[DONE] wml://security/2011/dsa-236{2,3}.wml

[Lev Lamberov <dogsleg@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2011/dsa-2362.wml	2014-04-30 13:16:25.000000000 +0600
+++ russian/security/2011/dsa-2362.wml	2016-09-18 16:32:08.612182758 +0500
@@ -1,40 +1,41 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Multiple vulnerabilities were found in the ACPI Daemon, the Advanced
- -Configuration and Power Interface event daemon:</p>
+<p>Ð? Ñ?лÑ?жбе ACPI, Ñ?лÑ?жбе Ñ?обÑ?Ñ?ий Ñ?Ñ?овеÑ?Ñ?енÑ?Ñ?вованного инÑ?еÑ?Ñ?ейÑ?а Ñ?пÑ?авлениÑ?
+конÑ?игÑ?Ñ?аÑ?ией и пиÑ?анием, бÑ?ли обнаÑ?Ñ?женÑ? многоÑ?иÑ?леннÑ?е Ñ?Ñ?звимоÑ?Ñ?и:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-1159";>CVE-2011-1159</a>
 
- -    <p>Vasiliy Kulikov of OpenWall discovered that the socket handling
- -    is vulnerable to denial of service.</p></li>
+    <p>Ð?аÑ?илий Ð?Ñ?ликов из OpenWall обнаÑ?Ñ?жил, Ñ?Ñ?о обÑ?абоÑ?ка Ñ?океÑ?ов Ñ?Ñ?звима
+    к оÑ?казÑ? в обÑ?лÑ?живании.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-2777";>CVE-2011-2777</a>
 
- -    <p>Oliver-Tobias Ripka discovered that incorrect process handling in
- -    the Debian-specific powerbtn.sh script could lead to local
- -    privilege escalation. This issue doesn't affect oldstable. The
- -    script is only shipped as an example in /usr/share/doc/acpid/examples.
- -    See /usr/share/doc/acpid/README.Debian for details.</p></li>
+    <p>Ð?ливÑ?е-ТобиаÑ? Рипка обнаÑ?Ñ?жил, Ñ?Ñ?о некоÑ?Ñ?екÑ?наÑ? обÑ?абоÑ?ка пÑ?оÑ?еÑ?Ñ?ов в
+    Ñ?Ñ?енаÑ?ии powerbtn.sh (Ñ?пеÑ?иалÑ?но длÑ? Debian) можеÑ? пÑ?иводиÑ?Ñ? к локалÑ?номÑ?
+    повÑ?Ñ?ениÑ? пÑ?ивилегий. ЭÑ?а пÑ?облема не каÑ?аеÑ?Ñ?Ñ? пÑ?едÑ?дÑ?Ñ?его Ñ?Ñ?абилÑ?ного вÑ?пÑ?Ñ?ка.
+    ЭÑ?оÑ? Ñ?Ñ?енаÑ?ий поÑ?Ñ?авлÑ?еÑ?Ñ?Ñ? в каÑ?еÑ?Ñ?ве пÑ?имеÑ?а в каÑ?алоге /usr/share/doc/acpid/examples.
+    Ð?одÑ?обноÑ?Ñ?и иÑ?иÑ?е в Ñ?айле /usr/share/doc/acpid/README.Debian.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-4578";>CVE-2011-4578</a>
 
- -    <p>Helmut Grohne and Michael Biebl discovered that acpid sets a umask
- -    of 0 when executing scripts, which could result in local privilege
- -    escalation.</p></li>
+    <p>Ð?елÑ?мÑ?Ñ? Ð?Ñ?оне и Ð?иÑ?аÑ?лÑ? Ð?иблÑ? обнаÑ?Ñ?жили, Ñ?Ñ?о acpid Ñ?Ñ?Ñ?анавливаеÑ? маÑ?кÑ?
+    Ñ?о знаÑ?ением 0 пÑ?и вÑ?полнении Ñ?Ñ?енаÑ?иев, Ñ?Ñ?о можеÑ? пÑ?иводиÑ?Ñ? к локалÑ?номÑ? повÑ?Ñ?ениÑ?
+    пÑ?ивилегий.</p></li>
 
 </ul>
 
- -<p>For the oldstable distribution (lenny), this problem has been fixed in
- -version 1.0.8-1lenny4.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1.0.8-1lenny4.</p>
 
- -<p>For the stable distribution (squeeze), this problem has been fixed in
- -version 1:2.0.7-1squeeze3.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1:2.0.7-1squeeze3.</p>
 
- -<p>For the unstable distribution (sid), this problem will be fixed soon.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?а пÑ?облема бÑ?деÑ? иÑ?пÑ?авлена позже.</p>
 
- -<p>We recommend that you upgrade your acpid packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? acpid.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2011/dsa-2363.wml	2011-12-17 01:07:25.000000000 +0600
+++ russian/security/2011/dsa-2363.wml	2016-09-18 16:39:11.359120815 +0500
@@ -1,37 +1,38 @@
- -<define-tag description>buffer overflow</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>пеÑ?еполнение бÑ?Ñ?еÑ?а</define-tag>
 <define-tag moreinfo>
- -<p>It was discovered that Tor, an online privacy tool, incorrectly computes
- -buffer sizes in certain cases involving SOCKS connections.  Malicious
- -parties could use this to cause a heap-based buffer overflow, potentially 
- -allowing execution of arbitrary code.</p>
- -
- -<p>In Tor's default configuration this issue can only be triggered by
- -clients that can connect to Tor's SOCKS port, which listens only on
- -localhost by default.</p>
- -
- -<p>In non-default configurations where Tor's SocksPort listens not only on
- -localhost or where Tor was configured to use another SOCKS server for all of
- -its outgoing connections, Tor is vulnerable to a larger set of malicious
- -parties.</p>
- -
- -<p>For the oldstable distribution (lenny), this problem has been fixed in
- -version 0.2.1.32-1.</p>
- -
- -<p>For the stable distribution (squeeze), this problem has been fixed in
- -version 0.2.2.35-1~squeeze+1.</p>
- -
- -<p>For the unstable (sid) and testing (wheezy) distributions, this problem has been fixed in
- -version 0.2.2.35-1.</p>
- -
- -<p>For the experimental distribution, this problem has has fixed in
- -version 0.2.3.10-alpha-1.</p>
- -
- -<p>We recommend that you upgrade your tor packages.</p>
- -
- -<p>Please note that the update for stable (squeeze) updates this package
- -from 0.2.1.31 to 0.2.2.35, a new major release of Tor, as upstream has
- -announced end-of-life for the 0.2.1.x tree for the near future.  Please
- -check your Tor runs as expected after the upgrade.</p>
+<p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о Tor, инÑ?Ñ?Ñ?Ñ?менÑ? длÑ? обеÑ?пеÑ?ениÑ? анонимноÑ?Ñ?и онлайн, непÑ?авилÑ?но
+вÑ?Ñ?иÑ?лÑ?еÑ? Ñ?азмеÑ?Ñ? бÑ?Ñ?еÑ?ов в опÑ?еделÑ?ннÑ?Ñ? Ñ?лÑ?Ñ?аÑ?Ñ?, когда иÑ?полÑ?зÑ?Ñ?Ñ?Ñ?Ñ? SOCKS-Ñ?оединениÑ?.
+Ð?лоÑ?мÑ?Ñ?ленники могÑ?Ñ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? пÑ?облемÑ? длÑ? вÑ?зова пеÑ?еполнениÑ? динамиÑ?еÑ?кой памÑ?Ñ?и, Ñ?Ñ?о
+поÑ?енÑ?иалÑ?но позволÑ?еÑ? вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код.</p>
+
+<p>Ð? наÑ?Ñ?Ñ?ойкаÑ? Tor по Ñ?молÑ?аниÑ? Ñ?Ñ?а пÑ?облема можеÑ? возникаÑ?Ñ? Ñ?олÑ?ко Ñ?
+клиенÑ?ов, коÑ?оÑ?Ñ?е подклÑ?Ñ?аÑ?Ñ?Ñ?Ñ? к SOCKS-поÑ?Ñ?Ñ? Tor, коÑ?оÑ?Ñ?й по Ñ?молÑ?аниÑ? пÑ?оÑ?лÑ?Ñ?иваеÑ?Ñ?Ñ?
+Ñ?олÑ?ко на локалÑ?ном Ñ?зле.</p>
+
+<p>Ð?Ñ?и наÑ?Ñ?Ñ?ойкаÑ? не по Ñ?молÑ?аниÑ?, когда SocksPort Tor пÑ?оÑ?лÑ?Ñ?иваеÑ?Ñ?Ñ? не Ñ?олÑ?ко на
+локалÑ?ном Ñ?зле, либо когда Tor наÑ?Ñ?Ñ?оен на иÑ?полÑ?зование дÑ?Ñ?гого SOCKS-Ñ?еÑ?веÑ?е длÑ? вÑ?еÑ?
+иÑ?Ñ?одÑ?Ñ?иÑ? Ñ?оединений, Tor Ñ?Ñ?звим к болÑ?Ñ?емÑ? Ñ?иÑ?лÑ?
+злоÑ?мÑ?Ñ?ленниковparties.</p>
+
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 0.2.1.32-1.</p>
+
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 0.2.2.35-1~squeeze+1.</p>
+
+<p>Ð? неÑ?Ñ?абилÑ?ном (sid) и Ñ?еÑ?Ñ?иÑ?Ñ?емом (wheezy) вÑ?пÑ?Ñ?каÑ? Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 0.2.2.35-1.</p>
+
+<p>Ð? Ñ?кÑ?пеÑ?именÑ?алÑ?ном вÑ?пÑ?Ñ?ке Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 0.2.3.10-alpha-1.</p>
+
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? tor.</p>
+
+<p>Ð?амеÑ?Ñ?Ñ?е, Ñ?Ñ?о обновление длÑ? Ñ?Ñ?абилÑ?ного вÑ?пÑ?Ñ?ка (squeeze) пÑ?едÑ?Ñ?авлÑ?еÑ? Ñ?обой обновление
+Ñ? веÑ?Ñ?ии 0.2.1.31 до веÑ?Ñ?ии 0.2.2.35, до нового кÑ?Ñ?пного вÑ?пÑ?Ñ?ка Tor, поÑ?колÑ?кÑ? Ñ?азÑ?абоÑ?Ñ?ики
+оÑ?новной веÑ?ки Ñ?азÑ?абоÑ?ки обÑ?Ñ?вили об оконÑ?ании жизненного Ñ?икла веÑ?ки 0.2.1.x в ближайÑ?ем бÑ?дÑ?Ñ?ем.
+Ð?Ñ?овеÑ?Ñ?Ñ?е, Ñ?Ñ?обÑ? Tor поÑ?ле обновлениÑ? Ñ?абоÑ?ал Ñ? ваÑ? как положено.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJX3nzhAAoJEF7nbuICFtKlmZcP/jkOMxe+CgE4eOESu428QKTr
W/oHRSVb/RING0qS/fDjcO0T4q6yPdcdvW5N4crxWaRSl0IxA0+4Rx5AUFTZDXae
5qcyYRGWDfMdDvRd1jpvMv4F/qWVUsh433UpSz5MhB5aLyDRcNFc2ppIwbQ5IyvA
Iaq8P2I8DlxWO4J8qsG2VSqAiLhrrj8dy54iTd7BIJz2hwXDQYggtuJ7QAQwTb/Y
aWQzmO79erdYXTUn0zggrDuraNEKwIDxgZ0XHYgvZ2uK4S3Au/DjgpsKoycrC7Q/
i1+xPHimc/9qbbBvLh4Y4sGyM/B67YvYqZrpOsRFyXa3J5aHjIx7etc9CVaNXd9e
2JyPBTR5SUnQtT5+NdBLlNbuABrbg0A0Vx609D+rH1FqkssI3RUjuUCcroBBRQbn
TDEizjuaRP7HCw8KiMAUYoTD3ojsWEtRFa1FjEdYnNWXAOSgvEtZlgM7v4ibqvE5
JUUGJZbdqXMDM98p4fPmyqxOelsz4w9zSYjxUko+MJpGDeTqnzZ7ahFTOO7X2nvd
MeSjPzoXfb9UmHsOe0zGGX3XhNGO/h4kGrgcwirKNl+h0abyXBupzflt/mpuDGJx
k97fTx255Em497KcgZAdK69xd5UYBbBUw+/MghruSE1OKTDvGN24X1G+3vJbo9te
HB3Y7gGERsbRG6RHfbRI
=Jj6J
-----END PGP SIGNATURE-----