[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2008/dsa-1{652,524}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2008/dsa-1524.wml	2014-04-30 13:16:15.000000000 +0600
+++ russian/security/2008/dsa-1524.wml	2016-12-15 12:51:26.367225440 +0500
@@ -1,45 +1,46 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several remote vulnerabilities have been discovered in the kdc component
- -of the krb5, a system for authenticating users and services on a
- -network. The Common Vulnerabilities and Exposures project identifies the 
- -following problems:</p>
+<p>Ð? компоненÑ?е kdc из krb5, Ñ?иÑ?Ñ?емÑ? аÑ?Ñ?енÑ?иÑ?икаÑ?ии полÑ?зоваÑ?елÑ?
+и Ñ?лÑ?жб в Ñ?еÑ?и, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?далÑ?ннÑ?Ñ?
+Ñ?Ñ?звимоÑ?Ñ?ей. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures опÑ?еделÑ?еÑ?
+Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-0062";>CVE-2008-0062</a>
 
- -<p>An unauthenticated remote attacker may cause a krb4-enabled KDC to
- -crash, expose information, or execute arbitrary code.  Successful
- -exploitation of this vulnerability could compromise the Kerberos key
- -database and host security on the KDC host.</p></li>
+<p>Ð?еаÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованнÑ?й Ñ?далÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? вÑ?зÑ?ваÑ?Ñ? аваÑ?ийнÑ?Ñ?
+оÑ?Ñ?ановкÑ? KDC Ñ? вклÑ?Ñ?Ñ?нной поддеÑ?жкой krb4, а Ñ?акже Ñ?аÑ?кÑ?Ñ?Ñ?ие инÑ?оÑ?маÑ?ии или вÑ?полнение пÑ?оизволÑ?ного кода. УÑ?пеÑ?ное
+иÑ?полÑ?зование Ñ?Ñ?ой Ñ?Ñ?звимоÑ?Ñ?и пÑ?иводиÑ? к компÑ?омеÑ?аÑ?ии базÑ? даннÑ?Ñ? клÑ?Ñ?ей
+Kerberos и безопаÑ?ноÑ?Ñ?и Ñ?зла KDC.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-0063";>CVE-2008-0063</a>
 
- -<p>An unauthenticated remote attacker may cause a krb4-enabled KDC to
- -expose information.  It is theoretically possible for the exposed
- -information to include secret key data on some platforms.</p></li>
+<p>Ð?еаÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованнÑ?й Ñ?далÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? вÑ?зÑ?ваÑ?Ñ? Ñ?аÑ?кÑ?Ñ?Ñ?ие инÑ?оÑ?маÑ?ии KDC
+Ñ? вклÑ?Ñ?Ñ?нной поддеÑ?жкой krb4. ТеоÑ?еÑ?иÑ?еÑ?ки можно Ñ?аÑ?кÑ?Ñ?Ñ?Ñ?
+инÑ?оÑ?маÑ?иÑ?, Ñ?одеÑ?жаÑ?Ñ?Ñ? не некоÑ?оÑ?Ñ?Ñ? плаÑ?Ñ?оÑ?маÑ? даннÑ?е о закÑ?Ñ?Ñ?Ñ?Ñ? клÑ?Ñ?аÑ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-0947";>CVE-2008-0947</a>
 
- -<p>An unauthenticated remote attacker can cause memory corruption in the
- -kadmind process, which is likely to cause kadmind to crash, resulting in
- -a denial of service. It is at least theoretically possible for such
- -corruption to result in database corruption or arbitrary code execution,
- -though we have no such exploit and are not aware of any such exploits in
- -use in the wild.  In versions of MIT Kerberos shipped by Debian, this
- -bug can only be triggered in configurations that allow large numbers of
- -open file descriptors in a process.</p></li>
+<p>Ð?еаÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованнÑ?й Ñ?далÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? вÑ?зваÑ?Ñ? повÑ?еждение Ñ?одеÑ?жимого памÑ?Ñ?и
+пÑ?оÑ?еÑ?Ñ?а kadmind, Ñ?Ñ?о заÑ?аÑ?Ñ?Ñ?Ñ? пÑ?иводиÑ? к аваÑ?ийной оÑ?Ñ?ановке kadmind, а поÑ?ом к
+оÑ?казÑ? в обÑ?лÑ?живании. Ð?о менÑ?Ñ?ей меÑ?е Ñ?еоÑ?еÑ?иÑ?еÑ?ки Ñ?акое повÑ?еждение памÑ?Ñ?и
+можеÑ? пÑ?иводиÑ?Ñ? к повÑ?еждениÑ? базÑ? даннÑ?Ñ? или вÑ?полнениÑ? пÑ?оизволÑ?ного кода,
+Ñ?оÑ?Ñ? подобнÑ?й Ñ?кÑ?плоиÑ? в наÑ?Ñ?оÑ?Ñ?ее вÑ?емÑ? Ñ? наÑ? оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вÑ?еÑ? и нам не извеÑ?Ñ?но о его иÑ?полÑ?зовании
+злоÑ?мÑ?Ñ?ленниками. Ð? веÑ?Ñ?иÑ?Ñ? MIT Kerberos, поÑ?Ñ?авлÑ?емÑ?Ñ? Debian, Ñ?Ñ?а
+оÑ?ибка акÑ?Ñ?алÑ?на Ñ?олÑ?ко длÑ? наÑ?Ñ?Ñ?оек, Ñ?азÑ?еÑ?аÑ?Ñ?иÑ? болÑ?Ñ?ое колиÑ?еÑ?Ñ?во оÑ?кÑ?Ñ?Ñ?Ñ?Ñ?
+Ñ?айловÑ?Ñ? деÑ?кÑ?ипÑ?оÑ?ов в пÑ?оÑ?еÑ?Ñ?е.</p></li>
 
 </ul>
 
- -<p>For the old stable distribution (sarge), these problems have been fixed
- -in version krb5 1.3.6-2sarge6.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sarge) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 1.3.6-2sarge6 пакеÑ?а krb5.</p>
 
- -<p>For the stable distribution (etch), these problems have been fixed in
- -version 1.4.4-7etch5.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.4.4-7etch5.</p>
 
- -<p>We recommend that you upgrade your krb5 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? krb5.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2008/dsa-1652.wml	2014-04-30 13:16:16.000000000 +0600
+++ russian/security/2008/dsa-1652.wml	2016-12-15 12:40:48.896430221 +0500
@@ -1,49 +1,51 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in the interpreter for
- -the Ruby language, which may lead to denial of service and other
- -security problems. The Common Vulnerabilities and Exposures project
- -identifies the following problems:</p>
+<p>Ð? инÑ?еÑ?пÑ?еÑ?аÑ?оÑ?е Ñ?зÑ?ка Ruby бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей,
+коÑ?оÑ?Ñ?е могÑ?Ñ? пÑ?иводиÑ?Ñ? к оÑ?казÑ? в обÑ?лÑ?живании и дÑ?Ñ?гим
+пÑ?облемам безопаÑ?ноÑ?Ñ?и. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-3655";>CVE-2008-3655</a>
 
- -    <p>Keita Yamaguchi discovered that several safe level restrictions
- -    are insufficiently enforced.</p></li>
- - 
+    <p>Ð?еиÑ?а ЯмагÑ?Ñ?и обнаÑ?Ñ?жил, Ñ?Ñ?о неÑ?колÑ?ко огÑ?аниÑ?ений Ñ?Ñ?овнÑ? безопаÑ?ноÑ?Ñ?и
+    Ñ?еализÑ?Ñ?Ñ?Ñ?Ñ? недоÑ?Ñ?аÑ?оÑ?нÑ?м обÑ?азом.</p></li>
+
+
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-3656";>CVE-2008-3656</a>
 
- -    <p>Christian Neukirchen discovered that the WebRick module uses
- -    inefficient algorithms for HTTP header splitting, resulting in
- -    denial of service through resource exhaustion.</p></li>
+    <p>Ð?Ñ?иÑ?Ñ?иан Ð?ойкиÑ?Ñ?ен обнаÑ?Ñ?жил, Ñ?Ñ?о модÑ?лÑ? WebRick иÑ?полÑ?зÑ?еÑ?
+    недоÑ?Ñ?аÑ?оÑ?нÑ?е алгоÑ?иÑ?мÑ? длÑ? Ñ?азделениÑ? заголовка HTTP, Ñ?Ñ?о пÑ?иводиÑ? к
+    оÑ?казÑ? в обÑ?лÑ?живании из-за иÑ?Ñ?оÑ?ениÑ? Ñ?еÑ?Ñ?Ñ?Ñ?ов.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-3657";>CVE-2008-3657</a>
 
- -    <p>It was discovered that the dl module doesn't perform taintness
- -    checks.</p></li>
+    <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о модÑ?лÑ? dl не вÑ?полнÑ?еÑ? пÑ?овеÑ?ки
+    иÑ?поÑ?Ñ?енноÑ?Ñ?и даннÑ?Ñ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-3790";>CVE-2008-3790</a>
 
- -    <p>Luka Treiber and Mitja Kolsek discovered that recursively nested
- -    XML entities can lead to denial of service through resource
- -    exhaustion in rexml.</p></li>
+    <p>Ð?Ñ?ка ТÑ?айбеÑ? и Ð?иÑ?Ñ? Ð?олÑ?ек обнаÑ?Ñ?жил, Ñ?Ñ?о Ñ?екÑ?Ñ?Ñ?ивно вложеннÑ?е
+    Ñ?Ñ?Ñ?ноÑ?Ñ?и XML могÑ?Ñ? пÑ?иводиÑ?Ñ? к оÑ?казÑ? в обÑ?лÑ?живании из-за иÑ?Ñ?оÑ?ениÑ?
+    Ñ?еÑ?Ñ?Ñ?Ñ?ов в rexml.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-3905";>CVE-2008-3905</a>
 
- -    <p>Tanaka Akira discovered that the resolv module uses sequential
- -    transaction IDs and a fixed source port for DNS queries, which
- -    makes it more vulnerable to DNS spoofing attacks.</p></li>
+    <p>Танака Ð?киÑ?а обнаÑ?Ñ?жил, Ñ?Ñ?о модÑ?лÑ? resolv иÑ?полÑ?зÑ?еÑ? иденÑ?иÑ?икаÑ?оÑ?Ñ?
+    поÑ?ледоваÑ?елÑ?нÑ?Ñ? опеÑ?аÑ?ий и Ñ?икÑ?иÑ?ованнÑ?й иÑ?Ñ?однÑ?й поÑ?Ñ? длÑ? запÑ?оÑ?ов DNS, Ñ?Ñ?о
+    делаеÑ? его Ñ?Ñ?звимÑ?м к аÑ?акам по подделке DNS.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (etch), these problems have been fixed in
- -version 1.9.0+20060609-1etch3. Packages for arm will be provided later.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.9.0+20060609-1etch3. Ð?акеÑ?Ñ? длÑ? аÑ?Ñ?иÑ?екÑ?Ñ?Ñ?Ñ? arm бÑ?дÑ?Ñ? пÑ?едоÑ?Ñ?авленÑ? позже.</p>
 
- -<p>For the unstable distribution (sid), these problems have been fixed in
- -version 1.9.0.2-6.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.9.0.2-6.</p>
 
- -<p>We recommend that you upgrade your ruby1.9 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? ruby1.9.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlhSS4MACgkQXudu4gIW
0qWstg//RcKO+2bFZpwJJNShQXG4QKuROTyYmKx4zcSHaM20ZX280fjpQF4/OoPa
tCC+/RLyg/qwvbRfNPU97JT06fuMdhC+UD/sWk7jF+DRDqNzxg6Fnrc9gDfVnTjy
yb7dwMKJsMUXx28Mzty8AMXAyprvkd0+FMkeURAY2oTS6gnEOeB+9/Nk5CYfwGKL
1Ovy3p3DxRWzfDAaD2f7IpnuLScBGtGyuQG+d/nHrZjQQYgA1dVkv3PLwmQ5utgb
EP93Vp26GuMIoPqMiXq6gpIV9unUzmnP0HOC0j/bgWt8Gf8MbWUeuLvmKKjLKBOB
gDdV5YMr5Llo99efCc/fnF0IL54hDSZH2j1P99aEt98RweojUg/OwqHZ2R9DD7DZ
MrJ3Cp+XPM1owDHgilw2X647rXGQpUJXvLfEc/eROo1vYjX6JPfKhRI7KpVuT/MV
68dgL5LbVn5YmTEp06MtIEINc2HkRTWA52uS5Z4XaZ23wkcYqkNWkmMDKoMYonDN
iZEYdpClJ+S+U1/kH4EKOt1isgNXWYDqlfXm9CQEB14ZkiRPswtX3Tnh69B3UuAq
qotws6JsRiqEMvY6u7iqPez2BAFJ6buUtiqhCfu6lwEGMcmIOB3NUnFRu/pIOuGU
sqthHG72N4n8kqp3jL7DOKreH4L/1V9wvj6RnzOgQkTYtkSHeYQ=
=FBQj
-----END PGP SIGNATURE-----
Reply to: