[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://{security/2011/dsa-2309.wml}

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2011/dsa-2309.wml	2014-04-30 13:16:25.000000000 +0600
+++ russian/security/2011/dsa-2309.wml	2016-10-02 02:14:48.333458471 +0500
@@ -1,36 +1,37 @@
- -<define-tag description>compromised certificate authority</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>Ñ?компÑ?омеÑ?иÑ?ованнÑ?й авÑ?оÑ?иÑ?еÑ?</define-tag>
 <define-tag moreinfo>
- -<p>Several fraudulent SSL certificates have been found in the wild issued
- -by the DigiNotar Certificate Authority, obtained through a security
- -compromise of said company. After further updates on this incident, it
- -has been determined that all of DigiNotar's signing certificates can no
- -longer be trusted.
- -Debian, like other software distributors and vendors, has decided to
- -distrust all of DigiNotar's CAs. In this update, this is done in the
- -crypto library (a component of the OpenSSL toolkit) by marking such
- -certificates as revoked.
- -Any application that uses said component should now reject certificates
- -signed by DigiNotar. Individual applications may allow users to override
- -the validation failure. However, making exceptions is highly
- -discouraged and should be carefully verified.</p>
- -
- -<p>Additionally, a vulnerability has been found in the ECDHE_ECDS cipher
- -where timing attacks make it easier to determine private keys. The
- -Common Vulnerabilities and Exposures project identifies it as
+<p>Ð? Ñ?ождении обнаÑ?Ñ?жено неÑ?колÑ?ко подделÑ?нÑ?Ñ? SSL-Ñ?еÑ?Ñ?иÑ?икаÑ?ов, вÑ?пÑ?Ñ?еннÑ?Ñ?
+авÑ?оÑ?иÑ?еÑ?ом DigiNotar, коÑ?оÑ?Ñ?е бÑ?ли полÑ?Ñ?енÑ? пÑ?Ñ?Ñ?м компÑ?омеÑ?аÑ?ии
+Ñ?казанной компании. Ð?оÑ?ле полÑ?Ñ?ениÑ? далÑ?нейÑ?иÑ? Ñ?ведений об Ñ?Ñ?ом инÑ?иденÑ?е бÑ?ло
+Ñ?еÑ?ено, Ñ?Ñ?о Ñ?еÑ?Ñ?иÑ?икаÑ?ам DigiNotar более довеÑ?Ñ?Ñ?Ñ?
+нелÑ?зÑ?.
+Ð?Ñ?оекÑ? Debian как и дÑ?Ñ?гие поÑ?Ñ?авÑ?ики Ð?Ð? пÑ?инÑ?л Ñ?еÑ?ение об аннÑ?лиÑ?овании
+довеÑ?иÑ? ко вÑ?ем Ñ?еÑ?Ñ?иÑ?икаÑ?ам DigiNotar. Ð? данном обновлении Ñ?Ñ?о Ñ?делано в
+библиоÑ?еке crypto (компоненÑ?е набоÑ?а инÑ?Ñ?Ñ?Ñ?менÑ?ов OpenSSL) пÑ?Ñ?Ñ?м помеÑ?ки
+Ñ?казаннÑ?Ñ? Ñ?еÑ?Ñ?иÑ?икаÑ?ов как оÑ?озваннÑ?Ñ?.
+Ð?Ñ?бое пÑ?иложение, иÑ?полÑ?зÑ?Ñ?Ñ?ее Ñ?казаннÑ?й компоненÑ?, Ñ?епеÑ?Ñ? должно оÑ?клонÑ?Ñ?Ñ? Ñ?еÑ?Ñ?иÑ?икаÑ?Ñ?,
+подпиÑ?аннÑ?е DigiNotar. Ð?Ñ?делÑ?нÑ?е пÑ?иложениÑ? могÑ?Ñ? позволиÑ?Ñ? полÑ?зоваÑ?елÑ?м обойÑ?и
+оÑ?ибкÑ? пÑ?овеÑ?ки Ñ?еÑ?Ñ?иÑ?икаÑ?а. Тем не менее, наÑ?Ñ?оÑ?Ñ?елÑ?но Ñ?екомендÑ?еÑ?Ñ?Ñ?
+не делаÑ?Ñ? иÑ?клÑ?Ñ?ений и Ñ?Ñ?аÑ?елÑ?но пÑ?оизводиÑ?Ñ? пÑ?овеÑ?кÑ? Ñ?еÑ?Ñ?иÑ?икаÑ?ов.</p>
+
+<p>Ð?Ñ?оме Ñ?ого, бÑ?ла обнаÑ?Ñ?жена Ñ?Ñ?звимоÑ?Ñ?Ñ? в Ñ?иÑ?Ñ?е ECDHE_ECDS, из-за коÑ?оÑ?ой
+аÑ?аки по Ñ?айминагам облегÑ?аÑ?Ñ? опÑ?еделение закÑ?Ñ?Ñ?Ñ?Ñ? клÑ?Ñ?ей. Ð?Ñ?оекÑ?
+Common Vulnerabilities and Exposures опÑ?еделÑ?еÑ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? как
 <a href="https://security-tracker.debian.org/tracker/CVE-2011-1945";>CVE-2011-1945</a>.</p>
 
- -<p>For the oldstable distribution (lenny), these problems have been fixed in
- -version 0.9.8g-15+lenny12.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 0.9.8g-15+lenny12.</p>
 
- -<p>For the stable distribution (squeeze), these problems have been fixed in
- -version 0.9.8o-4squeeze2.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 0.9.8o-4squeeze2.</p>
 
- -<p>For the testing distribution (wheezy), these problems will be fixed soon.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?и пÑ?облемÑ? бÑ?дÑ?Ñ? иÑ?пÑ?авленÑ? позже.</p>
 
- -<p>For the unstable distribution (sid), these problems have been fixed in
- -version 1.0.0e-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.0.0e-1.</p>
 
- -<p>We recommend that you upgrade your openssl packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? openssl.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJX8CdNAAoJEF7nbuICFtKl6XgP/0IKeuM/7BXflnHYpT86FaFF
Czs1ys5lTA8uQaWlft5l/Jxd3SThpQlH+4g1E2cVMjPPpuQph3W8Df7iVMHqwjfx
MgOQeFtd566xo2igvt33X5eS7qw4J+CHoTRSt9m2Xivok43fuMylkLooZBZSMjBe
1bzhoVq3mXPkl8GtdbzSAyn/zU7tdeC69c3xvcwcy0HzAy+yHaP/pRxbRCGHJhoJ
M8CJlTClS/sN/29Dfb7IN/WWGbU5u8hH9daKI7AjPjyzBzXgSqJ3cO6yn9q6uzrR
Lsu2A89hUkir6cOLb01FbRHCz9k/1C9Qc7NJRI9xiaYzNAY8EjI1TqSFbxx5VD3b
KpVp+bI/sXrQ0jtrn8g2H/KhTKDxMqyaKFZ92xKBVWgfCgKNvhSGkKQKukmIVn5p
e0Y4HrvZ6wGi58ZSDHPPL/yBHKmBWYTt7vuNUuaK5hmVsxHSdbLpOO5qVF59/GAI
5Hwu7xbc8ymTkGYSCZckD7NgURJybwTsBSQ02ZbyZ/7F0H/7LgmxQc+WvbHKVvcg
LF5baxLcVp2+osey2J8vGHIEu8qyXYxTWTuzR3rB34qlRfbKKGKpM21hXbtauJO1
YGE6dUf2IStaMQhd+wHluaVkihhRxCY9Id6+t3eXiTXY+Lpq9m22mATmWjZceDXZ
bDDCNzWIeXJ6dQ5vbZzh
=ZNAy
-----END PGP SIGNATURE-----
Reply to: