[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://{security/2010/dsa-2089.wml}



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2010/dsa-2089.wml	2017-11-01 10:11:10.187835346 +0500
+++ russian/security/2010/dsa-2089.wml	2018-03-08 21:26:34.537938473 +0500
@@ -1,48 +1,49 @@
- -<define-tag description>several vulnerabilities</define-tag>
+#use wml::debian::translation-check translation="1.5" maintainer="Lev Lamberov"
+<define-tag description>неÑ?колÑ?ко Ñ?Ñ?звимоÑ?Ñ?ей</define-tag>
 <define-tag moreinfo>
- -<p>Several remote vulnerabilities have been discovered in PHP&nbsp;5, an hypertext
- -preprocessor.
- -The Common Vulnerabilities and Exposures project identifies the following
- -problems:</p>
+<p>Ð? PHP5, пÑ?епÑ?оÑ?еÑ?Ñ?оÑ?е гипеÑ?Ñ?екÑ?Ñ?а, бÑ?ло обнаÑ?Ñ?жено неÑ?колÑ?ко Ñ?далÑ?ннÑ?Ñ?
+Ñ?Ñ?звимоÑ?Ñ?ей.
+Ð?Ñ?оекÑ? Common Vulnerabilities and Exposures опÑ?еделÑ?еÑ? Ñ?ледÑ?Ñ?Ñ?ие
+пÑ?облемÑ?:</p>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2010-1917";>CVE-2010-1917</a>
 
- -    <p>The fnmatch function can be abused to conduct denial of service attacks
- -    (by crashing the interpreter) by the means of a stack overflow.</p></li>
+    <p>ФÑ?нкÑ?иÑ? fnmatch можеÑ? иÑ?полÑ?зоваÑ?Ñ?Ñ?Ñ? длÑ? вÑ?зова оÑ?каза в обÑ?лÑ?живании
+    (аваÑ?ийнаÑ? оÑ?Ñ?ановка инÑ?еÑ?пÑ?еÑ?аÑ?оÑ?а) из-за пеÑ?еполнениÑ? Ñ?Ñ?ека.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2010-2225";>CVE-2010-2225</a>
 
- -    <p>The SplObjectStorage unserializer allows attackers to execute arbitrary
- -    code via serialized data by the means of a use-after-free
- -    vulnerability.</p></li>
+    <p>Ð?еÑ?еÑ?иализаÑ?оÑ? SplObjectStorage позволÑ?еÑ? злоÑ?мÑ?Ñ?ленникам вÑ?полнÑ?Ñ?Ñ?
+    пÑ?оизволÑ?нÑ?й код Ñ? помоÑ?Ñ?Ñ? Ñ?еÑ?иализованнÑ?Ñ? даннÑ?Ñ? из-за иÑ?полÑ?зованиÑ? Ñ?казаÑ?елей
+    поÑ?ле оÑ?вобождениÑ? памÑ?Ñ?и.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2010-3065";>CVE-2010-3065</a>
 
- -    <p>The default sessions serializer does not correctly handle a special
- -    marker, which allows an attacker to inject arbitrary variables into the
- -    session and possibly exploit vulnerabilities in the unserializer.</p></li>
+    <p>СеÑ?иализаÑ?оÑ? Ñ?еÑ?Ñ?ий по Ñ?молÑ?аниÑ? непÑ?авилÑ?но обÑ?абаÑ?Ñ?ваеÑ? Ñ?пеÑ?иалÑ?нÑ?й
+    маÑ?кеÑ?, Ñ?Ñ?о позволÑ?еÑ? злоÑ?мÑ?Ñ?ленникÑ? вводиÑ?Ñ? пÑ?оизволÑ?нÑ?е пеÑ?еменнÑ?е в
+    Ñ?еÑ?Ñ?иÑ? и поÑ?енÑ?иалÑ?но иÑ?полÑ?зоваÑ?Ñ? Ñ?Ñ?звимоÑ?Ñ?и в деÑ?еÑ?иализаÑ?оÑ?е.</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2010-1128";>CVE-2010-1128</a>
 
- -    <p>For this vulnerability (predictable entropy for the Linear Congruential
- -    Generator used to generate session ids) we do not consider upstream's
- -    solution to be sufficient.  It is recommended to uncomment the
- -    <q>session.entropy_file</q> and <q>session.entropy_length</q> settings in the php.ini
- -    files.  Further improvements can be achieved by setting
- -    <q>session.hash_function</q> to 1 (one) and incrementing the value of
+    <p>Ð?Ñ?пÑ?авление Ñ?Ñ?ой Ñ?Ñ?звимоÑ?Ñ?и (пÑ?едÑ?казÑ?емаÑ? Ñ?нÑ?Ñ?опиÑ? пÑ?и иÑ?полÑ?зовании Linear Congruential
+    Generator длÑ? Ñ?озданиÑ? иденÑ?иÑ?икаÑ?оÑ?ов Ñ?еÑ?Ñ?ий) в оÑ?новной веÑ?ке Ñ?азÑ?абоÑ?ки не кажеÑ?Ñ?Ñ? нам
+    доÑ?Ñ?аÑ?оÑ?нÑ?м. РекомендÑ?еÑ?Ñ?Ñ? Ñ?аÑ?комменÑ?иÑ?оваÑ?Ñ? Ñ?Ñ?Ñ?оки Ñ? наÑ?Ñ?Ñ?ойками
+    <q>session.entropy_file</q> и <q>session.entropy_length</q> в Ñ?айле
+    php.ini. Ð?ополниÑ?елÑ?нÑ?е Ñ?лÑ?Ñ?Ñ?ениÑ? безопаÑ?ноÑ?Ñ?и можно доÑ?Ñ?иÑ?Ñ? пÑ?Ñ?Ñ?м вÑ?Ñ?Ñ?авлениÑ?
+    наÑ?Ñ?Ñ?ойки <q>session.hash_function</q> в знаÑ?ение 1 (единиÑ?а) и Ñ?велиÑ?ениÑ? знаÑ?ениÑ?
     <q>session.entropy_length</q>.</p></li>
 
 </ul>
 
- -<p>For the stable distribution (lenny), these problems have been fixed in
- -version 5.2.6.dfsg.1-1+lenny9.</p>
+<p>Ð? Ñ?Ñ?абилÑ?ном вÑ?пÑ?Ñ?ке (lenny) Ñ?Ñ?и пÑ?облемÑ? бÑ?ли иÑ?пÑ?авленÑ? в
+веÑ?Ñ?ии 5.2.6.dfsg.1-1+lenny9.</p>
 
- -<p>For the testing distribution (squeeze) and the unstable distribution (sid),
- -these problems will be fixed soon.</p>
+<p>Ð? Ñ?еÑ?Ñ?иÑ?Ñ?емом (squeeze) и неÑ?Ñ?абилÑ?ном (sid) вÑ?пÑ?Ñ?каÑ?
+Ñ?Ñ?и пÑ?облемÑ? бÑ?дÑ?Ñ? иÑ?пÑ?авленÑ? позже.</p>
 
- -<p>We recommend that you upgrade your php5 packages.</p>
+<p>РекомендÑ?еÑ?Ñ?Ñ? обновиÑ?Ñ? пакеÑ?Ñ? php5.</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlqhZFEACgkQXudu4gIW
0qXZXBAAqTiurxdhcAgBUVFaxOoCbgxov9VH5vn5txGvjWG9bLlsq2apOPmnjEzd
s0OLAIaFAYo/LGc3K9PGUJ3ZOjN3g3w2rVM1GkaQaC+YJqncoD8A63uJ1tQ6ree0
+vvQ3s/53eDhf8xAySvXi/i5vMmsib8JkYIgceJDWm0ZLNuPOgXQQmScVdUcy1EL
XBsd7e9GR2FueuzgU6yzyGoUaOAv9Me1cRoVUZq2IRtwIB3pHK+uji8tLmauSaGJ
1Wbnhoakgl1eWmYgC1HXstezMwpZ2jJaKHSCHwCsH3tdTo5noXlnf3KNMK7ljdAi
MZwq2S4TqdH3iPukfSrIf++eCTB/KXhaAqze3Tlwpoj4rWQkNa8e30j7m0Qmrm33
u7KcYkiUi2TIxR42TtWFUKF+fQmYamX190bwUf2KMheBTrGf+ncqETyggDcsObFI
NthSlA/hcDqHTUiij18qATePmmF8xXUeZk0tgmBzFD0uk79EMYAuSTvRuH3rKI+z
tjL9vsG3Loa8kd28PSebBtCZ/1ag7W4D/5ABSAbfXYfRgQN+Lo/CWAEB4gubCx/s
jrpAoeCmJl781sPIAUvhEFtsGYGtdeJZjhHp1Y9GXcCr5W7RKe4hN3OTN9X6XQfb
Mh1sQQKccn2UWVx4h++T/d7uXZXqqV4ciY/kcxDD7AEpSqqomM8=
=GSiY
-----END PGP SIGNATURE-----


Reply to: