[DONE] wml://security/2010/dsa-21{25,39}.wml

[Lev Lamberov <dogsleg@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2010/dsa-2125.wml	2011-01-08 01:50:40.000000000 +0500
+++ russian/security/2010/dsa-2125.wml	2016-09-16 23:36:20.918246113 +0500
@@ -1,34 +1,35 @@
- -<define-tag description>buffer overflow</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>пеÑ?еполнение бÑ?Ñ?еÑ?а</define-tag>
 <define-tag moreinfo>
- -<p>A flaw has been found in the OpenSSL TLS server extension code parsing
- -which on affected servers can be exploited in a buffer overrun attack.
- -This allows an attacker to cause an application crash or potentially to
- -execute arbitrary code.</p>
- -
- -<p>However, not all OpenSSL based SSL/TLS servers are vulnerable: a server
- -is vulnerable if it is multi-threaded and uses OpenSSL's internal caching
- -mechanism.  In particular the Apache HTTP server (which never uses OpenSSL
- -internal caching) and Stunnel (which includes its own workaround) are NOT
- -affected.</p>
- -
- -<p>This upgrade fixes this issue. After the upgrade, any services using the
- -openssl libraries need to be restarted. The checkrestart script from the
- -debian-goodies package or lsof can help to find out which services need
- -to be restarted.</p>
- -
- -<p>A note to users of the tor packages from the Debian backports or Debian
- -volatile: this openssl update causes problems with some versions of tor.
- -You need to update to tor 0.2.1.26-4~bpo50+1 or 0.2.1.26-1~lennyvolatile2,
- -respectively. The tor package version 0.2.0.35-1~lenny2 from Debian stable
- -is not affected by these problems.</p>
+<p>Ð? коде длÑ? гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а Ñ?аÑ?Ñ?иÑ?ений длÑ? TLS-Ñ?еÑ?веÑ?а OpenSSL
+бÑ?ла обнаÑ?Ñ?жена Ñ?Ñ?звимоÑ?Ñ?Ñ?, коÑ?оÑ?аÑ? на Ñ?Ñ?звимÑ?Ñ? Ñ?еÑ?веÑ?аÑ? можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? длÑ?
+вÑ?зова пеÑ?еполнениÑ? бÑ?Ñ?еÑ?а. ЭÑ?о позволÑ?еÑ? злоÑ?мÑ?Ñ?ленникÑ? вÑ?зÑ?ваÑ?Ñ? аваÑ?ийнÑ?Ñ?
+оÑ?Ñ?ановкÑ? пÑ?иложениÑ? или поÑ?енÑ?иалÑ?но вÑ?полнÑ?Ñ?Ñ? пÑ?оизволÑ?нÑ?й код.</p>
+
+<p>Тем не менее, Ñ?Ñ?звимÑ? не вÑ?е SSL/TLS-Ñ?еÑ?веÑ?Ñ? на оÑ?нове OpenSSL: Ñ?еÑ?веÑ?
+Ñ?Ñ?звим в Ñ?ом Ñ?лÑ?Ñ?ае, еÑ?ли он поддеÑ?живаеÑ? многопоÑ?оÑ?ноÑ?Ñ?Ñ? и иÑ?полÑ?зÑ?еÑ? внÑ?Ñ?Ñ?енний
+меÑ?анизм кеÑ?иÑ?ованиÑ? OpenSSL.  Ð? Ñ?аÑ?Ñ?ноÑ?Ñ?и, HTTP-Ñ?еÑ?веÑ? Apache (коÑ?оÑ?Ñ?й никогда не
+иÑ?полÑ?зÑ?еÑ? внÑ?Ñ?Ñ?еннее кеÑ?иÑ?ование OpenSSL) и Stunnel (коÑ?оÑ?Ñ?й имееÑ? Ñ?воÑ? Ñ?еÑ?ение пÑ?облемÑ?)
+Ð?Ð? Ñ?Ñ?звимÑ?.</p>
+
+<p>Ð?анное обновление иÑ?пÑ?авлÑ?еÑ? Ñ?Ñ?Ñ? пÑ?облемÑ?. Ð?оÑ?ле обновлениÑ? Ñ?ледÑ?еÑ? пеÑ?езапÑ?Ñ?Ñ?иÑ?Ñ?
+вÑ?е Ñ?лÑ?жбÑ?, иÑ?полÑ?зÑ?Ñ?Ñ?ие библиоÑ?еки openssl. СÑ?енаÑ?ий checkrestart из пакеÑ?а
+debian-goodies или пÑ?огÑ?амма lsof могÑ?Ñ? помоÑ?Ñ? в опÑ?еделении Ñ?ого, какие Ñ?лÑ?жбÑ?
+Ñ?Ñ?ебÑ?еÑ?Ñ?Ñ? пеÑ?езапиÑ?Ñ?иÑ?Ñ?.</p>
+
+<p>Ð?амеÑ?ание длÑ? полÑ?зоваÑ?елей пакеÑ?ов tor из аÑ?Ñ?ива обÑ?аÑ?нÑ?Ñ? пеÑ?еноÑ?ов Debian или из
+volatile-аÑ?Ñ?ива Debian: данное обновление openssl вÑ?зÑ?ваеÑ? пÑ?облемÑ? Ñ? некоÑ?оÑ?Ñ?мим веÑ?Ñ?иÑ?ми tor.
+Ð?ам Ñ?ледÑ?еÑ? вÑ?полниÑ?Ñ? обновление tor до веÑ?Ñ?ии 0.2.1.26-4~bpo50+1 или 0.2.1.26-1~lennyvolatile2.
+Ð?аке tor веÑ?Ñ?ии 0.2.0.35-1~lenny2 из Ñ?Ñ?абилÑ?ного вÑ?пÑ?Ñ?ка Debian
+не подвеÑ?жен Ñ?казаннÑ?м пÑ?облемам.</p>
 
- -<p>For the stable distribution (lenny), the problem has been fixed in
- -openssl version 0.9.8g-15+lenny9.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+пакеÑ?е openssl веÑ?Ñ?ии 0.9.8g-15+lenny9.</p>
 
- -<p>For the testing distribution (squeeze) and the unstable distribution
- -(sid), this problem has been fixed in version 0.9.8o-3.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом (squeeze) и неÑ?Ñ?абилÑ?ном (sid) вÑ?пÑ?Ñ?каÑ?
+Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в веÑ?Ñ?ии 0.9.8o-3.</p>
 
- -<p>We recommend that you upgrade your openssl packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? openssl.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2010/dsa-2139.wml	2014-04-30 15:22:54.000000000 +0600
+++ russian/security/2010/dsa-2139.wml	2016-09-16 23:40:29.056750057 +0500
@@ -1,36 +1,37 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in phpMyAdmin, a tool
- -to administer MySQL over the web. The Common Vulnerabilities and Exposures
- -project identifies the following problems:</p>
+<p>Ð? phpMyAdmin, инÑ?Ñ?Ñ?Ñ?менÑ?е длÑ? админиÑ?Ñ?Ñ?иÑ?ованиÑ? MySQL Ñ?еÑ?ез веб, бÑ?ло
+обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2010-4329";>CVE-2010-4329</a>
 
- -  <p>Cross site scripting was possible in search, that allowed
- -  a remote attacker to inject arbitrary web script or HTML.</p></li>
+  <p>Ð?а Ñ?Ñ?Ñ?аниÑ?е поиÑ?ка возможен межÑ?айÑ?овÑ?й Ñ?кÑ?ипÑ?инг, позволÑ?Ñ?Ñ?ий
+  Ñ?далÑ?нномÑ? злоÑ?мÑ?Ñ?ленникÑ? вводиÑ?Ñ? пÑ?оизволÑ?нÑ?й веб-Ñ?Ñ?енаÑ?ий или код HTML.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2010-4480";>CVE-2010-4480</a>
 
- -  <p>Cross site scripting was possible in errors, that allowed
- -  a remote attacker to inject arbitrary web script or HTML.</p></li>
+  <p>Ð?а Ñ?Ñ?Ñ?аниÑ?е оÑ?ибок возможен межÑ?айÑ?овÑ?й Ñ?кÑ?ипÑ?инг, позволÑ?Ñ?Ñ?ий
+  Ñ?далÑ?нномÑ? злоÑ?мÑ?Ñ?ленникÑ? вводиÑ?Ñ? пÑ?оизволÑ?нÑ?й веб-Ñ?Ñ?енаÑ?ий или код HTML.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2010-4481";>CVE-2010-4481</a>
 
- -  <p>Display of PHP's phpinfo() function was available to world, but only
- -  if this functionality had been enabled (defaults to off). This may
- -  leak some information about the host system.</p></li>
+  <p>Ð?Ñ?обÑ?ажение PHP-Ñ?Ñ?нкÑ?ии phpinfo() доÑ?Ñ?Ñ?пно вÑ?ем полÑ?зоваÑ?елÑ?м, но Ñ?олÑ?ко
+  в Ñ?ом Ñ?лÑ?Ñ?ае, еÑ?ли Ñ?Ñ?а Ñ?Ñ?нкÑ?ионалÑ?ноÑ?Ñ?Ñ? вклÑ?Ñ?ена (по Ñ?молÑ?аниÑ? она вÑ?клÑ?Ñ?ена). ЭÑ?о
+  можеÑ? пÑ?иводиÑ?Ñ? к Ñ?Ñ?еÑ?ке некоÑ?оÑ?ой инÑ?оÑ?маÑ?ии о Ñ?иÑ?Ñ?еме.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (lenny), these problems have been fixed in
- -version 2.11.8.1-5+lenny7.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2.11.8.1-5+lenny7.</p>
 
- -<p>For the testing (squeeze) and unstable distribution (sid), these problems
- -have been fixed in version 3.3.7-3.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом (squeeze) и неÑ?Ñ?абилÑ?ном (sid) вÑ?пÑ?Ñ?каÑ? Ñ?Ñ?и
+пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии 3.3.7-3.</p>
 
- -<p>We recommend that you upgrade your phpmyadmin package.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ? phpmyadmin.</p>
 
 <p>Further information about Debian Security Advisories, how to apply
 these updates to your system and frequently asked questions can be
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJX3DyfAAoJEF7nbuICFtKllHkQAK4JuHkAX6Df48NdgoLYeqOR
yFs5saMhwqcHQ94zCxFo+YWy2XKcKpwtL7bqZWnVhKImaz14AxhvBLJYbp9/L/Qf
SZHcQ3H16921wE88qox49+B48A3QqwLI80DFJDAxB9CAd+KQdZkrJNr/BfUljvv9
BYpjXoNojkHBjaoAuJe9iPkI5/E8Ok0Tfj58118MHetkOj42KwiE00rZqZ+N/lo/
KzcTXmF2lzcwqAB3+Tt+Fao9anhRxFCVMVdNnSGifmpNdtO7ZewFVTYw/7togxPe
L9BUB0pHQ6TLQTgSDdMd0UoCPV44ZE7saRljleDVPlYl9sg3VuZiqwNXA1Mlis6N
4+kXtSllCfDLC+AjbY728bITkMuh1tT1J2an5EPUlI/L2zKwYXDrNhrBVIsKpTMu
w3Flh9bAUFxy5kUAlIKHewYpq0xegAZ8JzZ5pa7QJWkOMMsV0wObZJfD2F9SlY48
RhRJOQPffBMFR9Pcb2DlxvUeVatb65wnkxuhKS3t3ON72P3bxwB9MeTjhusyJM45
kJnJ0A6pjGwsQwPF2vEZoYOwi/qjqn/dsL5A/9xkLIEQElfCtheAoWIeDlAW6AfK
SolW+1qINpa7JQGOXMC4+Fd2HLn+gwEwrahcWRkMsd+Kd2TF9ObpyQnSpOTHlbo8
+jUDCOu5eZkFkL4L4eru
=tS+K
-----END PGP SIGNATURE-----