[DONE] wml://security/2005/dsa-{654,833,919}.wml
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- --- english/security/2005/dsa-654.wml 2011-05-26 16:05:42.000000000 +0600
+++ russian/security/2005/dsa-654.wml 2016-09-11 11:02:20.316637303 +0500
@@ -1,40 +1,41 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.5" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
<define-tag moreinfo>
- -<p>Erik Sjölund has discovered several security relevant problems in
- -enscript, a program to convert ASCII text into Postscript and other
- -formats. The Common Vulnerabilities and Exposures project identifies
- -the following vulnerabilities:</p>
+<p>ÐÑ?ик СÑ?Ñ?лÑ?нд обнаÑ?Ñ?жил неÑ?колÑ?ко Ñ?вÑ?заннÑ?Ñ? Ñ? безопаÑ?ноÑ?Ñ?Ñ?Ñ? пÑ?облем в
+enscript, пÑ?огÑ?амме длÑ? пÑ?еобÑ?азованиÑ? ASCII-Ñ?екÑ?Ñ?а в Postscript и дÑ?Ñ?гие
+Ñ?оÑ?маÑ?Ñ?. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures опÑ?еделÑ?еÑ?
+Ñ?ледÑ?Ñ?Ñ?ие Ñ?Ñ?звимоÑ?Ñ?и:</p>
<ul>
<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1184";>CAN-2004-1184</a>
- - <p>Unsanitised input can cause the execution of arbitrary commands
- - via EPSF pipe support. This has been disabled, also upstream.</p>
+ <p>Ð?еоÑ?иÑ?еннÑ?е вÑ?однÑ?е даннÑ?е могÑ?Ñ? вÑ?зваÑ?Ñ? вÑ?полнение пÑ?оизволÑ?нÑ?Ñ? команд
+ из-за поддеÑ?жки EPSF-канала. ÐÑ?а возможноÑ?Ñ?Ñ? бÑ?ла оÑ?клÑ?Ñ?ена (в Ñ?ом Ñ?иÑ?ле и в оÑ?новной веÑ?ке Ñ?азÑ?абоÑ?ки).</p>
<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1185";>CAN-2004-1185</a>
- - <p>Due to missing sanitising of filenames it is possible that a
- - specially crafted filename can cause arbitrary commands to be
- - executed.</p>
+ <p>Ð?з-за оÑ?Ñ?Ñ?Ñ?Ñ?Ñ?вие оÑ?иÑ?Ñ?ки имÑ?н Ñ?айлов возможно, Ñ?Ñ?о
+ Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованное имÑ? Ñ?айла можеÑ? вÑ?зваÑ?Ñ? вÑ?полнение пÑ?оизволÑ?нÑ?Ñ?
+ команд.</p>
<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1186";>CAN-2004-1186</a>
- - <p>Multiple buffer overflows can cause the program to crash.</p>
+ <p>Ð?ногоÑ?иÑ?леннÑ?е пеÑ?еполнениÑ? бÑ?Ñ?еÑ?а могÑ?Ñ? пÑ?иводиÑ?Ñ? к аваÑ?ийной оÑ?Ñ?ановке пÑ?огÑ?аммÑ?.</p>
</ul>
- -<p>Usually, enscript is only run locally, but since it is executed inside
- -of viewcvs some of the problems mentioned above can easily be turned
- -into a remote vulnerability.</p>
+<p>Ð?бÑ?Ñ?но enscript запÑ?Ñ?каеÑ?Ñ?Ñ? Ñ?олÑ?ко локалÑ?но, но поÑ?колÑ?кÑ? он запÑ?Ñ?каеÑ?Ñ?Ñ? в
+viewcvs, некоÑ?оÑ?Ñ?е пÑ?облемÑ?, Ñ?казаннÑ?е вÑ?Ñ?е, легко могÑ?Ñ? Ñ?Ñ?аÑ?Ñ? Ñ?далÑ?ннÑ?ми
+Ñ?Ñ?звимоÑ?Ñ?Ñ?ми.</p>
- -<p>For the stable distribution (woody) these problems have been fixed in
- -version 1.6.3-1.3.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (woody) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.6.3-1.3.</p>
- -<p>For the unstable distribution (sid) these problems have been fixed in
- -version 1.6.4-6.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.6.4-6.</p>
- -<p>We recommend that you upgrade your enscript package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? enscript.</p>
</define-tag>
# do not modify the following line
- --- english/security/2005/dsa-833.wml 2005-10-18 04:08:28.000000000 +0600
+++ russian/security/2005/dsa-833.wml 2016-09-11 11:23:12.914017966 +0500
@@ -1,19 +1,20 @@
- -<define-tag description>buffer overflow</define-tag>
+#use wml::debian::translation-check translation="1.5" maintainer="Lev Lamberov"
+<define-tag description>пеÑ?еполнение бÑ?Ñ?еÑ?а</define-tag>
<define-tag moreinfo>
- -<p>This update only covers binary packages for the big endian MIPS
- -architecture that was mysteriously forgotten in the earlier update.
- -For completeness below is the original advisory text:</p>
+<p>Ð?анное обновление каÑ?аеÑ?Ñ?Ñ? Ñ?олÑ?ко двоиÑ?нÑ?Ñ? пакеÑ?ов длÑ? аÑ?Ñ?иÑ?екÑ?Ñ?Ñ?Ñ? MIPS Ñ? поÑ?Ñ?дком
+байÑ?ов оÑ? Ñ?Ñ?аÑ?Ñ?его к младÑ?емÑ?, о коÑ?оÑ?ой поÑ?емÑ?-Ñ?о забÑ?ли в пÑ?едÑ?дÑ?Ñ?ем обновлении.
+Ð?лÑ? полноÑ?Ñ? ниже пÑ?иводиÑ?Ñ?Ñ? изнаÑ?алÑ?нÑ?й Ñ?екÑ?Ñ? Ñ?екомендаÑ?ии:</p>
<blockquote>
- -<p>A stack-based buffer overflow in the init_syms function of MySQL, a
- -popular database, has been discovered that allows remote authenticated
- -users who can create user-defined functions to execute arbitrary code
- -via a long function_name field. The ability to create user-defined
- -functions is not typically granted to untrusted users.</p>
+<p>Ð?Ñ?ло обнаÑ?Ñ?жено пеÑ?еполнение бÑ?Ñ?еÑ?а в Ñ?Ñ?нкÑ?ии init_syms в MySQL, попÑ?лÑ?Ñ?ной
+базе даннÑ?Ñ?, коÑ?оÑ?ое позволÑ?еÑ? Ñ?далÑ?ннÑ?м аÑ?Ñ?енÑ?иÑ?иÑ?иÑ?ованнÑ?м
+полÑ?зоваÑ?елÑ?м, коÑ?оÑ?Ñ?е могÑ?Ñ? Ñ?оздаваÑ?Ñ? полÑ?зоваÑ?елÑ?Ñ?кие Ñ?Ñ?нкÑ?ии, вÑ?полнÑ?Ñ? пÑ?оизволÑ?нÑ?й код
+Ñ? помоÑ?Ñ?Ñ? длинного полÑ? function_name. СпоÑ?обноÑ?Ñ?Ñ? Ñ?оздаваÑ?Ñ? полÑ?зоваÑ?елÑ?Ñ?кие
+Ñ?Ñ?нкÑ?ии обÑ?Ñ?но не даÑ?Ñ?Ñ?Ñ? недовеÑ?еннÑ?м полÑ?зоваÑ?елÑ?м.</p>
</blockquote>
- -<p>The following vulnerability matrix explains which version of MySQL in
- -which distribution has this problem fixed:</p>
+<p>СледÑ?Ñ?Ñ?аÑ? Ñ?аблиÑ?а обÑ?Ñ?Ñ?нÑ?еÑ? Ñ?о, в какой веÑ?Ñ?ии MySQL в
+каком вÑ?пÑ?Ñ?ке Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена:</p>
<div class="centerdiv">
<table border=1 cellspacing=0 cellpadding=2>
@@ -26,31 +27,31 @@
<tr>
<td>mysql</td>
<td>3.23.49-8.14</td>
- - <td>n/a</td>
- - <td>n/a</td>
+ <td>недоÑ?Ñ?Ñ?пно</td>
+ <td>недоÑ?Ñ?Ñ?пно</td>
</tr>
<tr>
<td>mysql-dfsg</td>
- - <td>n/a</td>
+ <td>недоÑ?Ñ?Ñ?пно</td>
<td>4.0.24-10sarge1</td>
<td>4.0.24-10sarge1</td>
</tr>
<tr>
<td>mysql-dfsg-4.1</td>
- - <td>n/a</td>
+ <td>недоÑ?Ñ?Ñ?пно</td>
<td>4.1.11a-4sarge2</td>
<td>4.1.14-2</td>
</tr>
<tr>
<td>mysql-dfsg-5.0</td>
- - <td>n/a</td>
- - <td>n/a</td>
+ <td>недоÑ?Ñ?Ñ?пно</td>
+ <td>недоÑ?Ñ?Ñ?пно</td>
<td>5.0.11beta-3</td>
</tr>
</table>
</div>
- -<p>We recommend that you upgrade your mysql-dfsg-4.1 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? mysql-dfsg-4.1.</p>
</define-tag>
# do not modify the following line
- --- english/security/2005/dsa-919.wml 2006-03-10 21:43:20.000000000 +0500
+++ russian/security/2005/dsa-919.wml 2016-09-11 11:27:44.480601448 +0500
@@ -1,42 +1,43 @@
- -<define-tag description>buffer overflow</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>пеÑ?еполнение бÑ?Ñ?еÑ?а</define-tag>
<define-tag moreinfo>
- -<p>The upstream developer of curl, a multi-protocol file transfer
- -library, informed us that the former correction to several off-by-one
- -errors are not sufficient. For completeness please find the original
- -bug description below:</p>
+<p>РазÑ?абоÑ?Ñ?ик оÑ?новной веÑ?ки Ñ?азÑ?абоÑ?ки curl, многопÑ?оÑ?околÑ?ной библиоÑ?еки
+пеÑ?едаÑ?и Ñ?айлов, Ñ?ообÑ?ил нам, Ñ?Ñ?о пÑ?едÑ?дÑ?Ñ?ее иÑ?пÑ?авление неÑ?колÑ?киÑ? оÑ?ибок
+на единиÑ?Ñ? оказалоÑ?Ñ? недоÑ?Ñ?аÑ?оÑ?нÑ?м. Ð?лÑ? полноÑ?Ñ? ниже пÑ?иводиÑ?Ñ?Ñ? изнаÑ?алÑ?ное
+опиÑ?ание оÑ?ибки:</p>
<blockquote>
- -<p>Several problems were discovered in libcurl, a multi-protocol file
- -transfer library. The Common Vulnerabilities and Exposures project
- -identifies the following problems:</p>
+<p>Ð? libcurl, многопÑ?оÑ?околÑ?ной библиоÑ?еке пеÑ?едаÑ?и Ñ?айлов, бÑ?ло обнаÑ?Ñ?жено
+неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
<ul>
<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3185";>CVE-2005-3185</a>
- - <p>A buffer overflow has been discovered in libcurl
- - that could allow the execution of arbitrary code.</p></li>
+ <p>Ð? libcurl бÑ?ло обнаÑ?Ñ?жено пеÑ?еполнение бÑ?Ñ?еÑ?а, коÑ?оÑ?ое
+ можеÑ? позволиÑ?Ñ? вÑ?полниÑ?Ñ? пÑ?оизволÑ?нÑ?й код.</p></li>
<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4077";>CVE-2005-4077</a>
- - <p>Stefan Esser discovered several off-by-one errors that allows
- - local users to trigger a buffer overflow and cause a denial of
- - service or bypass PHP security restrictions via certain URLs.</p></li>
+ <p>ШÑ?еÑ?ан ÐÑ?Ñ?еÑ? обнаÑ?Ñ?жил неÑ?колÑ?ко оÑ?ибок на единиÑ?Ñ?, коÑ?оÑ?Ñ?е позволÑ?Ñ?Ñ?
+ локалÑ?нÑ?м полÑ?зоваÑ?елÑ?м вÑ?зÑ?ваÑ?Ñ? пеÑ?еполнение бÑ?Ñ?еÑ?а и оÑ?каз в обÑ?лÑ?живании
+ или обÑ?одиÑ?Ñ? огÑ?аниÑ?ениÑ? безопаÑ?ноÑ?Ñ?и PHP Ñ? помоÑ?Ñ?Ñ? опÑ?еделÑ?ннÑ?Ñ? URL.</p></li>
</ul>
</blockquote>
- -<p>For the old stable distribution (woody) these problems have been fixed in
- -version 7.9.5-1woody2.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (woody) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 7.9.5-1woody2.</p>
- -<p>For the stable distribution (sarge) these problems have been fixed in
- -version 7.13.2-2sarge5. This update also includes a bugfix against
- -data corruption.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sarge) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 7.13.2-2sarge5. Ð?Ñ?оме Ñ?ого, данное обновление вклÑ?Ñ?аеÑ? в Ñ?ебÑ? иÑ?пÑ?авление
+оÑ?ибки Ñ? повÑ?еждением даннÑ?Ñ?.</p>
- -<p>For the unstable distribution (sid) these problems have been fixed in
- -version 7.15.1-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 7.15.1-1.</p>
- -<p>We recommend that you upgrade your libcurl packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? libcurl.</p>
</define-tag>
# do not modify the following line
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJX1PljAAoJEF7nbuICFtKlEUkQAIRGmKUY34gYMFdRMCTqClar
H+KJnEInpdXKoz0p5+hDAWGHput6bXxDR73WCFlm7vrmSWS07IxNxJrY+cp5YgX1
YPdBCRhcwp02nCwQotgji/XgznPPU9ah+IEjxeBifsYVShvenRnuv0ZNsSxosIku
wXd5RQx7mdzUsR68gZaBEEmDjfj61DY2i9IDZ7Ct3+3u/Txhuy8Fw9SmBoXPbZ2W
bzDygyCzLJGfidr5MnuR8t/4uY7vSzav1iQLwsDFbAocrCcgpUPULn9cuCagyage
VYZ/LE6peUvyDAROLLxah86WoNkLVx4KuHiRW+lPhrIpb31eKt+cIbIHeEk/lHk4
eowtUzSSNyZ0LOemr0GdHPVafwTiDHXQR6LlvjjDucNEjwRRdyr/dOThze3agym0
pSz7JdcXpmqWhq/fKSSQmgRonYqtKb1TKuxS7fUnPZthBB27Y8m8qv+sKIFx/ExS
Yj3oi8sG2BW8g/ADwP6K5LUPjOv5wHHXtq4yNgkHiNFSC/F+192PszknMKfuiws+
p0k6IFbgfvJQ3iIWoVP/5xdAl6DV3uSsFNZ8nfuUhOjkMyjK8Ri4D3U3F5qLwhmZ
gJzvJaCpCNc0TSz79LqKq80EIcDwcpxQ1vUJbzlFcVafLRA0Vhj3kvUH9IGVY/Ow
nDjvp/wxvyK7SIz3cc1V
=JEUQ
-----END PGP SIGNATURE-----
Reply to: