[DONE] wml://{security/2017/dsa-4016.wml}
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- --- english/security/2017/dsa-4016.wml 2017-11-04 01:19:26.000000000 +0500
+++ russian/security/2017/dsa-4016.wml 2017-11-04 02:33:47.562765897 +0500
@@ -1,70 +1,71 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
<define-tag moreinfo>
- -<p>Multiple vulnerabilities have been discovered in Irssi, a terminal based
- -IRC client. The Common Vulnerabilities and Exposures project identifies
- -the following problems:</p>
+<p>Ð? Irssi, IRC-клиенÑ?е длÑ? Ñ?еÑ?минала, бÑ?ли обнаÑ?Ñ?женÑ? многоÑ?иÑ?леннÑ?е
+Ñ?Ñ?звимоÑ?Ñ?и. Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures опÑ?еделÑ?еÑ?
+Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-10965">CVE-2017-10965</a>
- - <p>Brian <q>geeknik</q> Carpenter of Geeknik Labs discovered that Irssi does
- - not properly handle receiving messages with invalid time stamps. A
- - malicious IRC server can take advantage of this flaw to cause Irssi
- - to crash, resulting in a denial of service.</p></li>
+ <p>Ð?Ñ?айан <q>geeknik</q> Ð?аÑ?пенÑ?еÑ? из Geeknik Labs обнаÑ?Ñ?жил, Ñ?Ñ?о Irssi
+ непÑ?авилÑ?но обÑ?абаÑ?Ñ?ваеÑ? полÑ?Ñ?ение Ñ?ообÑ?ений Ñ? некоÑ?Ñ?екÑ?ной вÑ?еменной меÑ?кой.
+ Ð?Ñ?едоноÑ?нÑ?й IRC-Ñ?еÑ?веÑ? можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? вÑ?зова аваÑ?ийной
+ оÑ?Ñ?ановки Irssi, Ñ?Ñ?о пÑ?иводиÑ? к оÑ?казÑ? в обÑ?лÑ?живании.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-10966">CVE-2017-10966</a>
- - <p>Brian <q>geeknik</q> Carpenter of Geeknik Labs discovered that Irssi is
- - susceptible to a use-after-free flaw triggered while updating the
- - internal nick list. A malicious IRC server can take advantage of
- - this flaw to cause Irssi to crash, resulting in a denial of service.</p></li>
+ <p>Ð?Ñ?айан <q>geeknik</q> Ð?аÑ?пенÑ?еÑ? из Geeknik Labs обнаÑ?Ñ?жил, Ñ?Ñ?о пÑ?огÑ?амма Irssi, веÑ?оÑ?Ñ?но,
+ подвеÑ?жена иÑ?полÑ?зованиÑ? Ñ?казаÑ?елей поÑ?ле оÑ?вобождениÑ? памÑ?Ñ?и, коÑ?оÑ?ое пÑ?оÑ?влÑ?еÑ?Ñ?Ñ? во вÑ?емÑ?
+ обновлениÑ? внÑ?Ñ?Ñ?еннего Ñ?пиÑ?ка ников. Ð?Ñ?едоноÑ?нÑ?й IRC-Ñ?еÑ?веÑ? можеÑ? иÑ?полÑ?зоваÑ?Ñ?
+ Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? вÑ?зова аваÑ?ийной оÑ?Ñ?ановки Irssi, Ñ?Ñ?о пÑ?иводиÑ? к оÑ?казÑ? в обÑ?лÑ?живании.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-15227">CVE-2017-15227</a>
- - <p>Joseph Bisch discovered that while waiting for the channel
- - synchronisation, Irssi may incorrectly fail to remove destroyed
- - channels from the query list, resulting in use after free conditions
- - when updating the state later on. A malicious IRC server can take
- - advantage of this flaw to cause Irssi to crash, resulting in a
- - denial of service.</p></li>
+ <p>Ð?озеÑ? Ð?иÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о во вÑ?емÑ? ожиданиÑ? Ñ?инÑ?Ñ?онизаÑ?ии канала
+ Irssi можеÑ? по оÑ?ибке не Ñ?далиÑ?Ñ? Ñ?далÑ?ннÑ?й на Ñ?еÑ?веÑ?е канал из
+ Ñ?пиÑ?ка запÑ?оÑ?ов, Ñ?Ñ?о пÑ?иводиÑ? к иÑ?полÑ?зованиÑ? Ñ?казаÑ?елей поÑ?ле оÑ?вобождениÑ? памÑ?Ñ?и
+ пÑ?и поÑ?ледÑ?Ñ?Ñ?ем обновлении Ñ?оÑ?Ñ?оÑ?ниÑ?. Ð?Ñ?едоноÑ?нÑ?й IRC-Ñ?еÑ?веÑ? можеÑ? иÑ?полÑ?зоваÑ?Ñ?
+ Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? вÑ?зова аваÑ?ийной оÑ?Ñ?ановки Irssi, Ñ?Ñ?о пÑ?иводиÑ? к
+ оÑ?казÑ? в обÑ?лÑ?живании.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-15228">CVE-2017-15228</a>
- - <p>Hanno Boeck reported that Irssi does not properly handle installing
- - themes with unterminated colour formatting sequences, leading to a
- - denial of service if a user is tricked into installing a specially
- - crafted theme.</p></li>
+ <p>Ханно Ð?Ñ?к Ñ?ообÑ?ил, Ñ?Ñ?о Irssi непÑ?авилÑ?но обÑ?абаÑ?Ñ?ваеÑ? Ñ?Ñ?Ñ?ановкÑ? Ñ?ем
+ оÑ?оÑ?млениÑ?, Ñ?одеÑ?жаÑ?иÑ? незавеÑ?Ñ?Ñ?ннÑ?е Ñ?оÑ?маÑ?иÑ?Ñ?Ñ?Ñ?ие поÑ?ледоваÑ?елÑ?ноÑ?Ñ?и, опиÑ?Ñ?ваÑ?Ñ?ие Ñ?веÑ?а,
+ Ñ?Ñ?о пÑ?иводиÑ? к оÑ?казÑ? в обÑ?лÑ?живании в Ñ?лÑ?Ñ?ае, еÑ?ли полÑ?зоваÑ?елÑ? Ñ?Ñ?Ñ?ановиÑ? Ñ?пеÑ?иалÑ?но
+ Ñ?Ñ?оÑ?миÑ?ованнÑ?Ñ? Ñ?емÑ?.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-15721">CVE-2017-15721</a>
- - <p>Joseph Bisch discovered that Irssi does not properly handle
- - incorrectly formatted DCC CTCP messages. A remote attacker can take
- - advantage of this flaw to cause Irssi to crash, resulting in a
- - denial of service.</p></li>
+ <p>Ð?озеÑ? Ð?иÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о Irssi непÑ?авилÑ?но обÑ?абаÑ?Ñ?ваеÑ?
+ некоÑ?Ñ?екÑ?но оÑ?Ñ?оÑ?маÑ?иÑ?ованнÑ?е Ñ?ообÑ?ениÑ? DCC CTCP. УдалÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ?
+ иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? вÑ?зова аваÑ?ийной оÑ?Ñ?ановки Irssi, Ñ?Ñ?о пÑ?иводиÑ? к
+ оÑ?казÑ? в обÑ?лÑ?живании.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-15722">CVE-2017-15722</a>
- - <p>Joseph Bisch discovered that Irssi does not properly verify Safe
- - channel IDs. A malicious IRC server can take advantage of this flaw
- - to cause Irssi to crash, resulting in a denial of service.</p></li>
+ <p>Ð?озеÑ? Ð?иÑ? обнаÑ?Ñ?жил, Ñ?Ñ?о Irssi непÑ?авилÑ?но вÑ?полнÑ?еÑ? пÑ?овеÑ?кÑ? иденÑ?иÑ?икаÑ?оÑ?ов
+ безопаÑ?ноÑ?Ñ?и канала. Ð?Ñ?едоноÑ?нÑ?й IRC-Ñ?еÑ?веÑ? можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ?
+ длÑ? вÑ?зова аваÑ?ийной оÑ?Ñ?ановки Irssi, Ñ?Ñ?о пÑ?иводиÑ? к оÑ?казÑ? в обÑ?лÑ?живании.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-15723">CVE-2017-15723</a>
- - <p>Joseph Bisch reported that Irssi does not properly handle overlong
- - nicks or targets resulting in a NULL pointer dereference when
- - splitting the message and leading to a denial of service.</p></li>
+ <p>Ð?озеÑ? Ð?иÑ? Ñ?ообÑ?ил, Ñ?Ñ?о Irssi непÑ?авилÑ?но обÑ?абаÑ?Ñ?ваеÑ? Ñ?лиÑ?ком длиннÑ?е ники
+ или Ñ?ели, Ñ?Ñ?о пÑ?иводиÑ? к Ñ?азÑ?менованиÑ? NULL-Ñ?казаÑ?елÑ? пÑ?и Ñ?азделении
+ Ñ?ообÑ?ениÑ?, а Ñ?акже к оÑ?казÑ? в обÑ?лÑ?живании.</p></li>
</ul>
- -<p>For the oldstable distribution (jessie), these problems have been fixed
- -in version 0.8.17-1+deb8u5.</p>
+<p>Ð? пÑ?едÑ?дÑ?Ñ?ем Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (jessie) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ?
+в веÑ?Ñ?ии 0.8.17-1+deb8u5.</p>
- -<p>For the stable distribution (stretch), these problems have been fixed in
- -version 1.0.2-1+deb9u3. <a href="https://security-tracker.debian.org/tracker/CVE-2017-10965">CVE-2017-10965</a> and <a href="https://security-tracker.debian.org/tracker/CVE-2017-10966">CVE-2017-10966</a> were already
- -fixed in an earlier point release.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (stretch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 1.0.2-1+deb9u3. <a href="https://security-tracker.debian.org/tracker/CVE-2017-10965">CVE-2017-10965</a> и <a href="https://security-tracker.debian.org/tracker/CVE-2017-10966">CVE-2017-10966</a> Ñ?же бÑ?ли
+иÑ?пÑ?авленÑ? Ñ?анее в Ñ?вежей Ñ?едакÑ?ии вÑ?пÑ?Ñ?ка.</p>
- -<p>We recommend that you upgrade your irssi packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? irssi.</p>
</define-tag>
# do not modify the following line
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAln84L8ACgkQXudu4gIW
0qV3OQ/+OzHNWDO52rp1IlwSZALOJMU4A/BW9N0b0E5k4y+Qxx4ZnMF6fe0n7HUR
dYTX4nWJQZ9XNqDUBhanfZAAXeCE5y/QC73q/P3+eid9+uFx5mVnDmIn+AXPkd1V
8M5gRifkK7hLADS87WL/659Mf8C8xdBgpsOT124PgZQJnLwNQejuxmKz2FLjom6m
PYDRtUhq908Kvi2z7kCa6bHTvH2NOkX7sWRLf4cpF8nrnnulqKIUTH/BziHnzcMT
h+yBg9PeF8YmHdURymWXdg1KkmMDp641o69z0jrJYX2WZH8Ar/AYUSao7Q3UFF+C
+Ya5nqdc4XDCIkqLy7/GKwS5dM2Fm+MUkVd+nKtWrt4LLVroxoGL8PR4isir11W1
OcIJT2ssNGLa08kq9lnqSq1gcXMFQgryAS+jSdd0C1GIBrv+XIdfMKHJWNxrNpLT
HbD+J2chYqnBYMioHDjs3+llSMCdaWwqeW2X7kr/je2nwuJ9wFSuoeaVNynaqW5/
AKUX/KdD2zJdeUSFtcDLqAZ6E16Vnh2kSJLJxls70RPhDdEhoJEttDfkof2qY+hS
9s/6W+kPvbrryXqaPMwVprnCIPxefphe4pXF5jFgU6ZMPOnshVBrqmkpUgfONgkv
TFqg40sFR+kUblMLkGJpLPg5oIkIkdyHms1XkOjTf/vdIdKWQIc=
=9dH/
-----END PGP SIGNATURE-----
Reply to: