--- ../../english/security/2018/dsa-4211.wml 2018-05-26 10:34:20.000000000 +0500 +++ 2018/dsa-4211.wml 2018-05-26 10:41:00.107599687 +0500 @@ -1,27 +1,27 @@ -<define-tag description>security update</define-tag> +#use wml::debian::translation-check translation="1.1" mindelta="1" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи</define-tag> <define-tag moreinfo> -<p>Gabriel Corona discovered that xdg-utils, a set of tools for desktop -environment integration, is vulnerable to argument injection attacks. If -the environment variable BROWSER in the victim host has a "%s" and the -victim opens a link crafted by an attacker with xdg-open, the malicious -party could manipulate the parameters used by the browser when opened. -This manipulation could set, for example, a proxy to which the network -traffic could be intercepted for that particular execution.</p> +<p>ÐабÑиÑÐ»Ñ ÐоÑона обнаÑÑжил, ÑÑо xdg-utils, Ð½Ð°Ð±Ð¾Ñ Ð¸Ð½ÑÑÑÑменÑов Ð´Ð»Ñ Ð¸Ð½ÑегÑаÑии +окÑÑÐ¶ÐµÐ½Ð¸Ñ ÑабоÑего ÑÑола, ÑÑзвим к инÑекÑии аÑгÑменÑов. ÐÑли пеÑÐµÐ¼ÐµÐ½Ð½Ð°Ñ +окÑÑÐ¶ÐµÐ½Ð¸Ñ BROWSER на Ñзле жеÑÑÐ²Ñ ÑодеÑÐ¶Ð¸Ñ <q>%s</q>, а жеÑÑва +оÑкÑÑÐ²Ð°ÐµÑ ÑозданнÑÑ Ð·Ð»Ð¾ÑмÑÑленником ÑÑÑÐ»ÐºÑ Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ xdg-open, Ñо пÑи ÐµÑ Ð¾ÑкÑÑÑии +злоÑмÑÑленник Ð¼Ð¾Ð¶ÐµÑ ÑпÑавлÑÑÑ Ð¿Ð°ÑамеÑÑами, иÑполÑзÑемÑми бÑаÑзеÑом. +РпÑимеÑÑ, злоÑмÑÑленник Ð¼Ð¾Ð¶ÐµÑ ÑÑÑановиÑÑ Ð¿ÑокÑи, ÑеÑез коÑоÑÑй в Ñ Ð¾Ð´Ðµ +ÑекÑÑего вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð±ÑаÑзеÑа бÑÐ´ÐµÑ Ð¿ÐµÑÐµÑ Ð²Ð°ÑÑваÑÑÑÑ ÑеÑевой ÑÑаÑик.</p> -<p>For the oldstable distribution (jessie), this problem has been fixed -in version 1.1.0~rc1+git20111210-7.4+deb8u1.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (jessie) ÑÑа пÑоблема бÑла иÑпÑавлена +в веÑÑии 1.1.0~rc1+git20111210-7.4+deb8u1.</p> -<p>For the stable distribution (stretch), this problem has been fixed in -version 1.1.1-1+deb9u1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (stretch) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1.1.1-1+deb9u1.</p> -<p>We recommend that you upgrade your xdg-utils packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ xdg-utils.</p> -<p>For the detailed security status of xdg-utils please refer to -its security tracker page at: +<p>С подÑобнÑм ÑÑаÑÑÑом поддеÑжки безопаÑноÑÑи xdg-utils можно ознакомиÑÑÑÑ Ð½Ð° +ÑооÑвеÑÑÑвÑÑÑей ÑÑÑаниÑе оÑÑÐ»ÐµÐ¶Ð¸Ð²Ð°Ð½Ð¸Ñ Ð±ÐµÐ·Ð¾Ð¿Ð°ÑноÑÑи по адÑеÑÑ <a href="https://security-tracker.debian.org/tracker/xdg-utils">\ https://security-tracker.debian.org/tracker/xdg-utils</a></p> </define-tag> # do not modify the following line #include "$(ENGLISHDIR)/security/2018/dsa-4211.data" -# $Id: dsa-4211.wml,v 1.1 2018/05/26 05:34:20 dogsleg Exp $