[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2005/dsa-7{02,57}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2005/dsa-702.wml	2005-04-01 20:27:39.000000000 +0600
+++ russian/security/2005/dsa-702.wml	2016-10-13 18:17:55.963568149 +0500
@@ -1,45 +1,46 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in ImageMagick, a
- -commonly used image manipulation library.  These problems can be
- -exploited by a carefully crafted graphic image.  The Common
- -Vulnerabilities and Exposures project identifies the following
- -problems:</p>
+<p>Ð? ImageMagick, Ñ?иÑ?око иÑ?полÑ?зÑ?емой библиоÑ?еке длÑ? Ñ?абоÑ?Ñ? Ñ? изобÑ?ажениÑ?ми,
+бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей.  ЭÑ?и пÑ?облемÑ? могÑ?Ñ?
+иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? Ñ? помоÑ?Ñ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного изобÑ?ажениÑ?.  Ð?Ñ?оекÑ? Common
+Vulnerabilities and Exposures опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие
+пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0397";>CAN-2005-0397</a>
 
- -    <p>Tavis Ormandy discovered a format string vulnerability in the
- -    filename handling code which allows a remote attacker to cause a
- -    denial of service and possibly execute arbitrary code.</p>
+    <p>ТÑ?виÑ? Ð?Ñ?манди обнаÑ?Ñ?жил Ñ?Ñ?звимоÑ?Ñ?Ñ? Ñ?оÑ?маÑ?ной Ñ?Ñ?Ñ?оки в
+    коде обÑ?абоÑ?ки имÑ?н Ñ?айлов, коÑ?оÑ?аÑ? позволÑ?еÑ? Ñ?далÑ?нномÑ? злоÑ?мÑ?Ñ?ленникÑ? вÑ?зÑ?ваÑ?Ñ?
+    оÑ?каз в обÑ?лÑ?живании и поÑ?енÑ?иалÑ?ное вÑ?полнение пÑ?оизволÑ?ного кода.</p>
 
 <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0759";>CAN-2005-0759</a>
 
- -    <p>Andrei Nigmatulin discovered a denial of service condition which
- -    can be caused by an invalid tag in a TIFF image.</p>
+    <p>Ð?ндÑ?ей Ð?игмаÑ?Ñ?лин обнаÑ?Ñ?жил оÑ?каз в обÑ?лÑ?живании, коÑ?оÑ?Ñ?й
+    можно вÑ?зваÑ?Ñ? Ñ? помоÑ?Ñ?Ñ? некоÑ?Ñ?екÑ?ного Ñ?ега в TIFF-изобÑ?ажении.</p>
 
 <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0760";>CAN-2005-0760</a>
 
- -    <p>Andrei Nigmatulin discovered that the TIFF decoder is vulnerable
- -    to accessing memory out of bounds which will result in a
- -    segmentation fault.</p>
+    <p>Ð?ндÑ?ей Ð?игмаÑ?Ñ?лин обнаÑ?Ñ?жил, Ñ?Ñ?о декодеÑ? TIFF Ñ?Ñ?звим к
+    обÑ?аÑ?ениÑ? за пÑ?еделÑ? вÑ?деленного бÑ?Ñ?еÑ?а памÑ?Ñ?и, Ñ?Ñ?о можеÑ? пÑ?иводиÑ?Ñ? к
+    оÑ?ибке Ñ?егменÑ?иÑ?ованиÑ?.</p>
 
 <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0762";>CAN-2005-0762</a>
 
- -    <p>Andrei Nigmatulin discovered a buffer overflow in the SGI parser
- -    which allows a remote attacker to execute arbitrary code via a
- -    specially crafted SGI image file.</p>
+    <p>Ð?ндÑ?ей Ð?игмаÑ?Ñ?лин обнаÑ?Ñ?жил пеÑ?еполнение бÑ?Ñ?еÑ?а в коде длÑ? гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а
+    SGI, коÑ?оÑ?ое позволÑ?еÑ? Ñ?далÑ?нномÑ? злоÑ?мÑ?Ñ?ленникÑ? вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код Ñ? помоÑ?Ñ?Ñ?
+    Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного SGI-изобÑ?ажениÑ?.</p>
 
 </ul>
 
- -<p>For the stable distribution (woody) these problems have been fixed in
- -version 5.4.4.5-1woody6.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (woody) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 5.4.4.5-1woody6.</p>
 
- -<p>For the unstable distribution (sid) these problems have been fixed in
- -version 6.0.6.2-2.2.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 6.0.6.2-2.2.</p>
 
- -<p>We recommend that you upgrade your imagemagick package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? imagemagick.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2005/dsa-757.wml	2005-07-17 22:26:50.000000000 +0600
+++ russian/security/2005/dsa-757.wml	2016-10-13 18:24:42.838133135 +0500
@@ -1,33 +1,34 @@
- -<define-tag description>buffer overflow, double-free memory</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>пеÑ?еполнение бÑ?Ñ?еÑ?а, двойное оÑ?вобождение памÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Daniel Wachdorf reported two problems in the MIT krb5 distribution used
- -for network authentication. First, the KDC program from the krb5-kdc
- -package can corrupt the heap by trying to free memory which has already
- -been freed on receipt of a certain TCP connection. This vulnerability
- -can cause the KDC to crash, leading to a denial of service.
- -[<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1174";>CAN-2005-1174</a>] Second, under certain rare circumstances this type of
- -request can lead to a buffer overflow and remote code execution.
+<p>Ð?Ñ?ниел Ð?аÑ?доÑ?Ñ? Ñ?ообÑ?ил о двÑ?Ñ? пÑ?облемаÑ? в krb5 оÑ? MIT, иÑ?полÑ?зÑ?емом
+длÑ? Ñ?еÑ?евой аÑ?Ñ?енÑ?иÑ?икаÑ?ии. Ð?о-пеÑ?вÑ?Ñ?, пÑ?огÑ?амма KDC из пакеÑ?а krb5-kdc
+можеÑ? повÑ?едиÑ?Ñ? Ñ?одеÑ?жимое динамиÑ?еÑ?кой памÑ?Ñ?и, пÑ?Ñ?аÑ?Ñ?Ñ? оÑ?вободиÑ?Ñ? памÑ?Ñ?Ñ?, коÑ?оÑ?аÑ? Ñ?же
+бÑ?ла оÑ?вобождена пÑ?и полÑ?Ñ?ении подÑ?веÑ?ждениÑ? опÑ?еделÑ?нного TCP-Ñ?оединениÑ?. ЭÑ?а Ñ?Ñ?звимоÑ?Ñ?Ñ?
+можеÑ? вÑ?зÑ?ваÑ?Ñ? аваÑ?ийнÑ?Ñ? оÑ?Ñ?ановкÑ? KDC, Ñ?Ñ?о пÑ?иводиÑ? к оÑ?казÑ? в обÑ?лÑ?живании.
+[<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1174";>CAN-2005-1174</a>] Ð?о-вÑ?оÑ?Ñ?Ñ?, пÑ?и опÑ?еделÑ?ннÑ?Ñ? обÑ?Ñ?оÑ?Ñ?елÑ?Ñ?Ñ?ваÑ? Ñ?Ñ?оÑ? Ñ?ип
+запÑ?оÑ?а можеÑ? пÑ?иводиÑ?Ñ? к пеÑ?еполнениÑ? бÑ?Ñ?еÑ?а и Ñ?далÑ?нномÑ? вÑ?полнениÑ? кода.
 [<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1175";>CAN-2005-1175</a>] </p>
 
- -<p>Additionally, Magnus Hagander reported another problem in which the
- -krb5_recvauth function can in certain circumstances free previously
- -freed memory, potentially leading to the execution of remote code.
+<p>Ð?Ñ?оме Ñ?ого, Ð?агнÑ?Ñ? ХагандеÑ? Ñ?ообÑ?ил о еÑ?Ñ? одной пÑ?облеме, пÑ?и коÑ?оÑ?ой
+Ñ?Ñ?нкÑ?иÑ? krb5_recvauth можеÑ? пÑ?и опÑ?еделÑ?ннÑ?Ñ? обÑ?Ñ?оÑ?Ñ?елÑ?Ñ?Ñ?ваÑ? оÑ?вободиÑ?Ñ? Ñ?анее
+оÑ?вобождÑ?ннÑ?Ñ? памÑ?Ñ?Ñ?, Ñ?Ñ?о поÑ?енÑ?иалÑ?но пÑ?иводиÑ? к Ñ?далÑ?нномÑ? вÑ?полнениÑ? кода.
 [<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1689";>CAN-2005-1689</a>] </p>
 
- -<p>All of these vulnerabilities are believed difficult to exploit, and no
- -exploits have yet been discovered.</p>
+<p>СÑ?иÑ?аеÑ?Ñ?Ñ?, Ñ?Ñ?о вÑ?е Ñ?Ñ?и Ñ?Ñ?звимоÑ?Ñ?и Ñ?ложно иÑ?полÑ?зоваÑ?Ñ?, а Ñ?кÑ?плоиÑ?Ñ?
+пока не бÑ?ли обнаÑ?Ñ?жнÑ?.</p>
 
- -<p>For the old stable distribution (woody), these problems have been fixed
- -in version 1.2.4-5woody10. Note that woody's KDC does not have TCP
- -support and is not vulnerable to <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1174";>CAN-2005-1174</a>.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (woody) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 1.2.4-5woody10. Ð?амеÑ?Ñ?Ñ?е, Ñ?Ñ?о пÑ?огÑ?амма KDC в woody не имееÑ? поддеÑ?жки TCP
+и поÑ?Ñ?омÑ? не Ñ?Ñ?звима к <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1174";>CAN-2005-1174</a>.</p>
 
- -<p>For the stable distribution (sarge), these problems have been fixed in
- -version 1.3.6-2sarge2.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sarge) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.3.6-2sarge2.</p>
 
- -<p>For the unstable distribution (sid), these problems have been fixed in
- -version 1.3.6-4.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.3.6-4.</p>
 
- -<p>We recommend that you upgrade your krb5 package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? krb5.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJX/4seAAoJEF7nbuICFtKlDGYQAJNLXAb6EThQEcAi4U3gfYSM
vBAR4nDcE7YGtaCRXNrrm1KY1wtBNifJfiIHaFRzlP11oKYYF+zzzgt3goCoW0sY
8tvNicjvYFhUFS0yD6NxtI//ik0xRyRxuzVsjV54yTawfJ7FptfuUJ+DfG0cyIi4
7Y+NHeRZ2n9TeZ/fjFiSF0IgdEHY81g2ncoUk0GXAbzWXSemkLQW8ZDbArTFX+3C
gWOoCwF9pQ8eLbVBNBEu3xSDLuNfqZFpwVD6Gfa2vgkMsySavF+zg0EyJAZ6tpn5
JDmVQ2xKdhYQSk1XlnQUDz/tpeNwwVZnqvDdtklOcA+m3Wfh/m03MjYUohLda+EE
0TjUArTIkYgZXi2prnPiPiS/7zVUbj87EFqIRaETHPRufK8juU7QX3KcfXC/kCKp
vHCzsBgu58bkZkshgcvMEM/rrw25VZigqKgSVrsCLBIhtfQR5L94+XfE31y6F8xK
tQ+4Edt+6iGCJ3JTXGZszQhbzIIG+u2UMizq4jM09Spx7L6IoGYYeiWPPXL4D+NN
DlweLqhl84cys+4itv/ajren9C/HT/McfZnn0pRy2thkD0ijU6dYTofd831zySpn
FsaOTjIZizkNUAAwJ+FbHH8PThp+VYuaUfmOahS/Hoxt85FrLfUvThGB0/rxwdHr
Lu4MvplGiSaiDysXrjbC
=FWVw
-----END PGP SIGNATURE-----
Reply to: