[DONE] wml://security/2016/dsa-35{09,10,11,12}.wml
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- --- english/security/2016/dsa-3509.wml 2016-03-09 23:37:37.000000000 +0500
+++ russian/security/2016/dsa-3509.wml 2016-03-10 11:43:54.231234921 +0500
@@ -1,41 +1,42 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
<define-tag moreinfo>
- -<p>Two vulnerabilities have been discovered in Rails, a web application
- -framework written in Ruby. Both vulnerabilities affect Action Pack, which
- -handles the web requests for Rails.</p>
+<p>Ð? Rails, инÑ?Ñ?аÑ?Ñ?Ñ?Ñ?кÑ?Ñ?Ñ?е длÑ? Ñ?озданиÑ? веб-пÑ?иложений, напиÑ?анной на
+Ruby, бÑ?ло обнаÑ?Ñ?жено две Ñ?Ñ?звимоÑ?Ñ?и. Ð?бе Ñ?Ñ?звимоÑ?Ñ?и каÑ?аÑ?Ñ?Ñ?Ñ? Action Pack, коÑ?оÑ?Ñ?й
+обÑ?абаÑ?Ñ?ваеÑ? веб-запÑ?оÑ?Ñ? длÑ? Rails.</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2016-2097";>CVE-2016-2097</a>
- - <p>Crafted requests to Action View, one of the components of Action Pack,
- - might result in rendering files from arbitrary locations, including
- - files beyond the application's view directory. This vulnerability is
- - the result of an incomplete fix of
+ <p>СпеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?е запÑ?оÑ?Ñ? к Action View, одномÑ? из компоненÑ?ов Action Pack,
+ могÑ?Ñ? пÑ?иводиÑ?Ñ? к оÑ?Ñ?иÑ?овке Ñ?айлов Ñ? пÑ?оизволÑ?нÑ?м меÑ?Ñ?оположением, вклÑ?Ñ?аÑ?
+ Ñ?айлÑ? за пÑ?еделами каÑ?алога видов данного пÑ?иложениÑ?. ÐÑ?а Ñ?Ñ?звимоÑ?Ñ?Ñ?
+ поÑ?вилаÑ?Ñ? в Ñ?езÑ?лÑ?Ñ?аÑ?е неполного иÑ?пÑ?авлениÑ?
<a href="https://security-tracker.debian.org/tracker/CVE-2016-0752";>CVE-2016-0752</a>.
- - This bug was found by Jyoti Singh and Tobias Kraze from Makandra.</p></li>
+ ÐÑ?а оÑ?ибка бÑ?ла обнаÑ?Ñ?жена Ð?жоÑ?и Сингом и ТобиаÑ?ом Ð?Ñ?аÑ?е из Makandra.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2016-2098";>CVE-2016-2098</a>
- - <p>If a web applications does not properly sanitize user inputs, an
- - attacker might control the arguments of the render method in a
- - controller or a view, resulting in the possibility of executing
- - arbitrary ruby code.
- - This bug was found by Tobias Kraze from Makandra and joernchen of
+ <p>Ð?Ñ?ли веб-пÑ?иложениÑ? непÑ?авилÑ?но вÑ?полнÑ?Ñ?Ñ? оÑ?иÑ?Ñ?кÑ? полÑ?зоваÑ?елÑ?Ñ?киÑ? вÑ?однÑ?Ñ? даннÑ?Ñ?,
+ Ñ?о злоÑ?мÑ?Ñ?ленник можеÑ? Ñ?пÑ?авлÑ?Ñ?Ñ? аÑ?гÑ?менÑ?ами меÑ?ода оÑ?Ñ?иÑ?овки в
+ конÑ?Ñ?оллеÑ?е или виде, Ñ?Ñ?о пÑ?иводиÑ? к возможномÑ? вÑ?полнениÑ?
+ пÑ?оизволÑ?ного кода.
+ ÐÑ?а оÑ?ибка бÑ?ла обнаÑ?Ñ?жена ТобиаÑ?ов Ð?Ñ?аÑ?е из Makandra и joernchen из
Phenoelit.</p></li>
</ul>
- -<p>For the stable distribution (jessie), these problems have been fixed in
- -version 2:4.1.8-1+deb8u2.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2:4.1.8-1+deb8u2.</p>
- -<p>For the testing distribution (stretch), these problems have been fixed
- -in version 2:4.2.5.2-1.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом вÑ?пÑ?Ñ?ке (stretch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 2:4.2.5.2-1.</p>
- -<p>For the unstable distribution (sid), these problems have been fixed in
- -version 2:4.2.5.2-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2:4.2.5.2-1.</p>
- -<p>We recommend that you upgrade your rails packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? rails.</p>
</define-tag>
# do not modify the following line
- --- english/security/2016/dsa-3510.wml 2016-03-09 23:37:52.000000000 +0500
+++ russian/security/2016/dsa-3510.wml 2016-03-10 11:47:38.485110664 +0500
@@ -1,22 +1,23 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
<define-tag moreinfo>
- -<p>Multiple security issues have been found in Iceweasel, Debian's version
- -of the Mozilla Firefox web browser: Multiple memory safety errors,
- -buffer overflows, use-after-frees and other implementation errors may
- -lead to the execution of arbitrary code, denial of service, address bar
- -spoofing and overwriting local files.</p>
+<p>Ð? Iceweasel, веÑ?Ñ?ии веб-бÑ?аÑ?зеÑ?а Mozilla Firefox длÑ? Debian,
+бÑ?ли обнаÑ?Ñ?женÑ? многоÑ?иÑ?леннÑ?е пÑ?облемÑ? безопаÑ?ноÑ?Ñ?и: многоÑ?иÑ?леннÑ?е оÑ?ибки Ñ?елоÑ?Ñ?ноÑ?Ñ?и Ñ?одеÑ?жимого
+памÑ?Ñ?и, пеÑ?еполнениÑ? бÑ?Ñ?еÑ?а, иÑ?полÑ?зование Ñ?казаÑ?елей поÑ?ле оÑ?вобождениÑ? памÑ?Ñ?и и дÑ?Ñ?гие оÑ?ибки
+Ñ?еализаÑ?ии могÑ?Ñ? пÑ?иводиÑ?Ñ? к вÑ?полнениÑ? пÑ?оизволÑ?ного кода, оÑ?казÑ? в обÑ?лÑ?живании, подделке
+Ñ?одеÑ?жимого адÑ?еÑ?ной Ñ?Ñ?Ñ?оки и пеÑ?езапиÑ?и локалÑ?нÑ?Ñ? Ñ?айлов.</p>
- -<p>For the oldstable distribution (wheezy), these problems have been fixed
- -in version 38.7.0esr-1~deb7u1.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 38.7.0esr-1~deb7u1.</p>
- -<p>For the stable distribution (jessie), these problems have been fixed in
- -version 38.7.0esr-1~deb8u1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 38.7.0esr-1~deb8u1.</p>
- -<p>For the unstable distribution (sid), Debian is in the process of moving
- -back towards using the Firefox name. These problems will soon be fixed
- -in the firefox-esr source package.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Debian возвÑ?аÑ?аеÑ?Ñ?Ñ? к иÑ?полÑ?зованиÑ?
+имени Firefox. ÐÑ?и пÑ?облемÑ? вÑ?коÑ?е бÑ?дÑ?Ñ? иÑ?пÑ?авленÑ?
+в пакеÑ?е Ñ? иÑ?Ñ?однÑ?м кодом firefox-esr.</p>
- -<p>We recommend that you upgrade your iceweasel packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? iceweasel.</p>
</define-tag>
# do not modify the following line
- --- english/security/2016/dsa-3511.wml 2016-03-10 02:23:54.000000000 +0500
+++ russian/security/2016/dsa-3511.wml 2016-03-10 11:51:26.975126498 +0500
@@ -1,31 +1,32 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
<define-tag moreinfo>
- -<p>Two vulnerabilites have been discovered in ISC's BIND DNS server.</p>
+<p>Ð? DNS-Ñ?еÑ?веÑ?е ISC BIND бÑ?ло обнаÑ?Ñ?жено две Ñ?Ñ?звимоÑ?Ñ?и.</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2016-1285";>CVE-2016-1285</a>
- - <p>A maliciously crafted rdnc, a way to remotely administer a BIND server,
- - operation can cause named to crash, resulting in denial of service.</p></li>
+ <p>РабоÑ?а некоÑ?Ñ?екÑ?ного rdnc, Ñ?поÑ?об Ñ?далÑ?нного админиÑ?Ñ?Ñ?иÑ?ованиÑ? Ñ?еÑ?веÑ?а BIND,
+ можеÑ? вÑ?зÑ?ваÑ?Ñ? аваÑ?ийнÑ?Ñ? оÑ?Ñ?ановкÑ? named, Ñ?Ñ?о пÑ?иводиÑ? к оÑ?казÑ? в обÑ?лÑ?живании.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2016-1286";>CVE-2016-1286</a>
- - <p>An error parsing DNAME resource records can cause named to crash,
- - resulting in denial of service.</p></li>
+ <p>Ð?Ñ?ибка пÑ?и вÑ?полнении гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а запиÑ?ей Ñ?еÑ?Ñ?Ñ?Ñ?ов DNAME можеÑ? пÑ?иводиÑ?Ñ? к аваÑ?ийной
+ оÑ?Ñ?ановке named, Ñ?Ñ?о пÑ?иводиÑ? к оÑ?казÑ? в обÑ?лÑ?живании.</p></li>
</ul>
- -<p>For the oldstable distribution (wheezy), these problems have been fixed
- -in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u10.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 1:9.8.4.dfsg.P1-6+nmu2+deb7u10.</p>
- -<p>For the stable distribution (jessie), these problems have been fixed in
- -version 1:9.9.5.dfsg-9+deb8u6.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1:9.9.5.dfsg-9+deb8u6.</p>
- -<p>For the testing (stretch) and unstable (sid) distributions, these
- -problems will be fixed soon.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом (stretch) и неÑ?Ñ?абилÑ?ном (sid) вÑ?пÑ?Ñ?каÑ? Ñ?Ñ?и
+пÑ?облемÑ? бÑ?дÑ?Ñ? иÑ?пÑ?авленÑ? позже.</p>
- -<p>We recommend that you upgrade your bind9 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? bind9.</p>
</define-tag>
# do not modify the following line
- --- english/security/2016/dsa-3512.wml 2016-03-10 02:26:47.000000000 +0500
+++ russian/security/2016/dsa-3512.wml 2016-03-10 11:56:08.782911433 +0500
@@ -1,20 +1,21 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
<define-tag moreinfo>
- -<p>Markus Vervier of X41 D-Sec GmbH discovered an integer overflow
- -vulnerability in libotr, an off-the-record (OTR) messaging library, in
- -the way how the sizes of portions of incoming messages were stored. A
- -remote attacker can exploit this flaw by sending crafted messages to an
- -application that is using libotr to perform denial of service attacks
- -(application crash), or potentially, execute arbitrary code with the
- -privileges of the user running the application.</p>
+<p>Ð?аÑ?кÑ?Ñ? ФеÑ?Ñ?иÑ? из X41 D-Sec GmbH обнаÑ?Ñ?жил пеÑ?еполнение Ñ?елÑ?Ñ? Ñ?иÑ?ел
+в libotr, библиоÑ?еке длÑ? конÑ?иденÑ?иалÑ?ного (OTR) обмена Ñ?ообÑ?ениÑ?ми, в
+Ñ?поÑ?обе, иÑ?полÑ?зÑ?емом Ñ?Ñ?ой библиоÑ?екой длÑ? Ñ?Ñ?анениÑ? Ñ?азмеÑ?а Ñ?аÑ?Ñ?ей вÑ?одÑ?Ñ?иÑ? Ñ?ообÑ?ений.
+УдалÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ?, оÑ?пÑ?авив Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?е Ñ?ообÑ?ениÑ?
+пÑ?иложениÑ?, иÑ?полÑ?зÑ?Ñ?Ñ?емÑ? libotr, длÑ? вÑ?зова оÑ?каза в обÑ?лÑ?живании
+(аваÑ?ийнаÑ? оÑ?Ñ?ановка пÑ?иложениÑ?), или поÑ?енÑ?иалÑ?ного вÑ?полнениÑ? пÑ?оизволÑ?ного кода Ñ?
+пÑ?авами полÑ?зоваÑ?елÑ?, запÑ?Ñ?Ñ?ивÑ?его Ñ?акое пÑ?иложение.</p>
- -<p>For the oldstable distribution (wheezy), this problem has been fixed
- -in version 3.2.1-1+deb7u2.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (wheezy) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена
+в веÑ?Ñ?ии 3.2.1-1+deb7u2.</p>
- -<p>For the stable distribution (jessie), this problem has been fixed in
- -version 4.1.0-2+deb8u1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 4.1.0-2+deb8u1.</p>
- -<p>We recommend that you upgrade your libotr packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? libotr.</p>
</define-tag>
# do not modify the following line
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJW4RqPAAoJEF7nbuICFtKlB68QAJO9IU9PHMKKnUlHNqNQ2FFs
BbiOcMLsniHmkNCiX280gkGmMWC84AP07avIiIcENxABLC22vtaWVEyN4O50gSOU
XCXj+TwW2TqE9ust7+vDbpT0K48Kjv2zbXkzDbqNkdfFXG9wLuQhLgvORbIZaCFh
42q6XVqtsxSlkbm9LJqFS4DDrLB81wjeTu9FF2ZZx/bM0PjB8mz4b4FCQOrRJcnv
Q1VP6QBwlEfKJeDnNbG8Jer5SPafku8nsfLBEFgcR2Qb1uJfXvE1B+GRIMlNIIHE
Y9zy8xpCRya9s8vxTP/lPNwH50rl1kYwme59JXHkdy2/0Z9A/FwvJv1EptKqNe4r
ZZp+zGx37Lur8Zaofa/elH8x93F6G7DzlzQ1feMz/2tth9W12ZNnTpUmBqfcvyDq
78lscTdoLiu3nMYEcZdUqzsWe3P2YUDKWRB4dfDeoKruxIlnPkbxxYDMlt2w5XuG
GSmkaTkVA+PCc+OKkz9I4JYK4gUgiV9WiwdjUtPc4ncAqhMu16Tf/0aSNJ3Pv6lX
1rhSuB7vwMk6C6HeOmBfEq3SxgzzsuVK3UGKvuY5fM8tC5O3JGrEVkb40eqrfLlb
PnEr0EB5pIlgblsz9YN5gEVINg89EppkiTDPJejTj6qvetHNkPfddG79fDf7Zj7E
kS6Acuzake/sWa6MmjvN
=8KJX
-----END PGP SIGNATURE-----
Reply to:
- Prev by Date:
Tidy validation failed
- Next by Date:
[DONE] wml://{security/2016/dsa-3513.wml}
- Previous by thread:
Re: [DONE] wml://events/2001/{1011-wizardofos,0615-linuxatwork,0723-oreilly,0620-linuxdays,0502-multimedia,0529-fsforum,0704-linuxexpo,0515-internetworld,0518-linuxtage,1024-linuxworldjp,1015-systems,0706-compuventa,0530-linuxexpo-tokyo,1115-hispalinux,1024-linuxworldjp-agenda,0704-debcon-report,1128-business,1024-linuxdays,1207-plutomeeting,0705-linuxtag,0704-debcon,0704-debcon,1128-linuxkongress,0705-linuxtag-report}.wml
- Next by thread:
[DONE] wml://{security/2016/dsa-3513.wml}
- Index(es):