[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2005/dsa-{880,707}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2005/dsa-707.wml	2005-04-13 20:45:49.000000000 +0600
+++ russian/security/2005/dsa-707.wml	2016-10-18 00:39:18.743887870 +0500
@@ -1,48 +1,49 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in MySQL, a popular
- -database.  The Common Vulnerabilities and Exposures project identifies
- -the following problems:</p>
+<p>Ð? MySQL, попÑ?лÑ?Ñ?ной базе даннÑ?Ñ?, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко
+Ñ?Ñ?звимоÑ?Ñ?ей.  Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures опÑ?еделÑ?еÑ?
+Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0957";>CAN-2004-0957</a>
 
- -    <p>Sergei Golubchik discovered a problem in the access handling for
- -    similar named databases.  If a user is granted privileges to a
- -    database with a name containing an underscore ("_"), the user also
- -    gains privileges to other databases with similar names.</p>
+    <p>СеÑ?гей Ð?олÑ?бÑ?ик обнаÑ?Ñ?жил пÑ?облемÑ? в обÑ?абоÑ?ке доÑ?Ñ?Ñ?па к базам даннÑ?Ñ?
+    Ñ?о Ñ?Ñ?однÑ?ми именами.  Ð?Ñ?ли полÑ?зоваÑ?елÑ? полÑ?Ñ?аеÑ? пÑ?ава длÑ? доÑ?Ñ?Ñ?па к
+    базе даннÑ?Ñ?, имÑ? коÑ?оÑ?ой Ñ?одеÑ?жиÑ? подÑ?Ñ?Ñ?кивание ("_"), Ñ?о Ñ?Ñ?оÑ? полÑ?зоваÑ?елÑ? полÑ?Ñ?аеÑ?
+    пÑ?ава к дÑ?Ñ?гим базам даннÑ?Ñ? Ñ?о Ñ?Ñ?однÑ?ми именами.</p>
 
 <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0709";>CAN-2005-0709</a>
 
- -    <p>Stefano Di Paola discovered that MySQL allows remote
- -    authenticated users with INSERT and DELETE privileges to execute
- -    arbitrary code by using CREATE FUNCTION to access libc calls.</p>
+    <p>СÑ?еÑ?ано Ð?и Ð?аола обнаÑ?Ñ?жил, Ñ?Ñ?о MySQL позволÑ?еÑ? Ñ?далÑ?ннÑ?м
+    аÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованнÑ?м полÑ?зоваÑ?елÑ?м Ñ? пÑ?авами на вÑ?полнение опеÑ?аÑ?ий INSERT и DELETE вÑ?полнÑ?Ñ?Ñ?
+    пÑ?оизволÑ?нÑ?й код, иÑ?полÑ?зÑ?Ñ? CREATE FUNCTION длÑ? полÑ?Ñ?ениÑ? доÑ?Ñ?Ñ?па к вÑ?зовам libc.</p>
 
 <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0710";>CAN-2005-0710</a>
 
- -    <p>Stefano Di Paola discovered that MySQL allows remote authenticated
- -    users with INSERT and DELETE privileges to bypass library path
- -    restrictions and execute arbitrary libraries by using INSERT INTO
- -    to modify the mysql.func table.</p>
+    <p>СÑ?еÑ?ано Ð?и Ð?аола обнаÑ?Ñ?жил, Ñ?Ñ?о MySQL позволÑ?еÑ? Ñ?далÑ?ннÑ?м аÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованнÑ?м
+    полÑ?зоваÑ?елÑ? Ñ? пÑ?авами на вÑ?полнение опеÑ?аÑ?ий INSERT и DELETE обÑ?одиÑ?Ñ? огÑ?аниÑ?ениÑ? пÑ?Ñ?и
+    библиоÑ?еки и вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?е библиоÑ?еки, иÑ?полÑ?зÑ?Ñ? INSERT INTO
+    длÑ? изменениÑ? Ñ?аблиÑ?Ñ? mysql.func.</p>
 
 <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0711";>CAN-2005-0711</a>
 
- -   <p>Stefano Di Paola discovered that MySQL uses predictable file names
- -   when creating temporary tables, which allows local users with
- -   CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via
- -   a symlink attack.</p>
+   <p>СÑ?еÑ?ано Ð?и Ð?аола обнаÑ?Ñ?жил, Ñ?Ñ?о MySQL иÑ?полÑ?зÑ?еÑ?Ñ?Ñ? пÑ?едÑ?казÑ?емÑ?е имена Ñ?айлов
+   пÑ?и Ñ?оздании вÑ?еменнÑ?Ñ? Ñ?аблиÑ?, Ñ?Ñ?о позволÑ?еÑ? локалÑ?нÑ?м полÑ?зоваÑ?елÑ?м Ñ? пÑ?авами на вÑ?полнение
+   опеÑ?аÑ?ии CREATE TEMPORARY TABLE пеÑ?езапиÑ?Ñ?ваÑ?Ñ? пÑ?оизволÑ?нÑ?е Ñ?айлÑ? Ñ? помоÑ?Ñ?Ñ?
+   аÑ?аки Ñ?еÑ?ез Ñ?имволÑ?нÑ?е Ñ?Ñ?Ñ?лки.</p>
 
 </ul>
 
- -<p>For the stable distribution (woody) these problems have been fixed in
- -version 3.23.49-8.11.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (woody) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 3.23.49-8.11.</p>
 
- -<p>For the unstable distribution (sid) these problems have been fixed in
- -version 4.0.24-5 of mysql-dfsg and in version 4.1.10a-6 of
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 4.0.24-5 пакеÑ?а mysql-dfsg и в веÑ?Ñ?ии 4.1.10a-6 пакеÑ?а
 mysql-dfsg-4.1.</p>
 
- -<p>We recommend that you upgrade your mysql packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? mysql.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2005/dsa-880.wml	2005-11-04 23:48:45.000000000 +0500
+++ russian/security/2005/dsa-880.wml	2016-10-18 00:32:58.719017817 +0500
@@ -1,43 +1,44 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several cross-site scripting vulnerabilities have been discovered in
- -phpmyadmin, a set of PHP-scripts to administrate MySQL over the WWW.
- -The Common Vulnerabilities and Exposures project identifies the
- -following problems:</p>
+<p>Ð? phpmyadmin, набоÑ?е Ñ?Ñ?енаÑ?иев на Ñ?зÑ?ке PHP длÑ? админиÑ?Ñ?Ñ?иÑ?ованиÑ? MySQL Ñ?еÑ?ез
+WWW, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?лÑ?Ñ?аев межÑ?айÑ?ового Ñ?кÑ?ипÑ?инга.
+Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures опÑ?еделÑ?еÑ?
+Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2869";>CAN-2005-2869</a>
 
- -    <p>Andreas Kerber and Michal Cihar discovered several cross-site
- -    scripting vulnerabilities in the error page and in the cookie
+    <p>Ð?ндÑ?еаÑ? Ð?еÑ?беÑ? и Ð?иÑ?ал ЦигаÑ? обнаÑ?Ñ?жили неÑ?колÑ?ко Ñ?лÑ?Ñ?аев межÑ?айÑ?ового
+    Ñ?кÑ?ипÑ?инга на Ñ?Ñ?Ñ?аниÑ?е error и в кÑ?ки Ñ?Ñ?Ñ?аниÑ?Ñ?
     login.</p></li>
 
 <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3300";>CVE-2005-3300</a>
 
- -    <p>Stefan Esser discovered missing safety checks in grab_globals.php
- -    that could allow an attacker to induce phpmyadmin to include an
- -    arbitrary local file.</p></li>
+    <p>ШÑ?еÑ?ан ЭÑ?Ñ?еÑ? обнаÑ?Ñ?жил оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вие пÑ?овеÑ?ок надÑ?жноÑ?Ñ?и в grab_globals.php,
+    коÑ?оÑ?Ñ?е могÑ?Ñ? позволиÑ?Ñ? злоÑ?мÑ?Ñ?ленникÑ? загÑ?Ñ?зиÑ?Ñ? в phpmyadmin код из
+    пÑ?оизволÑ?ного локалÑ?ного Ñ?айла.</p></li>
 
 <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3301";>CVE-2005-3301</a>
 
- -    <p>Tobias Klein discovered several cross-site scripting
- -    vulnerabilities that could allow attackers to inject arbitrary
- -    HTML or client-side scripting.</p></li>
+    <p>ТобиаÑ? Ð?лÑ?йн обнаÑ?Ñ?жил неÑ?колÑ?ко Ñ?лÑ?Ñ?аев межÑ?айÑ?ового
+    Ñ?кÑ?ипÑ?инга, коÑ?оÑ?Ñ?е могÑ?Ñ? позволиÑ?Ñ? злоÑ?мÑ?Ñ?ленникам вводиÑ?Ñ? пÑ?оизволÑ?нÑ?й
+    код HTML или вÑ?полнÑ?Ñ?Ñ? Ñ?кÑ?ипÑ?инг на Ñ?Ñ?оÑ?оне клиенÑ?а.</p></li>
 
 </ul>
 
- -<p>The version in the old stable distribution (woody) has probably its
- -own flaws and is not easily fixable without a full audit and patch
- -session.  The easier way is to upgrade it from woody to sarge.</p>
+<p>Ð?еÑ?Ñ?иÑ? пакеÑ?а в пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (woody), веÑ?оÑ?Ñ?но, Ñ?одеÑ?жиÑ?
+Ñ?обÑ?Ñ?веннÑ?е Ñ?Ñ?звимоÑ?Ñ?и, иÑ?пÑ?авиÑ?Ñ? еÑ? без полного аÑ?диÑ?а и подгоÑ?овки заплаÑ?
+пÑ?едÑ?Ñ?авлÑ?еÑ?Ñ?Ñ? непÑ?оÑ?Ñ?Ñ?м делом.  Ð?оÑ?аздо пÑ?оÑ?е вÑ?полниÑ?Ñ? обновление Ñ? woody до sarge.</p>
 
- -<p>For the stable distribution (sarge) these problems have been fixed in
- -version 2.6.2-3sarge1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sarge) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2.6.2-3sarge1.</p>
 
- -<p>For the unstable distribution (sid) these problems have been fixed in
- -version 2.6.4-pl3-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2.6.4-pl3-1.</p>
 
- -<p>We recommend that you upgrade your phpmyadmin package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? phpmyadmin.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJYBSjpAAoJEF7nbuICFtKlATAQAJY+cDMZpevvsr9rWa9Bn01w
36XJjcLSQ490rgnMw1wWryjWfI53+aQ6d15lBtjfw+5nV51twRz2XyGyinGVTJPl
qVBc2trWGszGhKdSj1lvaCtDtNg59Hb1i3VlZp1lgwpNlrFWYkQpDcwmyQSV99fv
q2MgO9zCF3TLzS+JTw5zo0CKUKAAcSnip8DD1kaNFTzMVQTa+6Zzl5RdOGv2qNVz
e1zDlji76/H1jcqeesbEH6rdqmV/5pBNjdq1itUAF/KVGXC6eKX5Rg4P7Zqh+SVG
LfO7fiRwIRAufGpAfCe9y/9sq7KF6kGJBXvoqMNUsQovR0Xa/MJT93wqxnwUArRC
MsZJ905uo/lpAwG006TrXYKiEekrQPeS10JjpUe8LXCTOJ90z5OU46XSOZmE0wkE
rXRv/O0ZIObOq75tWsAoFIHKe/pLT0YC1K5lRg/wpmFtpgfsCsrVK1NNkSo8INQn
wUnYfr9kqH840ktGojP/G4w7m6UK2WBTy6jNLll2mb2c3qmRf0OFlXXwPbtLspta
3YYbT5FOxm2Ajd79t016R4xLLc62WdXl0WwOlE2Zo6dn7ZDSwnWIGH4e7tffSBEq
xee40y/3ZAMRFH1SeEajGSlDz2KJqN+tHMdv6pmqduaCnoeKpEo2lLx/Ao3oMmZf
NFsLSET89ckOH10sGKHN
=Ks8v
-----END PGP SIGNATURE-----
Reply to: