[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2014/dla-{50,23,43}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2014/dla-23.wml	2016-04-09 01:32:21.000000000 +0500
+++ russian/security/2014/dla-23.wml	2016-06-24 23:26:40.956940291 +0500
@@ -1,33 +1,34 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2013-1741";>CVE-2013-1741</a>
 
- -    <p>Runaway memset in certificate parsing on 64-bit computers leading to
- -    a crash by attempting to write 4Gb of nulls.</p></li>
+    <p>Ð?Ñ?клÑ?Ñ?ение memset пÑ?и гÑ?аммаÑ?иÑ?еÑ?ком Ñ?азбоÑ?е Ñ?еÑ?Ñ?иÑ?икаÑ?а на 64-биÑ?нÑ?Ñ? компÑ?Ñ?Ñ?еÑ?аÑ?, пÑ?иводÑ?Ñ?ее
+    к аваÑ?ийной оÑ?Ñ?ановке пÑ?и попÑ?Ñ?ке запиÑ?аÑ?Ñ? 4Ð?Ð? нÑ?лей.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2013-5606";>CVE-2013-5606</a>
 
- -    <p>Certificate validation with the verifylog mode did not return
- -    validation errors, but instead expected applications to determine
- -    the status by looking at the log.</p></li>
+    <p>Ð?Ñ?овеÑ?ка Ñ?еÑ?Ñ?иÑ?икаÑ?а в Ñ?ежиме verifylog не возвÑ?аÑ?аеÑ?
+    оÑ?ибки пÑ?овеÑ?ки, но ожидаеÑ?, Ñ?Ñ?о пÑ?иложениÑ? Ñ?ами опÑ?еделÑ?Ñ?
+    Ñ?Ñ?аÑ?Ñ?Ñ? пÑ?овеÑ?ки, пÑ?оÑ?маÑ?Ñ?иваÑ? жÑ?Ñ?нал.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-1491";>CVE-2014-1491</a>
 
- -    <p>Ticket handling protection mechanisms bypass due to the lack of
- -    restriction of public values in Diffie-Hellman key exchanges.</p></li>
+    <p>Ð?Ð?Ñ?од меÑ?анизмом заÑ?иÑ?Ñ? обÑ?абоÑ?ки билеÑ?ов из-за оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?виÑ?
+    огÑ?аниÑ?ений пÑ?блиÑ?нÑ?Ñ? знаÑ?ений пÑ?и обмене клÑ?Ñ?ами по алгоÑ?иÑ?мÑ? Ð?иÑ?Ñ?и-Хеллмана.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-1492";>CVE-2014-1492</a>
 
- -    <p>Incorrect IDNA domain name matching for wildcard certificates could
- -    allow specially-crafted invalid certificates to be considered as
- -    valid.</p></li>
+    <p>Ð?екоÑ?Ñ?екÑ?нÑ?й подбоÑ? имени домена IDNA под Ñ?аблон Ñ?еÑ?Ñ?иÑ?икаÑ?ов можеÑ?
+    пÑ?ивеÑ?Ñ?и к Ñ?омÑ?, Ñ?Ñ?о Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?е некоÑ?Ñ?екÑ?нÑ?е Ñ?еÑ?Ñ?иÑ?икаÑ?Ñ? бÑ?дÑ?Ñ? Ñ?Ñ?иÑ?аÑ?Ñ?Ñ?Ñ?
+    коÑ?Ñ?екÑ?нÑ?ми.</p></li>
 
 </ul>
 
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in nss version 3.12.8-1+squeeze8</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в пакеÑ?е nss веÑ?Ñ?ии 3.12.8-1+squeeze8</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2014/dla-43.wml	2016-04-09 01:32:21.000000000 +0500
+++ russian/security/2014/dla-43.wml	2016-06-24 23:36:32.680353085 +0500
@@ -1,32 +1,33 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-0475";>CVE-2014-0475</a>
 
- - <p>Stephane Chazelas discovered that the GNU C library, glibc, processed
- - ".." path segments in locale-related environment variables, possibly
- - allowing attackers to circumvent intended restrictions, such as
- - ForceCommand in OpenSSH, assuming that they can supply crafted locale
- - settings.</p></li>
+ <p>СÑ?еÑ?ан ЧезалаÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о библиоÑ?ека GNU C, glibc, обÑ?абаÑ?Ñ?ваеÑ?
+ Ñ?аÑ?Ñ?и пÑ?Ñ?и ".." в пеÑ?еменнÑ?Ñ? окÑ?Ñ?жениÑ?, Ñ?вÑ?заннÑ?Ñ? Ñ? локалÑ?Ñ?, Ñ?Ñ?о можеÑ?
+ позволиÑ?Ñ? злоÑ?мÑ?Ñ?ленникам обойÑ?и Ñ?акие огÑ?аниÑ?ениÑ?, как
+ ForceCommand в OpenSSH в Ñ?ом Ñ?лÑ?Ñ?ае, еÑ?ли они могÑ?Ñ? пеÑ?едаÑ?Ñ? Ñ?пеÑ?иалÑ?но подобÑ?аннÑ?е
+ наÑ?Ñ?Ñ?ойки локали.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-5119";>CVE-2014-5119</a>
 
- - <p>Tavis Ormandy discovered a heap-based buffer overflow in the
- - transliteration module loading code in eglibc, Debian's version of the
- - GNU C Library.  As a result, an attacker who can supply a crafted
- - destination character set argument to iconv-related character
- - conversation functions could achieve arbitrary code execution.</p>
- -
- - <p>This update removes support of loadable gconv transliteration modules.
- - Besides the security vulnerability, the module loading code had
- - functionality defects which prevented it from working for the intended
- - purpose.</p></li>
+ <p>ТÑ?виÑ? Ð?Ñ?манди обнаÑ?Ñ?жил пеÑ?еполнение динамиÑ?еÑ?кой памÑ?Ñ?и в
+ модÑ?ле Ñ?Ñ?анÑ?лиÑ?еÑ?аÑ?ии длÑ? загÑ?Ñ?зки кода в eglibc, веÑ?Ñ?ии библиоÑ?еки GNU C
+ длÑ? Debian.  Ð? Ñ?езÑ?лÑ?Ñ?аÑ?е злоÑ?мÑ?Ñ?ленник, коÑ?оÑ?Ñ?й можеÑ? пеÑ?едаÑ?Ñ? Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?й
+ аÑ?гÑ?менÑ? Ñ?елевого набоÑ?а Ñ?имволов Ñ?Ñ?нкÑ?иÑ?м пÑ?еобÑ?азованиÑ? Ñ?имволов, Ñ?вÑ?заннÑ?м Ñ?
+ iconv, можеÑ? вÑ?полниÑ?Ñ? пÑ?оизволÑ?нÑ?й код.</p>
+
+ <p>Ð?анное обновление Ñ?далÑ?еÑ? поддеÑ?жкÑ? загÑ?Ñ?жаемÑ?Ñ? модÑ?лей Ñ?Ñ?анÑ?лиÑ?еÑ?аÑ?ии gconv.
+ Ð?омимо Ñ?Ñ?ой Ñ?Ñ?звимоÑ?Ñ?и модÑ?лÑ? загÑ?Ñ?зки кода Ñ?одеÑ?жал оÑ?ибки
+ Ñ?Ñ?нкÑ?ионалÑ?ноÑ?Ñ?и, коÑ?оÑ?Ñ?е не позволÑ?ли емÑ? вÑ?полнÑ?Ñ?Ñ? Ñ?е задаÑ?и,
+ длÑ? коÑ?оÑ?Ñ?Ñ? он Ñ?оздавалÑ?Ñ?.</p></li>
 
 </ul>
 
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in eglibc version 2.11.3-4+deb6u1</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в пакеÑ?е eglibc веÑ?Ñ?ии 2.11.3-4+deb6u1</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2014/dla-50.wml	2016-04-09 01:32:21.000000000 +0500
+++ russian/security/2014/dla-50.wml	2016-06-24 23:18:14.460047901 +0500
@@ -1,30 +1,31 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-3538";>CVE-2014-3538</a>
 
- -    <p>file does not properly restrict the amount of data read during
- -    a regex search, which allows remote attackers to cause a
- -    denial of service (CPU consumption).</p></li>
+    <p>УÑ?илиÑ?а file непÑ?авилÑ?но огÑ?аниÑ?иваеÑ? колиÑ?еÑ?Ñ?во Ñ?Ñ?иÑ?Ñ?ваемÑ?Ñ? даннÑ?Ñ? в Ñ?оде
+    поиÑ?ка по Ñ?егÑ?лÑ?Ñ?номÑ? вÑ?Ñ?ажениÑ?, Ñ?Ñ?о позволÑ?еÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам вÑ?зÑ?ваÑ?Ñ?
+    оÑ?каз в обÑ?лÑ?живании (Ñ?Ñ?езмеÑ?ное поÑ?Ñ?ебление Ñ?еÑ?Ñ?Ñ?Ñ?ов ЦÐ?).</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-3587";>CVE-2014-3587</a>
 
- -    <p>Integer overflow in the cdf_read_property_info function in
- -    cdf.c allows remote attackers to cause a denial of service
- -    (application crash).</p></li>
+    <p>Ð?еÑ?еполнение Ñ?елÑ?Ñ? Ñ?иÑ?ел в Ñ?Ñ?нкÑ?ии cdf_read_property_info в
+    cdf.c позволÑ?еÑ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам вÑ?зÑ?ваÑ?Ñ? оÑ?каз в обÑ?лÑ?живании
+    (аваÑ?ийнаÑ? оÑ?Ñ?ановка пÑ?иложениÑ?).</p></li>
 
 </ul>
 
- -<p><b>Note</b>: The other seven issues for wheezy, fixed in 5.11-2+deb7u4
- -(<a href="./dsa-3021">DSA-3021-1</a>), were already handled in 5.04-5+squeeze6 (<a href="./dla-27">DLA 27-1</a>) in
- -July 2014. Also, as an amendment, as a side effect of the changes
- -done back then then, the MIME type detection of some files had
- -improved from "application/octet-stream" to something more specific
- -like "application/x-dosexec" or "application/x-iso9660-image".</p>
+<p><b>Ð?нимание</b>: дÑ?Ñ?гие Ñ?емÑ? пÑ?облем длÑ? вÑ?пÑ?Ñ?ка wheezy, иÑ?пÑ?авленнÑ?е в веÑ?Ñ?ии 5.11-2+deb7u4
+(<a href="./dsa-3021">DSA-3021-1</a>), Ñ?же бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии 5.04-5+squeeze6 (<a href="./dla-27">DLA 27-1</a>) в
+иÑ?лÑ? 2014 года. Ð?Ñ?оме Ñ?ого, в каÑ?еÑ?Ñ?ве Ñ?Ñ?оÑ?оннего Ñ?Ñ?Ñ?екÑ?а Ñ?Ñ?иÑ? изменений
+длÑ? некоÑ?оÑ?Ñ?Ñ? Ñ?айлов бÑ?ло Ñ?лÑ?Ñ?Ñ?ено опÑ?еделение MIME-Ñ?ипа
+оÑ? знаÑ?ениÑ? "application/octet-stream" к Ñ?емÑ?-Ñ?о более конкÑ?еÑ?номÑ?
+вида "application/x-dosexec" или "application/x-iso9660-image".</p>
 
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in file version 5.04-5+squeeze7</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в пакеÑ?е file веÑ?Ñ?ии 5.04-5+squeeze7</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXbX20AAoJEF7nbuICFtKlgagQAJhvEiV2Nd4AKMReYZF9wJux
rQDgYCxGx6KKj6Q1HbjhuRp5A9ze4FpXWtqQF/BREg8IYb2NOxZh60exzkf//CUb
hhwGBnYbyn2A7H7eo4x+Pogdcgw3+7VxEw8XPsCXu45FQY9Y/A+QluKzgdhSEN73
qClQQUTz6jWcItwoqi615vgg4cI0dwtDAl/pka+m15mMfXqDFUXDKYcLGAuep9nH
mkRAk0OMo7QULaStLpV706v6FCqCWxq28ihjHPXScmkxOMELwL575bvZlLqgXNkV
BTJBEzWgW0ii5uupMeZgQt6gSA5RV/zZ9YZtO+G4gFqN1C08CjriluIOt4ZWnuFn
a4fDINmQUUBpJ+wZKHXCnddt5e7uhJewROjNnc0lwmYVreGOZkPxrvfjPsoumPqn
vXhDKp2QnwcEcQrKASCneP17OZn3E8cKpnnmzD3HXwN9mOwoSaNd5B+rrins5GJM
lcDAU39OYwxp12FSwXMWKwdNyNJUxLh2Etl+WHUbWwQ08XWQY4f6KQ3Nucmc8hOr
yX0nr1Bf52fBRcnXlYHXTktHwwIhbwq343S7K/VnesChDv3xCQXQIFCh+IKebm6/
fkdm0CyJ30FS1oLnBO8fodEplzxZdt5KPHot72PsM8viLfRwkYOv3jqlo/Qu2bMR
zrtwznMdyiII6ym79SZz
=m6vZ
-----END PGP SIGNATURE-----
Reply to: