[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2008/dsa-15{72,37,33}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2008/dsa-1533.wml	2014-04-30 13:16:15.000000000 +0600
+++ russian/security/2008/dsa-1533.wml	2016-09-14 00:58:56.348301125 +0500
@@ -1,39 +1,40 @@
- -<define-tag description>insufficient input sanitizing</define-tag>
+#use wml::debian::translation-check translation="1.5" maintainer="Lev Lamberov"
+<define-tag description>недоÑ?Ñ?аÑ?оÑ?наÑ? оÑ?иÑ?Ñ?ка вÑ?однÑ?Ñ? даннÑ?Ñ?</define-tag>
 <define-tag moreinfo>
- -<p>Christian Schmid and Meder Kydyraliev (Google Security) discovered a
- -number of vulnerabilities in exiftags, a utility for extracting EXIF
- -metadata from JPEG images. The Common Vulnerabilities and Exposures
- -project identified the following three problems:</p>
+<p>Ð?Ñ?иÑ?Ñ?иан Шмид и Ð?едеÑ? Ð?Ñ?дÑ?Ñ?алиев (Google Security) обнаÑ?Ñ?жили
+Ñ?Ñ?д Ñ?Ñ?звимоÑ?Ñ?ей в exiftags, Ñ?Ñ?илиÑ?е длÑ? извлеÑ?ениÑ? меÑ?аданнÑ?Ñ? EXIF
+из изобÑ?ажений в Ñ?оÑ?маÑ?е JPEG. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие Ñ?Ñ?и пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-6354";>CVE-2007-6354</a>
 
- -    <p>Inadequate EXIF property validation could lead to invalid memory
- -    accesses if executed on a maliciously crafted image, potentially
- -    including heap corruption and the execution of arbitrary code.</p></li>
+    <p>Ð?екоÑ?Ñ?екÑ?наÑ? пÑ?овеÑ?ка Ñ?войÑ?Ñ?в EXIF можеÑ? пÑ?иводиÑ?Ñ? к непÑ?авилÑ?номÑ? доÑ?Ñ?Ñ?пÑ?
+    к памÑ?Ñ?и в Ñ?лÑ?Ñ?ае оÑ?кÑ?Ñ?Ñ?иÑ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного изобÑ?ажениÑ?, Ñ?Ñ?о поÑ?енÑ?иалÑ?но
+    вклÑ?Ñ?аеÑ? в Ñ?ебÑ? повÑ?еждение Ñ?одеÑ?жимого динамиÑ?еÑ?кой памÑ?Ñ?и и вÑ?полнение пÑ?оизволÑ?ного кода.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-6355";>CVE-2007-6355</a>
 
- -    <p>Flawed data validation could lead to integer overflows, causing
- -    other invalid memory accesses, also with the potential for memory
- -    corruption or arbitrary code execution.</p></li>
+    <p>Ð?Ñ?ибоÑ?наÑ? пÑ?овеÑ?ка даннÑ?Ñ? можеÑ? пÑ?иводиÑ?Ñ? к пеÑ?еполнениÑ?м Ñ?елÑ?Ñ? Ñ?иÑ?ел, Ñ?Ñ?о вÑ?зÑ?ваеÑ?
+    некоÑ?Ñ?екÑ?нÑ?е доÑ?Ñ?Ñ?п к памÑ?Ñ?и Ñ? возможнÑ?м повÑ?еждением Ñ?одеÑ?жимого памÑ?Ñ?и
+    или вÑ?полнением пÑ?оизволÑ?ного кода.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-6356";>CVE-2007-6356</a>
 
- -    <p>Cyclical EXIF image file directory (IFD) references could cause
- -    a denial of service (infinite loop).</p></li>
+    <p>ЦиклиÑ?нÑ?е Ñ?Ñ?Ñ?лки на Ñ?айловÑ?й каÑ?алог изобÑ?ажений EXIF (IFD) могÑ?Ñ? вÑ?зÑ?ваÑ?Ñ?
+    оÑ?каз в обÑ?лÑ?живании (беÑ?конеÑ?нÑ?й Ñ?икл).</p></li>
 
 </ul>
 
- -<p>For the oldstable distribution (sarge), these problems have been fixed
- -in version 0.98-1.1+0sarge1.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sarge) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 0.98-1.1+0sarge1.</p>
 
- -<p>For the stable distribution (etch), these problems have been fixed in
- -version 0.98-1.1+etch1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 0.98-1.1+etch1.</p>
 
- -<p>For the unstable distribution (sid), these problems have been fixed in
- -version 1.01-0.1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.01-0.1.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2008/dsa-1537.wml	2014-04-30 13:16:15.000000000 +0600
+++ russian/security/2008/dsa-1537.wml	2016-09-14 00:52:14.629741172 +0500
@@ -1,40 +1,41 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Alin Rad Pop (Secunia) discovered a number of vulnerabilities in xpdf, a set
- -of tools for display and conversion of Portable Document Format (PDF) files.
- -The Common Vulnerabilities and Exposures project identifies the following
- -three problems:</p>
+<p>Ð?лин Рад Ð?оп (Secunia) обнаÑ?Ñ?жил Ñ?Ñ?д Ñ?Ñ?звимоÑ?Ñ?ей в xpdf, набоÑ?е
+инÑ?Ñ?Ñ?Ñ?менÑ?ов длÑ? оÑ?обÑ?ажениÑ? и пÑ?еобÑ?азованиÑ? Ñ?айлов в Ñ?оÑ?маÑ?е PDF.
+Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие
+Ñ?Ñ?и пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-4352";>CVE-2007-4352</a>
 
- -    <p>Inadequate DCT stream validation allows an attacker to corrupt
- -    memory and potentially execute arbitrary code by supplying a
- -    maliciously crafted PDF file.</p></li>
+    <p>Ð?епÑ?авилÑ?наÑ? пÑ?овеÑ?ка DCT-поÑ?ока позволÑ?еÑ? злоÑ?мÑ?Ñ?ленникÑ? повÑ?еждаÑ?Ñ? Ñ?одеÑ?жимое
+    памÑ?Ñ?и и поÑ?енÑ?иалÑ?но вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код, пеÑ?едав
+    Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?й Ñ?айл в Ñ?оÑ?маÑ?е PDF.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-5392";>CVE-2007-5392</a>
 
- -    <p>An integer overflow vulnerability in DCT stream handling could
- -    allow an attacker to overflow a heap buffer, enabling the execution
- -    of arbitrary code.</p></li>
+    <p>Ð?еÑ?еполнение Ñ?елÑ?Ñ? Ñ?иÑ?ел в коде обÑ?абоÑ?ки DCT-поÑ?ока можеÑ?
+    позволиÑ?Ñ? злоÑ?мÑ?Ñ?ленникÑ? пеÑ?еполниÑ?Ñ? динамиÑ?еÑ?кÑ?Ñ? памÑ?Ñ?Ñ?, Ñ?Ñ?о позволÑ?еÑ? емÑ? вÑ?полниÑ?Ñ?
+    пÑ?оизволÑ?нÑ?й код.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-5393";>CVE-2007-5393</a>
 
- -    <p>A buffer overflow vulnerability in xpdf's CCITT image compression
- -    handlers allows overflow on the heap, allowing an attacker to
- -    execute arbitrary code by supplying a maliciously crafted
- -    CCITTFaxDecode filter.</p></li>
+    <p>Ð?еÑ?еполнение бÑ?Ñ?еÑ?а в обÑ?абоÑ?Ñ?икаÑ? Ñ?жаÑ?иÑ? изобÑ?ажений CCITT в xpdf
+    позволÑ?еÑ? пеÑ?еполнÑ?Ñ?Ñ? динамиÑ?еÑ?кÑ?Ñ? памÑ?Ñ?Ñ?, позволÑ?Ñ? злоÑ?мÑ?Ñ?ленникÑ?
+    вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код пÑ?и пеÑ?едаÑ?е Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного
+    Ñ?илÑ?Ñ?Ñ?а CCITTFaxDecode.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (etch), these problems have been fixed in
- -version 3.01-9.1+etch2.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 3.01-9.1+etch2.</p>
 
- -<p>For the unstable distribution (sid), these problems have been fixed in
- -version 3.02-1.3.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 3.02-1.3.</p>
 
- -<p>We recommend that you upgrade your xpdf packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? xpdf.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2008/dsa-1572.wml	2014-04-30 13:16:15.000000000 +0600
+++ russian/security/2008/dsa-1572.wml	2016-09-14 00:47:30.527257460 +0500
@@ -1,41 +1,42 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in PHP, a server-side,
- -HTML-embedded scripting language. The Common Vulnerabilities and
- -Exposures project identifies the following problems:</p>
+<p>Ð? PHP, Ñ?еÑ?веÑ?ном Ñ?зÑ?ке Ñ?Ñ?енаÑ?иев Ñ?о вÑ?Ñ?Ñ?оенной поддеÑ?жкой HTML, бÑ?ло
+обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей. Ð?Ñ?оекÑ? Common Vulnerabilities and
+Exposures опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-3806";>CVE-2007-3806</a>
 
- -    <p>The glob function allows context-dependent attackers to cause
- -    a denial of service and possibly execute arbitrary code via
- -    an invalid value of the flags parameter.</p></li>
+    <p>ФÑ?нкÑ?иÑ? glob позволÑ?еÑ? злоÑ?мÑ?Ñ?ленникам в завиÑ?имоÑ?Ñ?и оÑ? конÑ?екÑ?Ñ?а вÑ?зÑ?ваÑ?Ñ?
+    оÑ?каз в обÑ?лÑ?живании и поÑ?енÑ?иалÑ?но вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код Ñ? помоÑ?Ñ?Ñ?
+    некоÑ?Ñ?екÑ?ного знаÑ?ениÑ? паÑ?амеÑ?Ñ?а flags.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-1384";>CVE-2008-1384</a>
 
- -    <p>Integer overflow allows context-dependent attackers to cause
- -    a denial of service and possibly have other impact via a
- -    printf format parameter with a large width specifier.</p></li>
+    <p>Ð?еÑ?еполнение Ñ?елÑ?Ñ? Ñ?иÑ?ел позволÑ?еÑ? злоÑ?мÑ?Ñ?ленникам в завиÑ?имоÑ?Ñ?и оÑ? конÑ?екÑ?Ñ?а вÑ?зÑ?ваÑ?Ñ?
+    оÑ?каз в обÑ?лÑ?живании и поÑ?енÑ?иалÑ?но оказÑ?ваÑ?Ñ? дÑ?Ñ?гое влиÑ?ние на Ñ?иÑ?Ñ?емÑ? Ñ? помоÑ?Ñ?Ñ?
+    Ñ?оÑ?маÑ?ного паÑ?амеÑ?Ñ?а printf Ñ? болÑ?Ñ?им Ñ?пеÑ?иÑ?икаÑ?оÑ?ом Ñ?иÑ?инÑ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-2050";>CVE-2008-2050</a>
 
- -    <p>Stack-based buffer overflow in the FastCGI SAPI.</p></li>
+    <p>Ð?еÑ?еполнение бÑ?Ñ?еÑ?а в FastCGI SAPI.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-2051";>CVE-2008-2051</a>
 
- -    <p>The escapeshellcmd API function could be attacked via
- -    incomplete multibyte chars.</p></li>
+    <p>API-Ñ?Ñ?нкÑ?иÑ? escapeshellcmd можеÑ? подвеÑ?гаÑ?Ñ?Ñ?Ñ? аÑ?акам Ñ?еÑ?ез
+    некоÑ?Ñ?екÑ?нÑ?е многобайÑ?овÑ?е Ñ?имволÑ?.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (etch), these problems have been fixed in
- -version 5.2.0-8+etch11.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 5.2.0-8+etch11.</p>
 
- -<p>For the unstable distribution (sid), these problems have been fixed in
- -version 5.2.6-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 5.2.6-1.</p>
 
- -<p>We recommend that you upgrade your php5 package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? php5.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJX2FqDAAoJEF7nbuICFtKl1VUP/jQi3MQKBCfRh2bx3e9DI7Gm
YtCKHYEvmUnpz8oqsV71dKdGccDeNnsx5nYojN2cke7WPR8ZJS3H1TQGd7LqCRA+
GAXHCSrbpI4bxHbC04GSJXC9OlMRcx8CNyOmLdH/l1XtOFjRs5mMdno3Kem9tEoR
Tc7AasHALDbhy4KyEJPLyDAfZBJuZOG4QgVeYsdVTtrmU4barZJANBHllw8DCMXl
o2GNrMfxILU5LR/A0jCgifS6lofAECNJxjI4/fwhbzSvvZ863M0XexAAKKOSissv
D+CcHakAk6EWKPKDY4N/XPfJI0O+o7JX65wVLdElWJnTB3QHuk+mmH9HMSLsglw9
UC74jy2N8oHYyG4TRevjPz8HAlwidroUai/rKDmPTnTAEITbdtdDkiMR2bJJNFZH
rqTrq8HPALq8Fzu9i2ZzRBnL7x3q7LHwr/eNh/p+xSle9sVJnfg/mSsxUJoCbenc
trlN3EC4ZeS4uo0Arh1iVMHe3+9rrah4YPBzl8pUdxuoYmViuqi9+3Qd6iKk7J5G
bPFtLoTizFHDahvzRRSMPRlsbcrIV/2LPR4kiS9+ZBflPzOn/xgxNJUP6S6r6PHn
KZUgYLlpVbNeFRH795g5oPIzHWLsn6e+cE69RsTn/Smq+zfflPvt8G2W6m2MxX/1
I054VvXUvx1s/OZ+NyOT
=WD53
-----END PGP SIGNATURE-----
Reply to: