[DONE] wml://security/2008/dsa-1{451,578}.wml
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- --- english/security/2008/dsa-1451.wml 2014-04-30 13:16:14.000000000 +0600
+++ russian/security/2008/dsa-1451.wml 2016-10-29 22:38:59.092196286 +0500
@@ -1,9 +1,10 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.5" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
<define-tag moreinfo>
<p>
- -Several local/remote vulnerabilities have been discovered in the MySQL
- -database server. The Common Vulnerabilities and Exposures project
- -identifies the following problems:
+Ð? Ñ?еÑ?веÑ?е баз даннÑ?Ñ? MySQL бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко локалÑ?нÑ?Ñ?/Ñ?далÑ?ннÑ?Ñ?
+Ñ?Ñ?звимоÑ?Ñ?ей. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:
</p>
<ul>
@@ -11,48 +12,48 @@
<li><a href="https://security-tracker.debian.org/tracker/CVE-2007-3781";>CVE-2007-3781</a>
<p>
- - It was discovered that the privilege validation for the source table
- - of CREATE TABLE LIKE statements was insufficiently enforced, which
- - might lead to information disclosure. This is only exploitable by
- - authenticated users.
+ Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о пÑ?овеÑ?ка пÑ?ав доÑ?Ñ?Ñ?па длÑ? иÑ?Ñ?одной Ñ?аблиÑ?Ñ?
+ Ñ?Ñ?веÑ?ждений CREATE TABLE LIKE вÑ?полнÑ?еÑ?Ñ?Ñ? недоÑ?Ñ?аÑ?оÑ?нÑ?м обÑ?азом, Ñ?Ñ?о
+ можеÑ? пÑ?иводиÑ?Ñ? к Ñ?аÑ?кÑ?Ñ?Ñ?иÑ? инÑ?оÑ?маÑ?ии. ÐÑ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ?
+ Ñ?олÑ?ко аÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованнÑ?ми полÑ?зоваÑ?елÑ?ми.
</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2007-5969";>CVE-2007-5969</a>
<p>
- - It was discovered that symbolic links were handled insecurely during
- - the creation of tables with DATA DIRECTORY or INDEX DIRECTORY
- - statements, which might lead to denial of service by overwriting
- - data. This is only exploitable by authenticated users.
+ Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о Ñ?имволÑ?нÑ?е Ñ?Ñ?Ñ?лки во вÑ?емÑ? Ñ?озданиÑ? Ñ?аблиÑ? Ñ? Ñ?Ñ?веÑ?ждениÑ?ми
+ DATA DIRECTORY или INDEX DIRECTORY обÑ?абаÑ?Ñ?ваÑ?Ñ?Ñ?Ñ? небезопаÑ?нÑ?м
+ обÑ?азом, Ñ?Ñ?о можеÑ? пÑ?иводиÑ?Ñ? к оÑ?казÑ? в обÑ?лÑ?живании из-за пеÑ?езапиÑ?и
+ даннÑ?Ñ?. ÐÑ?а Ñ?Ñ?звимоÑ?Ñ?Ñ? можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? Ñ?олÑ?ко аÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованнÑ?ми полÑ?зоваÑ?елÑ?ми.
</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2007-6304";>CVE-2007-6304</a>
<p>
- - It was discovered that queries to data in a FEDERATED table can
- - lead to a crash of the local database server, if the remote server
- - returns information with less columns than expected, resulting in
- - denial of service.
+ Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о запÑ?оÑ?Ñ? даннÑ?Ñ? в Ñ?аблиÑ?е FEDERATED могÑ?Ñ?
+ пÑ?иводиÑ?Ñ? к аваÑ?ийной оÑ?Ñ?ановке локалÑ?ного Ñ?еÑ?веÑ?а баз даннÑ?Ñ? в Ñ?ом Ñ?лÑ?Ñ?ае, еÑ?ли Ñ?далÑ?ннÑ?й
+ Ñ?еÑ?веÑ? возвÑ?аÑ?аеÑ? инÑ?оÑ?маÑ?иÑ? Ñ? менÑ?Ñ?им Ñ?иÑ?лом Ñ?Ñ?олбÑ?ов, Ñ?ем ожидаеÑ?Ñ?Ñ?, Ñ?Ñ?о пÑ?иводиÑ? к
+ оÑ?казÑ? в обÑ?лÑ?живании.
</p></li>
</ul>
<p>
- -The old stable distribution (sarge) doesn't contain mysql-dfsg-5.0.
+Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sarge) пакеÑ?Ñ? mysql-dfsg-5.0 оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вÑ?Ñ?Ñ?.
</p>
<p>
- -For the stable distribution (etch), these problems have been fixed in
- -version 5.0.32-7etch4.
+Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 5.0.32-7etch4.
</p>
<p>
- -For the unstable distribution (sid), these problems have been fixed in
- -version 5.0.51-1.
+Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 5.0.51-1.
</p>
<p>
- -We recommend that you upgrade your mysql-dfsg-5.0 packages.
+РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? mysql-dfsg-5.0.
</p>
</define-tag>
- --- english/security/2008/dsa-1578.wml 2014-04-30 13:16:15.000000000 +0600
+++ russian/security/2008/dsa-1578.wml 2016-10-29 22:45:37.838970463 +0500
@@ -1,47 +1,48 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.5" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
<define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in PHP version 4, a
- -server-side, HTML-embedded scripting language. The Common Vulnerabilities
- -and Exposures project identifies the following problems:</p>
+<p>Ð? PHP веÑ?Ñ?ии 4, Ñ?еÑ?веÑ?ном Ñ?зÑ?ке Ñ?Ñ?енаÑ?иев Ñ?о вÑ?Ñ?Ñ?оенной поддеÑ?жкой HTML,
+бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей. Ð?Ñ?оекÑ? Common Vulnerabilities
+and Exposures опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2007-3799";>CVE-2007-3799</a>
- - <p>The session_start function allows remote attackers to insert
- - arbitrary attributes into the session cookie via special characters
- - in a cookie that is obtained from various parameters.</p></li>
+ <p>ФÑ?нкÑ?иÑ? session_start позволÑ?еÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам вводиÑ?Ñ?
+ пÑ?оизволÑ?нÑ?е аÑ?Ñ?ибÑ?Ñ?Ñ? в кÑ?ки Ñ?еÑ?Ñ?ии Ñ? помоÑ?Ñ?Ñ? Ñ?пеÑ?иалÑ?нÑ?Ñ? Ñ?имволов
+ в кÑ?ки, полÑ?Ñ?аемÑ?Ñ? из Ñ?азлиÑ?нÑ?Ñ? паÑ?амеÑ?Ñ?ов.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2007-3806";>CVE-2007-3806</a>
- - <p>A denial of service was possible through a malicious script abusing
- - the glob() function.</p></li>
+ <p>Ð?ожно вÑ?зваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании Ñ? помоÑ?Ñ?Ñ? Ñ?Ñ?енаÑ?иÑ?, иÑ?полÑ?зÑ?Ñ?Ñ?его
+ Ñ?Ñ?нкÑ?иÑ? glob().</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2007-3998";>CVE-2007-3998</a>
- - <p>Certain maliciously constructed input to the wordwrap() function could
- - lead to a denial of service attack.</p></li>
+ <p>Ð?пÑ?еделÑ?ннÑ?е Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?е вÑ?однÑ?е даннÑ?е длÑ? Ñ?Ñ?нкÑ?ии wordwrap() могÑ?Ñ?
+ пÑ?иводиÑ?Ñ? к оÑ?казÑ? в обÑ?лÑ?живании.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2007-4657";>CVE-2007-4657</a>
- - <p>Large len values of the stspn() or strcspn() functions could allow an
- - attacker to trigger integer overflows to expose memory or cause denial
- - of service.</p></li>
+ <p>Ð?наÑ?ениÑ? болÑ?Ñ?ой длинÑ? Ñ? Ñ?Ñ?нкÑ?ий stspn() или strcspn() могÑ?Ñ? позволиÑ?Ñ?
+ злоÑ?мÑ?Ñ?ленникÑ? вÑ?зваÑ?Ñ? пеÑ?еполнение динамиÑ?еÑ?кой памÑ?Ñ?и длÑ? Ñ?аÑ?кÑ?Ñ?Ñ?иÑ? Ñ?одеÑ?жимого памÑ?Ñ?и
+ или вÑ?зова оÑ?каза в обÑ?лÑ?живании.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2008-2051";>CVE-2008-2051</a>
- - <p>The escapeshellcmd API function could be attacked via incomplete
- - multibyte chars.</p></li>
+ <p>API-Ñ?Ñ?нкÑ?иÑ? escapeshellcmd можеÑ? оказаÑ?Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? из-за неполнÑ?Ñ?
+ многобайÑ?овÑ?Ñ? Ñ?имволов.</p></li>
</ul>
- -<p>For the stable distribution (etch), these problems have been fixed in
- -version 6:4.4.4-8+etch6.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 6:4.4.4-8+etch6.</p>
- -<p>The php4 packages are no longer present the unstable distribution (sid).</p>
+<p>Ð?акеÑ?Ñ? php4 более не пÑ?едÑ?Ñ?авленÑ? в неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid).</p>
- -<p>We recommend that you upgrade your php4 package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? php4.</p>
</define-tag>
# do not modify the following line
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJYFOBFAAoJEF7nbuICFtKltQEP/1AkAKzToEOSRQzq8M6q9CbM
Afj6Y/sdkB6mfYACz7rPykfE1SWr3h55HjsoZMZ9RwtDOe4Va8EgvUGdxUS6i1iE
f+/fRWRVzNzmZYHWk/1xATzDLEfh4iJJxe/THt82EYZm2w+hBUYi1I1mnvfvt8QM
Qo7MqJ/pEonnfpH4QuW/CYROp7msod9lLWUqpE9qkWdV3lcX8xeBNOycaAJGXomT
cRYC/CTNJWRmI33kH5FryDK8vtXvLJzbnr/wmnREFa7bfye7Oq+S2c+OTn5CX8DX
gFXDWKeBpmymVjTyJayEdFpfZb3N27rLQdfJcossFvCe6Z0DQhh3uNuhMtrzgfsU
vLo4CDrAf/7tRgM00iVbelRFxoeqAGvHWJWbEvqSPEG0/qBYhT7gosTf2beXr5T0
N0kMQ5BIAP7C/xLSHs//ocKu7oKUjalIO/5rR46Zy5AB0H7WaGbmHP348vUSDLBN
bcotGNHyR73of1BMUkd7vkWiZ6ZixSBcIep+KEcO7P1TGh1NYwaD6rE+XM+kSCXd
xS6YcE9tbEwY8Iv5lPv8016bh57GcHL53Pjk5EI3HmDbwxwl4lOoaQ5qPDipuPhs
MdR0BPskDNdLlAThD3UqLTHdKKdiVxxD9a0D8pqkvKJ24ZOld4JCci+rMW4wU4pz
51l01oyd4BNgMEfCbf3u
=D640
-----END PGP SIGNATURE-----
Reply to: