[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2009/dsa-1{930,729}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2009/dsa-1729.wml	2014-04-30 13:16:18.000000000 +0600
+++ russian/security/2009/dsa-1729.wml	2016-10-22 14:52:04.195256902 +0500
@@ -1,42 +1,43 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been found in gst-plugins-bad0.10, a
- -collection of various GStreamer plugins. The Common Vulnerabilities and
- -Exposures project identifies the following problems:</p>
+<p>Ð? gst-plugins-bad0.10, набоÑ?е Ñ?азлиÑ?нÑ?Ñ? дополнений длÑ? GStreamer, бÑ?ло
+обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей. Ð?Ñ?оекÑ? Common Vulnerabilities and
+Exposures опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 	<li><a href="https://security-tracker.debian.org/tracker/CVE-2009-0386";>CVE-2009-0386</a>
 
- -	<p>Tobias Klein discovered a buffer overflow in the quicktime stream
- -	demuxer (qtdemux), which could potentially lead to the execution of
- -	arbitrary code via crafted .mov files.</p></li>
+	<p>ТобиаÑ? Ð?лÑ?йн обнаÑ?Ñ?жил пеÑ?еполнение бÑ?Ñ?еÑ?а в демÑ?лÑ?Ñ?иплекÑ?оÑ?е поÑ?ока
+        quicktime (qtdemux), коÑ?оÑ?ое поÑ?енÑ?иалÑ?но можеÑ? пÑ?иводиÑ?Ñ? к вÑ?полнениÑ?
+	пÑ?оизволÑ?ного кода пÑ?и обÑ?абоÑ?ке Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?Ñ? Ñ?айлов .mov.</p></li>
 
 	<li><a href="https://security-tracker.debian.org/tracker/CVE-2009-0387";>CVE-2009-0387</a>
 
- -	<p>Tobias Klein discovered an array index error in the quicktime stream
- -	demuxer (qtdemux), which could potentially lead to the execution of
- -	arbitrary code via crafted .mov files.</p></li>
+	<p>ТобиаÑ? Ð?лÑ?йн обнаÑ?Ñ?жил оÑ?ибкÑ? индекÑ?аÑ?ии маÑ?Ñ?ива в демÑ?лÑ?Ñ?иплекÑ?оÑ?е поÑ?ока
+        quicktime (qtdemux), коÑ?оÑ?аÑ? поÑ?енÑ?иалÑ?но можеÑ? пÑ?иводиÑ?Ñ? к вÑ?полнениÑ?
+	пÑ?оизволÑ?ного кода пÑ?и обÑ?абоÑ?ке Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?Ñ? Ñ?айлов .mov.</p></li>
 
 	<li><a href="https://security-tracker.debian.org/tracker/CVE-2009-0397";>CVE-2009-0397</a>
 
- -	<p>Tobias Klein discovered a buffer overflow in the quicktime stream
- -	demuxer (qtdemux) similar to the issue reported in <a href="https://security-tracker.debian.org/tracker/CVE-2009-0386";>CVE-2009-0386</a>, which
- -	could also lead to the execution of arbitrary code via crafted .mov
- -	files.</p></li>
+	<p>ТобиаÑ? Ð?лÑ?йн обнаÑ?Ñ?жил пеÑ?еполнение бÑ?Ñ?еÑ?а в демÑ?лÑ?Ñ?иплекÑ?оÑ?е поÑ?ока
+        quicktime (qtdemux), Ñ?Ñ?одное Ñ? пÑ?облемой о коÑ?оÑ?ой Ñ?ообÑ?алоÑ?Ñ? в <a href="https://security-tracker.debian.org/tracker/CVE-2009-0386";>CVE-2009-0386</a>, коÑ?оÑ?ое
+	Ñ?акже можеÑ? пÑ?иводиÑ?Ñ? к вÑ?полнениÑ? пÑ?оизволÑ?ного кода пÑ?и обÑ?абоÑ?ке Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?Ñ?
+        Ñ?айлов .mov.</p></li>
 
 </ul>
 
- -<p>For the oldstable distribution (etch), these problems have been fixed in
- -version 0.10.3-3.1+etch1.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 0.10.3-3.1+etch1.</p>
 
- -<p>For the stable distribution (lenny), these problems have been fixed in
- -version 0.10.8-4.1~lenny1 of gst-plugins-good0.10, since the affected
- -plugin has been moved there. The fix was already included in the lenny
- -release.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 0.10.8-4.1~lenny1 пакеÑ?а gst-plugins-good0.10, поÑ?колÑ?кÑ? подвеÑ?женной
+Ñ?Ñ?звимоÑ?Ñ?Ñ?м дополнение бÑ?ло пеÑ?емеÑ?ено Ñ?Ñ?да. ЭÑ?о иÑ?пÑ?авление Ñ?же вклÑ?Ñ?ено в
+вÑ?пÑ?Ñ?к lenny.</p>
 
- -<p>For the unstable distribution (sid) and the testing distribution
- -(squeeze), these problems have been fixed in version 0.10.8-4.1 of
+<p>Ð? неÑ?Ñ?абилÑ?ном (sid) и Ñ?еÑ?Ñ?иÑ?Ñ?емом (squeeze) вÑ?пÑ?Ñ?каÑ?
+Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии 0.10.8-4.1 пакеÑ?а
 gst-plugins-good0.10.</p>
 </define-tag>
 
- --- english/security/2009/dsa-1930.wml	2014-04-30 13:16:19.000000000 +0600
+++ russian/security/2009/dsa-1930.wml	2016-10-22 14:34:42.172267934 +0500
@@ -1,47 +1,48 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.5" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
 
- -<p>Several vulnerabilities have been found in drupal6, a fully-featured
- -content management framework. The Common Vulnerabilities and Exposures
- -project identifies the following problems:</p>
+<p>Ð? drupal6, полноÑ?Ñ?нкÑ?ионалÑ?ной инÑ?Ñ?аÑ?Ñ?Ñ?Ñ?кÑ?Ñ?Ñ?е Ñ?пÑ?авлениÑ? Ñ?одеÑ?жимÑ?м, бÑ?ло
+обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей. Ð?Ñ?оек Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-2372";>CVE-2009-2372</a>
 
- -<p>Gerhard Killesreiter discovered a flaw in the way user signatures are
- -handled. It is possible for a user to inject arbitrary code via a
- -crafted user signature. (SA-CORE-2009-007)</p></li>
+<p>Ð?еÑ?Ñ?аÑ?д Ð?иллеÑ?Ñ?айÑ?еÑ? обнаÑ?Ñ?жил Ñ?Ñ?звимоÑ?Ñ?Ñ? в коде обÑ?абоÑ?ки полÑ?зоваÑ?елÑ?Ñ?киÑ?
+подпиÑ?ей. Ð?олÑ?зоваÑ?елÑ? можеÑ? ввеÑ?Ñ?и пÑ?оизволÑ?нÑ?й код Ñ? помоÑ?Ñ?Ñ?
+Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованной полÑ?зоваÑ?елÑ?Ñ?кой подпиÑ?и. (SA-CORE-2009-007)</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-2373";>CVE-2009-2373</a>
 
- -<p>Mark Piper, Sven Herrmann and Brandon Knight discovered a cross-site
- -scripting issue in the forum module, which could be exploited via the
- -tid parameter. (SA-CORE-2009-007)</p></li>
+<p>Ð?аÑ?к Ð?айпеÑ?, Свен ХеÑ?Ñ?ман и Ð?Ñ?Ñ?ндон Ð?айÑ? обнаÑ?Ñ?жили межÑ?айÑ?овÑ?й
+Ñ?кÑ?ипÑ?инг в модÑ?ле forum, коÑ?оÑ?Ñ?й можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? Ñ? помоÑ?Ñ?Ñ?
+паÑ?амеÑ?Ñ?а tid. (SA-CORE-2009-007)</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-2374";>CVE-2009-2374</a>
 
- -<p>Sumit Datta discovered that certain drupal6 pages leak sensitive
- -information such as user credentials. (SA-CORE-2009-007)</p></li>
+<p>СÑ?миÑ? Ð?аÑ?Ñ?а обнаÑ?Ñ?жил, Ñ?Ñ?о на опÑ?еделÑ?ннÑ?Ñ? Ñ?Ñ?Ñ?аниÑ?аÑ? drupal6 пÑ?оиÑ?Ñ?одиÑ?
+Ñ?Ñ?еÑ?ка Ñ?Ñ?вÑ?Ñ?виÑ?елÑ?ной инÑ?оÑ?маÑ?ии, Ñ?акой как даннÑ?е Ñ?Ñ?Ñ?Ñ?ной запиÑ?и полÑ?зоваÑ?елÑ?. (SA-CORE-2009-007)</p></li>
 
 </ul>
 
- -<p>Several design flaws in the OpenID module have been fixed, which could
- -lead to cross-site request forgeries or privilege escalations. Also, the
- -file upload function does not process all extensions properly leading
- -to the possible execution of arbitrary code.
+<p>Ð?Ñ?ло иÑ?пÑ?авлено неÑ?колÑ?ко оÑ?ибок Ñ?азÑ?абоÑ?ки в модÑ?ле OpenID, коÑ?оÑ?Ñ?е
+могÑ?Ñ? пÑ?иводиÑ?Ñ? к подделкам межÑ?айÑ?овÑ?Ñ? запÑ?оÑ?ов или повÑ?Ñ?ениÑ? пÑ?ивилегий. Ð?Ñ?оме Ñ?ого,
+Ñ?Ñ?нкÑ?иÑ? загÑ?Ñ?зки Ñ?айла непÑ?авилÑ?но обÑ?абаÑ?Ñ?ваеÑ? некоÑ?оÑ?Ñ?е Ñ?аÑ?Ñ?иÑ?ениÑ?, Ñ?Ñ?о пÑ?иводиÑ?
+к возможномÑ? вÑ?полнениÑ? пÑ?оизволÑ?ного кода.
 (SA-CORE-2009-008)</p>
 
 
- -<p>The oldstable distribution (etch) does not contain drupal6.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) пакеÑ? drupal6 оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вÑ?еÑ?.</p>
 
- -<p>For the stable distribution (lenny), these problems have been fixed in
- -version 6.6-3lenny3.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 6.6-3lenny3.</p>
 
- -<p>For the testing distribution (squeeze) and the unstable distribution
- -(sid), these problems have been fixed in version 6.14-1.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом (squeeze) и неÑ?Ñ?абилÑ?ном (sid) вÑ?пÑ?Ñ?каÑ?
+Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии 6.14-1.</p>
 
- -<p>We recommend that you upgrade your drupal6 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? drupal6.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJYCzbHAAoJEF7nbuICFtKl/IwQAKL8pHUyaG+FPQ6wjB22+FnS
p/zObr6DSNgbFVglNWB2uhwSC3D2qHKR6QjoiAxb+0r/sfgFwViwVylBBTbMyTlI
S0tcvTs4zT65v6sl5clycNBUYwhoHGPBXHau/gOQG8qlD2OtypB4d3FKLRj1ikWb
C+k9XKgZUAss35Kfg8PdMJLVOxbG2VEC0P3c6iPJyNLjwHZz2QVCOemA3OOmAssO
+2F51MGIFcQQecWABFyg55Q4ZepFF4UaXYxr+TARWUk67v07XYrG38RLP2NjLLXk
pao5ggjmXz65l/0rVQW1xJZtmhECPkTGqirtlzodvWxaq+sZTKIpBNw5GLx0rRXw
BK23oXmqWITPAhBfKM8VzEcs1hxFqpHTVSwk3qC5i32AGjcv1a4rR05XO8Epz0q3
wvrcvYz7t0dyHmnx3O1frU3VodQWcDzd1t3/xQ1MEhW1MfNpm3O522MGEveXwqOu
OGRjLXFe3Q/dNbqOTICVz+88t5C4tjGcOU1v++J2/QuMVIf0a/bKGXP3/tBtfeiG
0GAU6n9C86LXLJ9bmoi5OlPMdainJxYWriJgGp4J+ciuQk9NqML4gleP6SyzpGMK
NKwGBLbhr3z0eDQR/AFAXcfjTCbr7rfV8+g2xj0ay5FYKSPYTQcuqV3Z3luBpoYI
6E5dLrocLS9cvyZKV8Fe
=wPHl
-----END PGP SIGNATURE-----
Reply to: