[DONE] wml://{security/2017/dsa-4031.wml}
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- --- english/security/2017/dsa-4031.wml 2017-11-12 01:04:15.000000000 +0500
+++ russian/security/2017/dsa-4031.wml 2017-11-12 01:29:57.149236249 +0500
@@ -1,44 +1,45 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
<define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in the interpreter for the
- -Ruby language. The Common Vulnerabilities and Exposures project
- -identifies the following problems:</p>
+<p>Ð? инÑ?еÑ?пÑ?еÑ?аÑ?оÑ?е Ñ?зÑ?ка Ruby бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей.
+Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-0898">CVE-2017-0898</a>
- - <p>aerodudrizzt reported a buffer underrun vulnerability in the sprintf
- - method of the Kernel module resulting in heap memory corruption or
- - information disclosure from the heap.</p></li>
+ <p>aerodudrizzt Ñ?ообÑ?ил о вÑ?Ñ?оде за гÑ?аниÑ?Ñ? вÑ?деленного бÑ?Ñ?еÑ?а памÑ?Ñ?и в меÑ?оде sprintf
+ модÑ?лÑ? Ñ?дÑ?а, коÑ?оÑ?Ñ?й пÑ?иводиÑ? к повÑ?еждениÑ? Ñ?одеÑ?жимого динамиÑ?еÑ?кой памÑ?Ñ?и или
+ Ñ?аÑ?кÑ?Ñ?Ñ?иÑ? инÑ?оÑ?маÑ?ии, Ñ?Ñ?анÑ?Ñ?ейÑ?Ñ? в динамиÑ?еÑ?кой памÑ?Ñ?и.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-0903">CVE-2017-0903</a>
- - <p>Max Justicz reported that RubyGems is prone to an unsafe object
- - deserialization vulnerability. When parsed by an application which
- - processes gems, a specially crafted YAML formatted gem specification
- - can lead to remote code execution.</p></li>
+ <p>Ð?акÑ? Ð?жаÑ?Ñ?иÑ? Ñ?ообÑ?ил, Ñ?Ñ?о Ñ?иÑ?Ñ?ема RubyGems Ñ?Ñ?звима к деÑ?еÑ?иализаÑ?ии небезопаÑ?ного
+ обÑ?екÑ?а. Ð?Ñ?аммаÑ?иÑ?еÑ?кий Ñ?азбоÑ?, вÑ?полнÑ?емÑ?й пÑ?иложением, обÑ?абаÑ?Ñ?ваÑ?Ñ?им
+ модÑ?ли, Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованной Ñ?пеÑ?иÑ?икаÑ?ии модÑ?лÑ? в Ñ?оÑ?маÑ?е YAML
+ можеÑ? пÑ?иводиÑ?Ñ? к Ñ?далÑ?нномÑ? вÑ?полнениÑ? кода.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-10784">CVE-2017-10784</a>
- - <p>Yusuke Endoh discovered an escape sequence injection vulnerability
- - in the Basic authentication of WEBrick. An attacker can take
- - advantage of this flaw to inject malicious escape sequences to the
- - WEBrick log and potentially execute control characters on the
- - victim's terminal emulator when reading logs.</p></li>
+ <p>ЮÑ?Ñ?ке Ðндо обнаÑ?Ñ?жил ввод Ñ?кÑ?аниÑ?Ñ?Ñ?Ñ?ей поÑ?ледоваÑ?елÑ?ноÑ?Ñ?и в
+ базовой аÑ?Ñ?енÑ?иÑ?икаÑ?ии WEBrick. Ð?лоÑ?мÑ?Ñ?ленник можеÑ? иÑ?полÑ?зоваÑ?Ñ?
+ Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? введениÑ? вÑ?едоноÑ?нÑ?Ñ? Ñ?кÑ?аниÑ?Ñ?Ñ?Ñ?иÑ? поÑ?ледоваÑ?елÑ?ноÑ?Ñ?ей в
+ жÑ?Ñ?нал WEBrick и поÑ?енÑ?иалÑ?ного вÑ?полнениÑ? Ñ?пÑ?авлÑ?Ñ?Ñ?иÑ? Ñ?имволов в
+ Ñ?мÑ?лÑ?Ñ?оÑ?е Ñ?еÑ?минала жеÑ?Ñ?вÑ? (пÑ?и Ñ?Ñ?ении жÑ?Ñ?налов).</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-14033">CVE-2017-14033</a>
- - <p>asac reported a buffer underrun vulnerability in the OpenSSL
- - extension. A remote attacker can take advantage of this flaw to
- - cause the Ruby interpreter to crash leading to a denial of service.</p></li>
+ <p>asac Ñ?ообÑ?ил о вÑ?Ñ?оде за гÑ?аниÑ?Ñ? вÑ?деленного бÑ?Ñ?еÑ?а памÑ?Ñ?и в Ñ?аÑ?Ñ?иÑ?ении
+ OpenSSL. УдалÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? вÑ?зова
+ аваÑ?ийной оÑ?Ñ?ановки инÑ?еÑ?пÑ?еÑ?аÑ?оÑ?а Ruby, Ñ?Ñ?о пÑ?иводиÑ? к оÑ?казÑ? в обÑ?лÑ?живании.</p></li>
</ul>
- -<p>For the stable distribution (stretch), these problems have been fixed in
- -version 2.3.3-1+deb9u2.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (stretch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2.3.3-1+deb9u2.</p>
- -<p>We recommend that you upgrade your ruby2.3 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? ruby2.3.</p>
</define-tag>
# do not modify the following line
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAloHXckACgkQXudu4gIW
0qWUPQ/+PZcCMAaJgWNj6XY+oj0BBbwkZMPxXsmz3lT1yyxyn9zgIpaVECssPYtt
5Q5NaAvOb+fxkPGr4IzcEhmXL3q6raTlGrlGLZHvZH/aT4T7Arzvj9U9x3qTSjVe
EUiZIiLxvFV4H1/NfnBUXKnkbNReGeNA070WC7UMoA6Kp68zK7BXeQGVZvB00M31
kSLv8tv42rljvm8W1tUfTPc1m6HR9YEc+BzT8PGxQEYSSsEQrxWdJxp1tC1gsQNw
UoOmn8CwSRHGUiEUzTmZLg19hdJkBJ5yvha/8QvME3vxE4Zpcgp8RFxn90Oxx10v
C1/16fyOgFMjpMVD/JfEGv/Xo6wq1B/IZjk1YRdOD7IYlDfOUT9vNHyZYMeok7rn
+fbxnQkEJavJAGDzH+zcAN9P5Fd5r594NBwwkw/nxrkpj4XDSGLYgIlWxACM37de
4p6odStm+/ZcA709/gdBTvIpG2t+G+BD7uo0ZJ6F5r3p4zIRVCrECsNuCuOagwzs
zfA0EEt9Eyhw6jjOPCOlAZQYu+usOPaCRFY7PXyUcbb3OPGaQVwKlcNgAYJFYorD
cOHDgSDKkLPmXO/NF98OG6yVEBD9K4AuJ1PCGbvuD5ySf64qxg8q4f6t8Gto8d89
Ly7zkYOQpxipxtPJ7zMn4OFkK87jcshbcDyhsi6k9Ov7fCkZs68=
=LJAX
-----END PGP SIGNATURE-----
Reply to: