[DONE] wml://security/2012/dsa-24{93,09}.wml

[Lev Lamberov <dogsleg@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2012/dsa-2409.wml	2014-04-30 13:16:28.000000000 +0600
+++ russian/security/2012/dsa-2409.wml	2016-10-28 02:41:36.331151502 +0500
@@ -1,43 +1,44 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in debdiff, a script used
- -to compare two Debian packages, which is part of the devscripts package.
- -The following Common Vulnerabilities and Exposures project ids have been
- -assigned to identify them:</p>
+<p>Ð? debdiff, Ñ?Ñ?енаÑ?ии, иÑ?полÑ?зÑ?емом длÑ? Ñ?Ñ?авнениÑ? пакеÑ?ов Debian и Ñ?влÑ?Ñ?Ñ?емÑ?Ñ?
+Ñ?аÑ?Ñ?Ñ?Ñ? пакеÑ?а devscripts, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей.
+ЭÑ?им Ñ?Ñ?звимоÑ?Ñ?Ñ?м бÑ?ли пÑ?ипиÑ?анÑ? Ñ?ледÑ?Ñ?Ñ?ие иденÑ?иÑ?икаÑ?оÑ?Ñ? пÑ?оекÑ?а Common
+Vulnerabilities and Exposures:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-0210";>CVE-2012-0210</a>:
 
- -    <p>Paul Wise discovered that due to insufficient input sanitising when
- -    processing .dsc and .changes files, it is possible to execute
- -    arbitrary code and disclose system information.</p></li>
+    <p>Ð?ол УайÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о из-за недоÑ?Ñ?аÑ?оÑ?ной оÑ?иÑ?Ñ?ки вÑ?однÑ?Ñ? даннÑ?Ñ? пÑ?и
+    обÑ?абоÑ?ке Ñ?айлов .dsc и .changes, можно вÑ?полниÑ?Ñ?
+    пÑ?оизволÑ?нÑ?й код и Ñ?аÑ?кÑ?Ñ?Ñ?Ñ? Ñ?иÑ?Ñ?емнÑ?Ñ? инÑ?оÑ?маÑ?иÑ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-0211";>CVE-2012-0211</a>:
 
- -    <p>Raphael Geissert discovered that it is possible to inject or modify
- -    arguments of external commands when processing source packages with
- -    specially-named tarballs in the top-level directory of the .orig
- -    tarball, allowing arbitrary code execution.</p></li>
+    <p>РаÑ?аÑ?лÑ? Ð?ейÑ?еÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о можно ввеÑ?Ñ?и или измениÑ?Ñ?
+    аÑ?гÑ?менÑ?Ñ? внеÑ?ниÑ? команд пÑ?и обÑ?абоÑ?ке пакеÑ?ов Ñ? иÑ?Ñ?однÑ?м кодом Ñ?о
+    Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?ми именами tar-аÑ?Ñ?ивов в каÑ?алоге веÑ?Ñ?него Ñ?Ñ?овнÑ?
+    tar-аÑ?Ñ?ива .orig, Ñ?Ñ?о позволÑ?еÑ? вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-0212";>CVE-2012-0212</a>:
 
- -    <p>Raphael Geissert discovered that it is possible to inject or modify
- -    arguments of external commands when passing as argument to debdiff
- -    a specially-named file, allowing arbitrary code execution.</p></li>
+    <p>РаÑ?аÑ?лÑ? Ð?ейÑ?еÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о можно ввеÑ?Ñ?и или измениÑ?Ñ?
+    аÑ?гÑ?менÑ?Ñ? внеÑ?ниÑ? команд пÑ?и пеÑ?едаÑ?е в каÑ?еÑ?Ñ?ве аÑ?гÑ?менÑ?а debdiff
+    Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного Ñ?айла, Ñ?Ñ?о позволÑ?еÑ? вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код.</p></li>
 
 </ul>
 
 
- -<p>For the stable distribution (squeeze), these problems have been fixed in
- -version 2.10.69+squeeze2.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2.10.69+squeeze2.</p>
 
- -<p>For the testing distribution (wheezy), these problems will be fixed soon.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?и пÑ?облемÑ? бÑ?дÑ?Ñ? иÑ?пÑ?авленÑ? позже.</p>
 
- -<p>For the unstable distribution (sid), these problems will be fixed in
- -version 2.11.4.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?дÑ?Ñ? иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2.11.4.</p>
 
- -<p>We recommend that you upgrade your devscripts packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? devscripts.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2012/dsa-2493.wml	2014-04-30 13:16:29.000000000 +0600
+++ russian/security/2012/dsa-2493.wml	2016-10-28 02:35:36.194792801 +0500
@@ -1,40 +1,41 @@
- -<define-tag description>denial of service</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>оÑ?каз в обÑ?лÑ?живании</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities were discovered in Asterisk, a PBX and
- -telephony toolkit.</p>
+<p>Ð? Asterisk, набоÑ?е инÑ?Ñ?Ñ?Ñ?менÑ?ов длÑ? оÑ?иÑ?нÑ?Ñ? Ð?ТС и Ñ?елеÑ?онии,
+бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-2947";>CVE-2012-2947</a>
 
- -	<p>The IAX2 channel driver allows remote attackers to cause a
- -	denial of service (daemon crash) by placing a call on hold
- -	(when a certain mohinterpret setting is enabled).</p></li>
+	<p>Ð?аналÑ?нÑ?й дÑ?айвеÑ? IAX2 позволÑ?еÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам вÑ?зÑ?ваÑ?Ñ?
+	оÑ?каз в обÑ?лÑ?живании (аваÑ?ийнаÑ? оÑ?Ñ?ановка Ñ?лÑ?жбÑ?) пÑ?Ñ?Ñ?м пеÑ?евода звонка в
+	Ñ?ежим Ñ?деÑ?жаниÑ? (еÑ?ли вклÑ?Ñ?енÑ? опÑ?еделÑ?ннÑ?е наÑ?Ñ?Ñ?ойки mohinterpret).</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-2948";>CVE-2012-2948</a>
 
- -	<p>The Skinny channel driver allows remote authenticated users to
- -	cause a denial of service (NULL pointer dereference and daemon
- -	crash) by closing a connection in off-hook mode.</p></li>
+	<p>Ð?аналÑ?нÑ?й дÑ?айвеÑ? Skinny позволÑ?еÑ? Ñ?далÑ?ннÑ?м аÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованнÑ?м полÑ?зоваÑ?елÑ?м
+	вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании (Ñ?азÑ?менование NULL-Ñ?казаÑ?елÑ? и аваÑ?ийнаÑ? оÑ?Ñ?ановка
+	Ñ?лÑ?жбÑ?) пÑ?Ñ?Ñ?м закÑ?Ñ?Ñ?иÑ? Ñ?оединениÑ? в в Ñ?ежиме Ñ?нÑ?Ñ?ой Ñ?Ñ?Ñ?бки.</p></li>
 
 </ul>
 
- -<p>In addition, it was discovered that Asterisk does not set the
- -alwaysauthreject option by default in the SIP channel driver.  This
- -allows remote attackers to observe a difference in response behavior
- -and check for the presence of account names.  (<a href="https://security-tracker.debian.org/tracker/CVE-2011-2666";>CVE-2011-2666</a>)  System
- -administrators concerned by this user enumerating vulnerability should
- -enable the alwaysauthreject option in the configuration.  We do not
- -plan to change the default setting in the stable version
- -(Asterisk 1.6) in order to preserve backwards compatibility.</p>
+<p>Ð?Ñ?оме Ñ?ого, бÑ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о Asterisk по Ñ?молÑ?аниÑ? не вÑ?Ñ?Ñ?авлÑ?еÑ?
+опÑ?иÑ? alwaysauthreject в каналÑ?ном дÑ?айвеÑ?е SIP.  ЭÑ?о позволÑ?еÑ?
+Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам опÑ?еделÑ?Ñ?Ñ? Ñ?азниÑ?Ñ? междÑ? оÑ?веÑ?нÑ?м поведением
+и пÑ?овеÑ?кой пÑ?иÑ?Ñ?Ñ?Ñ?Ñ?виÑ? имÑ?н Ñ?Ñ?Ñ?нÑ?Ñ? запиÑ?ей.  (<a href="https://security-tracker.debian.org/tracker/CVE-2011-2666";>CVE-2011-2666</a>)  СиÑ?Ñ?емнÑ?м
+админиÑ?Ñ?Ñ?аÑ?оÑ?ам, коÑ?оÑ?Ñ?Ñ? каÑ?аеÑ?Ñ?Ñ? Ñ?Ñ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? по пеÑ?ебоÑ?Ñ? полÑ?зоваÑ?елей, Ñ?ледÑ?еÑ?
+вклÑ?Ñ?иÑ?Ñ? в наÑ?Ñ?Ñ?ойкаÑ? опÑ?иÑ? alwaysauthreject.  Ð?Ñ? не планиÑ?Ñ?ем
+изменÑ?Ñ?Ñ? знаÑ?ение по Ñ?молÑ?аниÑ? Ñ?Ñ?ой наÑ?Ñ?Ñ?ойки в Ñ?Ñ?абилÑ?ной веÑ?Ñ?ии
+(Asterisk 1.6) Ñ? Ñ?елÑ?Ñ? Ñ?оÑ?Ñ?анениÑ? обÑ?аÑ?ной Ñ?овмеÑ?Ñ?имоÑ?Ñ?и.</p>
 
- -<p>For the stable distribution (squeeze), this problem has been fixed in
- -version 1:1.6.2.9-2+squeeze6.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1:1.6.2.9-2+squeeze6.</p>
 
- -<p>For the testing distribution (wheezy) and the unstable distribution
- -(sid), this problem has been fixed in version 1:1.8.13.0~dfsg-1.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом (wheezy) и неÑ?Ñ?абилÑ?ном (sid) вÑ?пÑ?Ñ?каÑ?
+Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в веÑ?Ñ?ии 1:1.8.13.0~dfsg-1.</p>
 
- -<p>We recommend that you upgrade your asterisk packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? asterisk.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJYEnSUAAoJEF7nbuICFtKlQs8QAKq6KQ9Fij6xQs32lI0u1xQ9
r/rLo8dW8jwSVbJtN9ZTTZdWJaO53sT3HV+f0oSSxZahVsEcHk7wEaa6EJQW42Bx
l92nFEwde8ZBWVbvtBNjsMbuv82UXgUyocDD4ETl9OsQAfXic5hMWuSpw2AxbvET
Hq6SFyT29AFS7f9nws1VR6kGOu/e6k666V4o2c35yPRiJC1fc1NUuYAacX8080Ab
Oxc7pCQVF+LdifgBE/m1MM6k8aV7NQ4OXuJtYqcfaZJ2/5R9PfJS1QOvsHb4ML54
2dAjlZWnIhX+uwgu1SXqlzivJApP4mON9szBmKvFr33w5UYi+vdeB1jo0dixKvKH
+dTB01kiip+r9dwdM/rdXbAsaSQQ7vGhy9SudMJyr5A8P1hZh+1WoCLPOusADTna
7EvxzO6n3jNxUG7dqyt3pnUMKLJLRvIPWScimmqgwcLQLQTikCI9XHty0C73s+Dp
1+oJ/CyyvSbbBrrSrViRQY8uF84k5f8jeU63gBtjtVUai6tsQaxdsJ8kTmQWs7AJ
PMJwe49LHB3wZ7pexR4u+kdGYcDobLyci7yrUlO4SffawmG5djsa7E1HX2UcWEdS
MkuBYsjQidp+H8SqgDAm0+vbl6ppjrK9v3kTWUs4IJLu44YNagc5qYlfv+uPOEhN
eOi/URZKlIWbgRxNm6e2
=In63
-----END PGP SIGNATURE-----