[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://{security/2017/dsa-4031.wml}



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2017/dsa-4031.wml	2017-11-12 01:04:15.000000000 +0500
+++ russian/security/2017/dsa-4031.wml	2017-11-12 01:29:57.149236249 +0500
@@ -1,44 +1,45 @@
- -<define-tag description>security update</define-tag>
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и</define-tag>
 <define-tag moreinfo>
- -<p>Several vulnerabilities have been discovered in the interpreter for the
- -Ruby language. The Common Vulnerabilities and Exposures project
- -identifies the following problems:</p>
+<p>Ð? инÑ?еÑ?пÑ?еÑ?аÑ?оÑ?е Ñ?зÑ?ка Ruby бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей.
+Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures
+опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-0898";>CVE-2017-0898</a>
 
- -    <p>aerodudrizzt reported a buffer underrun vulnerability in the sprintf
- -    method of the Kernel module resulting in heap memory corruption or
- -    information disclosure from the heap.</p></li>
+    <p>aerodudrizzt Ñ?ообÑ?ил о вÑ?Ñ?оде за гÑ?аниÑ?Ñ? вÑ?деленного бÑ?Ñ?еÑ?а памÑ?Ñ?и в меÑ?оде sprintf
+    модÑ?лÑ? Ñ?дÑ?а, коÑ?оÑ?Ñ?й пÑ?иводиÑ? к повÑ?еждениÑ? Ñ?одеÑ?жимого динамиÑ?еÑ?кой памÑ?Ñ?и или
+    Ñ?аÑ?кÑ?Ñ?Ñ?иÑ? инÑ?оÑ?маÑ?ии, Ñ?Ñ?анÑ?Ñ?ейÑ?Ñ? в динамиÑ?еÑ?кой памÑ?Ñ?и.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-0903";>CVE-2017-0903</a>
 
- -    <p>Max Justicz reported that RubyGems is prone to an unsafe object
- -    deserialization vulnerability. When parsed by an application which
- -    processes gems, a specially crafted YAML formatted gem specification
- -    can lead to remote code execution.</p></li>
+    <p>Ð?акÑ? Ð?жаÑ?Ñ?иÑ? Ñ?ообÑ?ил, Ñ?Ñ?о Ñ?иÑ?Ñ?ема RubyGems Ñ?Ñ?звима к деÑ?еÑ?иализаÑ?ии небезопаÑ?ного
+    обÑ?екÑ?а. Ð?Ñ?аммаÑ?иÑ?еÑ?кий Ñ?азбоÑ?, вÑ?полнÑ?емÑ?й пÑ?иложением, обÑ?абаÑ?Ñ?ваÑ?Ñ?им
+    модÑ?ли, Ñ?пеÑ?иалÑ?но Ñ?Ñ?оÑ?миÑ?ованной Ñ?пеÑ?иÑ?икаÑ?ии модÑ?лÑ? в Ñ?оÑ?маÑ?е YAML
+    можеÑ? пÑ?иводиÑ?Ñ? к Ñ?далÑ?нномÑ? вÑ?полнениÑ? кода.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-10784";>CVE-2017-10784</a>
 
- -    <p>Yusuke Endoh discovered an escape sequence injection vulnerability
- -    in the Basic authentication of WEBrick. An attacker can take
- -    advantage of this flaw to inject malicious escape sequences to the
- -    WEBrick log and potentially execute control characters on the
- -    victim's terminal emulator when reading logs.</p></li>
+    <p>ЮÑ?Ñ?ке Эндо обнаÑ?Ñ?жил ввод Ñ?кÑ?аниÑ?Ñ?Ñ?Ñ?ей поÑ?ледоваÑ?елÑ?ноÑ?Ñ?и в
+    базовой аÑ?Ñ?енÑ?иÑ?икаÑ?ии WEBrick. Ð?лоÑ?мÑ?Ñ?ленник можеÑ? иÑ?полÑ?зоваÑ?Ñ?
+    Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? введениÑ? вÑ?едоноÑ?нÑ?Ñ? Ñ?кÑ?аниÑ?Ñ?Ñ?Ñ?иÑ? поÑ?ледоваÑ?елÑ?ноÑ?Ñ?ей в
+    жÑ?Ñ?нал WEBrick и поÑ?енÑ?иалÑ?ного вÑ?полнениÑ? Ñ?пÑ?авлÑ?Ñ?Ñ?иÑ? Ñ?имволов в
+    Ñ?мÑ?лÑ?Ñ?оÑ?е Ñ?еÑ?минала жеÑ?Ñ?вÑ? (пÑ?и Ñ?Ñ?ении жÑ?Ñ?налов).</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-14033";>CVE-2017-14033</a>
 
- -    <p>asac reported a buffer underrun vulnerability in the OpenSSL
- -    extension. A remote attacker can take advantage of this flaw to
- -    cause the Ruby interpreter to crash leading to a denial of service.</p></li>
+    <p>asac Ñ?ообÑ?ил о вÑ?Ñ?оде за гÑ?аниÑ?Ñ? вÑ?деленного бÑ?Ñ?еÑ?а памÑ?Ñ?и в Ñ?аÑ?Ñ?иÑ?ении
+    OpenSSL. УдалÑ?ннÑ?й злоÑ?мÑ?Ñ?ленник можеÑ? иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?Ñ? Ñ?Ñ?звимоÑ?Ñ?Ñ? длÑ? вÑ?зова
+    аваÑ?ийной оÑ?Ñ?ановки инÑ?еÑ?пÑ?еÑ?аÑ?оÑ?а Ruby, Ñ?Ñ?о пÑ?иводиÑ? к оÑ?казÑ? в обÑ?лÑ?живании.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (stretch), these problems have been fixed in
- -version 2.3.3-1+deb9u2.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (stretch) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 2.3.3-1+deb9u2.</p>
 
- -<p>We recommend that you upgrade your ruby2.3 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? ruby2.3.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAloHXckACgkQXudu4gIW
0qWUPQ/+PZcCMAaJgWNj6XY+oj0BBbwkZMPxXsmz3lT1yyxyn9zgIpaVECssPYtt
5Q5NaAvOb+fxkPGr4IzcEhmXL3q6raTlGrlGLZHvZH/aT4T7Arzvj9U9x3qTSjVe
EUiZIiLxvFV4H1/NfnBUXKnkbNReGeNA070WC7UMoA6Kp68zK7BXeQGVZvB00M31
kSLv8tv42rljvm8W1tUfTPc1m6HR9YEc+BzT8PGxQEYSSsEQrxWdJxp1tC1gsQNw
UoOmn8CwSRHGUiEUzTmZLg19hdJkBJ5yvha/8QvME3vxE4Zpcgp8RFxn90Oxx10v
C1/16fyOgFMjpMVD/JfEGv/Xo6wq1B/IZjk1YRdOD7IYlDfOUT9vNHyZYMeok7rn
+fbxnQkEJavJAGDzH+zcAN9P5Fd5r594NBwwkw/nxrkpj4XDSGLYgIlWxACM37de
4p6odStm+/ZcA709/gdBTvIpG2t+G+BD7uo0ZJ6F5r3p4zIRVCrECsNuCuOagwzs
zfA0EEt9Eyhw6jjOPCOlAZQYu+usOPaCRFY7PXyUcbb3OPGaQVwKlcNgAYJFYorD
cOHDgSDKkLPmXO/NF98OG6yVEBD9K4AuJ1PCGbvuD5ySf64qxg8q4f6t8Gto8d89
Ly7zkYOQpxipxtPJ7zMn4OFkK87jcshbcDyhsi6k9Ov7fCkZs68=
=LJAX
-----END PGP SIGNATURE-----


Reply to: