[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://{security/2017/dsa-3796.wml}

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2017/dsa-3796.wml	2017-02-27 00:10:55.000000000 +0500
+++ russian/security/2017/dsa-3796.wml	2017-02-27 00:22:49.792113037 +0500
@@ -1,45 +1,46 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities were discovered in the Apache2 HTTP server.</p>
+<p>Ð? HTTP-Ñ?еÑ?веÑ?е Apache2 бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей.</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-0736";>CVE-2016-0736</a>
 
- -  <p>RedTeam Pentesting GmbH discovered that mod_session_crypto was
- -  vulnerable to padding oracle attacks, which could allow an attacker
- -  to guess the session cookie.</p></li>
+  <p>СоÑ?Ñ?Ñ?дники RedTeam Pentesting GmbH обнаÑ?Ñ?жили, Ñ?Ñ?о модÑ?лÑ? mod_session_crypto
+  Ñ?Ñ?звим к аÑ?акам Ñ?еÑ?ез пÑ?едÑ?казание дополнениÑ?, Ñ?Ñ?о можеÑ? позволиÑ?Ñ? злоÑ?мÑ?Ñ?ленникÑ?
+  оÑ?гадаÑ?Ñ? кÑ?ки Ñ?еÑ?Ñ?ии.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-2161";>CVE-2016-2161</a>
 
- -  <p>Maksim Malyutin discovered that malicious input to mod_auth_digest
- -  could cause the server to crash, causing a denial of service.</p></li>
+  <p>Ð?акÑ?им Ð?алÑ?Ñ?ин обнаÑ?Ñ?жил, Ñ?Ñ?о некоÑ?Ñ?екÑ?нÑ?е вÑ?однÑ?е даннÑ?е, пеÑ?едаваемÑ?е модÑ?лÑ? mod_auth_digest,
+  могÑ?Ñ? вÑ?зÑ?ваÑ?Ñ? аваÑ?ийнÑ?Ñ? оÑ?Ñ?ановкÑ? Ñ?еÑ?веÑ?а, пÑ?иводÑ? к оÑ?казÑ? в обÑ?лÑ?живании.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-8743";>CVE-2016-8743</a>
 
- -  <p>David Dennerline, of IBM Security's X-Force Researchers, and Régis
- -  Leroy discovered problems in the way Apache handled a broad pattern
- -  of unusual whitespace patterns in HTTP requests. In some
- -  configurations, this could lead to response splitting or cache
- -  pollution vulnerabilities.  To fix these issues, this update makes
- -  Apache httpd be more strict in what HTTP requests it accepts.</p>
- -
- -  <p>If this causes problems with non-conforming clients, some checks can
- -  be relaxed by adding the new directive <q>HttpProtocolOptions unsafe</q>
- -  to the configuration.</p>
+  <p>Ð?Ñ?вид Ð?еннеÑ?лайн из IBM Security's X-Force Researchers и РегиÑ?
+  Ð?еÑ?ой обнаÑ?Ñ?жили пÑ?облемÑ? в Ñ?поÑ?обе, иÑ?полÑ?зÑ?емом Apache длÑ? обÑ?абоÑ?ки оÑ?новного Ñ?аблона
+  необÑ?Ñ?нÑ?Ñ? Ñ?аблонов пÑ?обелÑ?нÑ?Ñ? Ñ?имволов в HTTP-запÑ?оÑ?аÑ?. Ð?Ñ?и некоÑ?оÑ?Ñ?Ñ?
+  наÑ?Ñ?Ñ?ойкаÑ? Ñ?Ñ?о можеÑ? пÑ?иводиÑ?Ñ? к Ñ?азбивке оÑ?веÑ?а или заÑ?ажениÑ?
+  кÑ?Ñ?а. Ð?лÑ? иÑ?пÑ?авлениÑ? Ñ?казаннÑ?Ñ? пÑ?облем в данном обновлении бÑ?ли измененÑ? наÑ?Ñ?Ñ?ойки
+  Apache httpd Ñ?ак, Ñ?Ñ?обÑ? Ñ?лÑ?жба более Ñ?Ñ?Ñ?ого оÑ?биÑ?ала пÑ?инимаемÑ?е HTTP-запÑ?оÑ?Ñ?.</p>
+
+  <p>Ð?Ñ?ли Ñ?Ñ?о бÑ?деÑ? пÑ?иводиÑ?Ñ? к пÑ?облемам в Ñ?абоÑ?е клиенÑ?ов, Ñ?о некоÑ?оÑ?Ñ?е пÑ?овеÑ?ки можно
+  оÑ?клÑ?Ñ?иÑ?Ñ? пÑ?Ñ?Ñ?м добавлениÑ? новой диÑ?екÑ?ивÑ? <q>HttpProtocolOptions unsafe</q>
+  в Ñ?айл наÑ?Ñ?Ñ?оек.</p>
 
- -<p>This update also fixes the issue where mod_reqtimeout was not enabled
- -by default on new installations.</p></li>
+<p>Ð?Ñ?оме Ñ?ого, данное обновление иÑ?пÑ?авлÑ?еÑ? пÑ?облемÑ?, из-за коÑ?оÑ?ой модÑ?лÑ? mod_reqtimeout
+не вклÑ?Ñ?алÑ?Ñ? по Ñ?молÑ?аниÑ? на Ñ?вежиÑ? Ñ?Ñ?Ñ?ановкаÑ?.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (jessie), these problems have been fixed in
- -version 2.4.10-10+deb8u8.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2.4.10-10+deb8u8.</p>
 
- -<p>For the testing (stretch) and unstable (sid) distributions, these
- -problems have been fixed in version 2.4.25-1.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом (stretch) и неÑ?Ñ?абилÑ?ном (sid) вÑ?пÑ?Ñ?каÑ? Ñ?Ñ?и
+пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в веÑ?Ñ?ии 2.4.25-1.</p>
 
- -<p>We recommend that you upgrade your apache2 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? apache2.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlizKw0ACgkQXudu4gIW
0qV4Dg//b7CzQu0W11ox099kfCpgp+nP49E6SADiuHdyYY6daFFe2BuR1g9tAcGv
u/Uztghw2MlexQmCzJZjg4/zVdrvtEKyM2aYYioW8FkBRiNR7WF1+RbM9Mfzrswi
HlGtUnXqqPm0SSW2cC+5RfgkWciLUXuisYBIw1D2xhj1cbbMh4MNzoqGP+2bJLPU
LiyCYOQVMA86fwq20vgIN3spMCPYtz/ErGgxcdAq34vg60n2zpOrVhy22aEgB7h7
JbNIPBc7CUKA17eZxjBNwuJSTNyxQEW8S70a6yjbTh8m8lCTYfX+YB87rXfLCMjh
InKoAW9oauKOY11zP4ZgILSwNrVUIwyRU/cpvAQJlGqMtnF6J5DX3El+KFWZ/LgW
fCKMkAuGQy9nauMcS63t24yzmzO9FTC3ZQLHMZjdJbNs70U7aCROnGDep3ezgwMi
ec1YlvuG4g6w19sFAk+dhdaY7DOAz5tGaKpfL1Dp4ha9bbAcrvJ96lmr3W1j7b88
wXgN+wEm3xanjn//7+DQBkBdbvwC5VTDYlFW13npL/GoIkpFYjSu3DkpYGKPpOrC
OBXqmXKfeg2WK46xg3McyNq47v6iuXNlyhowelznTDW6STH7A9kP+FpnUSpS7Wz/
PE/UW0bI3Y65j2VAnafX3AtcWt8ldLdPtfuWu4i4wx0JHiXaDKw=
=ZNgG
-----END PGP SIGNATURE-----
Reply to: