[DONE] wml://security/2010/dsa-{1974,2129}.wml

[Lev Lamberov <dogsleg@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2010/dsa-1974.wml	2014-04-30 13:16:22.000000000 +0600
+++ russian/security/2010/dsa-1974.wml	2016-09-16 22:47:14.557600243 +0500
@@ -1,38 +1,39 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been found in gzip, the GNU compression
- -utilities. The Common Vulnerabilities and Exposures project identifies
- -the following problems:</p>
+<p>Ð? gzip, Ñ?Ñ?илиÑ?аÑ? длÑ? Ñ?жаÑ?иÑ? оÑ? GNU, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко
+Ñ?Ñ?звимоÑ?Ñ?ей. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures опÑ?еделÑ?еÑ?
+Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-2624";>CVE-2009-2624</a>
 
- -<p>Thiemo Nagel discovered a missing input sanitation flaw in the way gzip
- -used to decompress data blocks for dynamic Huffman codes, which could
- -lead to the execution of arbitrary code when trying to decompress a
- -crafted archive. This issue is a reappearance of <a href="https://security-tracker.debian.org/tracker/CVE-2006-4334";>CVE-2006-4334</a> and only
- -affects the lenny version.</p></li>
+<p>Тимо Ð?агелÑ? обнаÑ?Ñ?жил оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вие оÑ?иÑ?Ñ?ки вÑ?однÑ?Ñ? даннÑ?Ñ? в Ñ?поÑ?обе, иÑ?полÑ?зÑ?емом gzip
+длÑ? Ñ?аÑ?паковки блоков даннÑ?Ñ? длÑ? динамиÑ?еÑ?киÑ? кодов ХаÑ?Ñ?мана, Ñ?Ñ?о можеÑ?
+пÑ?иводиÑ?Ñ? к вÑ?полнениÑ? пÑ?оизволÑ?ного кода пÑ?и попÑ?Ñ?ке Ñ?аÑ?паковки
+Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного аÑ?Ñ?ива. ЭÑ?а пÑ?облема пÑ?едÑ?Ñ?авлÑ?еÑ? Ñ?обой возвÑ?аÑ?ение <a href="https://security-tracker.debian.org/tracker/CVE-2006-4334";>CVE-2006-4334</a> и
+каÑ?аеÑ?Ñ?Ñ? Ñ?олÑ?ко веÑ?Ñ?ии из Ñ?оÑ?Ñ?ава lenny.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2010-0001";>CVE-2010-0001</a>
 
- -<p>Aki Helin discovered an integer underflow when decompressing files that
- -are compressed using the LZW algorithm. This could lead to the execution
- -of arbitrary code when trying to decompress a crafted LZW compressed
- -gzip archive.</p></li>
+<p>Ð?ки Хелин обнаÑ?Ñ?жил оÑ?Ñ?иÑ?аÑ?елÑ?ное пеÑ?еполнение Ñ?елÑ?Ñ? Ñ?иÑ?ел пÑ?и Ñ?аÑ?паковке Ñ?айлов,
+Ñ?жаÑ?Ñ?Ñ? Ñ? помоÑ?Ñ?Ñ? алгоÑ?иÑ?ма LZW. Ð?но можеÑ? пÑ?иводиÑ?Ñ? к вÑ?полнениÑ?
+пÑ?оизволÑ?ного кода пÑ?и попÑ?Ñ?ке Ñ?аÑ?паковки Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного gzip-аÑ?Ñ?ива,
+Ñ?жаÑ?ого Ñ? помоÑ?Ñ?Ñ? LZW.</p></li>
 </ul>
 
- -<p>For the stable distribution (lenny), these problems have been fixed in
- -version 1.3.12-6+lenny1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.3.12-6+lenny1.</p>
 
- -<p>For the oldstable distribution (etch), these problems have been fixed in
- -version 1.3.5-15+etch1.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.3.5-15+etch1.</p>
 
- -<p>For the testing distribution (squeeze) and the unstable distribution
- -(sid), these problems will be fixed soon.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом (squeeze) и неÑ?Ñ?абилÑ?ном (sid) вÑ?пÑ?Ñ?каÑ?
+Ñ?Ñ?и пÑ?облемÑ? бÑ?дÑ?Ñ? иÑ?пÑ?авленÑ? позже.</p>
 
 
- -<p>We recommend that you upgrade your gzip packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? gzip.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2010/dsa-2129.wml	2014-04-30 13:16:22.000000000 +0600
+++ russian/security/2010/dsa-2129.wml	2016-09-16 23:27:52.977276855 +0500
@@ -1,34 +1,35 @@
- -<define-tag description>checksum verification weakness</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>Ñ?лабаÑ? пÑ?овеÑ?ка конÑ?Ñ?олÑ?нÑ?Ñ? Ñ?Ñ?мм</define-tag>
 <define-tag moreinfo>
- -<p>A vulnerability has been found in krb5, the MIT implementation of
- -Kerberos.</p>
+<p>Ð? krb5, Ñ?еализаÑ?ии Kerberos оÑ? MIT, бÑ?ла обнаÑ?Ñ?жена
+Ñ?Ñ?звимоÑ?Ñ?Ñ?.</p>
 
- -<p>MIT krb5 clients incorrectly accept unkeyed checksums in the SAM-2
- -preauthentication challenge: an unauthenticated remote attacker could
- -alter a SAM-2 challenge, affecting the prompt text seen by the user or
- -the kind of response sent to the KDC. Under some circumstances, this
- -can negate the incremental security benefit of using a single-use
- -authentication mechanism token.</p>
- -
- -<p>MIT krb5 incorrectly accepts RFC 3961 key-derivation checksums using
- -RC4 keys when verifying KRB-SAFE messages: an unauthenticated remote
- -attacker has a 1/256 chance of forging KRB-SAFE messages in an
- -application protocol if the targeted pre-existing session uses an RC4
- -session key. Few application protocols use KRB-SAFE messages.</p>
- -
- -<p>The Common Vulnerabilities and Exposures project has assigned
- -<a href="https://security-tracker.debian.org/tracker/CVE-2010-1323";>CVE-2010-1323</a> to these issues.</p>
- -
- -<p>For the stable distribution (lenny), these problems have been fixed in
- -version 1.6.dfsg.4~beta1-5lenny6.</p>
+<p>Ð?лиенÑ?Ñ? krb5 некоÑ?Ñ?екÑ?но пÑ?инимаÑ?Ñ? безклÑ?Ñ?евÑ?е конÑ?Ñ?олÑ?нÑ?е Ñ?Ñ?ммÑ? пÑ?и
+пÑ?едваÑ?иÑ?елÑ?ной аÑ?Ñ?енÑ?иÑ?икаÑ?ии по пÑ?оÑ?околÑ? SAM-2: неаÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованнÑ?й Ñ?далÑ?ннÑ?й
+злоÑ?мÑ?Ñ?ленник можеÑ? измениÑ?Ñ? пÑ?овеÑ?кÑ? по пÑ?оÑ?околÑ? SAM-2, поменÑ?в Ñ?екÑ?Ñ? запÑ?оÑ?а, видимÑ?й полÑ?зоваÑ?елем,
+или вид оÑ?веÑ?а, оÑ?пÑ?авленнÑ?й KDC. Ð?Ñ?и некоÑ?оÑ?Ñ?Ñ? обÑ?Ñ?оÑ?Ñ?елÑ?Ñ?Ñ?ваÑ? Ñ?Ñ?о
+можеÑ? нивелиÑ?оваÑ?Ñ? пÑ?еимÑ?Ñ?еÑ?Ñ?ва аÑ?Ñ?енÑ?иÑ?икаÑ?ии Ñ? помоÑ?Ñ?Ñ? одноÑ?азовÑ?Ñ?
+Ñ?окенов.</p>
+
+<p>krb5 некоÑ?Ñ?екÑ?но пÑ?инимаеÑ? конÑ?Ñ?олÑ?нÑ?е Ñ?Ñ?ммÑ? вÑ?Ñ?абоÑ?ки клÑ?Ñ?ей по RFC 3961
+пÑ?и иÑ?полÑ?зовании RC4-клÑ?Ñ?ей во вÑ?емÑ? пÑ?овеÑ?ки Ñ?ообÑ?ений KRB-SAFE: неаÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованнÑ?й Ñ?далÑ?ннÑ?й
+злоÑ?мÑ?Ñ?ленник имееÑ? Ñ?анÑ? 1/256 на подделкÑ? Ñ?ообÑ?ений KRB-SAFE в
+пÑ?оÑ?околе пÑ?иложений в Ñ?лÑ?Ñ?ае, еÑ?ли Ñ?елеваÑ? Ñ?еÑ?Ñ?иÑ? иÑ?полÑ?зÑ?еÑ? Ñ?еÑ?Ñ?ионнÑ?й
+RC4-клÑ?Ñ?. Ð?екоÑ?оÑ?Ñ?е пÑ?оÑ?околÑ? пÑ?иложений иÑ?полÑ?зÑ?Ñ?Ñ? Ñ?ообÑ?ениÑ? KRB-SAFE.</p>
+
+<p>Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures пÑ?иÑ?воил Ñ?Ñ?им пÑ?облемам иденÑ?иÑ?икаÑ?оÑ?
+<a href="https://security-tracker.debian.org/tracker/CVE-2010-1323";>CVE-2010-1323</a>.</p>
+
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.6.dfsg.4~beta1-5lenny6.</p>
 
- -<p>The builds for the mips architecture are not included in this advisory.
- -They will be released as soon as they are available.</p>
+<p>СбоÑ?ки длÑ? аÑ?Ñ?иÑ?екÑ?Ñ?Ñ?Ñ? mips в данной Ñ?екомендаÑ?ии оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вÑ?Ñ?Ñ?.
+Ð?ни бÑ?дÑ?Ñ? вÑ?пÑ?Ñ?енÑ? позже по меÑ?е доÑ?Ñ?Ñ?пноÑ?Ñ?и.</p>
 
- -<p>For the testing distribution (squeeze) and the unstable distribution
- -(sid), these problem have been fixed in version 1.8.3+dfsg-3.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом (squeeze) и неÑ?Ñ?абилÑ?ном (sid) вÑ?пÑ?Ñ?каÑ?
+Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии 1.8.3+dfsg-3.</p>
 
- -<p>We recommend that you upgrade your krb5 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? krb5.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJX3DmuAAoJEF7nbuICFtKlIHYQAKRI/8cf4cBtzXM0s3wdeacr
8wDkVeEIZBdGY+nxeKJZ08PHwWpDNzsCqjyqquOK8nW1FB58G/dEN/nmrYkQ9cJ0
lCjSVi8qeTrvP06hreD2Mx7nLzYmFovhTstRz/9jcqxcXHMM6ZErwW1HCDhTWW05
GaX2cCbc+EMRE1Gkq5k4N6fa4slaiEeY2PtSxNHUdDJjNn/7UtZGMpRgXvM2Je+n
EkQrYxGHRYh0H8+lvjEbffYZO9rFhuU6aDGiKq6qVT9vzFgKj6cHpiFIekNNDtuH
yziBe7VIfU9w7ILjf0EZ2M0TTYDPUCVVgOfdGKIFNNDvb+KtxKNYrrldF9xa3Kg1
WKU9tBuDLTAsavVkERf3ygAaFiUYVBOHeIAUkzksORTiSf3ziq6bviwQShohNe4b
cAMxKKkj/34vpzyxT0RCI8FETRk0OjXjIpeOJxH06ArHKC+x5XxYrtBhjs0QR6wn
yNalLd4Wyr99o2dObIa3mmLyqbqGY7cWViUZzngwSDgrPyCcH+lmHOZ4F2HKOhRq
Y4qsAE1COs8CWWzcSA3Opd1zcYxgNu7M5KE3Y1plsakfmNlGCC2CMfTfCxk8Itdm
jFAOcTA/88mj4g0cxZEswB4HhFB1uuU6mhqYkdps4cd1wHuuc8NbFn6glPPwmR6A
c15Hg/P/9n4Ku/wUmBYs
=mSId
-----END PGP SIGNATURE-----