[DONE] wml://security/2017/dsa-399{2,3}.wml

[Lev Lamberov <dogsleg@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2017/dsa-3992.wml	2017-10-07 01:44:57.000000000 +0500
+++ russian/security/2017/dsa-3992.wml	2017-10-07 10:15:16.660305550 +0500
@@ -1,41 +1,42 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in cURL, an URL transfer
- -library. The Common Vulnerabilities and Exposures project identifies the
- -following problems:</p>
+<p>Ð? cURL, библиоÑ?еке пеÑ?едаÑ?и URL, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко
+Ñ?Ñ?звимоÑ?Ñ?ей. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures опÑ?еделÑ?еÑ?
+Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-1000100";>CVE-2017-1000100</a>
 
- -    <p>Even Rouault reported that cURL does not properly handle long file
- -    names when doing an TFTP upload. A malicious HTTP(S) server can take
- -    advantage of this flaw by redirecting a client using the cURL
- -    library to a crafted TFTP URL and trick it to send private memory
- -    contents to a remote server over UDP.</p></li>
+    <p>Эвен Ð Ñ?алÑ? Ñ?ообÑ?ил, Ñ?Ñ?о cURL непÑ?авилÑ?но обÑ?абаÑ?Ñ?ваеÑ? длиннÑ?е имена
+    Ñ?айлов пÑ?и вÑ?полнении загÑ?Ñ?зки по TFTP. Ð?Ñ?едоноÑ?нÑ?й Ñ?еÑ?веÑ? HTTP(S) можеÑ? иÑ?полÑ?зоваÑ?Ñ?
+    Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ?, пеÑ?енапÑ?авлÑ?Ñ? клиенÑ?а, иÑ?полÑ?зÑ?Ñ?Ñ?его библиоÑ?екÑ? cURL,
+    на Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?й URL TFTP, Ñ?Ñ?о пÑ?иводиÑ? к Ñ?омÑ?, Ñ?Ñ?о клиенÑ? оÑ?пÑ?авлÑ?еÑ?
+    на Ñ?далÑ?ннÑ?й Ñ?еÑ?веÑ? Ñ?одеÑ?жимое памÑ?Ñ?и по UDP.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-1000101";>CVE-2017-1000101</a>
 
- -    <p>Brian Carpenter and Yongji Ouyang reported that cURL contains a flaw
- -    in the globbing function that parses the numerical range, leading to
- -    an out-of-bounds read when parsing a specially crafted URL.</p></li>
+    <p>Ð?Ñ?айан Ð?аÑ?пенÑ?еÑ? и Ð?жонгджи Ð?Ñ?Ñ?н Ñ?ообÑ?или, Ñ?Ñ?о cURL Ñ?одеÑ?жиÑ? Ñ?Ñ?звимоÑ?Ñ?Ñ? в
+    Ñ?Ñ?нкÑ?ии подÑ?Ñ?ановки, вÑ?полнÑ?Ñ?Ñ?ей гÑ?аммаÑ?иÑ?еÑ?кий Ñ?азбоÑ? Ñ?иÑ?ловÑ?Ñ? оÑ?Ñ?езков, Ñ?Ñ?о пÑ?иводиÑ? к
+    Ñ?Ñ?ениÑ? за пÑ?еделами вÑ?деленного бÑ?Ñ?еÑ?а пÑ?и Ñ?азбоÑ?е Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованнÑ?Ñ? URL.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-1000254";>CVE-2017-1000254</a>
 
- -    <p>Max Dymond reported that cURL contains an out-of-bounds read flaw in
- -    the FTP PWD response parser. A malicious server can take advantage
- -    of this flaw to effectively prevent a client using the cURL library
- -    to work with it, causing a denial of service.</p></li>
+    <p>Ð?акÑ? Ð?Ñ?мон Ñ?ообÑ?ил, Ñ?Ñ?о cURL Ñ?одеÑ?жиÑ? Ñ?Ñ?ение за пÑ?еделами вÑ?деленного бÑ?Ñ?еÑ?а памÑ?Ñ?и в
+    коде длÑ? вÑ?полнениÑ? гÑ?аммаÑ?иÑ?еÑ?кого Ñ?азбоÑ?а FTP-оÑ?веÑ?а PWD. Ð?Ñ?едоноÑ?нÑ?й Ñ?еÑ?веÑ? можеÑ? иÑ?полÑ?зоваÑ?Ñ?
+    Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? Ñ?ого, Ñ?Ñ?обÑ? помеÑ?аÑ?Ñ? клиенÑ?Ñ?, иÑ?полÑ?зÑ?Ñ?Ñ?егомÑ? библиоÑ?екÑ? cURL,
+    Ñ?абоÑ?аÑ?Ñ? Ñ? Ñ?Ñ?им Ñ?еÑ?веÑ?ом, Ñ?Ñ?о вÑ?зÑ?ваеÑ? оÑ?каз в обÑ?лÑ?живании.</p></li>
 
 </ul>
 
- -<p>For the oldstable distribution (jessie), these problems have been fixed
- -in version 7.38.0-4+deb8u6.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 7.38.0-4+deb8u6.</p>
 
- -<p>For the stable distribution (stretch), these problems have been fixed in
- -version 7.52.1-5+deb9u1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (stretch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 7.52.1-5+deb9u1.</p>
 
- -<p>We recommend that you upgrade your curl packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? curl.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2017/dsa-3993.wml	2017-10-07 09:44:20.000000000 +0500
+++ russian/security/2017/dsa-3993.wml	2017-10-07 10:17:14.716633841 +0500
@@ -1,14 +1,15 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>It was discovered that the Tor onion service could leak sensitive
- -information to log files if the <q>SafeLogging</q> option is set to "0".</p>
+<p>Ð?Ñ?ло обнаÑ?Ñ?жено, Ñ?Ñ?о в Tor, Ñ?лÑ?жбе лÑ?ковой маÑ?Ñ?Ñ?Ñ?Ñ?изаÑ?ии, можеÑ? пÑ?оиÑ?Ñ?одиÑ?Ñ? Ñ?Ñ?еÑ?ка Ñ?Ñ?вÑ?Ñ?виÑ?елÑ?ной
+инÑ?оÑ?маÑ?ии в Ñ?айлÑ? жÑ?Ñ?нала в Ñ?лÑ?Ñ?ае, еÑ?ли опÑ?иÑ? <q>SafeLogging</q> имееÑ? знаÑ?ение "0".</p>
 
- -<p>The oldstable distribution (jessie) is not affected.</p>
+<p>Ð?Ñ?едÑ?дÑ?Ñ?ий Ñ?Ñ?абилÑ?нÑ?й вÑ?пÑ?Ñ?к (jessie) не подвеÑ?жен данной пÑ?облеме.</p>
 
- -<p>For the stable distribution (stretch), this problem has been fixed in
- -version 0.2.9.12-1.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (stretch) Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в
+веÑ?Ñ?ии 0.2.9.12-1.</p>
 
- -<p>We recommend that you upgrade your tor packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? tor.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlnYY2EACgkQXudu4gIW
0qWkeQ/+IVYTfUCbUsmP3a5oBTSsx5wN/IAR58cqHx3B6mA6UiiRDx+I0RqEp3lC
NrMHqUFn7fvLgZvqlCfB40KHuaFuQJda7R7L3bqqmNvUtavtGPI3VlyEdaZhInz7
L+9YTzq7ULtpYgNlDBnFfrapa+DaYWGmKdtECepZmcRmNnQsHKZh6hZ/lm/abJZj
Mh8bnkOF/n9uTYdOok0Sb8MG9qVO98C2rMakVteV39a/K3beD/MN0WwLXGWc/lBi
A1bwyrODg1T1C1LpD3L2rr4WPFagcbrHKr4d+PrgX1i2k2qULnsp1FgU6fXWDWTi
IuS5h3S4DCuBiTvtTAC4SXcdTmJpadgTDLmgxG/Uu3fRhtY/sBBMBghKX2lj57pE
4wSU9BaWyv9ONQwPyIMHpQZTSqVN3h6jSXaFSWe3VjzLpysjYL6s3BZeTvX5efyL
3nZsfVJDc9fwqXtOraDB0HeiKS9BfjJZIW86CK6JJhog1Nu1YvVPyhGman+Iuc3g
c/Cgdwooz48LZOP8npp1P1q4PxAvsD9qcNE4S9SLqu1KtO4duqNMu8kpxHEz48gJ
WlGiW4qNq03NrQwtqRtfjDAEHPd0Hr2RT4qxU98Wog4LFAOVpxM8CvMzC5/I1sNK
PDaSMLACoo4QjlCzAmd98aYL7MUSzX3z4qPVwGOX6XYl5oBSHeU=
=sKQ9
-----END PGP SIGNATURE-----