[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2014/dla-1{26,13,14}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2014/dla-113.wml	2016-04-09 01:32:21.000000000 +0500
+++ russian/security/2014/dla-113.wml	2016-06-24 22:17:23.106256537 +0500
@@ -1,26 +1,27 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>It was discovered that bsd-mailx, an implementation of the <q>mail</q>
- -command, had an undocumented feature which treats syntactically valid
- -email addresses as shell commands to execute.</p>
+<p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о bsd-mailx, Ñ?еализаÑ?иÑ? командÑ? <q>mail</q>,
+Ñ?одеÑ?жиÑ? неопиÑ?аннÑ?Ñ? в докÑ?менÑ?аÑ?ии возможноÑ?Ñ?Ñ?, коÑ?оÑ?аÑ? Ñ?Ñ?иÑ?аеÑ? Ñ?инÑ?акÑ?иÑ?еÑ?ки коÑ?Ñ?екÑ?нÑ?е
+адÑ?еÑ?а Ñ?лекÑ?Ñ?онной поÑ?Ñ?Ñ? командами командной оболоÑ?ки, коÑ?оÑ?Ñ?е Ñ?ледÑ?еÑ? вÑ?полниÑ?Ñ?.</p>
 
- -<p>Users who need this feature can re-enable it using the <q>expandaddr</q> in
- -an appropriate mailrc file.  This update also removes the obsolete -T
- -option.  An older security vulnerability, <a href="https://security-tracker.debian.org/tracker/CVE-2004-2771";>CVE-2004-2771</a>, had already
- -been addressed in the Debian's bsd-mailx package.</p>
+<p>Ð?олÑ?зоваÑ?ели, коÑ?оÑ?Ñ?м нÑ?жна Ñ?Ñ?а возможноÑ?Ñ?Ñ?, могÑ?Ñ? заново вклÑ?Ñ?иÑ?Ñ? еÑ?, иÑ?полÑ?зÑ?Ñ? <q>expandaddr</q> в
+Ñ?ооÑ?веÑ?Ñ?Ñ?вÑ?Ñ?Ñ?ем Ñ?айле mailrc.  Ð?анное обновление Ñ?далÑ?еÑ? Ñ?Ñ?Ñ?аÑ?евÑ?Ñ?Ñ? опÑ?иÑ?
+-T.  Ð?олее Ñ?Ñ?аÑ?аÑ? Ñ?Ñ?звимоÑ?Ñ?Ñ?, <a href="https://security-tracker.debian.org/tracker/CVE-2004-2771";>CVE-2004-2771</a>, Ñ?же
+иÑ?пÑ?авлена в пакеÑ?е bsd-mailx длÑ? Debian.</p>
 
- -<p>Note that this security update does not remove all mailx facilities
- -for command execution, though.  Scripts which send mail to addresses
- -obtained from an untrusted source (such as a web form) should use the
- -"--" separator before the email addresses (which was fixed to work
- -properly in this update), or they should be changed to invoke
- -"mail -t" or "sendmail -i -t" instead, passing the recipient addresses
- -as part of the mail header.</p>
+<p>Ð?амеÑ?Ñ?Ñ?е, Ñ?Ñ?о данное обновление не пÑ?иводиÑ? к Ñ?далениÑ? вÑ?еÑ? возможноÑ?Ñ?ей mailx
+длÑ? вÑ?полнениÑ? команд.  СÑ?енаÑ?ии, коÑ?оÑ?Ñ?е оÑ?пÑ?авлÑ?еÑ? mail по адÑ?еÑ?ам,
+полÑ?Ñ?еннÑ?м из недовеÑ?еннÑ?Ñ? иÑ?Ñ?оÑ?ников (Ñ?аким как веб-Ñ?оÑ?мÑ?), должнÑ? иÑ?полÑ?зоваÑ?Ñ?
+Ñ?азделиÑ?елÑ? "--" пеÑ?ед адÑ?еÑ?ами Ñ?лекÑ?Ñ?онной поÑ?Ñ?Ñ? (Ñ?Ñ?о в данном обновлении
+бÑ?ло иÑ?пÑ?авлено), либо они должнÑ? бÑ?Ñ?Ñ? измененÑ? Ñ?ак, Ñ?Ñ?обÑ? вÑ?полнÑ?лиÑ?Ñ? командÑ?
+"mail -t" или "sendmail -i -t", коÑ?оÑ?Ñ?м бÑ? адÑ?еÑ? полÑ?Ñ?аÑ?елÑ? пеÑ?едавалÑ?Ñ?
+в каÑ?еÑ?Ñ?ве Ñ?аÑ?Ñ?и заголовка поÑ?Ñ?ового Ñ?ообÑ?ениÑ?.</p>
 
- -<p>For the oldstable distribution (squeeze), this problem has been fixed in
- -version 8.1.2-0.20100314cvs-1+deb6u1.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 8.1.2-0.20100314cvs-1+deb6u1.</p>
 
- -<p>We recommend that you upgrade your bsd-mailx packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? bsd-mailx.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2014/dla-114.wml	2016-04-09 01:32:21.000000000 +0500
+++ russian/security/2014/dla-114.wml	2016-06-24 22:35:20.419186123 +0500
@@ -1,37 +1,38 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Two security vulnerabilities were discovered in Heirloom mailx, an
- -implementation of the <q>mail</q> command:</p>
+<p>Ð? Heirloom mailx, Ñ?еализаÑ?ии командÑ? <q>mail</q>, бÑ?ло обнаÑ?Ñ?жено две
+Ñ?Ñ?звимоÑ?Ñ?и:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2004-2771";>CVE-2004-2771</a>
 
- -    <p>mailx interprets interprets shell meta-characters in certain email
- -    addresses.</p></li>
+    <p>mailx инÑ?еÑ?пÑ?еÑ?иÑ?Ñ?еÑ? меÑ?аÑ?имволÑ? командной оболоÑ?ки в опÑ?еделÑ?ннÑ?Ñ? адÑ?еÑ?аÑ?
+    Ñ?лекÑ?Ñ?онной поÑ?Ñ?Ñ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-7844";>CVE-2014-7844</a>
 
- -    <p>An unexpected feature of mailx treats syntactically valid email
- -    addresses as shell commands to execute.</p>
+    <p>Ð?еожиданнаÑ? возможноÑ?Ñ?Ñ? mailx Ñ?Ñ?акÑ?Ñ?еÑ? Ñ?инÑ?акÑ?иÑ?еÑ?ки коÑ?Ñ?екÑ?нÑ?е адÑ?еÑ?а Ñ?лекÑ?Ñ?онной
+    поÑ?Ñ?Ñ? как командÑ? командной оболоÑ?ки, коÑ?оÑ?Ñ?е Ñ?ледÑ?еÑ? вÑ?полниÑ?Ñ?.</p>
 
- -<p>Shell command execution can be re-enabled using the <q>expandaddr</q>
- -option.</p>
+<p>Ð?озможноÑ?Ñ?Ñ? вÑ?полнениÑ? команд командной оболоÑ?ки можеÑ? бÑ?Ñ?Ñ? повÑ?оÑ?но вклÑ?Ñ?ена Ñ? помоÑ?Ñ?Ñ?
+опÑ?ии <q>expandaddr</q>.</p>
 
- -<p>Note that this security update does not remove all mailx facilities
- -for command execution, though.  Scripts which send mail to addresses
- -obtained from an untrusted source (such as a web form) should use the
- -"--" separator before the email addresses (which was fixed to work
- -properly in this update), or they should be changed to invoke
- -"mail -t" or "sendmail -i -t" instead, passing the recipient addresses
- -as part of the mail header.</p></li>
+<p>Ð?амеÑ?Ñ?Ñ?е, Ñ?Ñ?о данное обновление не пÑ?иводиÑ? к Ñ?далениÑ? вÑ?еÑ? возможноÑ?Ñ?ей mailx
+длÑ? вÑ?полнениÑ? команд.  СÑ?енаÑ?ии, коÑ?оÑ?Ñ?е оÑ?пÑ?авлÑ?еÑ? mail по адÑ?еÑ?ам,
+полÑ?Ñ?еннÑ?м из недовеÑ?еннÑ?Ñ? иÑ?Ñ?оÑ?ников (Ñ?аким как веб-Ñ?оÑ?мÑ?), должнÑ? иÑ?полÑ?зоваÑ?Ñ?
+Ñ?азделиÑ?елÑ? "--" пеÑ?ед адÑ?еÑ?ами Ñ?лекÑ?Ñ?онной поÑ?Ñ?Ñ? (Ñ?Ñ?о в данном обновлении
+бÑ?ло иÑ?пÑ?авлено), либо они должнÑ? бÑ?Ñ?Ñ? измененÑ? Ñ?ак, Ñ?Ñ?обÑ? вÑ?полнÑ?лиÑ?Ñ? командÑ?
+"mail -t" или "sendmail -i -t", коÑ?оÑ?Ñ?м бÑ? адÑ?еÑ? полÑ?Ñ?аÑ?елÑ? пеÑ?едавалÑ?Ñ?
+в каÑ?еÑ?Ñ?ве Ñ?аÑ?Ñ?и заголовка поÑ?Ñ?ового Ñ?ообÑ?ениÑ?.</p>
 
 </ul>
 
- -<p>For the oldstable distribution (squeeze), these problems have been fixed in
- -version 12.4-2+deb6u1.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (squeeze) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 12.4-2+deb6u1.</p>
 
- -<p>We recommend that you upgrade your heirloom-mailx packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? heirloom-mailx.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2014/dla-126.wml	2016-04-09 01:32:21.000000000 +0500
+++ russian/security/2014/dla-126.wml	2016-06-24 21:57:46.568288484 +0500
@@ -1,20 +1,21 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>Patches a bunch of security vulnerabilities:</p>
+<p>Ð?аплаÑ?Ñ? длÑ? Ñ?Ñ?да Ñ?Ñ?звимоÑ?Ñ?ей:</p>
 <ul>
   <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9380";>CVE-2014-9380</a> (Buffer over-read)</li>
   <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9381";>CVE-2014-9381</a> (Signedness error)</li>
 </ul>
- -<p>See: <a href="https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/";>https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/</a>
- -   Patches taken from upstream</p>
+<p>СмоÑ?Ñ?иÑ?е: <a href="https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/";>https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/</a>
+   Ð?аплаÑ?Ñ? из оÑ?новной веÑ?ки Ñ?азÑ?абоÑ?ки</p>
 <ul>
 <li>6b196e011fa456499ed4650a360961a2f1323818 pull/608</li>
 <li>31b937298c8067e6b0c3217c95edceb983dfc4a2 pull/609</li>
 </ul>
- -<p>Thanks to Nick Sampanis who is responsible for
- -   both finding and repairing these issues.</p>
+<p>Ð?лагодаÑ?им Ð?ика СÑ?мÑ?ниÑ?а, коÑ?оÑ?Ñ?й наÑ?Ñ?л
+   и иÑ?пÑ?авил Ñ?Ñ?и пÑ?облемÑ?.</p>
 
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in ettercap version 1:0.7.3-2.1+squeeze2</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в пакеÑ?е ettercap веÑ?Ñ?ии 1:0.7.3-2.1+squeeze2</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXbW9fAAoJEF7nbuICFtKl6tsQAKgBVOgScgNQRTlOljH135ab
tSCb1l6nNmgKCpj+QI8qYISLNVOt6Pplv8Jz4a41OJP8VNLEcUsAYFhlvivarS4V
nLf3+Au6IFW8QuW8/r4auxMnTOSO+g6nDdHoXUgGcVZYgzp4QIOzrvH5j1nK0HsX
3ZEx5gVSSWXUlTgqwu2SlpfGDA2+IdzIYOYjbFGEePlm/vqg1731niyNa8XJBaPX
ZUYuPW2CNBcHVTfTN/6/UYbfWClUBHYp7c29Wc4BrCRKN86/pFkawjnnK0oxGYFn
i3GL49hVicPHbVefVRJ8f0dxE/Wl4RWqgRg+i0rRxU3jQS4JDSMgd+MV5cvAgH8H
i5FgwV4zec+X5BwACHZ8oGHMtUcG6Rw0wt+ZU9QttzJ9P+xMIje1gSAn8I0jnbE6
CCbkRpv7JR8x4DxeLe+3LjMldTI1WXiUY12pWfMAvMUhtba/gEYRgqwSV8zhNY7L
zypsn5WCvtVnfmGKTnTWGMTpfRfsXKxlBgx3zqzKm53RAwzJCE6DesERbgb8FuT4
WEnxpbWBiJ5Y0hFxrAlchAJWrSUn/luWUP7OoaQngDa1zozVDC6KEeC/xjA8OCNB
GuYxDQsgURQZcGt45xAx0Ofg6oo5FYYdVQDbIegmgh2Hbk+72O0MdRtKYvZ2+5fy
JNH1XlpuYXb6yrC72mCH
=oP0e
-----END PGP SIGNATURE-----
Reply to: