[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2009/dsa-1{862,746,721}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2009/dsa-1721.wml	2014-04-30 13:16:18.000000000 +0600
+++ russian/security/2009/dsa-1721.wml	2016-09-04 16:26:26.016353834 +0500
@@ -1,37 +1,38 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several local vulnerabilities have been discovered in the PAM module
- -for MIT Kerberos. The Common Vulnerabilities and Exposures project
- -identifies the following problems:</p>
+<p>Ð? модÑ?ле PAM длÑ? MIT Kerberos бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко локалÑ?нÑ?Ñ?
+Ñ?Ñ?звимоÑ?Ñ?ей . Ð?Ñ?оекÑ?  Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-0360";>CVE-2009-0360</a>
 
- -   <p>Russ Allbery discovered that the Kerberos PAM module parsed
- -   configuration settings from environment variables when run from a
- -   setuid context. This could lead to local privilege escalation if
- -   an attacker points a setuid program using PAM authentication to a
- -   Kerberos setup under her control.</p></li>
+   <p>РаÑ? Ð?лбеÑ?и обнаÑ?Ñ?жил, Ñ?Ñ?о PAM-модÑ?лÑ? Kerberos вÑ?полнÑ?еÑ? гÑ?аммаÑ?иÑ?еÑ?кий Ñ?азбоÑ?
+   паÑ?амеÑ?Ñ?ов наÑ?Ñ?Ñ?ойки из пеÑ?еменнÑ?Ñ? окÑ?Ñ?жениÑ? пÑ?и запÑ?Ñ?ке из
+   setuid-конÑ?екÑ?Ñ?а. ЭÑ?о можеÑ? пÑ?иводиÑ?Ñ? к локалÑ?номÑ? повÑ?Ñ?ениÑ? пÑ?ивилегий в Ñ?лÑ?Ñ?ае, еÑ?ли
+   злоÑ?мÑ?Ñ?ленник Ñ?казÑ?аеÑ? пÑ?огÑ?аммÑ? Ñ? setuid, иÑ?полÑ?зÑ?Ñ? PAM-аÑ?Ñ?енÑ?иÑ?икаÑ?иÑ? длÑ?
+   наÑ?Ñ?Ñ?ойки Kerberos под Ñ?воим конÑ?Ñ?олем.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-0361";>CVE-2009-0361</a>
 
- -   <p>Derek Chan discovered that the Kerberos PAM module allows
- -   reinitialisation of user credentials when run from a setuid
- -   context, resulting in potential local denial of service by
- -   overwriting the credential cache file or to privilege escalation.</p></li>
+   <p>Ð?еÑ?ек Чан обнаÑ?Ñ?жил, Ñ?Ñ?о PAM-модÑ?лÑ? Kerberos позволÑ?еÑ? пÑ?оизводиÑ?Ñ?
+   повÑ?оÑ?нÑ?Ñ? иниÑ?иализаÑ?иÑ? даннÑ?Ñ? полÑ?зоваÑ?елÑ?Ñ?кой Ñ?Ñ?Ñ?Ñ?ной запиÑ?и пÑ?и запÑ?Ñ?ке из
+   setuid-конÑ?екÑ?Ñ?а, Ñ?Ñ?о пÑ?иводиÑ? к поÑ?енÑ?иалÑ?номÑ? локалÑ?номÑ? оÑ?казÑ? в обÑ?лÑ?живании
+   из-за пеÑ?езапиÑ?и кеÑ?-Ñ?айла Ñ? даннÑ?ми Ñ?Ñ?Ñ?Ñ?ной запиÑ?и или к повÑ?Ñ?ениÑ? пÑ?ивилегий.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (etch), these problems have been fixed in
- -version 2.6-1etch1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2.6-1etch1.</p>
 
- -<p>For the upcoming stable distribution (lenny), these problems have been
- -fixed in version 3.11-4.</p>
+<p>Ð? гоÑ?овÑ?Ñ?емÑ?Ñ? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли
+иÑ?пÑ?авленÑ? в веÑ?Ñ?ии 3.11-4.</p>
 
- -<p>For the unstable distribution (sid), these problems will be fixed soon.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?дÑ?Ñ? иÑ?пÑ?авленÑ? позже.</p>
 
- -<p>We recommend that you upgrade your libpam-krb5 package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? libpam-krb5.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2009/dsa-1746.wml	2014-04-30 13:16:18.000000000 +0600
+++ russian/security/2009/dsa-1746.wml	2016-09-04 16:20:57.408494282 +0500
@@ -1,39 +1,40 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
 
- -<p>Two security issues have been discovered in ghostscript, the GPL
- -Ghostscript PostScript/PDF interpreter. The Common Vulnerabilities and
- -Exposures project identifies the following problems:</p>
+<p>Ð? ghostscript, инÑ?еÑ?пÑ?еÑ?аÑ?оÑ?е Ghostscript PostScript/PDF под лиÑ?ензией GPL,
+бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко пÑ?облем безопаÑ?ноÑ?Ñ?и. Ð?Ñ?оекÑ? Common Vulnerabilities and
+Exposures опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-0583";>CVE-2009-0583</a>
 
- -<p>Jan Lieskovsky discovered multiple integer overflows in the ICC library,
- -which allow the execution of arbitrary code via crafted ICC profiles in
- -PostScript files with embedded images.</p></li>
+<p>Ян Ð?иÑ?ковÑ?кий обнаÑ?Ñ?жил многоÑ?иÑ?леннÑ?е пеÑ?еполнениÑ? Ñ?елÑ?Ñ? Ñ?иÑ?ел в библиоÑ?еке ICC,
+коÑ?оÑ?Ñ?е позволÑ?Ñ?Ñ? вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код Ñ? помоÑ?Ñ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?Ñ? пÑ?оÑ?илей ICC в
+Ñ?айлаÑ? PostScript Ñ?о вÑ?Ñ?Ñ?оеннÑ?ми изобÑ?ажениÑ?ми.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-0584";>CVE-2009-0584</a>
 
- -<p>Jan Lieskovsky discovered insufficient upper-bounds checks on certain
- -variable sizes in the ICC library, which allow the execution of
- -arbitrary code via crafted ICC profiles in PostScript files with
- -embedded images.</p></li>
+<p>Ян Ð?иÑ?ковÑ?кий обнаÑ?Ñ?жил недоÑ?Ñ?аÑ?оÑ?нÑ?е пÑ?овеÑ?ки веÑ?Ñ?ниÑ? гÑ?аниÑ? длÑ? пеÑ?еменнÑ?Ñ?
+опÑ?еделÑ?нного Ñ?азмеÑ?а в библиоÑ?еке ICC, коÑ?оÑ?Ñ?е позволÑ?Ñ?Ñ? вÑ?полнÑ?Ñ?Ñ?
+пÑ?оизволÑ?нÑ?й код Ñ? помоÑ?Ñ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?Ñ? пÑ?оÑ?илей ICC в Ñ?айлаÑ? PostScript Ñ?о
+вÑ?Ñ?Ñ?оеннÑ?ми изобÑ?ажениÑ?ми.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (lenny), these problems have been fixed in
- -version 8.62.dfsg.1-3.2lenny1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 8.62.dfsg.1-3.2lenny1.</p>
 
- -<p>For the oldstable distribution (etch), these problems have been fixed
- -in version 8.54.dfsg.1-5etch2. Please note that the package in oldstable
- -is called gs-gpl.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 8.54.dfsg.1-5etch2. Ð?амеÑ?Ñ?Ñ?е, Ñ?Ñ?о в пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном
+вÑ?пÑ?Ñ?ке Ñ?Ñ?оÑ? пакеÑ? назÑ?ваеÑ?Ñ?Ñ? gs-gpl.</p>
 
- -<p>For the testing distribution (squeeze) and the unstable distribution
- -(sid), these problems will be fixed soon.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом (squeeze) и неÑ?Ñ?абилÑ?ном (sid) вÑ?пÑ?Ñ?каÑ?
+Ñ?Ñ?и пÑ?облемÑ? бÑ?дÑ?Ñ? иÑ?пÑ?авленÑ? позже.</p>
 
 
- -<p>We recommend that you upgrade your ghostscript/gs-gpl packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? ghostscript/gs-gpl.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2009/dsa-1862.wml	2014-04-30 13:16:19.000000000 +0600
+++ russian/security/2009/dsa-1862.wml	2016-09-04 16:12:09.455838451 +0500
@@ -1,36 +1,37 @@
- -<define-tag description>privilege escalation</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>повÑ?Ñ?ение пÑ?ивилегий</define-tag>
 <define-tag moreinfo>
- -<p>A vulnerability has been discovered in the Linux kernel that may lead
- -to privilege escalation. The Common Vulnerabilities and Exposures project
- -identifies the following problem:</p>
+<p>Ð? Ñ?дÑ?е Linux бÑ?ла обнаÑ?Ñ?жена Ñ?Ñ?звимоÑ?Ñ?Ñ?, коÑ?оÑ?аÑ? можеÑ? пÑ?иводиÑ?Ñ? к
+повÑ?Ñ?ениÑ? пÑ?ивилегий. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?Ñ?Ñ? пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-2692";>CVE-2009-2692</a>
 
- -    <p>Tavis Ormandy and Julien Tinnes discovered an issue with how the
- -    sendpage function is initialized in the proto_ops structure.
- -    Local users can exploit this vulnerability to gain elevated
- -    privileges.</p></li>
+    <p>ТÑ?виÑ? Ð?Ñ?манди и Ð?Ñ?лÑ?ен Тине обнаÑ?Ñ?жили пÑ?облемÑ? Ñ? Ñ?ем, как иниÑ?иализиÑ?Ñ?еÑ?Ñ?Ñ?
+    Ñ?Ñ?нкÑ?иÑ? sendpage в Ñ?Ñ?Ñ?Ñ?кÑ?Ñ?Ñ?е proto_ops.
+    Ð?окалÑ?нÑ?е полÑ?зоваÑ?ели могÑ?Ñ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? полÑ?Ñ?ениÑ? повÑ?Ñ?еннÑ?Ñ?
+    пÑ?ивилегий.</p></li>
 
 </ul>
 
- -<p>For the oldstable distribution (etch), this problem will be fixed in
- -updates to linux-2.6 and linux-2.6.24.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+обновлениÑ?Ñ? длÑ? пакеÑ?ов linux-2.6 и linux-2.6.24.</p>
 
- -<p>For the stable distribution (lenny), this problem has been fixed in
- -version 2.6.26-17lenny2.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 2.6.26-17lenny2.</p>
 
- -<p>We recommend that you upgrade your linux-2.6 and user-mode-linux
- -packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? linux-2.6 и
+user-mode-linux.</p>
 
- -<p>Note: Debian carefully tracks all known security issues across every
- -linux kernel package in all releases under active security support.
- -However, given the high frequency at which low-severity security
- -issues are discovered in the kernel and the resource requirements of
- -doing an update, updates for lower priority issues will normally not
- -be released for all kernels at the same time. Rather, they will be
- -released in a staggered or "leap-frog" fashion.</p>
+<p>Ð?нимание: Debian внимаÑ?елÑ?но оÑ?Ñ?леживаеÑ? вÑ?е извеÑ?Ñ?нÑ?е пÑ?облемÑ? безопаÑ?ноÑ?Ñ?и во вÑ?еÑ?
+пакеÑ?аÑ? Ñ?дÑ?а Linux во вÑ?еÑ? вÑ?пÑ?Ñ?каÑ?, длÑ? коÑ?оÑ?Ñ?Ñ? пÑ?едоÑ?Ñ?авлÑ?еÑ?Ñ?Ñ? поддеÑ?жка обновлений безопаÑ?ноÑ?Ñ?и.
+Тем не менее, Ñ?Ñ?иÑ?Ñ?ваÑ? Ñ?о, Ñ?Ñ?о пÑ?облемÑ? безопаÑ?ноÑ?Ñ?и низкой важноÑ?Ñ?и обнаÑ?Ñ?живаÑ?Ñ?Ñ?Ñ? в Ñ?дÑ?е
+доволÑ?но Ñ?аÑ?Ñ?о, а Ñ?акже Ñ?Ñ?иÑ?Ñ?ваÑ? Ñ?еÑ?Ñ?Ñ?Ñ?Ñ? необÑ?одимÑ?е длÑ?
+оÑ?Ñ?Ñ?еÑ?Ñ?влениÑ? обновлениÑ?, обновлениÑ? пÑ?облем Ñ? более низким пÑ?иоÑ?иÑ?еÑ?ом, обÑ?Ñ?но, не бÑ?дÑ?Ñ?
+вÑ?пÑ?Ñ?каÑ?Ñ?Ñ?Ñ? длÑ? вÑ?еÑ? Ñ?деÑ? одновÑ?еменно. СкоÑ?ее же они бÑ?дÑ?Ñ?
+вÑ?пÑ?Ñ?каÑ?Ñ?Ñ?Ñ? в Ñ?аÑ?маÑ?ном поÑ?Ñ?дке или в поÑ?Ñ?дке Ñ?аÑ?оÑ?дÑ?.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXzATkAAoJEF7nbuICFtKlADoP/1UPCW1jNl8j6CHLWxBil4ET
qNi5uc2+lT50Jw5V48Y+WaR3dMhJrVeRcu9z0p8JHTmI9+KGI1DeVMUCcBRbtKoh
bs4CEK5J6s/F0otTg2I5H+ckgDjl7ics278JvkjsJxcoL5eLcuLqWeVcYXdNyJX2
IshmXV4HMYAEWBAvCagmY98pkFU/Zf4bqtyehYX+ubLNvrMFsCz/GoUPNP+6bQo0
e+o79kdskqjKGyay9meFRbzfISBGzwhvPWOxQngHOyggBseecDCRzz3xcLTnRRzA
WBM5bG+ob3wTHUU/Kyz2bSUpRjHOv4U/uz73CkutUD5k5ZuUSm6jKOeRXQOJeqfM
Z6oZNDy18oHbbEimtgufcnyQE40dJPSZjraX1xDPQUsVqePs5GuLR5SYglQqFsZ0
x166gzDMBKennongAzhsXywwoxkEC9D08I8Wmf7h+4AAdWm0GlANgMxaKMXE87Ua
4qvlN+zA6QTzjeCG/j3SuU2HgsNVLDr7m5iII+Wu8KhCsb77goU6PZgzASkwk4Kq
NTMJBJbgynivTNhkyJPF+C+riwSUOTnrKlo+/+YIBretatmPvanSSg7v/FibJGSU
+o18B2IGe9xAKLAiJL6nbxs+wBu3MwEc4zZIxTn/nMdI/mqzlekTU1OnHKm8hiYl
1ehYeXe4TqOeH36nde56
=QdiC
-----END PGP SIGNATURE-----
Reply to: