-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2005/dsa-652.wml 2005-01-21 13:41:29.000000000 +0500 +++ russian/security/2005/dsa-652.wml 2016-08-29 12:46:01.995917443 +0500 @@ -1,35 +1,36 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities have been discovered in unarj, a non-free ARJ - -unarchive utility. The Common Vulnerabilities and Exposures Project - -identifies the following vulnerabilities:</p> +<p>Ð unarj, неÑвободной ÑÑилиÑе Ð´Ð»Ñ ÑазаÑÑ Ð¸Ð²Ð¸ÑÐ¾Ð²Ð°Ð½Ð¸Ñ ARJ, бÑло обнаÑÑжено +неÑколÑко ÑÑзвимоÑÑей. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and Exposures Project +опÑеделÑÐµÑ ÑледÑÑÑие ÑÑзвимоÑÑи:</p> <ul> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0947">CAN-2004-0947</a> - - <p>A buffer overflow has been discovered when handling long file - - names contained in an archive. An attacker could create a - - specially crafted archive which could cause unarj to crash or - - possibly execute arbitrary code when being extracted by a victim.</p> + <p>ÐÑло обнаÑÑжено пеÑеполнение бÑÑеÑа в коде обÑабоÑки длиннÑÑ Ð¸Ð¼Ñн Ñайлов, + ÑодеÑжаÑÐ¸Ñ ÑÑ Ð² аÑÑ Ð¸Ð²Ðµ. ÐлоÑмÑÑленник Ð¼Ð¾Ð¶ÐµÑ ÑоздаÑÑ ÑпеÑиалÑно + ÑÑоÑмиÑованнÑй аÑÑ Ð¸Ð², ÑаÑпаковка коÑоÑого пÑиведÑÑ Ðº аваÑийной оÑÑановке + unarj или Ð²Ð¾Ð·Ð¼Ð¾Ð¶Ð½Ð¾Ð¼Ñ Ð²ÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода.</p> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1027">CAN-2004-1027</a> - - <p>A directory traversal vulnerability has been found so that an - - attacker could create a specially crafted archive which would - - create files in the parent directory when being extracted by a - - victim. When used recursively, this vulnerability could be used - - to overwrite critical system files and programs.</p> + <p>ÐÑла обнаÑÑжена ÑÑзвимоÑÑÑ, ÑоÑÑоÑÑÐ°Ñ Ð² Ð¾Ð±Ñ Ð¾Ð´Ðµ каÑалога. + ÐлоÑмÑÑленник Ð¼Ð¾Ð¶ÐµÑ ÑоздаÑÑ ÑпеÑиалÑно ÑÑоÑмиÑованнÑй аÑÑ Ð¸Ð², пÑи ÑаÑпаковке гоÑового + бÑдÑÑ ÑÐ¾Ð·Ð´Ð°Ð½Ñ ÑÐ°Ð¹Ð»Ñ Ð² ÑодиÑелÑÑком каÑалоге. ÐÑи ÑекÑÑÑивном иÑполÑзовании + ÑÑа ÑÑзвимоÑÑÑ Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑÑÑ Ð´Ð»Ñ + пеÑезапиÑи кÑиÑиÑеÑÐºÐ¸Ñ ÑиÑÑемнÑÑ Ñайлов и пÑогÑамм.</p> </ul> - -<p>For the stable distribution (woody) these problems have been fixed in - -version 2.43-3woody1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (woody) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 2.43-3woody1.</p> - -<p>For the unstable distribution (sid) these problems don't apply since - -unstable/non-free does not contain the unarj package.</p> +<p>РнеÑÑабилÑÐ½Ð¾Ð¼Ñ Ð²ÑпÑÑÐºÑ (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð½Ðµ оÑноÑÑÑÑÑ, поÑколÑÐºÑ +Ð¿Ð°ÐºÐµÑ unarj оÑÑÑÑÑÑвÑÐµÑ Ð² неÑвободном Ñазделе неÑÑабилÑного вÑпÑÑка.</p> - -<p>We recommend that you upgrade your unarj package.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑ unarj.</p> </define-tag> # do not modify the following line - --- english/security/2005/dsa-662.wml 2011-05-26 16:05:43.000000000 +0600 +++ russian/security/2005/dsa-662.wml 2016-08-29 12:52:12.220178084 +0500 @@ -1,39 +1,40 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Andrew Archibald discovered that the last update to squirrelmail which - -was intended to fix several problems caused a regression which got - -exposed when the user hits a session timeout.  For completeness below - -is the original advisory text:</p> +<p>ÐндÑÑ ÐÑÑибалÑд обнаÑÑжил, ÑÑо поÑледнее обновление squirrelmail, +пÑедназнаÑавÑееÑÑ Ð´Ð»Ñ Ð¸ÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ Ð½ÐµÑколÑÐºÐ¸Ñ Ð¿Ñоблем, вÑзвало ÑегÑеÑÑиÑ, коÑоÑÐ°Ñ Ð²Ð¾Ð·Ð½Ð¸ÐºÐ°ÐµÑ +в ÑлÑÑае, когда полÑзоваÑÐµÐ»Ñ Ð´Ð¾ÑÑÐ¸Ð³Ð°ÐµÑ Ð¾ÐºÐ¾Ð½ÑÐ°Ð½Ð¸Ñ ÑÑока ÑеÑÑии.  ÐÐ»Ñ Ð¿Ð¾Ð»Ð½Ð¾ÑÑ Ð½Ð¸Ð¶Ðµ +пÑиводиÑÑÑ Ð¾ÑигиналÑнÑй ÑекÑÑ ÑекомендаÑии:</p> <blockquote> - -<p>Several vulnerabilities have been discovered in Squirrelmail, a - -commonly used webmail system. The Common Vulnerabilities and - -Exposures project identifies the following problems:</p> +<p>Ð Squirrelmail, ÑиÑоко иÑполÑзÑемой ÑиÑÑеме веб-поÑÑÑ, бÑло обнаÑÑжено +неÑколÑко ÑÑзвимоÑÑей. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and +Exposures опÑеделÑÐµÑ ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0104">CAN-2005-0104</a> - - <p>Upstream developers noticed that an unsanitised variable could - - lead to cross site scripting.</p> + <p>РазÑабоÑÑики оÑновной веÑки ÑазÑабоÑки замеÑили, ÑÑо неоÑиÑÐµÐ½Ð½Ð°Ñ Ð¿ÐµÑÐµÐ¼ÐµÐ½Ð½Ð°Ñ Ð¼Ð¾Ð¶ÐµÑ + пÑиводиÑÑ Ðº межÑайÑÐ¾Ð²Ð¾Ð¼Ñ ÑкÑипÑингÑ.</p> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0152">CAN-2005-0152</a> - - <p>Grant Hollingworth discovered that under certain circumstances URL - - manipulation could lead to the execution of arbitrary code with - - the privileges of www-data. This problem only exists in version - - 1.2.6 of Squirrelmail.</p> + <p>ÐÑÐ°Ð½Ñ Ð¥Ð¾Ð»Ð»Ð¸Ð½Ð³Ð²Ð¾ÑÑ Ð¾Ð±Ð½Ð°ÑÑжил, ÑÑо пÑи опÑеделÑннÑÑ ÑÑловиÑÑ Ð¾Ð¿ÐµÑиÑование Ñ URL + Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода Ñ + пÑавами полÑзоваÑÐµÐ»Ñ www-data. ÐÑа пÑоблема пÑиÑÑÑÑÑвÑÐµÑ ÑолÑко в веÑÑии + 1.2.6 пакеÑа Squirrelmail.</p> </ul> </blockquote> - -<p>For the stable distribution (woody) these problems have been fixed in - -version 1.2.6-3.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (woody) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 1.2.6-3.</p> - -<p>For the unstable distribution (sid) the problem that affects unstable - -has been fixed in version 1.4.4-1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) пÑоблема, каÑаÑÑаÑÑÑ Ð½ÐµÑÑабилÑного +вÑпÑÑка, бÑла иÑпÑавлена в веÑÑии 1.4.4-1.</p> - -<p>We recommend that you upgrade your squirrelmail package.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑ squirrelmail.</p> </define-tag> # do not modify the following line - --- english/security/2005/dsa-760.wml 2005-07-18 23:36:13.000000000 +0600 +++ russian/security/2005/dsa-760.wml 2016-08-29 12:40:18.803426528 +0500 @@ -1,38 +1,39 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities have been discovered in ekg, a console Gadu - -Gadu client, an instant messaging program. The Common Vulnerabilities - -and Exposures project identifies the following vulnerabilities:</p> +<p>Ð ekg, конÑолÑном клиенÑе Gadu Gadu, пÑогÑамме Ð´Ð»Ñ Ð¼Ð³Ð½Ð¾Ð²ÐµÐ½Ð½Ð¾Ð³Ð¾ обмена +ÑообÑениÑми, бÑло обнаÑÑжено неÑколÑко ÑÑзвимоÑÑей. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities +and Exposures опÑеделÑÐµÑ ÑледÑÑÑие ÑÑзвимоÑÑи:</p> <ul> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1850">CAN-2005-1850</a> - - <p>Marcin Owsiany and Wojtek Kaniewski discovered insecure temporary - - file creation in contributed scripts.</p> + <p>ÐаÑÑин ÐвÑÑÐ½Ñ Ð¸ ÐойÑек ÐаневÑкий обнаÑÑжили небезопаÑное Ñоздание вÑеменного + Ñайла в ÑопÑÑÑÑвÑÑÑÐ¸Ñ ÑÑенаÑиÑÑ .</p> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1851">CAN-2005-1851</a> - - <p>Marcin Owsiany and Wojtek Kaniewski discovered potential shell - - command injection in a contributed script.</p> + <p>ÐаÑÑин ÐвÑÑÐ½Ñ Ð¸ ÐойÑек ÐаневÑкий обнаÑÑжили поÑенÑиалÑнÑÑ Ð¸Ð½ÑекÑÐ¸Ñ ÐºÐ¾Ð¼Ð°Ð½Ð´ + командной оболоÑки в ÑопÑÑÑÑвÑÑÑем ÑÑенаÑии.</p> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1916">CAN-2005-1916</a> - - <p>Eric Romang discovered insecure temporary file creation and - - arbitrary command execution in a contributed script that can be - - exploited by a local attacker.</p> + <p>ÐÑик Роман обнаÑÑжил небезопаÑное Ñоздание вÑеменного Ñайла и + вÑполнение пÑоизволÑной ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ Ð² ÑопÑÑÑÑвÑÑÑем ÑÑенаÑии, коÑоÑÑе могÑÑ + иÑполÑзоваÑÑ Ð»Ð¾ÐºÐ°Ð»ÑнÑми злоÑмÑÑленниками.</p> </ul> - -<p>The old stable distribution (woody) does not contain an ekg package.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (woody) Ð¿Ð°ÐºÐµÑ ekg оÑÑÑÑÑÑвÑеÑ.</p> - -<p>For the stable distribution (sarge) these problems have been fixed in - -version 1.5+20050411-4.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (sarge) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 1.5+20050411-4.</p> - -<p>For the unstable distribution (sid) these problems have been fixed in - -version 1.5+20050712+1.6rc2-1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 1.5+20050712+1.6rc2-1.</p> - -<p>We recommend that you upgrade your ekg package.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑ ekg.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXw+mvAAoJEF7nbuICFtKlWJwQAIjEgJqGEu0NWDn9pfwt3oCU AGguaD+sJ8RBKcimg/wTz8sEwtc4YxrmNKyxPrz5MYMCHCq7ASjtHy4d3otgXfqP KrZbzKB5iP0bxk4nETYwb5AfNTHpxRqausC6JRmMYviDxkTIz4bhj8Svbg0TOD4k ihGL+wKvfZVrTKw/c08nbtEnuatGaEcpuNGFEs1VjYWWKDLW3zmcqvmz9nnL3jO3 1bSoifoC9a+dO4GYzrRKg4i8pEYP7NYFElChW88lVIYZTjgxr8lhGBP+htwsunRZ iZFGB6EE7M5apybZfeKK9p7FGVP8MKQhwAd3bAXrhZrhKLTJQx8+XY+YxEBiSgMH c8+8C4bxRpKLoK5ZPcNhYFduUZdzrexoIyRtmOSoci+7m32sudI5rTcydnBZ+2pi Bvi2oVbkBVjdtBb9/VZDkif+llKHEPxsL6Y+gBHOd+yAw3o6GxQy7Y1+c33Ok02b jVfc0LNMqrE99qoIAK1MfG0WuGnrTpWuwqiLd4cyGRxG0Raz9oildsIs186O2KfX Ufoo+dvS+gKhUbpPV4YP4eMAoECHXsU1qYVCktxj7ArYpCAph4c/fBrllvW4EIyX CTUXa4xtnxpPGqCJ2S5Uto3NHKX4N93nYTrloi4VVGJq7vWAS9fbh/I7PxPwnIsX viD97APXCm5be96xXsDw =eBNb -----END PGP SIGNATURE-----