[DONE] wml://security/2010/dsa-2{010,121}.wml
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- --- english/security/2010/dsa-2010.wml 2014-04-30 13:16:22.000000000 +0600
+++ russian/security/2010/dsa-2010.wml 2016-09-23 23:50:38.445184077 +0500
@@ -1,41 +1,42 @@
- -<define-tag description>privilege escalation/denial of service</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>повÑ?Ñ?ение пÑ?ивилегий/оÑ?каз в обÑ?лÑ?живании</define-tag>
<define-tag moreinfo>
- -<p>Several local vulnerabilities have been discovered in kvm, a full
- -virtualization system. The Common Vulnerabilities and Exposures project
- -identifies the following problems:</p>
+<p>Ð? kvm, Ñ?иÑ?Ñ?еме полной виÑ?Ñ?Ñ?ализаÑ?ии, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко локалÑ?нÑ?Ñ?
+Ñ?Ñ?звимоÑ?Ñ?ей. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2010-0298";>CVE-2010-0298</a>
<a href="https://security-tracker.debian.org/tracker/CVE-2010-0306";>CVE-2010-0306</a>
- - <p>Gleb Natapov discovered issues in the KVM subsystem where missing
- - permission checks (CPL/IOPL) permit a user in a guest system to
- - denial of service a guest (system crash) or gain escalated
- - privileges with the guest.</p></li>
+ <p>Ð?леб Ð?аÑ?апов обнаÑ?Ñ?жил пÑ?облемÑ? в подÑ?иÑ?Ñ?еме KVM, пÑ?и коÑ?оÑ?ой оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вÑ?Ñ?Ñ?ие
+ пÑ?овеÑ?ки пÑ?ав доÑ?Ñ?Ñ?па (CPL/IOPL) позволÑ?Ñ?Ñ? полÑ?зоваÑ?елÑ? гоÑ?Ñ?евой Ñ?иÑ?Ñ?емÑ?
+ вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании гоÑ?Ñ?евой Ñ?иÑ?Ñ?емÑ? (аваÑ?ийнаÑ? оÑ?Ñ?ановка Ñ?иÑ?Ñ?емÑ?) или полÑ?Ñ?аÑ?Ñ?
+ повÑ?Ñ?еннÑ?е пÑ?ивилегии в пÑ?еделаÑ? гоÑ?Ñ?евой Ñ?иÑ?Ñ?емÑ?.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2010-0309";>CVE-2010-0309</a>
- - <p>Marcelo Tosatti fixed an issue in the PIT emulation code in the
- - KVM subsystem that allows privileged users in a guest domain to
- - cause a denial of service (crash) of the host system.</p></li>
+ <p>Ð?аÑ?Ñ?ело ТоÑ?аÑ?Ñ?и иÑ?пÑ?авил пÑ?облемÑ? в коде Ñ?мÑ?лÑ?Ñ?ии PIT в
+ подÑ?иÑ?Ñ?еме KVM, коÑ?оÑ?аÑ? позволÑ?еÑ? пÑ?ивилегиÑ?ованнÑ?м полÑ?зоваÑ?елÑ?м в гоÑ?Ñ?евом домене
+ вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании (аваÑ?ийнаÑ? оÑ?Ñ?ановка) в оÑ?новной Ñ?иÑ?Ñ?еме.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2010-0419";>CVE-2010-0419</a>
- - <p>Paolo Bonzini found a bug in KVM that can be used to bypass proper
- - permission checking while loading segment selectors. This
- - potentially allows privileged guest users to execute privileged
- - instructions on the host system.</p></li>
+ <p>Ð?аоло Ð?озини обнаÑ?Ñ?жил оÑ?ибкÑ? в KVM, коÑ?оÑ?аÑ? можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? длÑ? обÑ?ода
+ пÑ?овеÑ?ок пÑ?ав доÑ?Ñ?Ñ?па в Ñ?оде загÑ?Ñ?зки Ñ?елекÑ?оÑ?ов Ñ?егменÑ?а. ÐÑ?о
+ поÑ?енÑ?иалÑ?но позволÑ?еÑ? пÑ?ивилегиÑ?ованнÑ?м полÑ?зоваÑ?елÑ?м гоÑ?Ñ?евой Ñ?иÑ?Ñ?емÑ? вÑ?полнÑ?Ñ?Ñ? пÑ?ивилегиÑ?ованнÑ?е
+ инÑ?Ñ?Ñ?Ñ?кÑ?ии в оÑ?новной Ñ?иÑ?Ñ?еме.</p></li>
</ul>
- -<p>For the stable distribution (lenny), this problem has been fixed in
- -version 72+dfsg-5~lenny5.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 72+dfsg-5~lenny5.</p>
- -<p>For the testing distribution (squeeze), and the unstable distribution (sid),
- -these problems will be addressed within the linux-2.6 package.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом (squeeze) и неÑ?Ñ?абилÑ?ном (sid) вÑ?пÑ?Ñ?каÑ?
+Ñ?Ñ?и пÑ?облемÑ? бÑ?дÑ?Ñ? иÑ?пÑ?авленÑ? в пакеÑ?е linux-2.6.</p>
- -<p>We recommend that you upgrade your kvm package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? kvm.</p>
</define-tag>
# do not modify the following line
- --- english/security/2010/dsa-2121.wml 2014-04-30 13:16:22.000000000 +0600
+++ russian/security/2010/dsa-2121.wml 2016-09-23 23:58:21.271394317 +0500
@@ -1,42 +1,43 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
<define-tag moreinfo>
- -<p>Several remote vulnerabilities have been discovered in TYPO3. The
- -Common Vulnerabilities and Exposures project identifies the following
- -problems:</p>
+<p>Ð? TYPO3 бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?далÑ?ннÑ?Ñ? Ñ?Ñ?звимоÑ?Ñ?ей. Ð?Ñ?оекÑ?
+Common Vulnerabilities and Exposures опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие
+пÑ?облемÑ?:</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2010-3714";>CVE-2010-3714</a>
- - <p>Multiple remote file disclosure vulnerabilities in the jumpUrl
- - mechanism and the Extension Manager allowed attackers to read
- - files with the privileges of the account under which the web
- - server was running.</p></li>
+ <p>Ð?ногоÑ?иÑ?леннÑ?е Ñ?Ñ?звимоÑ?Ñ?и в меÑ?анизме jumpUrl и Extension Manager,
+ пÑ?иводÑ?Ñ?ие к Ñ?аÑ?кÑ?Ñ?Ñ?иÑ? Ñ?далÑ?ннÑ?Ñ? Ñ?айлов , позволÑ?Ñ?Ñ? злоÑ?мÑ?Ñ?ленникам Ñ?Ñ?иÑ?Ñ?ваÑ?Ñ?
+ Ñ?айлÑ? в Ñ?амкаÑ? пÑ?ав доÑ?Ñ?Ñ?па Ñ?Ñ?Ñ?Ñ?ной запиÑ?и, оÑ? лиÑ?а коÑ?оÑ?ой запÑ?Ñ?ен
+ веб-Ñ?еÑ?веÑ?.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2010-3715";>CVE-2010-3715</a>
- - <p>The TYPO3 backend contained several cross-site scripting
- - vulnerabilities, and the RemoveXSS function did not filter
- - all Javascript code.</p></li>
+ <p>Ð?вижок TYPO3 Ñ?одеÑ?жиÑ? неÑ?колÑ?ко Ñ?лÑ?Ñ?аев межÑ?айÑ?ового Ñ?кÑ?ипÑ?инга,
+ а Ñ?Ñ?нкÑ?иÑ? RemoveXSS оÑ?Ñ?илÑ?Ñ?Ñ?овÑ?ваеÑ? не веÑ?Ñ?
+ код на Ñ?зÑ?ке Javascript.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2010-3716";>CVE-2010-3716</a>
- - <p>Malicious editors with user creation permission could escalate
- - their privileges by creating new users in arbitrary groups, due
- - to lack of input validation in the taskcenter.</p></li>
- -
+ <p>РедакÑ?оÑ?Ñ?, имеÑ?Ñ?ие пÑ?ава на Ñ?оздание полÑ?зоваÑ?елей, могÑ?Ñ? повÑ?Ñ?иÑ?Ñ?
+ Ñ?вои пÑ?ивилегии в Ñ?вÑ?зи Ñ? оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вием пÑ?овеÑ?ки вÑ?однÑ?Ñ? даннÑ?Ñ? в taskcenter,
+ Ñ?оздав новÑ?Ñ? полÑ?зоваÑ?елей в пÑ?оизволÑ?нÑ?Ñ? гÑ?Ñ?ппаÑ?, .</p></li>
+
<li><a href="https://security-tracker.debian.org/tracker/CVE-2010-3717";>CVE-2010-3717</a>
- - <p>TYPO3 exposed a crasher bug in the PHP filter_var function,
- - enabling attackers to cause the web server process to crash
- - and thus consume additional system resources.</p></li>
- -
+ <p>TYPO3 Ñ?одеÑ?жиÑ? оÑ?ибкÑ? в PHP-Ñ?Ñ?нкÑ?ии filter_var,
+ позволÑ?Ñ?Ñ?Ñ?Ñ? злоÑ?мÑ?Ñ?ленникам вÑ?зÑ?ваÑ?Ñ? аваÑ?ийнÑ?Ñ? оÑ?Ñ?ановкÑ? пÑ?оÑ?еÑ?Ñ?а веб-Ñ?еÑ?веÑ?а
+ и поÑ?Ñ?ебление дополниÑ?елÑ?нÑ?Ñ? Ñ?иÑ?Ñ?емнÑ?Ñ? Ñ?еÑ?Ñ?Ñ?Ñ?ов.</p></li>
+
</ul>
- -<p>For the stable distribution (lenny), these problems have been fixed in
- -version 4.2.5-1+lenny6.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 4.2.5-1+lenny6.</p>
- -<p>For the unstable distribution (sid) and the upcoming stable
- -distribution (squeeze), these problems have been fixed in version
+<p>Ð? неÑ?Ñ?абилÑ?ном (sid) и гоÑ?овÑ?Ñ?емÑ?Ñ? Ñ?Ñ?абилÑ?ном (squeeze) вÑ?пÑ?Ñ?каÑ?
+Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии
4.3.7-1.</p>
- -<p>We recommend that you upgrade your TYPO3 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? TYPO3.</p>
</define-tag>
# do not modify the following line
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJX5XtPAAoJEF7nbuICFtKlE9YQAIwbpa3AO9F9EjTH2OPNdX2/
J6p7n1AHyZNtGeTlDxDpYjx46l15jCptoIVseUnN48C3o2d95aCP0v89JJg5E62s
0Icpsws9a0ewQQ9la4j7WWD1doDUP7CnNDALDOejHDoVmFibK/mC74X15AZ9sTB1
J9AKkGqcHaXfObHBe/jwBP6rBC8ltb/aJ4tsDwShSHMPM2UdCLdY0R9ndJDuyT17
B43Mh4jL4EtH1k1DjffSDj2yWVgxQ8v6JWcJHNtP8Cs3iLe8kqxB0jr2iMQEvcxw
zuCT7Mjwo8yNtlpd8iNCez/DNvwoSSpCelWkei0DBhZycbz/+O6bMLH2xG2yZf3E
zlbecUAcwobmo1/pchckrw5iArX5XQ6ZB+HqwIbrgrDIYdqNCC0p4oEH8Xv5U5WY
ulh19dwWNkpwFc5+BX3PvoVbM3cs7WGOmJE8FyH0+oouMOiHY9u6psdFons5z7SN
SSvPPEtLcbqB3YHuf3pK8KbyVRsQKKveTzzkaapHyPU+4FHucnegXklq6LJUcbpz
THFfNzWI0cYYyfkazQZ4Bj/X48aIdBR6thO+/L5jZgKe0vAqJ3Dp3j5ARzIFHrX6
jIFZ2GN4Dmsb6a3BV6djKhYWkfubSSzhH8qtgprUO4kAUhrW+2BzxeZpSeIYhg34
0wUE5+RCvG4BU7cq8vsn
=iHV1
-----END PGP SIGNATURE-----
Reply to: