[DONE] wml://security/2005/dsa-{897,695,846}.wml
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- --- english/security/2005/dsa-695.wml 2005-03-22 01:44:24.000000000 +0500
+++ russian/security/2005/dsa-695.wml 2016-08-29 13:03:08.095998731 +0500
@@ -1,39 +1,40 @@
- -<define-tag description>buffer overflow, input sanitising, integer overflow</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>пеÑ?еполнение бÑ?Ñ?еÑ?а, оÑ?иÑ?Ñ?ка вÑ?однÑ?Ñ? даннÑ?Ñ?, пеÑ?еполнение Ñ?елÑ?Ñ? Ñ?иÑ?ел</define-tag>
<define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in xli, an image viewer
- -for X11. The Common Vulnerabilities and Exposures project identifies
- -the following problems:</p>
+<p>Ð? xli, пÑ?оÑ?моÑ?Ñ?Ñ?ике изобÑ?ажений длÑ? X11, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко
+Ñ?Ñ?звимоÑ?Ñ?ей. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures опÑ?еделÑ?еÑ?
+Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
<ul>
<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0775";>CAN-2001-0775</a>
- - <p>A buffer overflow in the decoder for FACES format images could be
- - exploited by an attacker to execute arbitrary code. This problem
- - has already been fixed in xloadimage in
+ <p>Ð?еÑ?еполнение бÑ?Ñ?еÑ?а в декодеÑ?е изобÑ?ажений в Ñ?оÑ?маÑ?е FACES можеÑ?
+ иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? злоÑ?мÑ?Ñ?ленником длÑ? вÑ?полнениÑ? пÑ?оизволÑ?ного кода. ÐÑ?а пÑ?облема
+ Ñ?же бÑ?ла иÑ?пÑ?авлена в xloadimage в
<a href="../2001/dsa-069">DSA 069</a>.</p>
<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0638";>CAN-2005-0638</a>
- - <p>Tavis Ormandy of the Gentoo Linux Security Audit Team has reported
- - a flaw in the handling of compressed images, where shell
- - meta-characters are not adequately escaped.</p>
+ <p>ТÑ?виÑ? Ð?Ñ?манди из командÑ? аÑ?диÑ?а безопаÑ?ноÑ?Ñ?и Gentoo Linux Ñ?ообÑ?ил
+ об Ñ?Ñ?звимоÑ?Ñ?и в коде обÑ?абоÑ?ки Ñ?жаÑ?Ñ?Ñ? изобÑ?ажений, пÑ?и коÑ?оÑ?ой
+ меÑ?аÑ?имволÑ? командной оболоÑ?ки Ñ?кÑ?аниÑ?Ñ?Ñ?Ñ?Ñ?Ñ? недоÑ?Ñ?аÑ?оÑ?нÑ?м обÑ?азом.</p>
<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0639";>CAN-2005-0639</a>
- - <p>Insufficient validation of image properties in have been
- - discovered which could potentially result in buffer management
- - errors.</p>
+ <p>Ð?Ñ?ла обнаÑ?Ñ?женÑ? недоÑ?Ñ?аÑ?оÑ?наÑ? пÑ?овеÑ?ка Ñ?войÑ?Ñ?в изобÑ?ажениÑ?,
+ коÑ?оÑ?аÑ? поÑ?енÑ?иалÑ?но можеÑ? пÑ?иводиÑ?Ñ? к оÑ?ибкам в Ñ?пÑ?авлении
+ бÑ?Ñ?еÑ?ом.</p>
</ul>
- -<p>For the stable distribution (woody) these problems have been fixed in
- -version 1.17.0-11woody1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (woody) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.17.0-11woody1.</p>
- -<p>For the unstable distribution (sid) these problems have been fixed in
- -version 1.17.0-18.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.17.0-18.</p>
- -<p>We recommend that you upgrade your xli package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? xli.</p>
</define-tag>
# do not modify the following line
- --- english/security/2005/dsa-846.wml 2005-10-07 21:51:35.000000000 +0600
+++ russian/security/2005/dsa-846.wml 2016-08-29 13:07:55.579840313 +0500
@@ -1,38 +1,39 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
<define-tag moreinfo>
- -<p>Two vulnerabilities have been discovered in cpio, a program to manage
- -archives of files. The Common Vulnerabilities and Exposures project
- -identifies the following problems:</p>
+<p>Ð? cpio, пÑ?огÑ?амме длÑ? Ñ?абоÑ?Ñ? Ñ? аÑ?Ñ?ивами Ñ?айлов, бÑ?ли обнаÑ?Ñ?женÑ? две
+Ñ?Ñ?звимоÑ?Ñ?и. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
<ul>
<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1111";>CAN-2005-1111</a>
- - <p>Imran Ghory discovered a race condition in setting the file
- - permissions of files extracted from cpio archives. A local
- - attacker with write access to the target directory could exploit
- - this to alter the permissions of arbitrary files the extracting
- - user has write permissions for.</p></li>
+ <p>Ð?мÑ?ан Ð?оÑ?и обнаÑ?Ñ?жил Ñ?оÑ?Ñ?оÑ?ние гонки в коде Ñ?Ñ?Ñ?ановки пÑ?ав доÑ?Ñ?Ñ?па
+ к Ñ?айлам, Ñ?аÑ?пакованнÑ?м из аÑ?Ñ?ивов cpio. Ð?окалÑ?нÑ?й
+ злоÑ?мÑ?Ñ?ленник, имеÑ?Ñ?ий доÑ?Ñ?Ñ?п Ñ? пÑ?авами на запиÑ?Ñ? в Ñ?елевой каÑ?алог, можеÑ? иÑ?полÑ?зоваÑ?Ñ?
+ Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? изменениÑ? пÑ?ав доÑ?Ñ?Ñ?па пÑ?оизволÑ?нÑ?Ñ? Ñ?айлов, пÑ?ава на запиÑ?Ñ? в коÑ?оÑ?Ñ?е имееÑ?
+ полÑ?зоваÑ?елÑ? вÑ?полнÑ?Ñ?Ñ?ий Ñ?аÑ?паковкÑ?.</p></li>
<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1229";>CAN-2005-1229</a>
- - <p>Imran Ghory discovered that cpio does not sanitise the path of
- - extracted files even if the --no-absolute-filenames option was
- - specified. This can be exploited to install files in arbitrary
- - locations where the extracting user has write permissions to.</p></li>
+ <p>Ð?мÑ?ан Ð?оÑ?и обнаÑ?Ñ?жил, Ñ?Ñ?о cpio не вÑ?полнÑ?еÑ? оÑ?иÑ?Ñ?кÑ? пÑ?Ñ?и
+ Ñ?аÑ?пакованнÑ?Ñ? Ñ?айлов даже в Ñ?лÑ?Ñ?ае иÑ?полÑ?зовании опÑ?ии
+ --no-absolute-filenames. ÐÑ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? длÑ? Ñ?Ñ?Ñ?ановки Ñ?айлов
+ в пÑ?оизволÑ?нÑ?е меÑ?Ñ?а, пÑ?ава на запиÑ?Ñ? в коÑ?оÑ?Ñ?е имееÑ? полÑ?зоваÑ?елÑ? вÑ?полнÑ?Ñ?Ñ?ий Ñ?аÑ?паковкÑ?.</p></li>
</ul>
- -<p>For the old stable distribution (woody) these problems have been fixed in
- -version 2.4.2-39woody2.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (woody) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2.4.2-39woody2.</p>
- -<p>For the stable distribution (sarge) these problems have been fixed in
- -version 2.5-1.3.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sarge) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2.5-1.3.</p>
- -<p>For the unstable distribution (sid) these problems have been fixed in
- -version 2.6-6.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2.6-6.</p>
- -<p>We recommend that you upgrade your cpio package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? cpio.</p>
</define-tag>
# do not modify the following line
- --- english/security/2005/dsa-897.wml 2012-12-17 01:12:33.000000000 +0600
+++ russian/security/2005/dsa-897.wml 2016-08-29 12:58:58.679011986 +0500
@@ -1,38 +1,39 @@
- -<define-tag description>programming errors</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>оÑ?ибки пÑ?огÑ?аммиÑ?ованиÑ?</define-tag>
<define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in phpsysinfo, a PHP
- -based host information application. The Common Vulnerabilities and
- -Exposures project identifies the following problems: </p>
+<p>Ð? phpsysinfo, пÑ?иложении длÑ? полÑ?Ñ?ениÑ? инÑ?оÑ?маÑ?ии об Ñ?зле на Ñ?зÑ?ке PHP,
+бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей. Ð?Ñ?оекÑ? Common Vulnerabilities and
+Exposures опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?: </p>
<ul>
<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0870";>CVE-2005-0870</a>
- - <p>Maksymilian Arciemowicz discovered several cross site scripting
- - problems, of which not all were fixed in DSA <a href="dsa-724">724</a>.</p></li>
+ <p>Ð?акÑ?имилиан Ð?Ñ?Ñ?емовиÑ? обнаÑ?Ñ?жил неÑ?колÑ?ко Ñ?лÑ?Ñ?аем межÑ?айÑ?ового Ñ?кÑ?ипÑ?инга,
+ из коÑ?оÑ?Ñ?Ñ? не вÑ?е бÑ?ли иÑ?пÑ?авленÑ? в DSA <a href="dsa-724">724</a>.</p></li>
<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3347";>CVE-2005-3347</a>
- - <p>Christopher Kunz discovered that local variables get overwritten
- - unconditionally and are trusted later, which could lead to the
- - inclusion of arbitrary files.</p></li>
+ <p>Ð?Ñ?иÑ?Ñ?оÑ?еÑ? Ð?Ñ?нÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о локалÑ?нÑ?е пеÑ?еменнÑ?е могÑ?Ñ? бÑ?Ñ?Ñ? пеÑ?езапиÑ?анÑ? без
+ огÑ?аниÑ?ений, в далÑ?нейÑ?ем к ним Ñ?оÑ?Ñ?анÑ?еÑ?Ñ?Ñ? довеÑ?ие, Ñ?Ñ?о можеÑ? пÑ?иводиÑ?Ñ? к
+ вклÑ?Ñ?ениÑ? пÑ?оизволÑ?нÑ?Ñ? Ñ?айлов.</p></li>
<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3348";>CVE-2005-3348</a>
- - <p>Christopher Kunz discovered that user-supplied input is used
- - unsanitised, causing a HTTP Response splitting problem.</p></li>
+ <p>Ð?Ñ?иÑ?Ñ?оÑ?еÑ? Ð?Ñ?нÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о пеÑ?едаваемÑ?е полÑ?зоваÑ?елем вÑ?однÑ?Ñ? даннÑ?е иÑ?полÑ?зÑ?Ñ?Ñ?Ñ?Ñ?
+ в неоÑ?иÑ?енном виде, Ñ?Ñ?о пÑ?иводиÑ? к Ñ?азделениÑ? HTTP-оÑ?веÑ?ов.</p></li>
</ul>
- -<p>For the old stable distribution (woody) these problems have been fixed in
- -version 2.0-3woody3.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (woody) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2.0-3woody3.</p>
- -<p>For the stable distribution (sarge) these problems have been fixed in
- -version 2.3-4sarge1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sarge) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2.3-4sarge1.</p>
- -<p>For the unstable distribution (sid) these problems will be fixed soon.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?дÑ?Ñ? иÑ?пÑ?авленÑ? позже.</p>
- -<p>We recommend that you upgrade your phpsysinfo package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? phpsysinfo.</p>
</define-tag>
# do not modify the following line
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXw+1eAAoJEF7nbuICFtKlVXoP/1brGzwhRhQY2GOaSsm+slV5
KJ4G5yamnYcyrsQ3SnPcBmI0zOf1+hjMPnO07h0id0C1n3K9sTbwmnkHUCtDRxa2
PMQJ7F0XH5gkyTBNXxWbz4X4sjt12yQIodyFqjj6yybG1zB8c0tPj3cx1v0Cw0h7
XSV/HeunjoYtAMFmyEGu0KUeLcHQYgHLxFZL2AjjCGNXPN+GWwFDxrHa10wwG6nw
ismxZP7A7WYGCAJTdSdZlFa9YKwM6hay5EEPuubHijkBErRc1lMtpuJC49AsomEm
Agajl8UzBLjaosr8pEex8Br8m64VRMUKjCno07FNCyenPdvnOuGpHacDvkVIe83a
gu9m2kJkvRYJ/q5DJGdilQD6j0jCHUFBl0twvC9X0EYl19GDMgl6uErJHJ/1fQGT
8uSnldFi2IWNaN8gknYM0qY3VodnEEtjIH/eeAvo81Hi6TidiT50gavg9Vl4sNH3
T89IldMLFM8eOlmHpiUeWOqa1aU1/v/HU0d6gpV14GUHHtaSsERbnFVRq2dwuzPp
I57ZOjT2sCAzgHgCl4C59DGLkfZrugQ3PyVKfoUo/Ebv3KiKyJr+oaBp23rXCX3P
TIV4fMBxonTE+QfYNA/EPDj6iUw5fzMjW+rBV5hDxVPL8pGPuutZV1ex1FHB4Ydr
CcPc6eZ9yWTV8Ua6xiQq
=vpEy
-----END PGP SIGNATURE-----
Reply to: