[DONE] wml://security/2016/dsa-344{3,4,5,7}.wml
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- --- english/security/2016/dsa-3443.wml 2016-01-14 02:34:34.000000000 +0500
+++ russian/security/2016/dsa-3443.wml 2016-01-17 21:54:22.984067697 +0500
@@ -1,35 +1,36 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
<define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in the libpng PNG library.
- -The Common Vulnerabilities and Exposures project identifies the
- -following problems:</p>
+<p>Ð? libpng, библиоÑ?еке, Ñ?еализÑ?Ñ?Ñ?ей поддеÑ?жкÑ? PNG, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей.
+Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures опÑ?еделÑ?еÑ?
+Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8472";>CVE-2015-8472</a>
- - <p>It was discovered that the original fix for
+ <p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о изнаÑ?алÑ?ное иÑ?пÑ?авление длÑ?
<a href="https://security-tracker.debian.org/tracker/CVE-2015-8126";>\
- - CVE-2015-8126</a> was
- - incomplete and did not detect a potential overrun by applications
- - using png_set_PLTE directly. A remote attacker can take advantage of
- - this flaw to cause a denial of service (application crash).</p></li>
+ CVE-2015-8126</a> бÑ?ло
+ неполнÑ?м, оно не опÑ?еделÑ?еÑ? поÑ?енÑ?иалÑ?ной пеÑ?егÑ?Ñ?зки, вÑ?зÑ?ваемой пÑ?иложениÑ?ми,
+ напÑ?Ñ?мÑ?Ñ? иÑ?полÑ?зÑ?Ñ?Ñ?ими Ñ?Ñ?нкÑ?иÑ? png_set_PLTE. УдалÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? иÑ?полÑ?зоваÑ?Ñ?
+ даннÑ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? вÑ?зова оÑ?каза в обÑ?лÑ?живании (аваÑ?ийное завеÑ?Ñ?ение Ñ?абоÑ?Ñ? пÑ?иложениÑ?).</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-8540";>CVE-2015-8540</a>
- - <p>Xiao Qixue and Chen Yu discovered a flaw in the png_check_keyword
- - function. A remote attacker can potentially take advantage of this
- - flaw to cause a denial of service (application crash).</p></li>
+ <p>СÑ?о ЦиÑ?Ñ?Ñ? и ЧÑ?нÑ? Юй обнаÑ?Ñ?жили Ñ?Ñ?звимоÑ?Ñ?Ñ? в Ñ?Ñ?нкÑ?ии
+ png_check_keyword. УдалÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник поÑ?енÑ?иалÑ?но можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ?
+ Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? вÑ?зова оÑ?каза в обÑ?лÑ?живании (аваÑ?ийное завеÑ?Ñ?ение Ñ?абоÑ?Ñ? пÑ?иложениÑ?).</p></li>
</ul>
- -<p>For the oldstable distribution (wheezy), these problems have been fixed
- -in version 1.2.49-1+deb7u2.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 1.2.49-1+deb7u2.</p>
- -<p>For the stable distribution (jessie), these problems have been fixed in
- -version 1.2.50-2+deb8u2.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.2.50-2+deb8u2.</p>
- -<p>We recommend that you upgrade your libpng packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? libpng.</p>
</define-tag>
# do not modify the following line
- --- english/security/2016/dsa-3444.wml 2016-01-14 02:55:45.000000000 +0500
+++ russian/security/2016/dsa-3444.wml 2016-01-17 21:56:32.245329954 +0500
@@ -1,19 +1,20 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
<define-tag moreinfo>
- -<p>Crtc4L discovered a cross-site scripting vulnerability in wordpress, a
- -web blogging tool, allowing a remote authenticated administrator to
- -compromise the site.</p>
+<p>Crtc4L обнаÑ?Ñ?жил Ñ?Ñ?звимоÑ?Ñ?Ñ? в wordpress, инÑ?Ñ?Ñ?Ñ?менÑ?е длÑ? ведениÑ?
+блога, пÑ?иводÑ?Ñ?Ñ?Ñ? к межÑ?айÑ?овомÑ? Ñ?кÑ?ипÑ?ингÑ?, коÑ?оÑ?аÑ? позволÑ?еÑ? Ñ?далÑ?нномÑ? аÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованномÑ?
+админиÑ?Ñ?Ñ?аÑ?оÑ?Ñ? компÑ?омеÑ?иÑ?оваÑ?Ñ? Ñ?айÑ?.</p>
- -<p>For the oldstable distribution (wheezy), this problem has been fixed
- -in version 3.6.1+dfsg-1~deb7u9.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена
+в веÑ?Ñ?ии 3.6.1+dfsg-1~deb7u9.</p>
- -<p>For the stable distribution (jessie), this problem has been fixed in
- -version 4.1+dfsg-1+deb8u7.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 4.1+dfsg-1+deb8u7.</p>
- -<p>For the unstable distribution (sid), this problem has been fixed in
- -version 4.4.1+dfsg-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 4.4.1+dfsg-1.</p>
- -<p>We recommend that you upgrade your wordpress packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? wordpress.</p>
</define-tag>
# do not modify the following line
- --- english/security/2016/dsa-3445.wml 2016-01-14 03:15:32.000000000 +0500
+++ russian/security/2016/dsa-3445.wml 2016-01-17 21:59:08.265268148 +0500
@@ -1,22 +1,23 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
<define-tag moreinfo>
- -<p>Javantea discovered that pygments, a generic syntax highlighter, is
- -prone to a shell injection vulnerability allowing a remote attacker to
- -execute arbitrary code via shell metacharacters in a font name.</p>
+<p>Javantea обнаÑ?Ñ?жил, Ñ?Ñ?о pygments, Ð?Ð? длÑ? подÑ?веÑ?иваниÑ? Ñ?инÑ?акÑ?иÑ?а обÑ?его назнаÑ?ениÑ?,
+Ñ?одеÑ?жиÑ? Ñ?Ñ?звимоÑ?Ñ?Ñ?, пÑ?оÑ?влÑ?Ñ?Ñ?Ñ?Ñ?Ñ?Ñ? в инÑ?екÑ?ии команд командной оболоÑ?ки и позволÑ?Ñ?Ñ?Ñ?Ñ? Ñ?далÑ?нномÑ?
+злоÑ?мÑ?Ñ?ленникÑ? вÑ?полниÑ?Ñ? пÑ?оизволÑ?нÑ?й код Ñ? помоÑ?Ñ?Ñ? меÑ?аÑ?имволов командной оболоÑ?ки в имени Ñ?Ñ?иÑ?Ñ?а.</p>
- -<p>For the oldstable distribution (wheezy), this problem has been fixed
- -in version 1.5+dfsg-1+deb7u1.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена
+в веÑ?Ñ?ии 1.5+dfsg-1+deb7u1.</p>
- -<p>For the stable distribution (jessie), this problem has been fixed in
- -version 2.0.1+dfsg-1.1+deb8u1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 2.0.1+dfsg-1.1+deb8u1.</p>
- -<p>For the testing distribution (stretch), this problem has been fixed
- -in version 2.0.1+dfsg-2.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом вÑ?пÑ?Ñ?ке (stretch) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена
+в веÑ?Ñ?ии 2.0.1+dfsg-2.</p>
- -<p>For the unstable distribution (sid), this problem has been fixed in
- -version 2.0.1+dfsg-2.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 2.0.1+dfsg-2.</p>
- -<p>We recommend that you upgrade your pygments packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? pygments.</p>
</define-tag>
# do not modify the following line
- --- english/security/2016/dsa-3447.wml 2016-01-17 21:14:40.000000000 +0500
+++ russian/security/2016/dsa-3447.wml 2016-01-17 22:02:29.412879871 +0500
@@ -1,25 +1,26 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
<define-tag moreinfo>
- -<p>It was discovered that malicious web applications could use the
- -Expression Language to bypass protections of a Security Manager as
- -expressions were evaluated within a privileged code section.</p>
- -
- -<p>For the oldstable distribution (wheezy), this problem has been fixed
- -in version 7.0.28-4+deb7u3. This update also provides fixes for
- -<a href="https://security-tracker.debian.org/tracker/CVE-2013-4444";>CVE-2013-4444</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2014-0075";>CVE-2014-0075</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2014-0099";>CVE-2014-0099</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2014-0227";>CVE-2014-0227</a> and
- -<a href="https://security-tracker.debian.org/tracker/CVE-2014-0230";>CVE-2014-0230</a>, which were all fixed for the stable distribution (jessie)
- -already.</p>
- -
- -<p>For the stable distribution (jessie), this problem has been fixed in
- -version 7.0.56-3+deb8u1.</p>
+<p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о некоÑ?Ñ?екÑ?нÑ?е веб-пÑ?иложениÑ? могÑ?Ñ? иÑ?полÑ?зоваÑ?Ñ?
+Ñ?зÑ?к вÑ?Ñ?ажений длÑ? обÑ?ода заÑ?иÑ?Ñ? менеджеÑ?а безопаÑ?ноÑ?Ñ?и, Ñ?ак как
+вÑ?Ñ?ажениÑ? вÑ?Ñ?иÑ?лÑ?Ñ?Ñ?Ñ?Ñ? в пÑ?ивилегиÑ?ованном Ñ?Ñ?аÑ?Ñ?ке кода.</p>
+
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена
+в веÑ?Ñ?ии 7.0.28-4+deb7u3. Ð?Ñ?оме Ñ?ого, данное обновление Ñ?одеÑ?жиÑ? иÑ?пÑ?авлениÑ? длÑ?
+<a href="https://security-tracker.debian.org/tracker/CVE-2013-4444";>CVE-2013-4444</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2014-0075";>CVE-2014-0075</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2014-0099";>CVE-2014-0099</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2014-0227";>CVE-2014-0227</a> и
+<a href="https://security-tracker.debian.org/tracker/CVE-2014-0230";>CVE-2014-0230</a>, коÑ?оÑ?Ñ?е Ñ?же бÑ?ли иÑ?пÑ?авленÑ? в Ñ?Ñ?абилÑ?ном
+вÑ?пÑ?Ñ?ке (jessie).</p>
+
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 7.0.56-3+deb8u1.</p>
- -<p>For the testing distribution (stretch), this problem has been fixed
- -in version 7.0.61-1.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом вÑ?пÑ?Ñ?ке (stretch) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена
+в веÑ?Ñ?ии 7.0.61-1.</p>
- -<p>For the unstable distribution (sid), this problem has been fixed in
- -version 7.0.61-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 7.0.61-1.</p>
- -<p>We recommend that you upgrade your tomcat7 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? tomcat7.</p>
</define-tag>
# do not modify the following line
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJWm8lNAAoJEF7nbuICFtKl/7AP/1RuBpm7SAilP1oRF8sMsp9o
icTm4I5pgoELcU8y2WCNdO+qOM92YKRgiUjnw7WzJ0TBwhzgYLGtI3fRcq0aLmwe
NkpQjBhMepoPJq8SJtetfvthHMfu94FHBMkXACzVf9ge5nMUD59chCkivwflMZMg
2df7KZp5URxkTTy837l1iroEJCZO6oTIrU/X/cWJjyFM9/jXJ5KqN6pTi80XrgHo
CMHV5btgvdMO9vqpfjk/yxhs+xuJ2ujAIVVk/GG+cLiZ2besUucz3cu5pZ5u+ed0
Dk1MRQL4Eb0M7z2DR+1gOR8ErLkmWFWyu9VlUNKV3qWmAUlJYfl/ssrWH2DC2gIK
+J9UsGeFc5K5ZGSj3soq2K8ebayWgpMYhGAPjH8NnSlsZZMLklS2UO09dxhG6hbV
Oyott0V8oDd6iL0pSlAsXX49OJffFvk+AVJ402wjoMtq5QwELBZFKuC20PP02ne6
2IDTc9hwggTe6Hrlq7rZzTX9bwbDsw14VDBajVwb7p7dWp2m78P33Fj154lXXZXQ
8FTVJpx9pWYFK/YCDe+U8WJAeXwxrodnylAiQOJoUgv9tlG8hbSVtLQaBVC5tuQr
eLrJelpqH/9q6VB0hLUZ02OtWX8W7D6T/ajkSCF2/qzGDErXsWkruUWQU2uio0hI
X+HhUzPgF4zabRVVjWHC
=Si2K
-----END PGP SIGNATURE-----
Reply to:
- Prev by Date:
[DONE] wml://security/2009/dsa-1{890,695,905,912,904}.wml
- Next by Date:
[DONE] wml://security/2000/200011{11,20}.wml
- Previous by thread:
[DONE] wml://security/2009/dsa-1{890,695,905,912,904}.wml
- Next by thread:
[DONE] wml://security/2000/200011{11,20}.wml
- Index(es):