Re: [DONE] wml://security/2005/dsa-{666,893,756}.wml

To: debian-l10n-russian@lists.debian.org
Subject: Re: [DONE] wml://security/2005/dsa-{666,893,756}.wml
From: Andrey Skvortsov <andrej.skvortzov@gmail.com>
Date: Mon, 5 Sep 2016 13:33:13 +0300
Message-id: <[🔎] 20160905103313.GC6693@localhost.localdomain>
Mail-followup-to: debian-l10n-russian@lists.debian.org
In-reply-to: <E1bdCQm-00064S-Jt@riseup.net>
References: <E1bdCQm-00064S-Jt@riseup.net>

On 26 Aug, Lev Lamberov wrote:
> - --- english/security/2005/dsa-893.wml	2005-11-14 17:02:29.000000000 +0500
> +++ russian/security/2005/dsa-893.wml	2016-08-26 13:20:06.744507955 +0500
> @@ -1,29 +1,30 @@
> - -<define-tag description>missing input sanitising</define-tag>
> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
> +<define-tag description>отсутствие очистки входных данных</define-tag>
>  <define-tag moreinfo>
> - -<p>Remco Verhoef has discovered a vulnerability in acidlab, Analysis
> - -Console for Intrusion Databases, and in acidbase, Basic Analysis and
> - -Security Engine, which can be exploited by malicious users to conduct
> - -SQL injection attacks.</p>
> - -
> - -<p>The maintainers of Analysis Console for Intrusion Databases (ACID) in Debian,
> - -of which BASE is a fork off, after a security audit of both BASE and ACID
> - -have determined that the flaw found not only affected the base_qry_main.php (in
> - -BASE) or acid_qry_main.php (in ACID) component but was also found in other
> - -elements of the consoles due to improper parameter validation and filtering.</p>
> - -
> - -<p>All the SQL injection bugs and Cross Site Scripting bugs found have been
> - -fixed in the Debian package, closing all the different attack vectors detected.</p>
> - -
> - -<p>For the old stable distribution (woody) this problem has been fixed in
> - -version 0.9.6b20-2.1.</p>
> +<p>Ремко Вкрхоф обнаружил уязвимости в acidlab, Analysis
> +Console for Intrusion Databases, и в acidbase, Basic Analysis and
> +Security Engine, которые могут использоваться злоумышленниками для выполнения
> +SQL-инъекций.</p>
> +
> +<p>Сопровождающие Analysis Console for Intrusion Databases (ACID) в Debian,
> +ответвление которого является BASE, после аудита безопасности BASE и ACID
> +определили, что эта уязвимость касается не только компонентов base_qry_main.php (в
> +BASE) или acid_qry_main.php (в ACID), но присутствует и в других
> +элементах консолей из-за неправильного проверки и фильтрации параметров.</p>
неправильноЙ


-- 
Best regards,
Andrey Skvortsov

Attachment: signature.asc
Description: PGP signature

Reply to:

Follow-Ups:
- Re: [DONE] wml://security/2005/dsa-{666,893,756}.wml
  - From: Lev Lamberov <dogsleg@debian.org>

Prev by Date: Re: [DONE] wml://security/2005/dsa-{760,652,662}.wml
Next by Date: Re: [DONE] wml://security/2005/dsa-{771,715,918}.wml
Previous by thread: Re: [DONE] wml://security/2005/dsa-{760,652,662}.wml
Next by thread: Re: [DONE] wml://security/2005/dsa-{666,893,756}.wml
Index(es):
- Date
- Thread