[DONE] wml://security/2017/dsa-39{59,60,61,62,63}.wml

[Lev Lamberov <dogsleg@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2017/dsa-3959.wml	2017-08-30 01:02:47.000000000 +0500
+++ russian/security/2017/dsa-3959.wml	2017-09-04 22:46:16.137431268 +0500
@@ -1,18 +1,19 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Daniel Genkin, Luke Valenta and Yuval Yarom discovered that Libgcrypt
- -is prone to a local side-channel attack against the ECDH encryption with
- -Curve25519, allowing recovery of the private key.</p>
+<p>Ð?Ñ?ниел Ð?енкин, Ð?Ñ?к Ð?аленÑ?а и Ювал ЯÑ?ом обнаÑ?Ñ?жили, Ñ?Ñ?о библиоÑ?ека Libgcrypt
+Ñ?Ñ?звима к аÑ?акам Ñ?еÑ?ез Ñ?Ñ?оÑ?онние каналÑ?. УÑ?звимоÑ?Ñ?Ñ? каÑ?аеÑ?Ñ?Ñ? ECDH-Ñ?иÑ?Ñ?ованиÑ? Ñ?
+иÑ?полÑ?зованием Curve25519 и позволÑ?еÑ? воÑ?Ñ?Ñ?ановиÑ?Ñ? закÑ?Ñ?Ñ?Ñ?й клÑ?Ñ?.</p>
 
- -<p>See <a href="https://eprint.iacr.org/2017/806";>https://eprint.iacr.org/2017/806</a> for details.</p>
+<p>Ð?одÑ?обноÑ?Ñ?и Ñ?м. по адÑ?еÑ?Ñ? <a href="https://eprint.iacr.org/2017/806";>https://eprint.iacr.org/2017/806</a>.</p>
 
- -<p>For the stable distribution (stretch), this problem has been fixed in
- -version 1.7.6-2+deb9u2.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (stretch) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1.7.6-2+deb9u2.</p>
 
- -<p>For the unstable distribution (sid), this problem has been fixed in
- -version 1.7.9-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 1.7.9-1.</p>
 
- -<p>We recommend that you upgrade your libgcrypt20 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? libgcrypt20.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2017/dsa-3960.wml	2017-09-02 01:21:46.000000000 +0500
+++ russian/security/2017/dsa-3960.wml	2017-09-04 22:49:49.875885044 +0500
@@ -1,16 +1,17 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot
- -Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal and
- -Yuval Yarom discovered that GnuPG is prone to a local side-channel
- -attack allowing full key recovery for RSA-1024.</p>
+<p>Ð?Ñ?ниел Ð?еÑ?нÑ?Ñ?айн, Ð?оаким Ð?Ñ?айÑ?неÑ?, Ð?Ñ?ниел Ð?енкин, Ð?еон Ð?Ñ?Ñ?Ñ?
+Ð?Ñ?Ñ?индеÑ?инк, Ð?адиа ХенингеÑ?, ТанÑ? Ð?анге, Ð?Ñ?иÑ?Ñ?иан ван Ð?Ñ?едендаал и
+Ювал ЯÑ?ом обнаÑ?Ñ?жили, Ñ?Ñ?о набоÑ? пÑ?огÑ?амм GnuPG Ñ?Ñ?звим к локалÑ?ной аÑ?аке
+Ñ?еÑ?ез Ñ?Ñ?оÑ?онние каналÑ?, позволÑ?Ñ?Ñ?ей полноÑ?Ñ?Ñ?Ñ? воÑ?Ñ?Ñ?ановиÑ?Ñ? клÑ?Ñ? RSA-1024.</p>
 
- -<p>See <a href="https://eprint.iacr.org/2017/627";>https://eprint.iacr.org/2017/627</a> for details.</p>
+<p>Ð?одÑ?обноÑ?Ñ?и Ñ?м. по адÑ?еÑ?Ñ? <a href="https://eprint.iacr.org/2017/627";>https://eprint.iacr.org/2017/627</a>.</p>
 
- -<p>For the oldstable distribution (jessie), this problem has been fixed
- -in version 1.4.18-7+deb8u4.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена
+в веÑ?Ñ?ии 1.4.18-7+deb8u4.</p>
 
- -<p>We recommend that you upgrade your gnupg packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? gnupg.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2017/dsa-3961.wml	2017-09-03 11:03:42.000000000 +0500
+++ russian/security/2017/dsa-3961.wml	2017-09-04 22:52:27.730621992 +0500
@@ -1,20 +1,21 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>A double-free vulnerability was discovered in the gdImagePngPtr()
- -function in libgd2, a library for programmatic graphics creation and
- -manipulation, which may result in denial of service or potentially the
- -execution of arbitrary code if a specially crafted file is processed.</p>
+<p>Ð? Ñ?Ñ?нкÑ?ии gdImagePngPtr() из libgd2, библиоÑ?еки длÑ? Ñ?озданиÑ? и Ñ?абоÑ?Ñ?
+Ñ? пÑ?огÑ?аммиÑ?Ñ?емой гÑ?аÑ?икой, бÑ?ло обнаÑ?Ñ?жено двойное оÑ?вобождение памÑ?Ñ?и,
+коÑ?оÑ?ое можеÑ? пÑ?иводиÑ?Ñ? к оÑ?казÑ? в обÑ?лÑ?живании или поÑ?енÑ?иалÑ?номÑ? вÑ?полнениÑ?
+пÑ?оизволÑ?ного кода в Ñ?лÑ?Ñ?ае обÑ?абоÑ?ки Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованного Ñ?айла.</p>
 
- -<p>For the oldstable distribution (jessie), this problem has been fixed
- -in version 2.1.0-5+deb8u11.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена
+в веÑ?Ñ?ии 2.1.0-5+deb8u11.</p>
 
- -<p>For the stable distribution (stretch), this problem has been fixed in
- -version 2.2.4-2+deb9u2.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (stretch) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 2.2.4-2+deb9u2.</p>
 
- -<p>For the unstable distribution (sid), this problem has been fixed in
- -version 2.2.5-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 2.2.5-1.</p>
 
- -<p>We recommend that you upgrade your libgd2 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? libgd2.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2017/dsa-3962.wml	2017-09-03 18:33:11.000000000 +0500
+++ russian/security/2017/dsa-3962.wml	2017-09-04 22:56:35.115519789 +0500
@@ -1,25 +1,26 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>A denial of service vulnerability was identified in strongSwan, an IKE/IPsec
- -suite, using Google's OSS-Fuzz fuzzing project.</p>
+<p>Ð? strongSwan, набоÑ?е IKE/IPsec, Ñ? помоÑ?Ñ?Ñ? пÑ?оекÑ?а Google OSS-Fuzz, непÑ?еÑ?Ñ?вного
+неÑ?Ñ?Ñ?кого Ñ?еÑ?Ñ?иÑ?ованиÑ?, бÑ?л обнаÑ?Ñ?жена оÑ?каз в обÑ?лÑ?живании.</p>
 
- -<p>The gmp plugin in strongSwan had insufficient input validation when verifying
- -RSA signatures. This coding error could lead to a null pointer dereference,
- -leading to process crash.</p>
+<p>Ð?ополнение gmp в strongSwan вÑ?полнÑ?еÑ? недоÑ?Ñ?аÑ?оÑ?нÑ?Ñ? пÑ?овеÑ?кÑ? вÑ?однÑ?Ñ?
+даннÑ?Ñ? пÑ?и пÑ?овеÑ?ке RSA-подпиÑ?ей. ЭÑ?а оÑ?ибка пÑ?огÑ?аммиÑ?ованиÑ? можеÑ? пÑ?иводиÑ?Ñ? к
+Ñ?азÑ?менованиÑ? null-Ñ?казаÑ?елÑ?, Ñ?Ñ?о пÑ?иводиÑ? к аваÑ?ийной оÑ?Ñ?ановке пÑ?оÑ?еÑ?Ñ?а.</p>
 
- -<p>For the oldstable distribution (jessie), this problem has been fixed
- -in version 5.2.1-6+deb8u5.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена
+в веÑ?Ñ?ии 5.2.1-6+deb8u5.</p>
 
- -<p>For the stable distribution (stretch), this problem has been fixed in
- -version 5.5.1-4+deb9u1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (stretch) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 5.5.1-4+deb9u1.</p>
 
- -<p>For the testing distribution (buster), this problem has been fixed
- -in version 5.6.0-1.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом вÑ?пÑ?Ñ?ке (buster) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена
+в веÑ?Ñ?ии 5.6.0-1.</p>
 
- -<p>For the unstable distribution (sid), this problem has been fixed in
- -version 5.6.0-1.</p>
+<p>Ð? неÑ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (sid) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 5.6.0-1.</p>
 
- -<p>We recommend that you upgrade your strongswan packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? strongswan.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2017/dsa-3963.wml	2017-09-04 12:21:45.000000000 +0500
+++ russian/security/2017/dsa-3963.wml	2017-09-04 23:02:29.155309213 +0500
@@ -1,37 +1,38 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Several issues were discovered in Mercurial, a distributed revision
- -control system.</p>
+<p>Ð? Mercurial, Ñ?аÑ?пÑ?еделÑ?нной Ñ?иÑ?Ñ?еме Ñ?пÑ?авлениÑ? веÑ?Ñ?иÑ?ми, бÑ?ло обнаÑ?Ñ?жено
+неÑ?колÑ?ко пÑ?облем.</p>
 
 <ul>
 
- -<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-9462";>CVE-2017-9462</a> 
- -  (fixed in stretch only)
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-9462";>CVE-2017-9462</a>
+  (иÑ?пÑ?авлено Ñ?олÑ?ко в stretch)
 
- -  <p>Jonathan Claudius of Mozilla discovered that repositories served
- -  over stdio could be tricked into granting authorized users access to
- -  the Python debugger.</p></li>
+  <p>Ð?жонаÑ?ан Ð?лаÑ?диÑ?Ñ? из Mozilla обнаÑ?Ñ?жил, Ñ?Ñ?о Ñ?епозиÑ?оÑ?ии, обÑ?лÑ?живаемÑ?е
+  Ñ?еÑ?ез stdio, могÑ?Ñ? пÑ?едоÑ?Ñ?авлÑ?Ñ?Ñ? авÑ?оÑ?изованнÑ?м полÑ?зоваÑ?елÑ?м доÑ?Ñ?Ñ?п к
+  оÑ?ладÑ?икÑ? Python.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-1000115";>CVE-2017-1000115</a>
 
- -  <p>Mercurial's symlink auditing was incomplete, and could be abused to
- -  write files outside the repository.</p></li>
+  <p>Ð?Ñ?диÑ? Ñ?имволÑ?нÑ?Ñ? Ñ?Ñ?Ñ?лок в Mercurial оказалÑ?Ñ? неполнÑ?м, Ñ?имволÑ?нÑ?е Ñ?Ñ?Ñ?лки могÑ?Ñ?
+  иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? длÑ? запиÑ?и Ñ?айлов за пÑ?еделами Ñ?епозиÑ?оÑ?иÑ?.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-1000116";>CVE-2017-1000116</a>
 
- -  <p>Joern Schneeweisz discovered that Mercurial did not correctly handle
- -  maliciously constructed ssh:// URLs. This allowed an attacker to run
- -  an arbitrary shell command.</p></li>
+  <p>Ð?оÑ?н ШÑ?ивайÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о Mercurial непÑ?авилÑ?но обÑ?абаÑ?Ñ?ваеÑ? Ñ?пеÑ?иалÑ?но
+  Ñ?Ñ?оÑ?миÑ?ованнÑ?е URL вида ssh://. ЭÑ?о позволÑ?еÑ? злоÑ?мÑ?Ñ?ленникÑ? запÑ?Ñ?каÑ?Ñ? пÑ?оизволÑ?нÑ?е
+  командÑ? командной оболоÑ?ки.</p></li>
 
 </ul>
 
- -<p>For the oldstable distribution (jessie), these problems have been fixed
- -in version 3.1.2-2+deb8u4.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 3.1.2-2+deb8u4.</p>
 
- -<p>For the stable distribution (stretch), these problems have been fixed in
- -version 4.0-1+deb9u1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (stretch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 4.0-1+deb9u1.</p>
 
- -<p>We recommend that you upgrade your mercurial packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? mercurial.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlmtlToACgkQXudu4gIW
0qUgzw//ZPmqCzmdAK2THn3rB9ys+Yt2Zqj5HZqULsyze0iXWrI1xQ8kasGQjFLu
XF2mMZYXNsVtJe4b18bds/qH9nbWyiizljGCNSf/kdojBHRjOrEKiHKr2JTFeJZd
Psp9XPj2cchv/BXTeoDzafKpHW1/bxtLUAWfLjag4iH5ksEfggtUNsNJq9NN9Jip
jFGVGqX6AgaMCy5e1XlgbfJ0pmlZGdjxFaSGdU0KQGvDyqwZoBb4NYtpy/KG4TkV
X7MWBV5G7pC8quBtMYbxGKw/NqJpQqc52rwRfl61RfNrvVAHqJBgAIK/npaYUyN1
h7xs0uYniaE07fIK5IQV9kybp7rHq7EWURZW8+C63bFA/YwuFeNrKwvfEe4ucgdr
g5KkiAy35yEM6laDdtNER8EI0C3M4aiqeO6rQeNLxRAZWAc/T6PFi8VfuEBewnQa
y5sxQjlJZyX/8Fl+Bn+MfUdsFz7KOWrWqKSjWRmmobOKiIc1zrFezDrRC6KxjuD+
1wsEs61VZVDjyk9fWAgwX1zL6hyQVyr5pCCAC8y3xTePbVFT20okNvwSDt3bGBBW
+ccLyHcXc0zYMBgaPRwc2hhvlQxC/Hg+wyxRK3FpmdjA7fBgo8XXIuTvHzAU58Qi
7HIopYoYwSV17/Um3nt4ZeNclaWKtUh/LoU/F+4WNQzEckFGD00=
=eYHb
-----END PGP SIGNATURE-----