Re: [DONE] wml://{security/2017/dsa-3778.wml}

To: debian-l10n-russian@lists.debian.org
Subject: Re: [DONE] wml://{security/2017/dsa-3778.wml}
From: Vladimir Zhbanov <vzhbanov@gmail.com>
Date: Tue, 31 Jan 2017 23:31:36 +0300
Message-id: <[🔎] 20170131203135.GA15631@localhost.localdomain>
In-reply-to: <[🔎] E1cYev8-0005mu-Kw@riseup.net>
References: <[🔎] E1cYev8-0005mu-Kw@riseup.net>

On Wed, Feb 01, 2017 at 01:20:54AM +0500, Lev Lamberov wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
> 
> - --- english/security/2017/dsa-3778.wml	2017-02-01 01:17:45.000000000 +0500
> +++ russian/security/2017/dsa-3778.wml	2017-02-01 01:20:45.377754877 +0500
> @@ -1,15 +1,16 @@
> - -<define-tag description>security update</define-tag>
> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
> +<define-tag description>обновление безопасности</define-tag>
>  <define-tag moreinfo>
> - -<p>Michal Marek discovered that ruby-archive-tar-minitar, a Ruby library
> - -that provides the ability to deal with POSIX tar archive files, is prone
> - -to a directory traversal vulnerability. An attacker can take advantage
> - -of this flaw to overwrite arbitrary files during archive extraction via
> - -a .. (dot dot) in an extracted filename.</p>
> +<p>Михал Марек обнаружил, что ruby-archive-tar-minitar, библиотека Ruby,
> +предоставляющая возможности для обработки tar-архивов стандарта POSIX,
> +уязвима к обходу каталога. Злоумышленник может использовать
> +эту уязвимость для перезаписи произвольных файлов в ходе распаковки
> +с помощью .. (точка точка) в имени распаковываемого файла.</p>

я бы здесь отошёл от оригинала и написал:
с помощью двух точек ("..") в имени распаковываемого файла

>  
> - -<p>For the stable distribution (jessie), this problem has been fixed in
> - -version 0.5.2-2+deb8u1.</p>
> +<p>В стабильном выпуске (jessie) эта проблема была исправлена в
> +версии 0.5.2-2+deb8u1.</p>
>  
> - -<p>We recommend that you upgrade your ruby-archive-tar-minitar packages.</p>
> +<p>Рекомендуется обновить пакеты ruby-archive-tar-minitar.</p>
>  </define-tag>
>  
>  # do not modify the following line
> -----BEGIN PGP SIGNATURE-----
> 
> iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAliQ8aEACgkQXudu4gIW
> 0qU/Gg/+NjYVFeZOf1gtcE9muk/naPNEHk3DKCq+4zfqRZgPQ/FyrZpPpDQg7c61
> SoOrouh76R+1EkVBvo8TRpQKzOFQ8n+4+04gukUmC6C3dSimyxp/FrQEuGq++IaK
> yqNWo86KQrrlER5C/Fg+fz+LcmNmFNIFCxM4nTHLRaw4bBMCkC7gXaOzPyw+5wfJ
> 1paGjqFX3pVBqJlfP1RyiTMxrRo9RWcSFqYzJXHiXy4KqiabS0bZqbehF+pqCNdT
> u7VeVULfnZoK+YOZ92WCQ6U6+mKROHtcZH2PKMkoJEkfocOhCIlN+Padl5o0fE9R
> GfVbvSIEsF7DjLdYUJAMiqnvgOMFVKx4xiCiBi794Rby5Cfqsm2fmz6j1pjpE7LS
> VU5tei8Zycnmkx97QfThYSUm+/g2Pdf8xCHp/h8wrPiRu7PtgMTx0jrGDyq3PpCL
> zCd8fKePir12MLjD60lgIyQVtu8LXqUuyt5T7en89o+JB/2ZU6pKfBGpHvO3rir9
> Sr27DC15XWM7CdIfb3N1nhQnsqQo86i0NCXRM0GAnTDA98k2QikEuwj5GbiKSC9+
> oRDHUGui3zDpcZxqFRIvzkigGloEHFcU2VxElYVyqKiIKk3sfwPHEPLa/7odiHY9
> lJNQyqL2tAdHuhWgUzZvar1APdD57NyRBNrFYC/XvgSmebZZJcg=
> =uMMQ
> -----END PGP SIGNATURE-----
> 

-- 
  Vladimir

Reply to:

Follow-Ups:
- Re: [DONE] wml://{security/2017/dsa-3778.wml}
  - From: Lev Lamberov <dogsleg@riseup.net>

References:
- [DONE] wml://{security/2017/dsa-3778.wml}
  - From: Lev Lamberov <dogsleg@debian.org>

Prev by Date: [DONE] wml://{security/2017/dsa-3778.wml}
Next by Date: Re: [DONE] wml://{security/2017/dsa-3778.wml}
Previous by thread: [DONE] wml://{security/2017/dsa-3778.wml}
Next by thread: Re: [DONE] wml://{security/2017/dsa-3778.wml}
Index(es):
- Date
- Thread