[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2010/dsa-201{6,5}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2010/dsa-2015.wml	2014-04-30 13:16:22.000000000 +0600
+++ russian/security/2010/dsa-2015.wml	2016-09-27 10:56:37.540162603 +0500
@@ -1,40 +1,41 @@
- -<define-tag description>privilege escalation</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>повÑ?Ñ?ение пÑ?ивилегий</define-tag>
 <define-tag moreinfo>
- -<p>A local vulnerability has been discovered in drbd8.</p>
+<p>Ð? drbd8 бÑ?ла обнаÑ?Ñ?жена локалÑ?наÑ? Ñ?Ñ?звимоÑ?Ñ?Ñ?.</p>
 
- -<p>Philipp Reisner fixed an issue in the drbd kernel module that allows
- -local users to send netlink packets to perform actions that should be
- -restricted to users with CAP_SYS_ADMIN privileges. This is a similar
- -issue to those described by <a href="https://security-tracker.debian.org/tracker/CVE-2009-3725";>CVE-2009-3725</a>.</p>
- -
- -<p>This update also fixes an ABI compatibility issue which was introduced
- -by linux-2.6 (2.6.26-21lenny3). The prebuilt drbd module packages listed
- -in this advisory require a linux-image package version 2.6.26-21lenny3
- -or greater.</p>
+<p>Филипп РайзнеÑ? иÑ?пÑ?авил пÑ?облемÑ? в модÑ?ле Ñ?дÑ?а drbd, коÑ?оÑ?аÑ? позволÑ?еÑ?
+локалÑ?нÑ?м полÑ?зоваÑ?елÑ?м оÑ?пÑ?авлÑ?Ñ?Ñ? netlink-пакеÑ?Ñ? длÑ? вÑ?полнениÑ? дейÑ?Ñ?вий, коÑ?оÑ?Ñ?е
+по Ñ?молÑ?аниÑ? должнÑ? бÑ?Ñ?Ñ? огÑ?аниÑ?енÑ? полÑ?зоваÑ?елÑ?ми Ñ? пÑ?авами CAP_SYS_ADMIN. ЭÑ?а пÑ?облема Ñ?Ñ?ожа
+Ñ? пÑ?облемой, опиÑ?Ñ?ваемой в <a href="https://security-tracker.debian.org/tracker/CVE-2009-3725";>CVE-2009-3725</a>.</p>
+
+<p>Ð?Ñ?оме Ñ?ого, данное обновление вклÑ?Ñ?аеÑ? в Ñ?ебÑ? иÑ?пÑ?авление пÑ?облемÑ? Ñ?овмеÑ?Ñ?имоÑ?Ñ?и ABI, коÑ?оÑ?аÑ?
+поÑ?вилаÑ?Ñ? в linux-2.6 (2.6.26-21lenny3). Ð?Ñ?едваÑ?иÑ?елÑ?но Ñ?обÑ?аннÑ?е пакеÑ?Ñ? Ñ? модÑ?лем drbd, пÑ?иведÑ?ннÑ?е в
+Ñ?Ñ?ой Ñ?екомендаÑ?ии, Ñ?Ñ?ебÑ?Ñ?Ñ? налиÑ?иÑ? пакеÑ?а linux-image веÑ?Ñ?ии 2.6.26-21lenny3
+или вÑ?Ñ?е.</p>
 
- -<p>For the stable distribution (lenny), this problem has been fixed in
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
 drbd8 (2:8.0.14-2+lenny1).</p>
 
- -<p>We recommend that you upgrade your drbd8 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? drbd8.</p>
 
- -<p>The linux-modules-extra-2.6 package has been rebuilt against the updated
- -drbd8 package to provide fixed prebuilt drbd8-modules packages. If,
- -instead of using the prebuilt drbd8-modules packages, you have built and
- -installed a local copy of the drbd module from the drbd8-source package
- -(e.g., using module-assistant), you will need to follow the same steps
- -you originally used to rebuild your module after upgrading the
- -drbd8-source package.</p>
+<p>Ð?акеÑ? linux-modules-extra-2.6 бÑ?л Ñ?обÑ?ан заново в Ñ?ооÑ?веÑ?Ñ?Ñ?вии Ñ? обновлÑ?ннÑ?м
+пакеÑ?ом drbd8 Ñ? Ñ?елÑ?Ñ? пÑ?едоÑ?Ñ?авлениÑ? иÑ?пÑ?авленнÑ?Ñ? пÑ?едваÑ?иÑ?елÑ?но Ñ?обÑ?аннÑ?Ñ? пакеÑ?ов drbd8-modules. Ð?Ñ?ли
+вмеÑ?Ñ?о иÑ?полÑ?зованиÑ? пÑ?едваÑ?иÑ?елÑ?но Ñ?обÑ?аннÑ?Ñ? пакеÑ?ов drbd8-modules вÑ? Ñ?обÑ?али и
+Ñ?Ñ?Ñ?ановили локалÑ?нÑ?Ñ? копиÑ? модÑ?лÑ? drbd из пакеÑ?а drbd8-source
+(напÑ?имеÑ?, иÑ?полÑ?зÑ?Ñ? module-assistant), Ñ?о поÑ?ле обновлениÑ?
+пакеÑ?а drbd8-source вам необÑ?одимо вÑ?полниÑ?Ñ? Ñ?е же Ñ?амÑ?е дейÑ?Ñ?виÑ?,
+коÑ?оÑ?Ñ?е вÑ? иÑ?полÑ?зовали длÑ? повÑ?оÑ?ной Ñ?боÑ?ки модÑ?лÑ?.</p>
 
- -<p>Note: After upgrading a kernel module you must reload the module
- -for the changes to take effect:</p>
+<p>Ð?нимание: поÑ?ле обновлениÑ? модÑ?лÑ? Ñ?дÑ?а Ñ?ледÑ?еÑ? пеÑ?езагÑ?Ñ?зиÑ?Ñ?
+модÑ?лÑ?, Ñ?огда изменениÑ? бÑ?дÑ?Ñ? имеÑ?Ñ? Ñ?илÑ?:</p>
 <ol>
- - <li>Shutdown all services that make use of the drbd module</li>
- - <li>Unload the previous drbd module (modprobe -r drbd)</li>
- - <li>Load the updated drbd module (modprobe drbd)</li>
- - <li>Restart any services that make use of the drbd module</li>
+ <li>Ð?Ñ?клÑ?Ñ?иÑ?е вÑ?е Ñ?лÑ?жбÑ?, иÑ?полÑ?зÑ?Ñ?Ñ?ие модÑ?лÑ? drbd</li>
+ <li>Ð?Ñ?гÑ?Ñ?зиÑ?е пÑ?едÑ?дÑ?Ñ?ий модÑ?лÑ? drbd (modprobe -r drbd)</li>
+ <li>Ð?агÑ?Ñ?зиÑ?е обновлÑ?ннÑ?й модÑ?лÑ? drbd (modprobe drbd)</li>
+ <li>Ð?еÑ?езапÑ?Ñ?Ñ?иÑ?е вÑ?е Ñ?лÑ?жбÑ?, иÑ?полÑ?зÑ?Ñ?Ñ?ие модÑ?лÑ? drbd</li>
 </ol>
 
- -<p>A system reboot will also cause the updated module to be used.</p>
+<p>Ð?еÑ?езагÑ?Ñ?зка Ñ?иÑ?Ñ?емÑ? Ñ?акже пÑ?иведÑ?Ñ? к иÑ?полÑ?зованиÑ? обновлÑ?нного модÑ?лÑ?.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2010/dsa-2016.wml	2010-03-13 21:32:49.000000000 +0500
+++ russian/security/2010/dsa-2016.wml	2016-09-27 10:47:32.390448745 +0500
@@ -1,49 +1,50 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities (SA-CORE-2010-001) have been discovered in
- -drupal6, a fully-featured content management framework.</p>
+<p>Ð? drupal6, полноÑ?Ñ?нкÑ?ионалÑ?ной инÑ?Ñ?аÑ?Ñ?Ñ?Ñ?кÑ?Ñ?Ñ?е Ñ?пÑ?авлениÑ? Ñ?одеÑ?жимÑ?м, бÑ?ло обнаÑ?Ñ?жено
+неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей (SA-CORE-2010-001).</p>
 
 
- -<h3>Installation cross site scripting</h3>
+<h3>Ð?ежÑ?айÑ?овÑ?й Ñ?кÑ?ипÑ?инг во вÑ?емÑ? Ñ?Ñ?Ñ?ановки</h3>
 
- -<p>A user-supplied value is directly output during installation allowing a
- -malicious user to craft a URL and perform a cross-site scripting attack.
- -The exploit can only be conducted on sites not yet installed.</p>
+<p>Ð?еÑ?едаваемое полÑ?зоваÑ?елем знаÑ?ение вÑ?водиÑ?Ñ?Ñ? в Ñ?оде Ñ?Ñ?Ñ?ановки напÑ?Ñ?мÑ?Ñ?, позволÑ?Ñ?
+злоÑ?мÑ?Ñ?ленникÑ? подделаÑ?Ñ? URL и вÑ?полниÑ?Ñ? аÑ?акÑ? по пÑ?инÑ?ипÑ? межÑ?айÑ?ового Ñ?кÑ?ипÑ?инга.
+ЭÑ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? Ñ?олÑ?ко на пока не Ñ?Ñ?Ñ?ановленнÑ?Ñ? Ñ?айÑ?аÑ?.</p>
 
 
- -<h3>Open redirection</h3>
+<h3>Ð?Ñ?кÑ?Ñ?Ñ?ое пеÑ?енапÑ?авление</h3>
 
- -<p>The API function drupal_goto() is susceptible to a phishing attack.
- -An attacker could formulate a redirect in a way that gets the Drupal site
- -to send the user to an arbitrarily provided URL.
- -No user submitted data will be sent to that URL.</p>
+<p>Ð?Ñ?едполагаеÑ?Ñ?Ñ?, Ñ?Ñ?о Ñ?Ñ?нкÑ?иÑ? API drupal_goto() подвеÑ?жена Ñ?иÑ?ингÑ?.
+Ð?лоÑ?мÑ?Ñ?ленник можеÑ? Ñ?оздаÑ?Ñ? пеÑ?енапÑ?авление на Ñ?айÑ?е Drupal,
+оÑ?пÑ?авлÑ?Ñ?Ñ?ее полÑ?зоваÑ?елÑ? на пÑ?оизволÑ?нÑ?й URL.
+Ð?о URL злоÑ?мÑ?Ñ?ленника полÑ?зоваÑ?елÑ?Ñ?кие даннÑ?е не оÑ?пÑ?авлÑ?Ñ?Ñ?Ñ?.</p>
 
 
- -<h3>Locale module cross site scripting</h3>
+<h3>Ð?ежÑ?айÑ?овÑ?й Ñ?кÑ?ипÑ?инг в модÑ?ле Locale</h3>
 
- -<p>Locale module and dependent contributed modules do not sanitize the display
- -of language codes, native and English language names properly.
- -While these usually come from a preselected list, arbitrary administrator
- -input is allowed.
- -This vulnerability is mitigated by the fact that the attacker must have a
- -role with the 'administer languages' permission.</p>
+<p>Ð?одÑ?лÑ? Locale и завиÑ?имÑ?е модÑ?ли дÑ?Ñ?гиÑ? Ñ?азÑ?абоÑ?Ñ?иков не вÑ?полнÑ?Ñ?Ñ? оÑ?иÑ?Ñ?кÑ? оÑ?обÑ?ажаемÑ?Ñ?
+кодов Ñ?зÑ?ков, Ñ?оÑ?Ñ? Ñ?одной Ñ?зÑ?к и английÑ?кий оÑ?обÑ?ажаÑ?Ñ?Ñ?Ñ? коÑ?Ñ?екÑ?но.
+ХоÑ?Ñ? оÑ?обÑ?ажение обÑ?Ñ?но беÑ?Ñ?Ñ?Ñ?Ñ? из пÑ?едваÑ?иÑ?елÑ?но вÑ?бÑ?анного Ñ?пиÑ?ка, можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? и
+пÑ?оизволÑ?нÑ?е вÑ?однÑ?е даннÑ?е, пеÑ?еданнÑ?е админиÑ?Ñ?Ñ?аÑ?оÑ?ом.
+ЭÑ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? на наÑ?Ñ?олÑ?ко опаÑ?на благодаÑ?Ñ? Ñ?омÑ?, Ñ?Ñ?о злоÑ?мÑ?Ñ?ленник должен
+вÑ?полнÑ?Ñ?Ñ? Ñ?олÑ? Ñ? пÑ?авами 'administer languages'.</p>
 
 
- -<h3>Blocked user session regeneration</h3>
+<h3>Ð?овÑ?оÑ?ное Ñ?оздание заблокиÑ?ованной полÑ?зоваÑ?елÑ?Ñ?кой Ñ?еÑ?Ñ?ии</h3>
 
- -<p>Under certain circumstances, a user with an open session that is blocked
- -can maintain his/her session on the Drupal site, despite being blocked.</p>
+<p>Ð?Ñ?и опÑ?еделÑ?ннÑ?Ñ? обÑ?Ñ?оÑ?Ñ?елÑ?Ñ?Ñ?ваÑ? полÑ?зоваÑ?елÑ? Ñ? оÑ?кÑ?Ñ?Ñ?ой Ñ?еÑ?Ñ?ией, коÑ?оÑ?аÑ? бÑ?ла заблокиÑ?ована,
+можеÑ? Ñ?оÑ?Ñ?аниÑ?Ñ? Ñ?воÑ? Ñ?еÑ?Ñ?иÑ? на Ñ?айÑ?е Drupal, неÑ?моÑ?Ñ?Ñ? на блокиÑ?овкÑ?.</p>
 
 
- -<p>For the stable distribution (lenny), these problems have been fixed in
- -version 6.6-3lenny5.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 6.6-3lenny5.</p>
 
- -<p>For the unstable distribution (sid), these problems have been fixed in
- -version 6.16-1, and will migrate to the testing distribution (squeeze)
- -shortly.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 6.16-1, Ñ?казаннаÑ? веÑ?Ñ?иÑ? в Ñ?коÑ?ом вÑ?емени бÑ?деÑ? пеÑ?емеÑ?ена в
+Ñ?еÑ?Ñ?иÑ?Ñ?емÑ?й вÑ?пÑ?Ñ?к (squeeze).</p>
 
 
- -<p>We recommend that you upgrade your drupal6 package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? drupal6.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJX6goYAAoJEF7nbuICFtKla5IP/iNkgU0huTzxmc4ZJB4w4EQh
zNCehkLl4jQiXzJXMtFbm0Gykd/LY+GJtsyE86qu+uGM4Pfn60xZ/gCENr8hvZ32
IiSESMvmtFCeqv2U4UkIYr3Ex52UJGIxJ9DWE7Hs2uC26+JqhgDvy36JERN6xCAE
ck6t5vZyvSRqjI0gRGcNXrlrWv/ZXVT1fijO94nmfJdNtpGT6xVpReUvah2YKU7B
eN2xIoHUAKqsISotY66Xt3ThskOhAVsQ4/sYB8lN6UGymGNQYiV3liiLZD3Ht2IM
6uyhSPClpn8kDE0qdmAbzIxwT/nNkiqr8ReJhfMdd2x1dlJU8CCfxY/VP4d7GTL7
H3ohANtXDm8i9kPYGdeeffWUaFD/Ii4aVyFT1V6jUBqLK/QrytpZIDNTz3wox3eH
9Sg1SeEC4u+3GJHBF7s1HWb3lGSlErSeGXY3LtOLx/CboZXIt1zRfopyzpRs7doF
tiPWzxY264xm1WZfw/+xWOpUWmty5LqB7USfymvddBkbu9w7ennPFjft9UbioerG
pMLnlbTu+jUHKYhHtRXNul+Gg5c6Kjwo91HcETsKNe6EOFq0Cj5UNNPkjMDqQhnA
V1hydvvDbKQ1GP2YbIDi8H8YDyp2XAXRS5xqwCgvqgDbOvn9fsYwi48Pqc945qvt
OlrUlTTl0v3r09fXmXVT
=GwIq
-----END PGP SIGNATURE-----
Reply to: