[DONE] wml://security/2008/dsa-1{592,645,515}.wml

[Lev Lamberov <dogsleg@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2008/dsa-1515.wml	2014-04-30 13:16:15.000000000 +0600
+++ russian/security/2008/dsa-1515.wml	2016-08-31 22:00:12.945831954 +0500
@@ -1,30 +1,31 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several remote vulnerabilities have been discovered in libnet-dns-perl.
- -The Common Vulnerabilities and Exposures project identifies the
- -following problems:</p>
- -
- -<p>It was discovered that libnet-dns-perl generates very weak transaction
- -IDs when sending queries (<a href="https://security-tracker.debian.org/tracker/CVE-2007-3377";>CVE-2007-3377</a>).  This update switches
- -transaction ID generation to the Perl random generator, making
- -prediction attacks more difficult.</p>
- -
- -<p>Compression loops in domain names resulted in an infinite loop in the
- -domain name expander written in Perl (<a href="https://security-tracker.debian.org/tracker/CVE-2007-3409";>CVE-2007-3409</a>).  The Debian
- -package uses an expander written in C by default, but this vulnerability
- -has been addressed nevertheless.</p>
+<p>Ð? libnet-dns-perl бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?далÑ?ннÑ?Ñ? Ñ?Ñ?звимоÑ?Ñ?ей.
+Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures опÑ?еделÑ?еÑ?
+Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
+
+<p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о libnet-dns-perl Ñ?оздаÑ?Ñ? Ñ?лабÑ?е иденÑ?иÑ?икаÑ?оÑ?Ñ?
+Ñ?Ñ?анзакÑ?ий пÑ?и оÑ?пÑ?авке запÑ?оÑ?ов (<a href="https://security-tracker.debian.org/tracker/CVE-2007-3377";>CVE-2007-3377</a>).  Ð?анное обновление
+пеÑ?еводиÑ? поÑ?ождение иденÑ?иÑ?икаÑ?оÑ?ов Ñ?Ñ?анзакÑ?ий генеÑ?аÑ?оÑ?Ñ? Ñ?лÑ?Ñ?айнÑ?Ñ? Ñ?иÑ?ел Perl, Ñ?Ñ?о
+Ñ?Ñ?ложнÑ?еÑ? аÑ?аки по пÑ?едÑ?казаниÑ?.</p>
+
+<p>ЦиклÑ? Ñ?жаÑ?иÑ? в доменнÑ?Ñ? именаÑ? пÑ?иводÑ?Ñ? к беÑ?конеÑ?номÑ? Ñ?иклÑ? в
+коде Ñ?аÑ?кÑ?Ñ?Ñ?иÑ? доменнÑ?Ñ? имÑ?н, напиÑ?анном на Perl (<a href="https://security-tracker.debian.org/tracker/CVE-2007-3409";>CVE-2007-3409</a>).  Ð? пакеÑ?е Debian
+по Ñ?молÑ?аниÑ? иÑ?полÑ?зÑ?еÑ?Ñ?Ñ? код Ñ?аÑ?кÑ?Ñ?Ñ?иÑ?, напиÑ?аннÑ?й на C, но Ñ?Ñ?а Ñ?Ñ?звимоÑ?Ñ?Ñ?
+вÑ?Ñ? Ñ?авно иÑ?пÑ?авлена.</p>
 
- -<p>Decoding malformed A records could lead to a crash (via an uncaught
- -Perl exception) of certain applications using libnet-dns-perl
+<p>Ð?екодиÑ?ование некоÑ?Ñ?екÑ?нÑ?Ñ? запиÑ?ей A можеÑ? пÑ?иводиÑ?Ñ? к аваÑ?ийной оÑ?Ñ?ановке (из-за непеÑ?еÑ?ваÑ?енного
+иÑ?клÑ?Ñ?ениÑ? Perl) пÑ?иложений, иÑ?полÑ?зÑ?Ñ?Ñ?иÑ? libnet-dns-perl
 (<a href="https://security-tracker.debian.org/tracker/CVE-2007-6341";>CVE-2007-6341</a>).</p>
 
- -<p>For the old stable distribution (sarge), these problems have been fixed in
- -version 0.48-1sarge1.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sarge) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 0.48-1sarge1.</p>
 
- -<p>For the stable distribution (etch), these problems have been fixed in
- -version 0.59-1etch1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 0.59-1etch1.</p>
 
- -<p>We recommend that you upgrade your libnet-dns-perl package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? libnet-dns-perl.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2008/dsa-1592.wml	2014-04-30 13:16:15.000000000 +0600
+++ russian/security/2008/dsa-1592.wml	2016-08-31 21:02:58.379022984 +0500
@@ -1,36 +1,37 @@
- -<define-tag description>heap overflow</define-tag>
+#use wml::debian::translation-check translation="1.5" maintainer="Lev Lamberov"
+<define-tag description>пеÑ?еполнение динамиÑ?еÑ?кой памÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Two vulnerabilities have been discovered in the Linux kernel that may
- -lead to a denial of service or arbitrary code execution. The Common
- -Vulnerabilities and Exposures project identifies the following
- -problems:</p>
+<p>Ð? Ñ?дÑ?е Linux бÑ?ли обнаÑ?Ñ?женÑ? две Ñ?Ñ?звимоÑ?Ñ?и, коÑ?оÑ?Ñ?е могÑ?Ñ?
+пÑ?иводиÑ?Ñ? к оÑ?казÑ? в обÑ?лÑ?живании или вÑ?полнениÑ? пÑ?оизволÑ?ного кода. Ð?Ñ?оекÑ? Common
+Vulnerabilities and Exposures опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие
+пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-1673";>CVE-2008-1673</a>
 
- -    <p>Wei Wang from McAfee reported a potential heap overflow in the
- -    ASN.1 decode code that is used by the SNMP NAT and CIFS
- -    subsystem. Exploitation of this issue may lead to arbitrary code
- -    execution. This issue is not believed to be exploitable with the
- -    pre-built kernel images provided by Debian, but it might be an
- -    issue for custom images built from the Debian-provided source
- -    package.</p></li>
+    <p>Ð?Ñ?й Ð?ан из McAfee Ñ?ообÑ?ил о поÑ?енÑ?иалÑ?ном пеÑ?еполнении динамиÑ?еÑ?кой памÑ?Ñ?и в
+    коде декодеÑ?а ASN.1, иÑ?полÑ?зÑ?емом подÑ?иÑ?Ñ?емами SNMP NAT и
+    CIFS. Ð?Ñ?полÑ?зование Ñ?Ñ?ой пÑ?облемÑ? можеÑ? пÑ?иводиÑ?Ñ? к вÑ?полнениÑ?
+    пÑ?оизволÑ?ного кода. Ð?Ñ?едÑ?Ñ?авлÑ?еÑ?Ñ?Ñ?, Ñ?Ñ?о Ñ?Ñ?а пÑ?облема не можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ?
+    на пÑ?едваÑ?иÑ?елÑ?но Ñ?обÑ?аннÑ?Ñ? обÑ?азаÑ? Ñ?дÑ?а, поÑ?Ñ?авлÑ?емÑ?Ñ? Debian, но она можеÑ?
+    бÑ?Ñ?Ñ? акÑ?Ñ?алÑ?на длÑ? Ñ?обÑ?Ñ?веннÑ?Ñ? обÑ?азов, Ñ?обÑ?аннÑ?Ñ? из пÑ?едоÑ?Ñ?авлÑ?емого Debian
+    пакеÑ?а Ñ? иÑ?Ñ?однÑ?м кодом.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-2358";>CVE-2008-2358</a>
 
- -    <p>Brandon Edwards of McAfee Avert labs discovered an issue in the
- -    DCCP subsystem. Due to missing feature length checks it is possible
- -    to cause an overflow that may result in remote arbitrary code
- -    execution.</p></li>
+    <p>Ð?Ñ?Ñ?ндон ЭдваÑ?дÑ? из лабоÑ?аÑ?оÑ?ии McAfee Avert обнаÑ?Ñ?жил пÑ?облемÑ? в
+    подÑ?иÑ?Ñ?еме DCCP. Ð?з-за оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?виÑ? пÑ?овеÑ?ки длинÑ? можно
+    вÑ?зваÑ?Ñ? пеÑ?еполнение, коÑ?оÑ?ое можеÑ? пÑ?иводиÑ?Ñ? к Ñ?далÑ?нномÑ? вÑ?полнениÑ?
+    пÑ?оизволÑ?ного кода.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (etch) these problems have been fixed in
- -version 2.6.18.dfsg.1-18etch6.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2.6.18.dfsg.1-18etch6.</p>
 
- -<p>We recommend that you upgrade your linux-2.6, fai-kernels, and
- -user-mode-linux packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? linux-2.6, fai-kernels и
+user-mode-linux.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2008/dsa-1645.wml	2014-04-30 13:16:16.000000000 +0600
+++ russian/security/2008/dsa-1645.wml	2016-08-31 21:13:42.915778813 +0500
@@ -1,36 +1,37 @@
- -<define-tag description>various</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>Ñ?азное</define-tag>
 <define-tag moreinfo>
- -<p>Several local/remote vulnerabilities have been discovered in lighttpd,
- -a fast webserver with minimal memory footprint. </p>
+<p>Ð? lighttpd, бÑ?Ñ?Ñ?Ñ?ом веб-Ñ?еÑ?веÑ?е Ñ? минималÑ?нÑ?м поÑ?Ñ?еблением памÑ?Ñ?и, бÑ?ло обнаÑ?Ñ?жено
+неÑ?колÑ?ко локалÑ?нÑ?Ñ?/Ñ?далÑ?ннÑ?Ñ? Ñ?Ñ?звимоÑ?Ñ?ей. </p>
 
- -<p>The Common Vulnerabilities and Exposures project identifies the following 
- -problems:</p>
+<p>Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие
+пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-4298";>CVE-2008-4298</a>
- -    <p>A memory leak in the http_request_parse function could be used by
- -    remote attackers to cause lighttpd to consume memory, and cause a
- -    denial of service attack.</p></li>
+    <p>УÑ?еÑ?ка памÑ?Ñ?и в Ñ?Ñ?нкÑ?ии http_request_parse можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ?
+    Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленниками длÑ? вÑ?зова Ñ?Ñ?езмеÑ?ного поÑ?Ñ?еблениÑ? памÑ?Ñ?и lighttpd и
+    оÑ?каза в обÑ?лÑ?живании.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-4359";>CVE-2008-4359</a>
- -    <p>Inconsistant handling of URL patterns could lead to the disclosure
- -    of resources a server administrator did not anticipate when using
- -    rewritten URLs.</p></li>
- -    
+    <p>Ð?епоÑ?ледоваÑ?елÑ?наÑ? обÑ?абоÑ?ка Ñ?аблонов URL можеÑ? пÑ?иводиÑ?Ñ? к Ñ?аÑ?кÑ?Ñ?Ñ?иÑ?
+    Ñ?еÑ?Ñ?Ñ?Ñ?ов, коÑ?оÑ?ое не ожидаеÑ?Ñ?Ñ? Ñ?иÑ?Ñ?емнÑ?м админиÑ?Ñ?Ñ?аÑ?оÑ?ом пÑ?и иÑ?полÑ?зовании
+    пеÑ?езапиÑ?аннÑ?Ñ? URL.</p></li>
+
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-4360";>CVE-2008-4360</a>
- -    <p>Upon filesystems which don't handle case-insensitive paths differently
- -    it might be possible that unanticipated resources could be made available
- -    by mod_userdir.</p></li>
+    <p>Ð?Ñ?и иÑ?полÑ?зовании Ñ?айловÑ?Ñ? Ñ?иÑ?Ñ?ем, коÑ?оÑ?Ñ?е не обÑ?абаÑ?Ñ?ваÑ?Ñ? незавиÑ?Ñ?Ñ?ие оÑ? Ñ?егиÑ?Ñ?Ñ?а
+    пÑ?Ñ?и дÑ?Ñ?гим Ñ?поÑ?обом, Ñ? помоÑ?Ñ?Ñ? mod_userdir можно Ñ?делаÑ?Ñ?
+    доÑ?Ñ?Ñ?пнÑ?м Ñ?еÑ?Ñ?Ñ?Ñ?Ñ?, не пÑ?едназнаÑ?еннÑ?е длÑ? оÑ?кÑ?Ñ?Ñ?иÑ?.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (etch), these problems have been fixed in version
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии
 1.4.13-4etch11.</p>
 
- -<p>For the unstable distribution (sid), these problems will be fixed shortly.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?дÑ?Ñ? иÑ?пÑ?авленÑ? позже.</p>
 
- -<p>We recommend that you upgrade your lighttpd package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? lighttpd.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXxw0fAAoJEF7nbuICFtKl+eIP/1zgz3LChVXtbWlhZuFcw8ph
BU5KkrvhdJ7MSYu03ebZxbhfMRFrrHjQvvDRPlJY+ItAS0keBvQNIJ0V11UJGCwb
X+iwjk9t9IT4ufpE7YYRV67/EtwNBwqRLH/3rnwNqWm/KVqoP0+g9zCITG0CdqW7
byEXCM/v9KtP52/L37WvLRZ1jNnu+BNrWi+HjKpK2zcrxsoCHiEb2KBlxRyEMJzB
/cee3sRJ/ho9EaPVmBHTPiAPH8OW01zAYuT33keVPJJQr1XSZOKLAzDxJUzprNqt
V9jwbFicErXB/0G1PX/3K62J1AQdt2fU7oJJYUou0LhF9Kdg4DqNd0yAF0a1L5/e
pd4Qyh8L8m1wlRm8UXFpOgB+tS7YTo02CLYv9WKNhrqet1uG5ugRnbO+DaLNBDzt
79L3PadRXf55zEIuheesLH9avWXo/YEqxKEJMqxK8W7GBhYbjtwqhjH0XWEZ1FDk
Dtwkjh3Q8iHe144MwoxI+sZA+f3zlintk7vrRCJ5UtUvYWKgvEoQuBqAiU87AeJJ
oy2fhbXe3vCurjV80bGpT4LLCLsxCkY1GdzZLDZVWVoZXjwZltTmeRKL/qx9Yadt
FesZ3e8irc60x7yW8XAa8ZORfoZLpJe9bTIRganOtalWvJOl6j1lSSgavN5mCAN3
UOX7kVQCSHkUGNL171zx
=sjfF
-----END PGP SIGNATURE-----