[DONE] wml://security/2008/dsa-1{468,511}.wml
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- --- english/security/2008/dsa-1468.wml 2014-04-30 13:16:14.000000000 +0600
+++ russian/security/2008/dsa-1468.wml 2016-09-08 19:27:41.677127737 +0500
@@ -1,39 +1,40 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
<define-tag moreinfo>
- -<p>Several remote vulnerabilities have been discovered in the Tomcat
- -servlet and JSP engine. The Common Vulnerabilities and Exposures project
- -identifies the following problems:</p>
+<p>Ð? Tomcat, Ñ?еÑ?влеÑ?е и движке JSP, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко
+Ñ?далÑ?ннÑ?Ñ? Ñ?Ñ?звимоÑ?Ñ?ей. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2008-0128">CVE-2008-0128</a>
- - <p>Olaf Kock discovered that HTTPS encryption was insufficiently
- - enforced for single-sign-on cookies, which could result in
- - information disclosure.</p></li>
+ <p>Ð?лаÑ? Ð?ок обнаÑ?Ñ?жил, Ñ?Ñ?о Ñ?иÑ?Ñ?ование HTTPS иÑ?полÑ?зÑ?еÑ?Ñ?Ñ? длÑ? кÑ?ки единой
+ авÑ?оÑ?изаÑ?ии недоÑ?Ñ?аÑ?оÑ?нÑ?м обÑ?азом, Ñ?Ñ?о можеÑ? пÑ?иводиÑ?Ñ? к
+ Ñ?аÑ?кÑ?Ñ?Ñ?иÑ? инÑ?оÑ?маÑ?ии.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2007-2450">CVE-2007-2450</a>
- - <p>It was discovered that the Manager and Host Manager web applications
- - performed insufficient input sanitising, which could lead to cross site
- - scripting.</p></li>
+ <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о веб-пÑ?иложениÑ? Manager и Host Manager
+ вÑ?полнÑ?Ñ?Ñ? недоÑ?Ñ?аÑ?оÑ?нÑ?Ñ? оÑ?иÑ?Ñ?кÑ? вÑ?однÑ?Ñ? даннÑ?Ñ?, Ñ?Ñ?о можеÑ? пÑ?иводиÑ?Ñ? к межÑ?айÑ?овомÑ?
+ Ñ?кÑ?ипÑ?ингÑ?.</p></li>
</ul>
- -<p>This update also adapts the tomcat5.5-webapps package to the tightened
- -JULI permissions introduced in the previous tomcat5.5 DSA. However, it
- -should be noted, that the tomcat5.5-webapps is for demonstration and
- -documentation purposes only and should not be used for production
- -systems.</p>
+<p>Ð? данном обновлении иÑ?полÑ?зÑ?еÑ?Ñ?Ñ? пакеÑ? tomcat5.5-webapps Ñ? Ñ?елÑ?Ñ? Ñ?жеÑ?Ñ?оÑ?ениÑ?
+пÑ?ав доÑ?Ñ?Ñ?па JULI, добавленнÑ?Ñ? в пÑ?едÑ?дÑ?Ñ?ей Ñ?екомендаÑ?ии по безопаÑ?ноÑ?Ñ?и tomcat5.5. Тем не менее,
+Ñ?ледÑ?еÑ? замеÑ?иÑ?Ñ?, Ñ?Ñ?о tomcat5.5-webapps Ñ?лÑ?жиÑ? длÑ? Ñ?елей демонÑ?Ñ?Ñ?аÑ?ии и
+докÑ?менÑ?аÑ?ии и не должен иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? на Ñ?еалÑ?нÑ?Ñ?
+Ñ?иÑ?Ñ?емаÑ?.</p>
- -<p>The old stable distribution (sarge) doesn't contain tomcat5.5.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sarge) пакеÑ?Ñ? tomcat5.5 оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вÑ?Ñ?Ñ?.</p>
- -<p>For the stable distribution (etch), these problems have been fixed in
- -version 5.5.20-2etch2.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 5.5.20-2etch2.</p>
- -<p>For the unstable distribution (sid), these problems will be fixed soon.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?дÑ?Ñ? иÑ?пÑ?авленÑ? позже.</p>
- -<p>We recommend that you upgrade your tomcat5.5 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? tomcat5.5.</p>
</define-tag>
# do not modify the following line
- --- english/security/2008/dsa-1511.wml 2014-04-30 13:16:15.000000000 +0600
+++ russian/security/2008/dsa-1511.wml 2016-09-08 19:33:03.659099925 +0500
@@ -1,39 +1,40 @@
- -<define-tag description>various</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>Ñ?азное</define-tag>
<define-tag moreinfo>
- -<p>Several local vulnerabilities have been discovered in libicu,
- -International Components for Unicode, The Common Vulnerabilities and
- -Exposures project identifies the following problems:</p>
+<p>Ð? libicu, библиоÑ?еке междÑ?наÑ?однÑ?Ñ? компоненÑ?ов длÑ? Unicode, бÑ?ло обнаÑ?Ñ?жено
+неÑ?колÑ?ко локалÑ?нÑ?Ñ? Ñ?Ñ?звимоÑ?Ñ?ей. Ð?Ñ?оекÑ? Common Vulnerabilities and
+Exposures опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
<ul>
<li>
<a href="https://security-tracker.debian.org/tracker/CVE-2007-4770">CVE-2007-4770</a>
<p>
- - libicu in International Components for Unicode (ICU) 3.8.1 and earlier
- - attempts to process backreferences to the nonexistent capture group
- - zero (aka \0), which might allow context-dependent attackers to read
- - from, or write to, out-of-bounds memory locations, related to
- - corruption of REStackFrames.</p>
+ libicu в ICU веÑ?Ñ?ии 3.8.1 и более Ñ?анниÑ?
+ пÑ?Ñ?аеÑ?Ñ?Ñ? обÑ?абоÑ?аÑ?Ñ? обÑ?аÑ?нÑ?е Ñ?казаÑ?ели на неÑ?Ñ?Ñ?еÑ?Ñ?вÑ?Ñ?Ñ?Ñ?Ñ? гÑ?Ñ?ппÑ? под номеÑ?ом
+ нолÑ? (извеÑ?Ñ?нÑ?Ñ? как \0), Ñ?Ñ?о можеÑ? позволиÑ?Ñ? злоÑ?мÑ?Ñ?ленникам в завиÑ?имоÑ?Ñ?и оÑ? конÑ?екÑ?Ñ?а Ñ?Ñ?иÑ?Ñ?ваÑ?Ñ?
+ или вÑ?полнÑ?Ñ?Ñ? запиÑ?Ñ? за пÑ?еделами вÑ?деленного бÑ?Ñ?еÑ?а памÑ?Ñ?и, Ñ?Ñ?о Ñ?вÑ?зано
+ Ñ? повÑ?еждением REStackFrames.</p>
</li>
<li>
<a href="https://security-tracker.debian.org/tracker/CVE-2007-4771">CVE-2007-4771</a>
<p>
- - Heap-based buffer overflow in the doInterval function in regexcmp.cpp
- - in libicu in International Components for Unicode (ICU) 3.8.1 and
- - earlier allows context-dependent attackers to cause a denial of
- - service (memory consumption) and possibly have unspecified other
- - impact via a regular expression that writes a large amount of data to
- - the backtracking stack.</p>
+ Ð?еÑ?еполнение динамиÑ?еÑ?кой памÑ?Ñ?и в Ñ?Ñ?нкÑ?ии doInterval в regexcmp.cpp
+ в libicu в ICU веÑ?Ñ?ии 3.8.1 и более Ñ?анниÑ?
+ позволÑ?еÑ? злоÑ?мÑ?Ñ?ленникам в завиÑ?имоÑ?Ñ?и оÑ? конÑ?екÑ?Ñ?а вÑ?зÑ?ваÑ?Ñ? оÑ?каз
+ в обÑ?лÑ?живании (Ñ?Ñ?езмеÑ?ное поÑ?Ñ?ебление памÑ?Ñ?и), а Ñ?акже оказÑ?ваÑ?Ñ? дÑ?Ñ?гое неопÑ?еделÑ?нное
+ воздейÑ?Ñ?вие Ñ? помоÑ?Ñ?Ñ? Ñ?егÑ?лÑ?Ñ?ного вÑ?Ñ?ажениÑ?, запиÑ?Ñ?ваÑ?Ñ?его болÑ?Ñ?ой обÑ?Ñ?м даннÑ?Ñ? в
+ Ñ?Ñ?ек обÑ?аÑ?ной обÑ?абоÑ?ки.</p>
</li>
</ul>
- -<p>For the stable distribution (etch), these problems have been fixed in
- -version 3.6-2etch1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 3.6-2etch1.</p>
- -<p>For the unstable distribution (sid), these problems have been fixed in
- -version 3.8-6.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 3.8-6.</p>
- -<p>We recommend that you upgrade your libicu package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? libicu.</p>
</define-tag>
# do not modify the following line
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJX0XaiAAoJEF7nbuICFtKltToQAJ5bWka8/0o8J+7nrAmTNjvK
2bB4Bh2SszkxXPaJ+U0YcjWjKdgLH6URBKQuM9NtQhpJjl0LtXQPJmOMzJ4ZtgzP
63BwL8WnOISm6t1R7BlIMhlF4Jp3LveviyZbeugmOzEzxHLkUt6E3R6xaJ4XXxzL
6HHt7RKXRa3Q3kyMYhpu8Qx/ScVjqTw4DppJ2aacwZyRJrwQi+/Iz+AjCzKsT682
Nsz47pO2Asi2MZNqt6GMNzo3SYcd5LtkVTkNs5/frL5yIyv/17aFhuLycQewlg7O
T4vqkqGTpHPfG0g51eKHgdhWzIdoXSM+B6ICAJixL4JuMcJ8uJfgS+DFQyttpgxr
MQczAFwc0Wcbhw1qBIdz7nhs7YucCzvKO1pWNCul9OI83EX12om62KGokMnjxGaL
tMBqrkdTTXo75h0eI42Rzwy3UZJxpUqjAV1vaIl6awhwpAKJuI+y/S8IyzQvzuwA
B95PUZJw13h7699KJAFjgR8HacMeDJUTBjbrDhilXsJ3GnZCuwb5PfisgzRWrNh1
me8/ijQJyQx7T/7SzDN68/LEn/l964CD6l2EMvDfKV8PJZl9081rD5nzorW2aUhF
tEGDh+pKmkrcsf8kx8F0AQz71r12Pj/Ui3na2ASmpGx/xWjSlFL45KCXpc8x3Bi1
rv/0F3fNsFFTKCxnFtfw
=vPtI
-----END PGP SIGNATURE-----
Reply to: