[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2008/dsa-15{25,09}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2008/dsa-1509.wml	2014-04-30 13:16:15.000000000 +0600
+++ russian/security/2008/dsa-1509.wml	2016-10-29 22:33:29.025875238 +0500
@@ -1,40 +1,41 @@
- -<define-tag description>multiple vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.5" maintainer="Lev Lamberov"
+<define-tag description>многоÑ?иÑ?леннÑ?е Ñ?Ñ?звимоÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
 
- -<p>Several vulnerabilities have been discovered in xpdf code that is
- -embedded in koffice, an integrated office suite for KDE.  These flaws
- -could allow an attacker to execute arbitrary code by inducing the user
- -to import a specially crafted PDF document.  The Common Vulnerabilities and
- -Exposures project identifies the following problems:</p>
+<p>Ð? коде xpdf, вÑ?Ñ?Ñ?оенном в koffice, инÑ?егÑ?иÑ?ованнÑ?й набоÑ? оÑ?иÑ?нÑ?Ñ? пÑ?огÑ?амм
+длÑ? KDE, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей.  ЭÑ?и Ñ?Ñ?звимоÑ?Ñ?и
+могÑ?Ñ? позволиÑ?Ñ? злоÑ?мÑ?Ñ?ленникÑ? вÑ?полниÑ?Ñ? пÑ?оизволÑ?нÑ?й код в Ñ?лÑ?Ñ?ае, когда полÑ?зоваÑ?елÑ?
+импоÑ?Ñ?иÑ?Ñ?еÑ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?й докÑ?менÑ? в Ñ?оÑ?маÑ?е PDF.  Ð?Ñ?оекÑ? Common Vulnerabilities and
+Exposures опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-4352";>CVE-2007-4352</a>
- -<p>Array index error in the DCTStream::readProgressiveDataUnit method in
- -xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice,
- -CUPS, and other products, allows remote attackers to trigger memory
- -corruption and execute arbitrary code via a crafted PDF file.</p></li>
+<p>Ð?Ñ?ибка Ñ?казаÑ?елÑ? маÑ?Ñ?ива в меÑ?оде DCTStream::readProgressiveDataUnit в
+xpdf/Stream.cc в Xpdf 3.02pl1, иÑ?полÑ?зÑ?емом в poppler, teTeX, KDE, KOffice,
+CUPS и дÑ?Ñ?гиÑ? пÑ?одÑ?кÑ?аÑ?, позволÑ?еÑ? злоÑ?мÑ?Ñ?ленникам вÑ?зÑ?ваÑ?Ñ? повÑ?еждение Ñ?одеÑ?жимого
+памÑ?Ñ?и и вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код Ñ? помоÑ?Ñ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного Ñ?айла в Ñ?оÑ?маÑ?е PDF.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-5392";>CVE-2007-5392</a>
- -<p>Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in
- -Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a
- -crafted PDF file, resulting in a heap-based buffer overflow.</p></li>
+<p>Ð?еÑ?еполнение Ñ?елÑ?Ñ? Ñ?иÑ?ел в меÑ?оде DCTStream::reset в xpdf/Stream.cc в
+Xpdf 3.02p11 позволÑ?еÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код Ñ? помоÑ?Ñ?Ñ?
+Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного Ñ?айла в Ñ?оÑ?маÑ?е PDF, Ñ?Ñ?о пÑ?иводиÑ? к пеÑ?еполнениÑ? динамиÑ?еÑ?кой памÑ?Ñ?и.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-5393";>CVE-2007-5393</a>
- -<p>Heap-based buffer overflow in the CCITTFaxStream::lookChar method in
- -xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute
- -arbitrary code via a PDF file that contains a crafted CCITTFaxDecode
- -filter.</p></li>
+<p>Ð?еÑ?еполнение динамиÑ?еÑ?кой памÑ?Ñ?и в меÑ?оде CCITTFaxStream::lookChar в
+xpdf/Stream.cc в Xpdf 3.02p11 позволÑ?еÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам вÑ?полнÑ?Ñ?Ñ?
+пÑ?оизволÑ?нÑ?й код Ñ? помоÑ?Ñ?Ñ? Ñ?айлов PDF, Ñ?одеÑ?жаÑ?иÑ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?й
+Ñ?илÑ?Ñ?Ñ? CCITTFaxDecode.</p></li>
 
 </ul>
 
- -<p>Updates for the old stable distribution (sarge) will be made available
- -as soon as possible.</p>
+<p>Ð?бновлениÑ? длÑ? пÑ?едÑ?дÑ?Ñ?его Ñ?Ñ?абилÑ?ного вÑ?пÑ?Ñ?ка (sarge) бÑ?дÑ?Ñ? доÑ?Ñ?Ñ?пнÑ?
+по меÑ?е гоÑ?овноÑ?Ñ?и.</p>
 
- -<p>For the stable distribution (etch), these problems have been fixed in version
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии
 1:1.6.1-2etch2.</p>
 
- -<p>We recommend that you upgrade your koffice package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? koffice.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2008/dsa-1525.wml	2014-04-30 13:16:15.000000000 +0600
+++ russian/security/2008/dsa-1525.wml	2016-10-29 22:27:54.962993741 +0500
@@ -1,42 +1,43 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several remote vulnerabilities have been discovered in Asterisk, a free
- -software PBX and telephony toolkit. The Common Vulnerabilities and
- -Exposures project identifies the following problems:</p>
+<p>Ð? Asterisk, Ñ?вободном Ð?Ð? длÑ? оÑ?иÑ?нÑ?Ñ? Ð?ТС и набоÑ?е инÑ?Ñ?Ñ?Ñ?менÑ?ов длÑ?
+Ñ?елеÑ?онии, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?далÑ?ннÑ?Ñ? Ñ?Ñ?звимоÑ?Ñ?ей. Ð?Ñ?оекÑ? Common Vulnerabilities and
+Exposures опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-6430";>CVE-2007-6430</a>
 
- -    <p>Tilghman Lesher discovered that database-based registrations are
- -    insufficiently validated. This only affects setups, which are
- -    configured to run without a password and only host-based
- -    authentication.</p></li>
+    <p>ТилÑ?гман Ð?еÑ?еÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о Ñ?егиÑ?Ñ?Ñ?аÑ?иÑ? на оÑ?нове базÑ? даннÑ?Ñ?
+    пÑ?овеÑ?Ñ?еÑ?Ñ?Ñ? недоÑ?Ñ?аÑ?оÑ?нÑ?м обÑ?азом. ЭÑ?о каÑ?аеÑ?Ñ?Ñ? Ñ?олÑ?ко Ñ?Ñ?Ñ?ановок, коÑ?оÑ?Ñ?е
+    наÑ?Ñ?Ñ?оенÑ? на Ñ?абоÑ?Ñ? без паÑ?олÑ? и на иÑ?полÑ?зование Ñ?олÑ?ко аÑ?Ñ?енÑ?иÑ?икаÑ?ии
+    на оÑ?нове Ñ?зла.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-1332";>CVE-2008-1332</a>
 
- -    <p>Jason Parker discovered that insufficient validation of From:
- -    headers inside the SIP channel driver may lead to authentication
- -    bypass and the potential external initiation of calls.</p></li>
+    <p>Ð?жейÑ?он Ð?аÑ?кеÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о недоÑ?Ñ?аÑ?оÑ?наÑ? пÑ?овеÑ?ка заголовков From:
+    внÑ?Ñ?Ñ?и дÑ?айвеÑ?а SIP-канала можеÑ? пÑ?иводиÑ?Ñ? к обÑ?одÑ?
+    аÑ?Ñ?енÑ?иÑ?икаÑ?ии и поÑ?енÑ?иалÑ?ной внеÑ?ней иниÑ?иализаÑ?ии звонков.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-1333";>CVE-2008-1333</a>
 
- -    <p>This update also fixes a format string vulnerability, which can only be
- -    triggered through configuration files under control of the local
- -    administrator. In later releases of Asterisk this issue is remotely
- -    exploitable and tracked as <a
+    <p>Ð?Ñ?оме Ñ?ого, данное обновление иÑ?пÑ?авлÑ?еÑ? Ñ?Ñ?звимоÑ?Ñ?Ñ? Ñ?оÑ?маÑ?ной Ñ?Ñ?Ñ?оки, коÑ?оÑ?аÑ? можеÑ?
+    пÑ?оÑ?влÑ?Ñ?Ñ?Ñ?Ñ? Ñ?олÑ?ко из-за Ñ?айлов наÑ?Ñ?Ñ?ойки, наÑ?одÑ?Ñ?иÑ?Ñ?Ñ? под Ñ?пÑ?авлением локалÑ?ного
+    админиÑ?Ñ?Ñ?аÑ?оÑ?а. Ð? более Ñ?вежиÑ? вÑ?пÑ?Ñ?каÑ? Asterisk Ñ?Ñ?а пÑ?облема можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ?
+    Ñ?далÑ?нно и имееÑ? иденÑ?иÑ?икаÑ?оÑ? <a
     href="https://security-tracker.debian.org/tracker/CVE-2008-1333";>CVE-2008-1333</a>.</p></li>
 
 </ul>
 
- -<p>The status of the old stable distribution (sarge) is currently being
- -investigated. If affected, an update will be released through
- -security.debian.org.</p>
+<p>Ð? наÑ?Ñ?оÑ?Ñ?ее вÑ?емÑ? Ñ?Ñ?аÑ?Ñ?Ñ? пÑ?едÑ?дÑ?Ñ?его Ñ?Ñ?абилÑ?ного вÑ?пÑ?Ñ?ка (sarge)
+изÑ?Ñ?аеÑ?Ñ?Ñ?. Ð?Ñ?ли он подвеÑ?жен Ñ?казаннÑ?м Ñ?Ñ?звимоÑ?Ñ?Ñ?м, Ñ?о длÑ? него бÑ?дÑ?Ñ? вÑ?пÑ?Ñ?енÑ?
+обновлениÑ? Ñ?еÑ?ез security.debian.org.</p>
 
- -<p>For the stable distribution (etch), these problems have been fixed in
- -version 1:1.2.13~dfsg-2etch3.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1:1.2.13~dfsg-2etch3.</p>
 
- -<p>We recommend that you upgrade your asterisk packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? asterisk.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJYFN1tAAoJEF7nbuICFtKlQsAP/iJy7t8mSgunSLoLVPsfU2+R
lDXgFKY7lyxTrGmw7TLQg+Dm9QCBlqQoLswQTGCtuQzywirBvEj3Vgo2BW9SQBpG
GYXSY6969cL6IerSft4xZuGcwLEmohXKGekYfxE3U/aWGgohA5SQXbFnOA2urbBS
FAOV1EvAtPddQwaW0FwYC0C37T3utRGn4coc4jQJ9IfcJjBCf7b2ZUD0KiQncZkD
rx/hg0MjOUAgLzvKlsyJEgzkquP7+znWYCCviFU+9IL9lBgTsWAVT4sNAf8BKcCA
QUAaHLxYBZ/uY4bQtq4uGAwWLwCnUKlkSaHVuccm+k1DOU4+XU92JX9v4KUdFyOU
eSlxYu2rYxniOcMa5M0k1aog20BSnP+t71Yic5bFeNoU+bxAA6TmkvUky854/61p
BBJX6wH9Dwcq9aeta/IOvyAAKOyzIMgcbA7TJXR493vArXLoABkA2e6hR48p2s+/
2tSbC0HzdsYCMk7PBEeIq67luR/eWrdkkREaNpeICHD8qneMQWZbAPTA3KJXnppV
BhBD88W1pDyxN43L72VAglFuxcgqI9ObvlYVieXLmhJ7I5Je4a3nnr06emLxOI5F
1qoXp+SzH+mqxBrUIFOroUZ0FY43Ud6w+OABmZ0aVBUTD5Q/4M0pYblvTThmKSoN
qVmRiikT/7OKQyIjEpOt
=GMBx
-----END PGP SIGNATURE-----
Reply to: