[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://{security/2016/dsa-3439.wml}

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2016/dsa-3439.wml	2016-01-10 15:08:13.000000000 +0500
+++ russian/security/2016/dsa-3439.wml	2016-01-10 17:22:09.662792950 +0500
@@ -1,38 +1,39 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Two vulnerabilities were discovered in Prosody, a lightweight
- -Jabber/XMPP server. The Common Vulnerabilities and Exposures project
- -identifies the following issues:</p>
+<p>Ð? Prosody, легковеÑ?ном Ñ?еÑ?веÑ?е Jabber/XMPP, бÑ?ло обнаÑ?Ñ?жено
+две Ñ?Ñ?звимоÑ?Ñ?и. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-1231";>CVE-2016-1231</a>
 
- -    <p>Kim Alvefur discovered a flaw in Prosody's HTTP file-serving module
- -    that allows it to serve requests outside of the configured public
- -    root directory. A remote attacker can exploit this flaw to access
- -    private files including sensitive data. The default configuration
- -    does not enable the mod_http_files module and thus is not
- -    vulnerable.</p></li>
+    <p>Ð?им Ð?лвÑ?Ñ?еÑ? обнаÑ?Ñ?жил Ñ?Ñ?звимоÑ?Ñ?Ñ? в модÑ?ле Ñ?абоÑ?Ñ? Ñ? Ñ?айлами Ñ?еÑ?ез HTTP
+    длÑ? Prosody, коÑ?оÑ?аÑ? позволÑ?еÑ? обÑ?лÑ?живаÑ?Ñ? запÑ?оÑ?Ñ? за пÑ?еделами наÑ?Ñ?Ñ?оенного
+    коÑ?невого каÑ?алога. УдалÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? полÑ?Ñ?ениÑ?
+    доÑ?Ñ?Ñ?па к закÑ?Ñ?Ñ?Ñ?м Ñ?айлам, вклÑ?Ñ?аÑ? Ñ?айлÑ? Ñ? Ñ?Ñ?вÑ?Ñ?виÑ?елÑ?нÑ?ми даннÑ?ми. Ð?Ñ?и наÑ?Ñ?Ñ?ойкаÑ? по
+    Ñ?молÑ?аниÑ? модÑ?лÑ? mod_http_files вÑ?клÑ?Ñ?ен, а Ñ?еÑ?веÑ? не подвеÑ?жен
+    Ñ?Ñ?ой Ñ?Ñ?звимоÑ?Ñ?и.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-1232";>CVE-2016-1232</a>
 
- -    <p>Thijs Alkemade discovered that Prosody's generation of the secret
- -    token for server-to-server dialback authentication relied upon a
- -    weak random number generator that was not cryptographically secure.
- -    A remote attacker can take advantage of this flaw to guess at
- -    probable values of the secret key and impersonate the affected
- -    domain to other servers on the network.</p></li>
+    <p>ТийÑ? Ð?лкемад обнаÑ?Ñ?жил, Ñ?Ñ?о Prosody Ñ?оздаÑ?Ñ? закÑ?Ñ?Ñ?Ñ?й
+    Ñ?окен длÑ? обÑ?аÑ?ной аÑ?Ñ?енÑ?иÑ?икаÑ?ии по пÑ?инÑ?ипÑ? Ñ?еÑ?веÑ?-Ñ?еÑ?веÑ? на оÑ?нове
+    Ñ?лабого генеÑ?аÑ?оÑ?а Ñ?лÑ?Ñ?айнÑ?Ñ? Ñ?иÑ?ел, коÑ?оÑ?Ñ?й кÑ?ипÑ?огÑ?аÑ?иÑ?еÑ?ки не безопаÑ?ен.
+    УдалÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ?, Ñ?Ñ?обÑ? оÑ?гадаÑ?Ñ?
+    веÑ?оÑ?Ñ?нÑ?е знаÑ?ениÑ? закÑ?Ñ?Ñ?ого клÑ?Ñ?а и вÑ?даÑ?Ñ? Ñ?ебÑ? за Ñ?ооÑ?веÑ?Ñ?Ñ?вÑ?Ñ?Ñ?ий
+    домен длÑ? дÑ?Ñ?гиÑ? Ñ?еÑ?веÑ?ов в Ñ?еÑ?и.</p></li>
 
 </ul>
 
- -<p>For the oldstable distribution (wheezy), these problems have been fixed
- -in version 0.8.2-4+deb7u3.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 0.8.2-4+deb7u3.</p>
 
- -<p>For the stable distribution (jessie), these problems have been fixed in
- -version 0.9.7-2+deb8u2.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 0.9.7-2+deb8u2.</p>
 
- -<p>We recommend that you upgrade your prosody packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? prosody.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJWkk1fAAoJEF7nbuICFtKlL5UP/ikPk+KwFoHpgny/rloDJ4Wb
0cVz3gPXaJIxzGP2JLxVXf8an2uSKizHInjlzxmK707qKJQ1ZNE5RSNacdsdyJpp
1sbyw1nSu9y2hismuTnJBAqZpkl83Suy3PzCVPSHIEXgT8rVJvY/bWeZ5AwqJNYH
nn2WgP1zD4Vs/tNi+HuKR5eQNZn+TL7I6IOekPHJiCRB5fSpp+mjT1bpSfpBg683
1h9/E0Wlrnh8hjHuymDrOKXEclUd3mR1Ta8t8cqpexgvzDRokys0hxainvShzyar
Tu0Fl/Y08LjqtbKQ543LwNk0F9KnqtDl3MwVhrYg08jRcucBAKAEDljN1Rw6wb71
fdVQPYE/zv5p7OZjH0oWBhH86wXTYf+oYGW0UXePYheaepkA1nNaY9sk1ypMK+Cp
Qb7V8QRILM7EzqyVATZ6i4C6ys0WwAcKNotkYAvbkCn+JrAoZuPkGroZ8+C4jf5v
C56ywjnBwBQVzR3+L0MsEASh+dnkWwlGfqL6E6qjisqt3emhSOJGFepDo2fHMDIz
R1ZGmNsNXx0TNjfYFVpgm/+3tS5FoTGbhirSblnKaTJNvaGblJt8ZQvL6cag5U8v
tgkUgVydPY0z9DdtNGe1MiUxybOIRdIpyuxNYc5TO/zbVhULrGQk3RQ1WeUTFDSA
sL5YDFYupp/RH1/kuwYW
=VCfl
-----END PGP SIGNATURE-----
Reply to: