Key Distribution Center), an attacker could make it free an uninitialized
- -	pointer, corrupting the heap.  This can lead to process crash or even arbitrary
- -	code execution.</p>
+	<p>С помоÑ?Ñ?Ñ? оÑ?пÑ?авки Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного AS-REQ (запÑ?оÑ? Ñ?лÑ?жбÑ? аÑ?Ñ?енÑ?иÑ?икаÑ?ии) на KDC
+	(Ñ?енÑ?Ñ? Ñ?аÑ?пÑ?оÑ?Ñ?Ñ?анениÑ? клÑ?Ñ?ей) злоÑ?мÑ?Ñ?ленник можеÑ? вÑ?зваÑ?Ñ? оÑ?вобождение неиниÑ?иализиÑ?ованного
+	Ñ?казаÑ?елÑ?, Ñ?Ñ?о пÑ?иводиÑ? к повÑ?еждениÑ? Ñ?одеÑ?жимого динамиÑ?еÑ?кой памÑ?Ñ?и.  ЭÑ?о можеÑ? пÑ?иводиÑ?Ñ? к аваÑ?ийной
+        оÑ?Ñ?ановке пÑ?оÑ?еÑ?Ñ?а или даже вÑ?полнениÑ? пÑ?оизволÑ?ного кода.</p>
 
- -	<p>This CVE only affects testing (wheezy) and unstable (sid) distributions.</p></li>
+	<p>Ð?аннаÑ? CVE каÑ?аеÑ?Ñ?Ñ? Ñ?олÑ?ко Ñ?еÑ?Ñ?иÑ?Ñ?емого (wheezy) и неÑ?Ñ?абилÑ?ного (sid) вÑ?пÑ?Ñ?ков.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-1015";>CVE-2012-1015</a>
 
- -	<p>By sending specially crafted AS-REQ to a KDC, an attacker could make it
- -	dereference an uninitialized pointer, leading to process crash or even
- -	arbitrary code execution</p></li>
+	<p>С помоÑ?Ñ?Ñ? оÑ?пÑ?авки Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного AS-REQ на KDC злоÑ?мÑ?Ñ?ленник можеÑ?
+	вÑ?зваÑ?Ñ? Ñ?азÑ?менование неиниÑ?иализиÑ?ованного Ñ?казаÑ?елÑ?, Ñ?Ñ?о пÑ?иводиÑ? к аваÑ?ийной оÑ?Ñ?ановке пÑ?оÑ?еÑ?Ñ?а
+	или даже вÑ?полнениÑ? пÑ?оизволÑ?ного кода.</p></li>
 
 </ul>
 
- -<p>In both cases, arbitrary code execution is believed to be difficult to achieve,
- -but might not be impossible.</p>
+<p>Ð?Ñ?ноÑ?иÑ?елÑ?но обоиÑ? Ñ?лÑ?Ñ?аÑ?Ñ? Ñ?Ñ?иÑ?аеÑ?Ñ?Ñ?, Ñ?Ñ?о вÑ?зваÑ?Ñ? вÑ?полнение пÑ?оизволÑ?ного кода
+оÑ?енÑ? Ñ?ложно, но не невозможно.</p>
 
- -<p>For the stable distribution (squeeze), this problem has been fixed in
- -version 1.8.3+dfsg-4squeeze6.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1.8.3+dfsg-4squeeze6.</p>
 
- -<p>For the testing distribution (wheezy), this problem has been fixed in
- -version 1.10.1+dfsg-2.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1.10.1+dfsg-2.</p>
 
- -<p>For the unstable distribution (sid), this problem has been fixed in
- -version 1.10.1+dfsg-2.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1.10.1+dfsg-2.</p>
 
- -<p>We recommend that you upgrade your krb5 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? krb5.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2012/dsa-2528.wml	2014-04-30 13:16:29.000000000 +0600
+++ russian/security/2012/dsa-2528.wml	2016-08-28 15:07:05.250166716 +0500
@@ -1,41 +1,42 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities were discovered in Icedove, Debian's version
- -of the Mozilla Thunderbird mail and news client.</p>
+<p>Ð? Icedove, веÑ?Ñ?ии поÑ?Ñ?ового и новоÑ?Ñ?ного клиенÑ?а Mozilla Thunderbird
+длÑ? Debian, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-1948";>CVE-2012-1948</a>
 
- -	<p>Multiple unspecified vulnerabilities in the browser engine
- -	were fixed.</p></li>
+	<p>Ð?Ñ?ли иÑ?пÑ?авленÑ? многоÑ?иÑ?леннÑ?е неÑ?казаннÑ?е Ñ?Ñ?звимоÑ?Ñ?и в бÑ?аÑ?зеÑ?ном
+	движке.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-1950";>CVE-2012-1950</a>
 
- -	<p>The underlying browser engine allows address bar spoofing 
- -	through drag-and-drop.</p></li>
+	<p>Ð?азовÑ?й бÑ?аÑ?зеÑ?нÑ?й движок позволÑ?еÑ? подделÑ?ваÑ?Ñ? адÑ?еÑ?нÑ?Ñ? Ñ?Ñ?Ñ?окÑ?
+	Ñ? помоÑ?Ñ?Ñ? опеÑ?аÑ?ии drag-and-drop.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-1954";>CVE-2012-1954</a>
 
- -	<p>A use-after-free vulnerability in the nsDocument::AdoptNode
- -	function allows remote attackers to cause a denial of service
- -	(heap memory corruption) or possibly execute arbitrary code.</p></li>
+	<p>Ð? Ñ?Ñ?нкÑ?ии nsDocument::AdoptNode бÑ?ло обнаÑ?Ñ?жено иÑ?полÑ?зование Ñ?казаÑ?елей
+	поÑ?ле оÑ?вобождениÑ? памÑ?Ñ?и позволÑ?еÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании
+	(повÑ?еждение Ñ?одеÑ?жимого динамиÑ?еÑ?кой памÑ?Ñ?и) или поÑ?енÑ?иалÑ?но вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-1967";>CVE-2012-1967</a>
 
- -	<p>An error in the implementation of the JavaScript sandbox
- -	allows execution of JavaScript code with improper privileges
- -	using javascript: URLs.</p></li>
+	<p>Ð?Ñ?ибка в Ñ?еализаÑ?ии пеÑ?оÑ?ниÑ?Ñ? JavaScript
+	позволÑ?еÑ? вÑ?полнÑ?Ñ?Ñ? код JavaScript Ñ? непÑ?авилÑ?нÑ?ми пÑ?ивилегиÑ?ми,
+	иÑ?полÑ?зÑ?Ñ? URL javascript:.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (squeeze), these problems have been fixed
- -in version 3.0.11-1+squeeze12.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 3.0.11-1+squeeze12.</p>
 
- -<p>For the testing distribution (wheezy) and the unstable distribution
- -(sid), these problems have been fixed in version 10.0.6-1.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом (wheezy) и неÑ?Ñ?абилÑ?ном (sid) вÑ?пÑ?Ñ?каÑ?
+Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии 10.0.6-1.</p>
 
- -<p>We recommend that you upgrade your icedove packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? icedove.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXwrlzAAoJEF7nbuICFtKl8IsQAJRVSPsa7ucI/bvElxB/63Ga
he3IxGak0bnoLz0RjSsKkee2oe8WY1TUJ7VkMTw3SrDF00PwQ/VqnVQwEBfgu5Cm
g4EaegITxDZ3bOFk7m4EGAY4fAhEqacrAnonDAHlArM5PSeSz5QELycj1Qr9EEHz
XVx7Gb7+xp611Y+fTltWHVKFumY/X1LxflReOWs/RUMACjR4jt7X5Sd+h7bDj+UF
lM3NA2bXqsqiwMX4mPBqFIqj30X42YZyx1oe+0xvOLnr3cIMr4G5RUy7LL1PAXKT
L72yDTRlUGj06mhL4aT8wGWjPy6Lr+GkNL9RzbSmPIo/C2x8P8IqYMOFUHKw9KVd
4d0tV6UwiBtfIQWa/swgfk2UR4SOYL/8juNBZx5br7CXhq0kKdmbPEpbeXYm+nYO
v8DU1VvEurDDjd+n0kyc3fgZ37UHJa6RinDrELsM1tuIgy1kIApKZM/1bH+5uc9P
V1j9WOzTLmSpGGP7UjPQx0y0faLnRKElcSZqIoyKLsncpSEBayRjlgycFIEkPOG+
DXFdG7nR3kfjq/9YoUkmULSo27H7qP1/wVv15xBYXNw2/CcexTwOlc5Gb1GHEWDZ
4kiNDY/PY2fAbxJacSW1mUs2eX6eUrOVJkyHMK1AuSIGh0x+jcCLqX30Ec1+VKS2
kviZtzpdQP5/BBjuYfeC
=/qbt
-----END PGP SIGNATURE-----