dsa-4216.wml

Lev Lamberov Sun, 10 Jun 2018 20:51:15 -0700
--- ../../english/security/2018/dsa-4216.wml    2018-06-04 20:44:35.167815744 
+0500
+++ 2018/dsa-4216.wml   2018-06-04 20:49:37.982021568 +0500
@@ -1,27 +1,28 @@
-<define-tag description>security update</define-tag>
+#use wml::debian::translation-check 
translation="012397a8cf378f88a443716d86936f74eb6de448" mindelta="1" 
maintainer="Lev Lamberov"
+<define-tag description>Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ðµ 
Ð±ÐµÐ·Ð¾Ð¿Ð°ÑÐ½Ð¾ÑÑÐ¸</define-tag>
 <define-tag moreinfo>
-<p>It was discovered that Prosody, a lightweight Jabber/XMPP server, does
-not properly validate client-provided parameters during XMPP stream
-restarts, allowing authenticated users to override the realm associated
-with their session, potentially bypassing security policies and allowing
-impersonation.</p>
+<p>ÐÑÐ»Ð¾ Ð¾Ð±Ð½Ð°ÑÑÐ¶ÐµÐ½Ð¾, ÑÑÐ¾ Prosody, Ð»ÐµÐ³ÐºÐ¾Ð²ÐµÑÐ½ÑÐ¹ 
ÑÐµÑÐ²ÐµÑ Jabber/XMPP, Ð½ÐµÐ¿ÑÐ°Ð²Ð¸Ð»ÑÐ½Ð¾
+Ð²ÑÐ¿Ð¾Ð»Ð½ÑÐµÑ Ð¿ÑÐ¾Ð²ÐµÑÐºÑ Ð¿ÐµÑÐµÐ´Ð°Ð²Ð°ÐµÐ¼ÑÑ ÐºÐ»Ð¸ÐµÐ½ÑÐ¾Ð¼ 
Ð¿Ð°ÑÐ°Ð¼ÐµÑÑÐ¾Ð² Ð² ÑÐ¾Ð´Ðµ Ð¿ÐµÑÐµÐ·Ð°Ð¿ÑÑÐºÐ¾Ð² XMPP-Ð¿Ð¾ÑÐ¾ÐºÐ°,
+Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÑ Ð°ÑÑÐµÐ½ÑÐ¸ÑÐ¸ÑÐ¸ÑÐ¾Ð²Ð°Ð½Ð½ÑÐ¼ 
Ð¿Ð¾Ð»ÑÐ·Ð¾Ð²Ð°ÑÐµÐ»ÑÐ¼ Ð¿ÐµÑÐµÐ¾Ð¿ÑÐµÐ´ÐµÐ»ÑÑÑ ÑÐ²ÑÐ·Ð°Ð½Ð½ÑÑ Ñ 
Ð¸Ñ ÑÐµÑÑÐ¸ÐµÐ¹
+Ð¿Ð¾Ð¸Ð¼ÐµÐ½Ð¾Ð²Ð°Ð½Ð½ÑÑ Ð¾Ð±Ð»Ð°ÑÑÑ, Ð¿Ð¾ÑÐµÐ½ÑÐ¸Ð°Ð»ÑÐ½Ð¾ Ð¾Ð±Ñ
Ð¾Ð´Ñ Ð¾Ð³ÑÐ°Ð½Ð¸ÑÐµÐ½Ð¸Ñ Ð¿ÑÐ°Ð²Ð¸Ð» Ð±ÐµÐ·Ð¾Ð¿Ð°ÑÐ½Ð¾ÑÑÐ¸ Ð¸
+Ð²ÑÐ´Ð°Ð²Ð°Ñ ÑÐµÐ±Ñ Ð·Ð° ÐºÐ¾Ð³Ð¾-ÑÐ¾ Ð´ÑÑÐ³Ð¾Ð³Ð¾.</p>
 
-<p>Details can be found in the upstream advisory at
+<p>ÐÐ¾Ð´ÑÐ¾Ð±Ð½Ð¾ÑÑÐ¸ Ð¼Ð¾Ð³ÑÑ Ð±ÑÑÑ Ð½Ð°Ð¹Ð´ÐµÐ½Ñ Ð² 
ÑÐµÐºÐ¾Ð¼ÐµÐ½Ð´Ð°ÑÐ¸Ð¸ Ð¾ÑÐ½Ð¾Ð²Ð½Ð¾Ð¹ Ð²ÐµÑÐºÐ¸ ÑÐ°Ð·ÑÐ°Ð±Ð¾ÑÐºÐ¸ Ð¿Ð¾ 
Ð°Ð´ÑÐµÑÑ
 <a 
href="https://prosody.im/security/advisory_20180531/";>https://prosody.im/security/advisory_20180531/</a></p>
 
-<p>For the oldstable distribution (jessie), this problem has been fixed
-in version 0.9.7-2+deb8u4.</p>
+<p>Ð Ð¿ÑÐµÐ´ÑÐ´ÑÑÐµÐ¼ ÑÑÐ°Ð±Ð¸Ð»ÑÐ½Ð¾Ð¼ Ð²ÑÐ¿ÑÑÐºÐµ (jessie) ÑÑÐ° 
Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ð° Ð±ÑÐ»Ð° Ð¸ÑÐ¿ÑÐ°Ð²Ð»ÐµÐ½Ð°
+Ð² Ð²ÐµÑÑÐ¸Ð¸ 0.9.7-2+deb8u4.</p>
 
-<p>For the stable distribution (stretch), this problem has been fixed in
-version 0.9.12-2+deb9u2.</p>
+<p>Ð ÑÑÐ°Ð±Ð¸Ð»ÑÐ½Ð¾Ð¼ Ð²ÑÐ¿ÑÑÐºÐµ (stretch) ÑÑÐ° Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ð° 
Ð±ÑÐ»Ð° Ð¸ÑÐ¿ÑÐ°Ð²Ð»ÐµÐ½Ð° Ð²
+Ð²ÐµÑÑÐ¸Ð¸ 0.9.12-2+deb9u2.</p>
 
-<p>We recommend that you upgrade your prosody packages.</p>
+<p>Ð ÐµÐºÐ¾Ð¼ÐµÐ½Ð´ÑÐµÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ prosody.</p>
 
-<p>For the detailed security status of prosody please refer to its security
-tracker page at:
-<a 
href="https://security-tracker.debian.org/tracker/prosody";>https://security-tracker.debian.org/tracker/prosody</a></p>
+<p>Ð¡ Ð¿Ð¾Ð´ÑÐ¾Ð±Ð½ÑÐ¼ ÑÑÐ°ÑÑÑÐ¾Ð¼ Ð¿Ð¾Ð´Ð´ÐµÑÐ¶ÐºÐ¸ 
Ð±ÐµÐ·Ð¾Ð¿Ð°ÑÐ½Ð¾ÑÑÐ¸ prosody Ð¼Ð¾Ð¶Ð½Ð¾ Ð¾Ð·Ð½Ð°ÐºÐ¾Ð¼Ð¸ÑÑÑÑ Ð½Ð°
+ÑÐ¾Ð¾ÑÐ²ÐµÑÑÑÐ²ÑÑÑÐµÐ¹ ÑÑÑÐ°Ð½Ð¸ÑÐµ Ð¾ÑÑÐ»ÐµÐ¶Ð¸Ð²Ð°Ð½Ð¸Ñ 
Ð±ÐµÐ·Ð¾Ð¿Ð°ÑÐ½Ð¾ÑÑÐ¸ Ð¿Ð¾ Ð°Ð´ÑÐµÑÑ
+<a href="https://security-tracker.debian.org/tracker/prosody";>\
+https://security-tracker.debian.org/tracker/prosody</a></p>
 </define-tag>
 
 # do not modify the following line
 #include "$(ENGLISHDIR)/security/2018/dsa-4216.data"
-# $Id: $
[DONE] wml://security/2018/dsa-4216.wml

Ответить
