[DONE] wml://security/2006/dsa-10{11,87}.wml
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- --- english/security/2006/dsa-1011.wml 2014-04-30 13:16:09.000000000 +0600
+++ russian/security/2006/dsa-1011.wml 2016-10-02 23:52:59.824512096 +0500
@@ -1,42 +1,43 @@
- -<define-tag description>missing attribute support</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вие поддеÑ?жки аÑ?Ñ?ибÑ?Ñ?ов</define-tag>
<define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in the Debian vserver
- -support for Linux. The Common Vulnerabilities and Exposures project
- -identifies the following problems:</p>
+<p>Ð? поддеÑ?жке vserver Debian длÑ? Linux бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко
+Ñ?Ñ?звимоÑ?Ñ?ей. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2005-4347";>CVE-2005-4347</a>
- - <p>Bjørn Steinbrink discovered that the chroot barrier is not set
- - correctly with util-vserver which may result in unauthorised
- - escapes from a vserver to the host system.</p>
- -
- - <p>This vulnerability is limited to the 2.4 kernel patch included in
- - kernel-patch-vserver. The correction to this problem requires
- - updating the util-vserver package as well and installing a new
- - kernel built from the updated kernel-patch-vserver package.</p></li>
+ <p>Ð?Ñ?Ñ?Ñ?н ШÑ?айнбÑ?инк обнаÑ?Ñ?жил, Ñ?Ñ?о огÑ?аниÑ?ение chroot не Ñ?Ñ?Ñ?анавливаеÑ?Ñ?Ñ?
+ коÑ?Ñ?екÑ?нÑ?м обÑ?азом Ñ? помоÑ?Ñ?Ñ? util-vserver, Ñ?Ñ?о можеÑ? пÑ?иводиÑ?Ñ? к неавÑ?оÑ?изованномÑ?
+ вÑ?Ñ?одÑ? из vserver в оÑ?новнÑ?Ñ? Ñ?иÑ?Ñ?емÑ?.</p>
+
+ <p>ÐÑ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? огÑ?аниÑ?ена заплаÑ?ой Ñ?дÑ?а 2.4, вклÑ?Ñ?Ñ?нной в
+ пакеÑ? kernel-patch-vserver. Ð?лÑ? иÑ?пÑ?авлениÑ? Ñ?Ñ?ой пÑ?облемÑ? Ñ?Ñ?ебÑ?еÑ?Ñ?Ñ?
+ обновиÑ?Ñ? пакеÑ? util-vserver, а Ñ?акже Ñ?Ñ?Ñ?ановиÑ?Ñ? новое
+ Ñ?дÑ?о, Ñ?обÑ?анное из обновлÑ?нного пакеÑ?а kernel-patch-vserver.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2005-4418";>CVE-2005-4418</a>
- - <p>The default policy of util-vserver is set to trust all unknown
- - capabilities instead of considering them as insecure.</p></li>
+ <p>Ð?Ñ?авила util-vserver по Ñ?молÑ?аниÑ? Ñ?Ñ?Ñ?анавливаÑ?Ñ?Ñ?Ñ? Ñ?аким обÑ?азом, Ñ?Ñ?о вÑ?е
+ неизвеÑ?Ñ?нÑ?е мандаÑ?Ñ? Ñ?Ñ?иÑ?аÑ?Ñ?Ñ?Ñ? довеÑ?еннÑ?ми вмеÑ?Ñ?о Ñ?ого, Ñ?Ñ?обÑ? Ñ?Ñ?иÑ?аÑ?Ñ? из небезопаÑ?нÑ?ми.</p></li>
</ul>
- -<p>The old stable distribution (woody) does not contain a
- -kernel-patch-vserver package.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (woody) пакеÑ? kernel-patch-vserver
+оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вÑ?еÑ?.</p>
- -<p>For the stable distribution (sarge) this problem has been fixed in
- -version 1.9.5.5 of kernel-patch-vserver and in version
- -0.30.204-5sarge3 of util-vserver.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sarge) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1.9.5.5 пакеÑ?а kernel-patch-vserver и в веÑ?Ñ?ии
+0.30.204-5sarge3 пакеÑ?а util-vserver.</p>
- -<p>For the unstable distribution (sid) this problem has been fixed in
- -version 2.3 of kernel-patch-vserver and in version 0.30.208-1 of
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 2.3 пакеÑ?а kernel-patch-vserver и в веÑ?Ñ?ии 0.30.208-1 пакеÑ?а
util-vserver.</p>
- -<p>We recommend that you upgrade your util-vserver and
- -kernel-patch-vserver packages and build a new kernel immediately.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? как можно Ñ?коÑ?ее обновиÑ?Ñ? пакеÑ?Ñ? util-vserver и
+kernel-patch-vserver, а Ñ?акже Ñ?обÑ?аÑ?Ñ? новое Ñ?дÑ?о.</p>
</define-tag>
# do not modify the following line
- --- english/security/2006/dsa-1087.wml 2014-04-30 13:16:09.000000000 +0600
+++ russian/security/2006/dsa-1087.wml 2016-10-03 00:00:48.066791565 +0500
@@ -1,44 +1,45 @@
- -<define-tag description>programming error</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>оÑ?ибка пÑ?огÑ?аммиÑ?ованиÑ?</define-tag>
<define-tag moreinfo>
- -<p>Several encoding problems have been discovered in PostgreSQL, a
- -popular SQL database. The Common Vulnerabilities and Exposures
- -project identifies the following problems:</p>
+<p>Ð? PostgreSQL, попÑ?лÑ?Ñ?ной базе даннÑ?Ñ? SQL, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко
+пÑ?облем кодиÑ?ованиÑ?. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2006-2313";>CVE-2006-2313</a>
- - <p>Akio Ishida and Yasuo Ohgaki discovered a weakness in the handling
- - of invalidly-encoded multibyte text data which could allow an
- - attacker to inject arbitrary SQL commands.</p></li>
+ <p>Ð?кио Ð?Ñ?ида и ЯÑ?Ñ?о Ð?гаки обнаÑ?Ñ?жили Ñ?Ñ?звимоÑ?Ñ?Ñ? в обÑ?абоÑ?ке
+ непÑ?авилÑ?но закодиÑ?ованнÑ?Ñ? многобайÑ?овÑ?Ñ? Ñ?екÑ?Ñ?овÑ?Ñ? даннÑ?Ñ?, коÑ?оÑ?аÑ? позволÑ?еÑ?
+ злоÑ?мÑ?Ñ?ленникÑ? вводиÑ?Ñ? пÑ?оизволÑ?нÑ?е командÑ? SQL.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2006-2314";>CVE-2006-2314</a>
- - <p>A similar problem exists in client-side encodings (such as SJIS,
- - BIG5, GBK, GB18030, and UHC) which contain valid multibyte
- - characters that end with the backslash character. An attacker
- - could supply a specially crafted byte sequence that is able to
- - inject arbitrary SQL commands.</p>
- -
- - <p>This issue does not affect you if you only use single-byte (like
- - SQL_ASCII or the ISO-8859-X family) or unaffected multibyte (like
- - UTF-8) encodings.</p>
+ <p>СÑ?ожаÑ? пÑ?облема пÑ?иÑ?Ñ?Ñ?Ñ?Ñ?вÑ?еÑ? в кодиÑ?овкаÑ? на Ñ?Ñ?оÑ?оне клиенÑ?а (Ñ?акиÑ? как SJIS,
+ BIG5, GBK, GB18030 и UHC), Ñ?одеÑ?жаÑ?иÑ? коÑ?Ñ?екÑ?нÑ?е многобайÑ?овÑ?е
+ Ñ?имволÑ?, оканÑ?иваÑ?Ñ?иеÑ?Ñ? обÑ?аÑ?ной коÑ?ой Ñ?еÑ?Ñ?ой. Ð?лоÑ?мÑ?Ñ?ленник
+ можеÑ? пеÑ?едаÑ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?Ñ? поÑ?ледоваÑ?елÑ?ноÑ?Ñ?Ñ? байÑ?ов, Ñ?Ñ?о позволиÑ?
+ емÑ? ввеÑ?Ñ?и пÑ?оизволÑ?нÑ?е командÑ? SQL.</p>
+
+ <p>ÐÑ?а пÑ?облема длÑ? ваÑ? не акÑ?Ñ?алÑ?на в Ñ?лÑ?Ñ?ае, еÑ?ли вÑ? иÑ?полÑ?зÑ?еÑ?е однобайÑ?овÑ?е кодиÑ?овки (Ñ?акие
+ как SQL_ASCII или кодиÑ?овки из Ñ?емейÑ?Ñ?ва ISO-8859-X), либо кодиÑ?овки, коÑ?оÑ?Ñ?е не подвеÑ?женÑ?
+ Ñ?Ñ?ой пÑ?облеме (напÑ?имеÑ?, UTF-8).</p>
- - <p>psycopg and python-pgsql use the old encoding for binary data and
- - may have to be updated.</p></li>
+ <p>psycopg и python-pgsql иÑ?полÑ?зÑ?Ñ?Ñ? Ñ?Ñ?аÑ?Ñ?Ñ? кодиÑ?овкÑ? длÑ? двоиÑ?нÑ?Ñ? даннÑ?Ñ?. Ð?еÑ?оÑ?Ñ?но,
+ иÑ? Ñ?ледÑ?еÑ? обновиÑ?Ñ?.</p></li>
</ul>
- -<p>The old stable distribution (woody) is affected by these problems but
- -we're unable to correct the package.</p>
+<p>Ð?Ñ?едÑ?дÑ?Ñ?ий Ñ?Ñ?абилÑ?нÑ?й вÑ?пÑ?Ñ?к (woody) подвеÑ?жен Ñ?Ñ?им пÑ?облемам, но
+мÑ? не можем иÑ?пÑ?авиÑ?Ñ? пакеÑ?.</p>
- -<p>For the stable distribution (sarge) these problems have been fixed in
- -version 7.4.7-6sarge2.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sarge) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 7.4.7-6sarge2.</p>
- -<p>For the unstable distribution (sid) these problems have been fixed in
- -version 7.4.13-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 7.4.13-1.</p>
- -<p>We recommend that you upgrade your postgresql packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? postgresql.</p>
</define-tag>
# do not modify the following line
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJX8VljAAoJEF7nbuICFtKlCx8P/iHoo/Cz3yz4SWd+RwmTROaf
BIE+Kx+483OPkfBoELtr4l8tqMDJ3yV+IsgdYR3FomoJWP6UUpFYfB56cho4oHMD
CAAciv+0O1umiIaZNu0NWz+R5SvgAG2yTN86gtO6qpXvfbAmF8Bonvo/9Qk+mzN5
DoeA7O3WkzL3RY93kNcdesyxYpodbo2ISLUa+2hks0zop4TkPgD/8y0XglqNqvMp
Zr4b7tqCXvoRghUIdhyZkWJK1090h+5KUtOVLx74pLGKGnaTW3nNGIlJWLP3UHi2
b/OZAPgc3U9AipxazpVJ6NaB7vGNCIrvyfXYCrb1FcxwlGUfCSEVJOGjMXImDAQp
BruB2MuWtaTNnfC7yS/7lQFeTcoCKA7PshrPne77u8jcxEbW4G/0iwobVFKqFEeq
57AHqBn/b29BN1t6km14hygJnhE1JL1BciX5uhLkf5thnXqJ7cIHPzJLCzXzyP9L
wS7qdREU1MRRqQtmjuT15NKkoaFaB1lxmQV4oezpjiG1PI6lTzrGxsxiJ3+2vD06
lSzFiK306SPow0tZwTQo9jeJf4xG42NANr963eutsjp9Ezo6kmnR71X0d90TZ6Vq
HmUl0kupasTmn3III9Qqf9z25gJw7pCEt+I6n/HoVn4BSxy1YzjBWnZv4UydXBfJ
6w739ALjgSqS1q6EINZf
=S44f
-----END PGP SIGNATURE-----
Reply to: