[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2015/dla-{329,255}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2015/dla-255.wml	2016-04-08 01:24:54.000000000 +0500
+++ russian/security/2015/dla-255.wml	2016-05-03 23:56:15.196568942 +0500
@@ -1,33 +1,34 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities (cross-site scripting and SQL injection) have
- -been discovered in Cacti, a web interface for graphing of monitoring
- -systems.</p>
+<p>Ð? Cacti, веб-инÑ?еÑ?Ñ?ейÑ?е длÑ? мониÑ?оÑ?инга Ñ?иÑ?Ñ?ем и поÑ?Ñ?Ñ?оениÑ?
+гÑ?аÑ?иков, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей (межÑ?айÑ?овÑ?й
+Ñ?кÑ?ипÑ?инг и SQL-инÑ?екÑ?ии).</p>
 
- -<p>We recommend that you upgrade your cacti packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? cacti.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-2665";>CVE-2015-2665</a>
 
- -     <p>Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d
- -     allows remote attackers to inject arbitrary web script or HTML via
- -     unspecified vectors.</p></li>
+     <p>Ð?ежÑ?айÑ?овÑ?й Ñ?кÑ?ипÑ?инг (XSS) в Cacti до веÑ?Ñ?ии 0.8.8d
+     позволÑ?еÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам вводиÑ?Ñ? пÑ?оизволÑ?нÑ?й Ñ?Ñ?енаÑ?ий или код HTML Ñ?еÑ?ез
+     неопÑ?еделÑ?ннÑ?е векÑ?оÑ?Ñ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-4342";>CVE-2015-4342</a>
 
- -     <p>SQL Injection and Location header injection from cdef id</p></li>
+     <p>SQL-инÑ?екÑ?иÑ? и инÑ?екÑ?иÑ? заголовка Location из иденÑ?иÑ?икаÑ?оÑ?а cdef</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-4454";>CVE-2015-4454</a>
 
- -    <p>SQL injection vulnerability in the get_hash_graph_template function
- -    in lib/functions.php in Cacti before 0.8.8d allows remote attackers
- -    to execute arbitrary SQL commands via the graph_template_id
- -    parameter to graph_templates.php</p>
+    <p>SQL-инÑ?екÑ?иÑ? в Ñ?Ñ?нкÑ?ии get_hash_graph_template в
+    lib/functions.php в Cacti до веÑ?Ñ?ии 0.8.8d позволÑ?еÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам
+    вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?е командÑ? SQL Ñ?еÑ?ез паÑ?амеÑ?Ñ? graph_template_id
+    длÑ? graph_templates.php</p>
 
- -<li>Unassigned CVE SQL injection VN:JVN#78187936 / TN:JPCERT#98968540
+<li>SQL-инÑ?екÑ?иÑ?, не имеÑ?Ñ?аÑ? номеÑ?а CVE VN:JVN#78187936 / TN:JPCERT#98968540
 
- -    <p>SQL injection vulnerability in the settings page</p></li>
+    <p>SQL-инÑ?екÑ?иÑ? на Ñ?Ñ?Ñ?аниÑ?е наÑ?Ñ?Ñ?оек</p></li>
 
 </ul>
 </define-tag>
- --- english/security/2015/dla-329.wml	2016-04-08 01:24:54.000000000 +0500
+++ russian/security/2015/dla-329.wml	2016-05-03 23:52:35.198960605 +0500
@@ -1,26 +1,27 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Several bugs were discovered in PostgreSQL, a relational database server
- -system.  The 8.4 branch is EOLed upstream, but still present in Debian squeeze.
- -This new LTS minor version contains the fixes that were applied upstream to the
- -9.0.22 version, backported to 8.4.22 which was the last version officially
- -released by the PostgreSQL developers.  This LTS effort for squeeze-lts is a
- -community project sponsored by credativ GmbH.</p>
- -
- -<h3>Migration to Version 8.4.22lts5</h3>
- -
- -<p>A dump/restore is not required for those running 8.4.X.  However, if you are
- -upgrading from a version earlier than 8.4.22, see the relevant release notes.</p>
- -
- -<h3>Security Fixes</h3>
- -
- -<p>Fix contrib/pgcrypto to detect and report too-short crypt salts (Josh
- -Kupershmidt)</p>
- -
- -<p>Certain invalid salt arguments crashed the server or disclosed a few
- -bytes of server memory. We have not ruled out the viability of attacks
- -that arrange for presence of confidential information in the disclosed
- -bytes, but they seem unlikely. (<a href="https://security-tracker.debian.org/tracker/CVE-2015-5288";>CVE-2015-5288</a>)</p>
+<p>Ð? PostgreSQL, Ñ?еÑ?веÑ?ной Ñ?иÑ?Ñ?еме Ñ?елÑ?Ñ?ионнÑ?Ñ? баз даннÑ?Ñ?, бÑ?ло обнаÑ?Ñ?жено
+неÑ?колÑ?ко оÑ?ибок.  Ð?оддеÑ?жка веÑ?ки 8.4 в оÑ?новной веÑ?ке Ñ?азÑ?абоÑ?ки бÑ?ла пÑ?екÑ?аÑ?ена, но она вÑ?Ñ? еÑ?Ñ? имееÑ?Ñ?Ñ? в Debian squeeze.
+Ð?аннаÑ? новаÑ? миноÑ?наÑ? веÑ?Ñ?иÑ? длÑ? LTS Ñ?одеÑ?жиÑ? иÑ?пÑ?авлениÑ?, коÑ?оÑ?Ñ?е пÑ?имененÑ? авÑ?оÑ?ами оÑ?новной веÑ?ки Ñ?азÑ?абоÑ?ки к
+веÑ?Ñ?ии 9.0.22. УказаннÑ?е иÑ?пÑ?авлениÑ? бÑ?ли адапÑ?иÑ?ованÑ? длÑ? веÑ?Ñ?ии 8.4.22, коÑ?оÑ?аÑ? Ñ?влÑ?еÑ?Ñ?Ñ? поÑ?ледней веÑ?Ñ?ией, оÑ?иÑ?иалÑ?но
+вÑ?пÑ?Ñ?енной Ñ?азÑ?абоÑ?Ñ?иками PostgreSQL.  Ð?аннаÑ? Ñ?абоÑ?а над долгоÑ?Ñ?оÑ?ной поддеÑ?жкой длÑ? squeeze-lts
+Ñ?влÑ?еÑ?Ñ?Ñ? пÑ?оекÑ?ом Ñ?ообÑ?еÑ?Ñ?ва и бÑ?ла поддеÑ?жана credativ GmbH.</p>
+
+<h3>Ð?еÑ?еÑ?од на веÑ?Ñ?иÑ? 8.4.22lts5</h3>
+
+<p>Тем, кÑ?о иÑ?полÑ?зÑ?еÑ? веÑ?Ñ?иÑ? 8.4.X делаÑ?Ñ? dump/restore не Ñ?Ñ?ебÑ?еÑ?Ñ?Ñ?.  Тем не менее, еÑ?ли вÑ?
+вÑ?полнÑ?еÑ?е обновление Ñ? веÑ?Ñ?ии ниже 8.4.22, Ñ?о обÑ?аÑ?иÑ?еÑ?Ñ? к Ñ?ооÑ?веÑ?Ñ?Ñ?вÑ?Ñ?Ñ?ей инÑ?оÑ?маÑ?ии о вÑ?пÑ?Ñ?ке.</p>
+
+<h3>Ð?Ñ?пÑ?авлениÑ? безопаÑ?ноÑ?Ñ?и</h3>
+
+<p>Ð?Ñ?пÑ?авлениÑ? contrib/pgcrypto Ñ? Ñ?елÑ?Ñ? обнаÑ?Ñ?жениÑ? и Ñ?ообÑ?ениÑ? о Ñ?лиÑ?ком коÑ?оÑ?кой Ñ?оли длÑ? Ñ?иÑ?Ñ?ованиÑ? (Ð?жоÑ?
+Ð?апеÑ?Ñ?миÑ?)</p>
+
+<p>Ð?пÑ?еделÑ?ннÑ?е непÑ?авилÑ?нÑ?е аÑ?гÑ?менÑ?Ñ? Ñ?оли пÑ?иводÑ?Ñ? к аваÑ?ийной оÑ?Ñ?ановке Ñ?еÑ?веÑ?а или Ñ?аÑ?кÑ?Ñ?Ñ?иÑ? неÑ?колÑ?киÑ?
+байÑ? Ñ?еÑ?веÑ?ной памÑ?Ñ?и. Ð?озможноÑ?Ñ?Ñ? аÑ?ак Ñ? Ñ?елÑ?Ñ? вÑ?Ñ?влениÑ? конÑ?иденÑ?иалÑ?ной инÑ?оÑ?маÑ?ии в
+Ñ?аÑ?кÑ?Ñ?Ñ?Ñ?Ñ? байÑ?аÑ? не иÑ?клÑ?Ñ?аеÑ?Ñ?Ñ?, но подобнÑ?е Ñ?иÑ?Ñ?аÑ?ии кажÑ?Ñ?Ñ?Ñ?
+маловеÑ?оÑ?Ñ?нÑ?ми. (<a href="https://security-tracker.debian.org/tracker/CVE-2015-5288";>CVE-2015-5288</a>)</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXKPRRAAoJEF7nbuICFtKlvP4P/jzROnutGATgdy77+LLjXMrA
YJ32skT4H1y4aPxG/KGsYw3ABQC6MAOxqoLpbyc5FCpf70yRrtVXtmnkFn/0/a1b
hY/T3eT+qtubjVGEBHNuiip7bOPgLG8PdhddwFZQexfbg0rNZHRVXV3Faqojd8DO
90cgXn1wuI4ReW/VJZbmz/xYD7I8NfiGOllACLo80/KMcu7fkUGtdkfAVj2UyL1l
xbqdBEg7psaeFctdX8GZZ/OwFeHgywQV2A1seQ0dNmsoeiTHgES5HIcrDYVHB14T
KNSg6OpVxCPIom4wqJkem2zbYAuZL91y2yRHTUtnXEuMqOwtQ++lDAXHfXed1Ff5
DjT9iaid95dPrUP8+c5M3YjWFtixZouIrawYkduZvUZG5krIw0KoYLteaIwtSzDv
oxjSGoOwLO0GWwrEhDUQoAb88vuGu5OTSC98y7I3w2lOM3qZavORXJM4fF+QyN4l
qHlpkyjqioYMN3a/IeEYdqWtG615knXBI/pPNby9yb8+aZV9SkJhHY69nRj/k/JK
ErpD2lZVkRaVz6IRqQ/Yy/QBP+vtzVqJ84PGp5Bq//q2eO3AzwWxkKPwlF4P7/ij
SN5YSRmXdsFYirEu2I5SwuiPWAtFgL6FOzYy4KiECblA8wog5vVVJDhmq9cqOJvo
3rwSyVSfsb5Oyvyzy5UN
=kdi8
-----END PGP SIGNATURE-----
Reply to: