[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2014/dla-001{8,9}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2014/dla-0018.wml	2016-04-09 01:32:21.000000000 +0500
+++ russian/security/2014/dla-0018.wml	2016-06-27 19:52:56.256831221 +0500
@@ -1,30 +1,31 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
 <ul>
 <li>[<a href="https://security-tracker.debian.org/tracker/CVE-2014-3515";>CVE-2014-3515</a>]:
- -<p>fix unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion</p></li>
+<p>Ð?Ñ?пÑ?авление unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion</p></li>
 
 <li>[<a href="https://security-tracker.debian.org/tracker/CVE-2014-0207";>CVE-2014-0207</a>]:
- -<p>fileinfo: cdf_read_short_sector insufficient boundary check</p></li>
+<p>fileinfo: недоÑ?Ñ?аÑ?оÑ?наÑ? пÑ?овеÑ?ка гÑ?аниÑ? маÑ?Ñ?ива в cdf_read_short_sector</p></li>
 
 <li>[<a href="https://security-tracker.debian.org/tracker/CVE-2014-3480";>CVE-2014-3480</a>]:
- -<p>fileinfo: cdf_count_chain insufficient boundary check</p></li>
+<p>fileinfo: недоÑ?Ñ?аÑ?оÑ?наÑ? пÑ?овеÑ?ка гÑ?аниÑ? маÑ?Ñ?ива в cdf_count_chain</p></li>
 
 <li>[<a href="https://security-tracker.debian.org/tracker/CVE-2014-4721";>CVE-2014-4721</a>]:
- -<p>The phpinfo implementation in ext/standard/info.c in
- -                 PHP before 5.4.30 and 5.5.x before 5.5.14 does not
- -                 ensure use of the string data type for the PHP_AUTH_PW,
- -                 PHP_AUTH_TYPE, PHP_AUTH_USER, and PHP_SELF variables,
- -                 which might allow context-dependent attackers to obtain
- -                 sensitive information from process memory by using the
- -                 integer data type with crafted values, related to a
- -                 <q>type confusion</q> vulnerability, as demonstrated by
- -                 reading a private SSL key in an Apache HTTP Server
- -                 web-hosting environment with mod_ssl and a
+<p>РеализаÑ?иÑ? phpinfo в ext/standard/info.c в
+                 PHP до веÑ?Ñ?ии 5.4.30 и 5.5.x до веÑ?Ñ?ии 5.5.14 не гаÑ?анÑ?иÑ?Ñ?еÑ?
+                 иÑ?полÑ?зование Ñ?Ñ?Ñ?окового Ñ?ипа даннÑ?Ñ? длÑ? пеÑ?еменнÑ?Ñ? PHP_AUTH_PW,
+                 PHP_AUTH_TYPE, PHP_AUTH_USER и PHP_SELF,
+                 Ñ?Ñ?о можеÑ? позволиÑ?Ñ? злоÑ?мÑ?Ñ?ленника в завиÑ?имоÑ?Ñ?и оÑ? конÑ?екÑ?Ñ?а полÑ?Ñ?иÑ?Ñ?
+                 Ñ?Ñ?вÑ?Ñ?виÑ?елÑ?нÑ?Ñ? инÑ?оÑ?маÑ?иÑ? из памÑ?Ñ?и пÑ?оÑ?еÑ?Ñ?а, иÑ?полÑ?зÑ?Ñ?
+                 Ñ?елоÑ?иÑ?леннÑ?й Ñ?ип даннÑ?Ñ? Ñ?о Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?ми знаÑ?ениÑ?ми. ЭÑ?а пÑ?облема
+                 Ñ?вÑ?зана Ñ? <q>пÑ?Ñ?аниÑ?ей Ñ?ипов</q>, пÑ?одемонÑ?Ñ?иÑ?ованной пÑ?Ñ?Ñ?м
+                 Ñ?Ñ?ениÑ? закÑ?Ñ?Ñ?ого клÑ?Ñ?а SSL в окÑ?Ñ?жении HTTP-Ñ?еÑ?веÑ?а Apache
+                 Ñ? модÑ?лем mod_ssl и
                  PHP 5.3.x mod_php.</p></li>
 </ul>
 
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in php5 version 5.3.3-7+squeeze20</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в пакеÑ?е php5 веÑ?Ñ?ии 5.3.3-7+squeeze20</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2014/dla-0019.wml	2016-04-09 01:32:21.000000000 +0500
+++ russian/security/2014/dla-0019.wml	2016-06-27 20:49:05.851011022 +0500
@@ -1,44 +1,45 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>New upstream minor release. Users should upgrade to this version at their next
- -scheduled maintenance window.</p>
+<p>Ð?овÑ?й младÑ?ий вÑ?пÑ?Ñ?к оÑ?новной веÑ?ки Ñ?азÑ?абоÑ?ки. Ð?олÑ?зоваÑ?елÑ?м Ñ?ледÑ?еÑ? вÑ?полниÑ?Ñ? обновление до Ñ?Ñ?ой веÑ?Ñ?ии
+в Ñ?оде запланиÑ?ованнÑ?Ñ? опеÑ?аÑ?ий по Ñ?опÑ?овождениÑ? Ñ?иÑ?Ñ?ем.</p>
 
- -<p>Noteworthy change:</p>
+<p>Ð?аÑ?лÑ?живаÑ?Ñ? вниманиÑ? Ñ?ледÑ?Ñ?Ñ?ие изменениÑ?:</p>
 
- - <p>Secure Unix-domain sockets of temporary postmasters started during make
- - check (Noah Misch)</p>
+ <p>Ð?езопаÑ?нÑ?е Ñ?океÑ?Ñ? доменов Unix длÑ? вÑ?еменнÑ?Ñ? postmaster-Ñ?еÑ?веÑ?ов, запÑ?Ñ?еннÑ?Ñ? во вÑ?емÑ? make
+ check (Ð?оа Ð?иÑ?)</p>
 
- - <p>Any local user able to access the socket file could connect as the server's
- - bootstrap superuser, then proceed to execute arbitrary code as the
- - operating-system user running the test, as we previously noted in
- - <a href="https://security-tracker.debian.org/tracker/CVE-2014-0067";>CVE-2014-0067</a>. This change defends against that risk by placing the server's
- - socket in a temporary, mode 0700 subdirectory of /tmp.</p>
+ <p>Ð?Ñ?бой локалÑ?нÑ?й полÑ?зоваÑ?елÑ?, имеÑ?Ñ?ий доÑ?Ñ?Ñ?п к Ñ?айлÑ? Ñ?океÑ?а, можеÑ? подклÑ?Ñ?иÑ?Ñ?Ñ?Ñ? как Ñ?Ñ?пеÑ?полÑ?зоваÑ?елÑ?
+ наÑ?алÑ?ной загÑ?Ñ?зки Ñ?еÑ?веÑ?а, заÑ?ем пеÑ?ейÑ?и к вÑ?полнениÑ? пÑ?оизволÑ?ного кода как
+ полÑ?зоваÑ?елÑ? опеÑ?аÑ?ионной Ñ?иÑ?Ñ?емÑ?, запÑ?Ñ?каÑ?Ñ?ий Ñ?еÑ?Ñ?, Ñ?Ñ?о Ñ?же бÑ?ло Ñ?анее Ñ?казано в
+ <a href="https://security-tracker.debian.org/tracker/CVE-2014-0067";>CVE-2014-0067</a>. Ð?анное изменение заÑ?иÑ?аеÑ? оÑ? Ñ?Ñ?иÑ? Ñ?иÑ?ков, Ñ?еÑ?веÑ?нÑ?Ñ?
+ Ñ?океÑ? помеÑ?аеÑ?Ñ?Ñ? во вÑ?еменнÑ?й подкаÑ?алог /tmp Ñ? Ñ?ежимом доÑ?Ñ?Ñ?па 0700.</p>
 
- -<p>8.4.22 marks the end of life of the PostgreSQL 8.4 branch. No further
- -releases will be made by the PostgreSQL Global Development Group.</p>
+<p>8.4.22 Ñ?влÑ?еÑ?Ñ?Ñ? поÑ?ледним вÑ?пÑ?Ñ?ком PostgreSQL веÑ?ки 8.4. Ð?лобалÑ?наÑ?
+гÑ?Ñ?ппа Ñ?азÑ?абоÑ?ки PostgreSQL более не бÑ?деÑ? вÑ?пÑ?Ñ?каÑ?Ñ? новÑ?е веÑ?Ñ?ии Ñ?Ñ?ой веÑ?ки.</p>
 
- -<p>Users of PostgreSQL 8.4 should look into upgrading to a newer PostgreSQL
- -release. Options are:</p>
+<p>Ð?олÑ?зоваÑ?елÑ?м PostgreSQL 8.4 Ñ?ледÑ?еÑ? Ñ?аÑ?Ñ?моÑ?Ñ?еÑ?Ñ? возможноÑ?Ñ?Ñ? обновлениÑ? до более
+новÑ?Ñ? вÑ?пÑ?Ñ?ков PostgreSQL. Ð?меÑ?Ñ?Ñ?Ñ? Ñ?ледÑ?Ñ?Ñ?ие возможноÑ?Ñ?и:</p>
 
 <ul>
- -<li>Upgrading to Debian 7 (Wheezy), providing postgresql-9.1.</li>
+<li>Ð?бновление до Debian 7 (Wheezy) и, Ñ?ооÑ?веÑ?Ñ?Ñ?венно, до postgresql-9.1.</li>
 
- -<li><p>The use of the apt.postgresql.org repository, providing packages for all
- -  active PostgreSQL branches (9.0 up to 9.4 at the time of writing).</p>
+<li><p>Ð?Ñ?полÑ?зование Ñ?епозиÑ?оÑ?иÑ? apt.postgresql.org, в коÑ?оÑ?ом имеÑ?Ñ?Ñ?Ñ? пакеÑ?Ñ? длÑ? вÑ?еÑ?
+  акÑ?ивнÑ?Ñ? веÑ?ок PostgreSQL (оÑ? 9.0 до to 9.4 в моменÑ? напиÑ?аниÑ? данной Ñ?екомендаÑ?ии).</p>
 
- -  <p>See <a href="https://wiki.postgresql.org/wiki/Apt";>https://wiki.postgresql.org/wiki/Apt</a> for more information about the
- -  repository.</p>
+  <p>Ð?лÑ? полÑ?Ñ?ениÑ? дополниÑ?елÑ?ной инÑ?оÑ?маÑ?ии об Ñ?Ñ?ом Ñ?епозиÑ?оÑ?ии Ñ?моÑ?Ñ?иÑ?е
+  <a href="https://wiki.postgresql.org/wiki/Apt";>https://wiki.postgresql.org/wiki/Apt</a>.</p>
 
- -  <p>A helper script to activate the repository is provided in
+  <p>Ð?Ñ?помогаÑ?елÑ?нÑ?й Ñ?Ñ?енаÑ?ий длÑ? вклÑ?Ñ?ениÑ? Ñ?Ñ?ого Ñ?епозиÑ?оÑ?иÑ? наÑ?одиÑ?Ñ?Ñ? в
   /usr/share/doc/postgresql-8.4/examples/apt.postgresql.org.sh.</p>
 </li>
- -<li>An LTS version of 8.4 is in planning that will cover the lifetime of
- -  squeeze-lts. Updates will probably made on a best-effort basis. Users can
- -  take advantage of this, but should still consider upgrading to newer
- -  PostgreSQL versions over the next months.</li>
+<li>Ð?ланиÑ?Ñ?еÑ?Ñ?Ñ?, Ñ?Ñ?о веÑ?Ñ?иÑ? LTS веÑ?ки 8.4 бÑ?деÑ? поддеÑ?живаÑ?Ñ?Ñ?Ñ? в Ñ?еÑ?ение вÑ?его жизненного
+  Ñ?икла squeeze-lts. Ð?еÑ?оÑ?Ñ?нее вÑ?его обновлениÑ? бÑ?дÑ?Ñ? вÑ?Ñ?одиÑ?Ñ? по пÑ?инÑ?ипÑ? <q>лÑ?Ñ?Ñ?ее из возможного</q>. Ð?олÑ?зоваÑ?ели
+  могÑ?Ñ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?и обновлениÑ?, но вÑ?Ñ? Ñ?авно Ñ?ледÑ?еÑ? подÑ?маÑ?Ñ? над пеÑ?еÑ?одом на более новÑ?Ñ?
+  веÑ?Ñ?иÑ? PostgreSQL в Ñ?еÑ?ение Ñ?ледÑ?Ñ?Ñ?иÑ? неÑ?колÑ?киÑ? меÑ?Ñ?Ñ?ев.</li>
 </ul>
 
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in postgresql-8.4 version 8.4.22-0+deb6u1</p>
+<p>Ð? Debian 6 <q>Squeeze</q> Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в пакеÑ?е postgresql-8.4 веÑ?Ñ?ии 8.4.22-0+deb6u1</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXcUr1AAoJEF7nbuICFtKlfpMP/1KRWdDUlkBWjoExQr62SaUK
fY6PldXrc1BdWPzpDs5oEMODjfcThqeDnUR2dZ+8KFtT85jh+Gb5Mai8jbvsoDXQ
+M2FL/ggKUp58uHAFQ/YFal7etM+Ygq1+tJK5tgm1dl9c7tx3r9ZhsMjQbFgU++b
01QPLpkGjvyDGU4qR32tCxw31jtONa5qg+YG6c5gobOjGGVw/u9rXtL77g9xgdz6
7h2olBwaxXDe9TUE15hE8XTNbuf27t/8apPJghVYbiqjfMewuNYObgDb4ixGjwun
YVnVj7GGLE1f8a9o6kK0umITLSvlSeJIeY+WKArhDWx3JdOlBHq+bKcdtkorUtaY
qzLnpfGJAYfijABFdYIxiyEvG4CUHVspgPknI57cdqAlH9q7ORbUXMSUquMVamZc
hMwuuSSYkcpz9XwOx/PoJrXtfO5J8xWlM2p6sU3gHwwrPhU4g9u4wSZW4zPMK8AY
6oszrxzqReTqXASHKCinDzls9KkzOqjmyI9Y4qlLeKY4/H6uveRB/aPc8m/qDuNO
62zqsMwFLt4D+EwRpQv6GCxi/QUrZfrPGAXq4WoT0DLr+yeswu70NUtMxHrAFdPe
uAhekri4JaGd/kd2IJU2EvoA+AuznVtQbCzb0J7wBx74DdkNs3XFCyYOP/q5cmfh
vtozMtoA3PVLwpHDFJaH
=W8Kt
-----END PGP SIGNATURE-----
Reply to: