[DONE] wml://security/2012/dsa-2{496,529,433}.wml

[Lev Lamberov <dogsleg@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2012/dsa-2433.wml	2014-04-30 13:16:28.000000000 +0600
+++ russian/security/2012/dsa-2433.wml	2016-08-28 15:33:14.368328555 +0500
@@ -1,43 +1,44 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in Iceweasel, a web browser
- -based on Firefox. The included XULRunner library provides rendering
- -services for several other applications included in Debian.</p>
+<p>Ð? Iceweasel, веб-бÑ?аÑ?зеÑ?е на оÑ?нове Firefox, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко
+Ñ?Ñ?звимоÑ?Ñ?ей. Ð?иблиоÑ?ека XULRunner, вклÑ?Ñ?Ñ?ннаÑ? в пакеÑ?, пÑ?едоÑ?Ñ?авлÑ?еÑ? возможноÑ?Ñ?и
+оÑ?Ñ?иÑ?овки длÑ? неÑ?колÑ?киÑ? дÑ?Ñ?гиÑ? пÑ?иложений, вÑ?одÑ?Ñ?иÑ? в Ñ?оÑ?Ñ?ав Debian.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-0455";>CVE-2012-0455</a>
 
- -   <p>Soroush Dalili discovered that a cross-site scripting countermeasure
- -   related to JavaScript URLs could be bypassed.</p></li>
+   <p>СоÑ?Ñ?Ñ? Ð?алили обнаÑ?Ñ?жил, Ñ?Ñ?о Ñ?Ñ?едÑ?Ñ?во оÑ? межÑ?айÑ?ового Ñ?кÑ?ипÑ?инга,
+   Ñ?вÑ?занное Ñ? URL JavaScript, можно обойÑ?и.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-0456";>CVE-2012-0456</a>
 
- -   <p>Atte Kettunen discovered an out of bounds read in the SVG Filters,
- -   resulting in memory disclosure.</p></li>
+   <p>Ð?Ñ?Ñ?ек Ð?еÑ?Ñ?Ñ?нен обнаÑ?Ñ?жил Ñ?Ñ?ение за пÑ?еделами вÑ?деленного бÑ?Ñ?еÑ?а памÑ?Ñ?и в Ñ?илÑ?Ñ?Ñ?аÑ? SVG,
+   Ñ?Ñ?о пÑ?иводиÑ? к Ñ?аÑ?кÑ?Ñ?Ñ?иÑ? Ñ?одеÑ?жимого памÑ?Ñ?и.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-0458";>CVE-2012-0458</a>
 
- -   <p>Mariusz Mlynski discovered that privileges could be escalated through
- -   a JavaScript URL as the home page.</p></li>
+   <p>Ð?аÑ?иÑ?Ñ? Ð?линÑ?кий обнаÑ?Ñ?жил, Ñ?Ñ?о можно повÑ?Ñ?иÑ?Ñ? пÑ?ивилегии Ñ? помоÑ?Ñ?Ñ?
+   URL JavaScript, иÑ?полÑ?зÑ?емом в каÑ?еÑ?Ñ?ве домаÑ?ей Ñ?Ñ?Ñ?аниÑ?Ñ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-0461";>CVE-2012-0461</a>
 
- -   <p>Bob Clary discovered memory corruption bugs, which may lead to the
- -   execution of arbitrary code.</p></li>
+   <p>Ð?об Ð?лÑ?Ñ?и обнаÑ?Ñ?жил оÑ?ибки, Ñ?вÑ?заннÑ?е Ñ? повÑ?еждением Ñ?одеÑ?жимого памÑ?Ñ?и, коÑ?оÑ?Ñ?е могÑ?Ñ? пÑ?иодиÑ?Ñ? к
+   вÑ?полнениÑ? пÑ?оизволÑ?ного кода.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (squeeze), this problem has been fixed in
- -version 3.5.16-13.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 3.5.16-13.</p>
 
- -<p>For the unstable distribution (sid), this problem has been fixed in
- -version 10.0.3esr-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 10.0.3esr-1.</p>
 
- -<p>For the experimental distribution, this problem has been fixed in
- -version 11.0-1.</p>
+<p>Ð? Ñ?кÑ?пеÑ?именÑ?алÑ?ном вÑ?пÑ?Ñ?ке Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 11.0-1.</p>
 
- -<p>We recommend that you upgrade your iceweasel packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? iceweasel.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2012/dsa-2496.wml	2014-04-30 13:16:29.000000000 +0600
+++ russian/security/2012/dsa-2496.wml	2016-08-28 15:23:02.923876493 +0500
@@ -1,36 +1,37 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
 <p>
- -   Due to the non-disclosure of security patch information from Oracle,
- -   we are forced to ship an upstream version update of MySQL 5.1.
- -   There are several known incompatible
- -   changes, which are listed in /usr/share/doc/mysql-server/NEWS.Debian.gz.
+   Ð?з-за Ñ?ого, Ñ?Ñ?о Oracle не Ñ?аÑ?кÑ?Ñ?ваеÑ? заплаÑ?Ñ? безопаÑ?ноÑ?Ñ?и,
+   мÑ? вÑ?нÑ?жденÑ? поÑ?Ñ?авлÑ?Ñ?Ñ? обновление веÑ?Ñ?ии MySQL 5.1 из оÑ?новной веÑ?ки Ñ?азÑ?абоÑ?ки.
+   Ð? нÑ?м имееÑ?Ñ?Ñ? неÑ?колÑ?ко неÑ?овмеÑ?Ñ?имÑ?Ñ?
+   изменений, коÑ?оÑ?Ñ?е пÑ?иводÑ?Ñ?Ñ?Ñ? в Ñ?айле /usr/share/doc/mysql-server/NEWS.Debian.gz.
 </p>
 
- -<p>Several issues have been discovered in the MySQL database server. The
- -vulnerabilities are addressed by upgrading MySQL to a new upstream
- -version, 5.1.63, which includes additional changes, such as performance
- -improvements and corrections for data loss defects.  These changes are
- -described in the <a href="http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html";>MySQL
- -release notes</a>.
+<p>Ð? Ñ?еÑ?веÑ?е баз даннÑ?Ñ? MySQL бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко пÑ?облем.
+ЭÑ?и Ñ?Ñ?звимоÑ?Ñ?и иÑ?пÑ?авленÑ? пÑ?Ñ?Ñ?м обновлениÑ? MySQL до новой веÑ?Ñ?ии из оÑ?новной
+веÑ?ки Ñ?азÑ?абоÑ?ки, 5.1.63, коÑ?оÑ?аÑ? Ñ?одеÑ?жиÑ? дополниÑ?елÑ?нÑ?е изменениÑ?, Ñ?акие как Ñ?лÑ?Ñ?Ñ?ениÑ?
+пÑ?оизводиÑ?елÑ?ноÑ?Ñ?и и иÑ?пÑ?авлениÑ? пÑ?облем Ñ? поÑ?еÑ?ей даннÑ?Ñ?.  ЭÑ?и изменениÑ?
+опиÑ?Ñ?ваÑ?Ñ?Ñ?Ñ? в <a href="http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html";>инÑ?оÑ?маÑ?ии
+о вÑ?пÑ?Ñ?ке MySQL</a>.
 </p>
 
 <p>
 <a href="https://security-tracker.debian.org/tracker/CVE-2012-2122";>CVE-2012-2122</a>,
- -an authentication bypass vulnerability, occurs only when
- -MySQL has been built in with certain optimisations enabled. The packages
- -in Debian stable (squeeze) are not known to be affected by this
- -vulnerability. It is addressed in this update nonetheless, so future
- -rebuilds will not become vulnerable to this issue.</p>
- -
- -<p>For the stable distribution (squeeze), these problems have been fixed in
- -version 5.1.63-0+squeeze1.</p>
- -
- -<p>For the testing distribution (wheezy), these problems have been fixed
- -in version 5.1.62-1 of the mysql-5.1 package and version 5.5.24+dfsg-1
- -of the mysql-5.5 package.</p>
+обÑ?од аÑ?Ñ?енÑ?иÑ?икаÑ?ии, оÑ?ибка возникаеÑ? Ñ?олÑ?ко в Ñ?ом Ñ?лÑ?Ñ?ае, еÑ?ли
+MySQL Ñ?обÑ?ан Ñ? опÑ?еделÑ?ннÑ?ми опÑ?имизаÑ?иÑ?ми. Ð?акеÑ?Ñ? в Ñ?Ñ?абилÑ?ном
+вÑ?пÑ?Ñ?ке Debian (squeeze) не подвеÑ?женÑ? Ñ?Ñ?ой
+Ñ?Ñ?звимоÑ?Ñ?и. Тем не менее, она вÑ?Ñ? Ñ?авно иÑ?пÑ?авлена в данном обновлении, поÑ?Ñ?омÑ? бÑ?дÑ?Ñ?ие
+повÑ?оÑ?нÑ?е Ñ?боÑ?ки не бÑ?дÑ?Ñ? Ñ?Ñ?звимÑ?ми.</p>
+
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 5.1.63-0+squeeze1.</p>
+
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 5.1.62-1 пакеÑ?а mysql-5.1 и в веÑ?Ñ?ии 5.5.24+dfsg-1
+пакеÑ?а mysql-5.5.</p>
 
- -<p>We recommend that you upgrade your MySQL packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? MySQL.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2012/dsa-2529.wml	2014-04-30 13:16:29.000000000 +0600
+++ russian/security/2012/dsa-2529.wml	2016-08-28 15:28:40.160460924 +0500
@@ -1,39 +1,40 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Jeroen Dekkers and others reported several vulnerabilities in Django,
- -a Python Web framework. The Common Vulnerabilities and Exposures
- -project defines the following issues:</p>
+<p>Ð?еÑ?он Ð?еккеÑ?Ñ? и дÑ?Ñ?гие Ñ?ообÑ?или о неÑ?колÑ?киÑ? Ñ?Ñ?звимоÑ?Ñ?Ñ?Ñ? в Django,
+веб-инÑ?Ñ?аÑ?Ñ?Ñ?Ñ?кÑ?Ñ?Ñ?е на Ñ?зÑ?ке Python. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие Ñ?Ñ?звимоÑ?Ñ?и:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-3442";>CVE-2012-3442</a>
 
- -    <p>Two functions do not validate the scheme of a redirect target,
- -    which might allow remote attackers to conduct cross-site scripting
- -    (XSS) attacks via a data: URL.</p></li>
+    <p>Ð?ве Ñ?Ñ?нкÑ?ии не вÑ?полнÑ?Ñ?Ñ? пÑ?овеÑ?кÑ? Ñ?Ñ?емÑ? Ñ?ели пеÑ?енапÑ?авлениÑ?,
+    Ñ?Ñ?о можеÑ? позволиÑ?Ñ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам вÑ?полнÑ?Ñ?Ñ? аÑ?аки Ñ? Ñ?елÑ?Ñ? межÑ?айÑ?ового
+    Ñ?кÑ?ипÑ?инга (XSS) Ñ? помоÑ?Ñ?Ñ? URL data:.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-3443";>CVE-2012-3443</a>
 
- -    <p>The ImageField class completely decompresses image data during image
- -    validation, which allows remote attackers to cause a denial of service
- -    (memory consumption) by uploading an image file.</p></li>
+    <p>Ð?лаÑ?Ñ? ImageField полноÑ?Ñ?Ñ?Ñ? Ñ?аÑ?паковÑ?ваеÑ? даннÑ?е изобÑ?ажениÑ? во вÑ?емÑ?
+    пÑ?овеÑ?ки изобÑ?ажениÑ?, Ñ?Ñ?о позволÑ?еÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании
+    (Ñ?Ñ?езмеÑ?ное поÑ?Ñ?ебление памÑ?Ñ?и) пÑ?Ñ?Ñ?м загÑ?Ñ?зки Ñ?айла Ñ? изобÑ?ажением.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-3444";>CVE-2012-3444</a>
 
- -    <p>The get_image_dimensions function in the image-handling functionality
- -    uses a constant chunk size in all attempts to determine dimensions,
- -    which allows remote attackers to cause a denial of service (process
- -    or thread consumption) via a large TIFF image.</p></li>
+    <p>ФÑ?нкÑ?иÑ? get_image_dimensions в Ñ?Ñ?нкÑ?ионалÑ?ноÑ?Ñ?и по обÑ?абоÑ?ке изобÑ?ажений
+    иÑ?полÑ?зÑ?еÑ? поÑ?Ñ?оÑ?ннÑ?й Ñ?азмеÑ? поÑ?Ñ?ии во вÑ?еÑ? попÑ?Ñ?каÑ? опÑ?еделениÑ? Ñ?азмеÑ?ов,
+    Ñ?Ñ?о позволÑ?еÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании (поÑ?Ñ?ебление
+    Ñ?еÑ?Ñ?Ñ?Ñ?ов, вÑ?деленнÑ?Ñ? пÑ?оÑ?еÑ?Ñ?Ñ? или поÑ?окÑ?) Ñ? помоÑ?Ñ?Ñ? болÑ?Ñ?ого изобÑ?ажениÑ? в Ñ?оÑ?маÑ?е TIFF.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (squeeze), this problem has been fixed in
- -version 1.2.3-3+squeeze3.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1.2.3-3+squeeze3.</p>
 
- -<p>For the unstable distribution (sid), this problem has been fixed in
- -version 1.4.1-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1.4.1-1.</p>
 
- -<p>We recommend that you upgrade your python-django packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? python-django.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXwr3tAAoJEF7nbuICFtKlAHYP/jzV30ql+J4PaA0zT/2i3de/
0lzaLwUhl96CJ0mIzqGGVfcDfjbSR+fd1W/sS7Qm4XXsihgdmYgI3xy9Y7X4DLEI
f6rzXYPnCEQDj1eyMTYZr1oZ2tXu9L9H2Qyx7fyMYuCcEJRO9KXdg0vLqCUmd50u
AYO5iyHZ9lEO/JrqGoZhj9kLuBnO+pkMLdsvJ4L8IvV8aGvpElR8iGnP/EwL/2d+
vePyQFXcP7KR0zZ2fKf+Qp2XuH1gg53I+heodF0/fGZhNKPOBOHvBseqv3x0mznt
06u9DeUxJW4HLPY+Xfe8l62mJ2TiSzkRL0t69zHKNWWHNdvbsBVJQQupfw5JceOM
kcvF5GsQAlO+fCTPuO74nSQ3GezevYbYcP1bx88KsAyXpxrXQQ4geA+mqS3zEQA9
md6XjFCLn+Htn/c2+x04fnqoPH6oBB253EhdGRiRfApPeTRTkuuOwXpIonOyPw3d
GP60JMcHbk6U/RRz4El7hLImSUJXrVsGSdF7QIefRzurlmnSlE9q/sq9sqk0/aQv
fP5WMFJ8RH5huwfL1lXHL5/+UxSagmAGAcB38Zh51AlHReHdYjRUIQz6VyqPrN94
tYzON5CnhEnh6kUCbOTs4IXrJRnzpJix5f23F7fiyvjC0nxoNVUZwDgA+jWl5aJo
NUIEoHb7QZwEIyLfAyKx
=HEEj
-----END PGP SIGNATURE-----