[DONE] wml://security/2009/dsa-1{890,695,905,912,904}.wml

[Lev Lamberov <dogsleg@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2009/dsa-1695.wml	2014-04-30 13:16:18.000000000 +0600
+++ russian/security/2009/dsa-1695.wml	2016-01-16 15:54:35.425944622 +0500
@@ -1,22 +1,23 @@
- -<define-tag description>memory leak</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>Ñ?Ñ?еÑ?ка памÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>The regular expression engine of Ruby, a scripting language, contains a
- -memory leak which can be triggered remotely under certain circumstances,
- -leading to a denial of service condition (<a href="https://security-tracker.debian.org/tracker/CVE-2008-3443";>CVE-2008-3443</a>).</p>
+<p>Ð?вижок Ñ?егÑ?лÑ?Ñ?нÑ?Ñ? вÑ?Ñ?ажений длÑ? Ñ?зÑ?ка Ñ?Ñ?енаÑ?иев Ruby Ñ?одеÑ?жиÑ?
+Ñ?Ñ?еÑ?кÑ? Ñ?одеÑ?жимого памÑ?Ñ?и, коÑ?оÑ?Ñ?Ñ? пÑ?и опÑ?еделÑ?ннÑ?Ñ? Ñ?Ñ?ловиÑ?Ñ? можно вÑ?зваÑ?Ñ? Ñ?далÑ?нно,
+Ñ?Ñ?о пÑ?иводиÑ? к оÑ?казÑ? в обÑ?лÑ?живании (<a href="https://security-tracker.debian.org/tracker/CVE-2008-3443";>CVE-2008-3443</a>).</p>
 
- -<p>In addition, this security update addresses a regression in the REXML
- -XML parser of the ruby1.8 package; the regression was introduced in
+<p>Ð?Ñ?оме Ñ?ого, данное обновление безопаÑ?ноÑ?Ñ?и Ñ?еÑ?аеÑ? Ñ?егÑ?еÑ?Ñ? в коде гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а XML
+REXML в пакеÑ?е ruby1.8; Ñ?егÑ?еÑ?Ñ? бÑ?л добавлен в
 DSA-1651-1.</p>
 
- -<p>For the stable distribution (etch), this problem has been fixed in version
- -1.8.5-4etch4 of the ruby1.8 package, and version 1.9.0+20060609-1etch4
- -of the ruby1.9 package.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в веÑ?Ñ?ии
+1.8.5-4etch4 пакеÑ?а ruby1.8 и в веÑ?Ñ?ии 1.9.0+20060609-1etch4
+пакеÑ?а ruby1.9.</p>
 
- -<p>For the unstable distribution (sid), this problem has been fixed in
- -version 1.8.7.72-1 of the ruby1.8 package.  The ruby1.9 package will be
- -fixed soon.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1.8.7.72-1 пакеÑ?а ruby1.8.  Ð?акеÑ? ruby1.9 бÑ?деÑ?
+иÑ?пÑ?авлен позже.</p>
 
- -<p>We recommend that you upgrade your Ruby packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? Ruby.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2009/dsa-1890.wml	2009-09-19 16:12:51.000000000 +0600
+++ russian/security/2009/dsa-1890.wml	2016-01-16 15:50:48.092013343 +0500
@@ -1,26 +1,27 @@
- -<define-tag description>integer overflow</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>пеÑ?еполнение Ñ?елÑ?Ñ? Ñ?иÑ?ел</define-tag>
 <define-tag moreinfo>
 
- -<p>Tielei Wang has discovered an integer overflow in wxWidgets, the wxWidgets
- -Cross-platform C++ GUI toolkit, which allows the execution of arbitrary
- -code via a crafted JPEG file.</p>
+<p>ТилÑ?й Ð?анг обнаÑ?Ñ?жил пеÑ?еполнение Ñ?елÑ?Ñ? Ñ?иÑ?ел в wxWidgets, межплаÑ?Ñ?оÑ?менном
+набоÑ?е инÑ?Ñ?Ñ?Ñ?менÑ?ов wxWidgets длÑ? C++ длÑ? Ñ?еализаÑ?ии гÑ?аÑ?иÑ?еÑ?кого инÑ?еÑ?Ñ?ейÑ?а, коÑ?оÑ?ое
+позволÑ?еÑ? вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код пÑ?и помоÑ?и Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного Ñ?айла в Ñ?оÑ?маÑ?е JPEG.</p>
 
- -<p>For the oldstable distribution (etch), this problem has been fixed in version
- -2.4.5.1.1+etch1 for wxwindows2.4 and version 2.6.3.2.1.5+etch1 for
- -wxwidgets2.6.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в веÑ?Ñ?ии
+2.4.5.1.1+etch1 длÑ? пакеÑ?а wxwindows2.4 и в веÑ?Ñ?ии 2.6.3.2.1.5+etch1 длÑ?
+пакеÑ?а wxwidgets2.6.</p>
 
- -<p>For the stable distribution (lenny), this problem has been fixed in version
- -2.6.3.2.2-3+lenny1 for wxwidgets2.6 and version 2.8.7.1-1.1+lenny1 for
- -wxwidgets2.8.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в веÑ?Ñ?ии
+2.6.3.2.2-3+lenny1 длÑ? пакеÑ?а wxwidgets2.6 и в веÑ?Ñ?ии 2.8.7.1-1.1+lenny1 длÑ?
+пакеÑ?а wxwidgets2.8.</p>
 
- -<p>For the testing distribution (squeeze), this problem will be fixed soon.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?а пÑ?облема бÑ?деÑ? иÑ?пÑ?авлена позже.</p>
 
- -<p>For the unstable distribution (sid), this problem has been fixed in
- -version 2.8.7.1-2 for wxwidgets2.8 and will be fixed soon for
- -wxwidgets2.6.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 2.8.7.1-2 длÑ? пакеÑ?а wxwidgets2.8 и бÑ?деÑ? иÑ?пÑ?авлена позже длÑ?
+пакеÑ?а wxwidgets2.6.</p>
 
 
- -<p>We recommend that you upgrade your wxwidgets packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? wxwidgets.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2009/dsa-1904.wml	2009-10-09 17:53:00.000000000 +0600
+++ russian/security/2009/dsa-1904.wml	2016-01-16 16:12:27.790896530 +0500
@@ -1,26 +1,27 @@
- -<define-tag description>insufficient input validation</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>недоÑ?Ñ?аÑ?оÑ?наÑ? пÑ?овеÑ?ка вÑ?однÑ?Ñ? даннÑ?Ñ?</define-tag>
 <define-tag moreinfo>
 
- -<p>Daniel Stenberg discovered that wget, a network utility to retrieve files from
- -the Web using HTTP(S) and FTP, is vulnerable to the "Null Prefix Attacks Against
- -SSL/TLS Certificates" published at the Blackhat conference some time ago.  This
- -allows an attacker to perform undetected man-in-the-middle attacks via a crafted
- -ITU-T X.509 certificate with an injected null byte in the Common Name field.</p>
+<p>Ð?Ñ?ниелÑ? СÑ?енбеÑ?г обнаÑ?Ñ?жил, Ñ?Ñ?о wget, Ñ?еÑ?еваÑ? Ñ?Ñ?илиÑ?а длÑ? загÑ?Ñ?зки Ñ?айлов из
+Ð?еб Ñ? помоÑ?Ñ?Ñ? пÑ?оÑ?околов HTTP(S) и FTP, Ñ?Ñ?звима к аÑ?аке, опиÑ?анной в Ñ?Ñ?аÑ?Ñ?е "Null Prefix Attacks Against
+SSL/TLS Certificates", коÑ?оÑ?аÑ? бÑ?ла опÑ?бликована некоÑ?оÑ?ое вÑ?емÑ? назад в Ñ?боÑ?нике конÑ?еÑ?енÑ?ии Blackhat.  ЭÑ?а
+Ñ?Ñ?звимоÑ?Ñ?Ñ? позволÑ?еÑ? злоÑ?мÑ?Ñ?ленникÑ? вÑ?полнÑ?Ñ?Ñ? неопÑ?еделимÑ?е аÑ?аки по пÑ?инÑ?ипÑ? Ñ?еловек-в-Ñ?еÑ?едине Ñ? помоÑ?Ñ?Ñ?
+Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного Ñ?еÑ?Ñ?иÑ?икаÑ?а ITU-T X.509 Ñ? введÑ?ннÑ?м в него null-байÑ?ом в поле Common Name.</p>
 
 
- -<p>For the oldstable distribution (etch), this problem has been fixed in
- -version 1.10.2-2+etch1.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1.10.2-2+etch1.</p>
 
- -<p>For the stable distribution (lenny), this problem has been fixed in
- -version 1.11.4-2+lenny1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1.11.4-2+lenny1.</p>
 
- -<p>For the testing distribution (squeeze), this problem will be fixed soon.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?а пÑ?облема бÑ?деÑ? иÑ?пÑ?авлена позже.</p>
 
- -<p>For the  unstable distribution (sid), this problem has been fixed in
- -version 1.12-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1.12-1.</p>
 
 
- -<p>We recommend that you upgrade your wget packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? wget.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2009/dsa-1905.wml	2009-10-11 17:47:04.000000000 +0600
+++ russian/security/2009/dsa-1905.wml	2016-01-16 15:59:10.221635645 +0500
@@ -1,26 +1,27 @@
- -<define-tag description>insufficient input validation</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>недоÑ?Ñ?аÑ?оÑ?наÑ? пÑ?овеÑ?ка вÑ?однÑ?Ñ? даннÑ?Ñ?</define-tag>
 <define-tag moreinfo>
- -<p>The forms library of python-django, a high-level Python web development
- -framework, is using a badly chosen regular expression when validating
- -email addresses and URLs.  An attacker can use this to perform denial
- -of service attacks (100% CPU consumption) due to bad backtracking
- -via a specially crafted email address or URL which is validated by the
- -django forms library.</p>
+<p>Ð?иблиоÑ?ека Ñ?оÑ?м из пакеÑ?а python-django, вÑ?Ñ?окоÑ?Ñ?овневой инÑ?Ñ?аÑ?Ñ?Ñ?Ñ?кÑ?Ñ?Ñ?Ñ? длÑ?
+веб-Ñ?азÑ?абоÑ?ки на Ñ?зÑ?ке Python, иÑ?полÑ?зÑ?еÑ? некоÑ?Ñ?екÑ?ное Ñ?егÑ?лÑ?Ñ?ное вÑ?Ñ?ажение пÑ?и вÑ?полнении пÑ?овеÑ?ки
+адÑ?еÑ?ов Ñ?лекÑ?Ñ?онной поÑ?Ñ?Ñ? и URL.  Ð?лоÑ?мÑ?Ñ?ленник можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? вÑ?зова
+оÑ?каза в обÑ?лÑ?живании (поÑ?Ñ?ебление 100% Ñ?еÑ?Ñ?Ñ?Ñ?ов ЦÐ?) из-за непÑ?авилÑ?ного вÑ?полнениÑ?
+обÑ?аÑ?ного поиÑ?ка пÑ?и помоÑ?и Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного адÑ?еÑ?а Ñ?лекÑ?Ñ?онной поÑ?Ñ?Ñ? или URL, пÑ?овеÑ?Ñ?емÑ?Ñ?
+библиоÑ?екой Ñ?оÑ?м django.</p>
 
 
- -<p>python-django in the oldstable distribution (etch), is not affected by
- -this problem.</p>
+<p>python-django в пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) не подвеÑ?жен Ñ?Ñ?ой
+пÑ?облеме.</p>
 
- -<p>For the stable distribution (lenny), this problem has been fixed in
- -version 1.0.2-1+lenny2.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1.0.2-1+lenny2.</p>
 
- -<p>For the testing distribution (squeeze), this problem will be fixed soon.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?а пÑ?облема бÑ?деÑ? иÑ?пÑ?авлена позже.</p>
 
- -<p>For the unstable distribution (sid), this problem has been fixed in
- -version 1.1.1-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1.1.1-1.</p>
 
 
- -<p>We recommend that you upgrade your python-django packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? python-django.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2009/dsa-1912.wml	2014-04-30 13:16:19.000000000 +0600
+++ russian/security/2009/dsa-1912.wml	2016-01-16 16:08:25.244700942 +0500
@@ -1,24 +1,25 @@
- -<define-tag description>integer overflow</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>пеÑ?еполнение Ñ?елÑ?Ñ? Ñ?иÑ?ел</define-tag>
 <define-tag moreinfo>
- -<p>It was discovered that CamlImages, an open source image processing
- -library, suffers from several integer overflows, which may lead to a
- -potentially exploitable heap overflow and result in arbitrary code
- -execution. This advisory addresses issues with the reading of TIFF
- -files. It also expands the patch for <a href="https://security-tracker.debian.org/tracker/CVE-2009-2660";>CVE-2009-2660</a> to cover another
- -potential overflow in the processing of JPEG images.</p>
+<p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о CamlImages, библиоÑ?ека длÑ? обÑ?абоÑ?ки изобÑ?ажениÑ? Ñ? оÑ?кÑ?Ñ?Ñ?Ñ?м
+иÑ?Ñ?однÑ?м кодом, Ñ?одеÑ?жиÑ? неÑ?колÑ?ко пеÑ?еполнений Ñ?елÑ?Ñ? Ñ?иÑ?ел, коÑ?оÑ?Ñ?е могÑ?Ñ? пÑ?иводиÑ?Ñ? к
+поÑ?енÑ?иалÑ?но иÑ?полÑ?зÑ?емÑ?м злоÑ?мÑ?Ñ?ленниками пеÑ?еполнениÑ?м динамиÑ?еÑ?кой памÑ?Ñ?и и вÑ?полнениÑ?
+пÑ?оизволÑ?ного кода. Ð?аннаÑ? Ñ?екомендаÑ?иÑ? Ñ?еÑ?аеÑ? пÑ?облемÑ? Ñ? Ñ?Ñ?ением Ñ?айлов в Ñ?оÑ?маÑ?е
+TIFF. Ð?Ñ?оме Ñ?ого, она дополнÑ?еÑ? заплаÑ?Ñ? длÑ? <a href="https://security-tracker.debian.org/tracker/CVE-2009-2660";>CVE-2009-2660</a> длÑ? Ñ?еÑ?ениÑ?
+дÑ?Ñ?гого поÑ?енÑ?иалÑ?ного пеÑ?еполнениÑ? в коде обÑ?абоÑ?ки изобÑ?ажений в Ñ?оÑ?маÑ?е JPEG.</p>
 
 
- -<p>For the oldstable distribution (etch), this problem has been fixed in
- -version 2.20-8+etch3.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (etch) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 2.20-8+etch3.</p>
 
- -<p>For the stable distribution (lenny), this problem has been fixed in
- -version 1:2.2.0-4+lenny3.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1:2.2.0-4+lenny3.</p>
 
- -<p>For the testing distribution (squeeze) and the unstable distribution
- -(sid), this problem will be fixed soon.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом (squeeze) и неÑ?Ñ?абилÑ?ном (sid) вÑ?пÑ?Ñ?каÑ?
+Ñ?Ñ?а пÑ?облема бÑ?деÑ? иÑ?пÑ?авлена позже.</p>
 
 
- -<p>We recommend that you upgrade your camlimages package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? camlimages.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJWmiXOAAoJEF7nbuICFtKlnpUP/12q6UCZQVfEuBfH1it5avbQ
wfLqyfuG1EqC8ESIfWB2LFI5S8yHEOONHLhK+Kn3xI/9UhC8eiS2+5fMLa7fUR7n
RKIbRtzDUvoVFv0M5yntiD4+fPA7PivJ5GV4xTT1MOuQ/YXk5jcKmnKiuX/me1Q0
3wQ2B0gBChX15xUv1lm4BntlgLYbOAhJm4ZkUkNdz2uzJfXL1ttHeIkCdM6stHtv
9GPDTQfyOYff1FH63fu8pjRx4bj+Qhbjnv5LEIHM4V45pGYjQMURJ7UtmfaEWUVN
oGSX3DtupAIPpjIv3I2zIkEiOqBy6sLHa+EjbW8S4GAPvOiGBWcZyAuIfgyHVydC
cVL320Y3a6Z/2jajjx/dCugR2jFYty2lBs8BKP8aVfVG2dR0GNUiukXY96gt8g5e
lKEhHLzjYeuGD1hKXcqq+i8VatKy5kYlq61QorGNwrmi5mzYfQq+myARC4vWCTG+
WS5lRCyNp4qznFzCH5vi0R6CT/hkmuDdKaoRC7gJ85Tn7q5NgUG5NH2LRBbPkVZk
obmqU9q7OSN292TikMubEtoUGWnfo6tQ/BmQJEgqgO6qMkCfs0wI+FPuBSy0ckLi
k/1nAlsd52L7M6oOXHjjac2sZWJGlvyA4gYOG0fRPZy43KVMPq2CUCweiN0NdVXs
fphVCzK+YKK9t9jj9cfQ
=PQ2Y
-----END PGP SIGNATURE-----