--- ../../english/security/2018/dsa-4263.wml 2018-08-04 17:52:03.912716585 +0500 +++ 2018/dsa-4263.wml 2018-08-04 19:04:09.114723764 +0500 @@ -1,20 +1,21 @@ -<define-tag description>security update</define-tag> +#use wml::debian::translation-check translation="49b48c1dea3498968fa3abe3c5dcbfc6ca97d91c" mindelta="1" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи</define-tag> <define-tag moreinfo> -<p>Jann Horn discovered a directory traversal vulnerability in cgit, a fast -web frontend for git repositories written in C. A remote attacker can -take advantage of this flaw to retrieve arbitrary files via a specially -crafted request, when 'enable-http-clone=1' (default) is not turned off.</p> +<p>Янн ХоÑн обнаÑÑжил Ð¾Ð±Ñ Ð¾Ð´ каÑалога в cgit, бÑÑÑÑом веб-инÑеÑÑейÑе Ð´Ð»Ñ +git-ÑепозиÑоÑиев, напиÑанном на C. УдалÑннÑй злоÑмÑÑленник Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑ +даннÑÑ ÑÑзвимоÑÑÑ Ð´Ð»Ñ Ð¿Ð¾Ð»ÑÑÐµÐ½Ð¸Ñ Ð¿ÑоизволÑнÑÑ Ñайлов Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ ÑпеÑиалÑно ÑÑоÑмиÑованного +запÑоÑа в ÑлÑÑае, когда опÑÐ¸Ñ 'enable-http-clone=1' (по ÑмолÑаниÑ) оÑклÑÑена.</p> -<p>For the stable distribution (stretch), this problem has been fixed in -version 1.1+git2.10.2-3+deb9u1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (stretch) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1.1+git2.10.2-3+deb9u1.</p> -<p>We recommend that you upgrade your cgit packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ cgit.</p> -<p>For the detailed security status of cgit please refer to its security -tracker page at: -<a href="https://security-tracker.debian.org/tracker/cgit">https://security-tracker.debian.org/tracker/cgit</a></p> +<p>С подÑобнÑм ÑÑаÑÑÑом поддеÑжки безопаÑноÑÑи cgit можно ознакомиÑÑÑÑ Ð½Ð° +ÑооÑвеÑÑÑвÑÑÑей ÑÑÑаниÑе оÑÑÐ»ÐµÐ¶Ð¸Ð²Ð°Ð½Ð¸Ñ Ð±ÐµÐ·Ð¾Ð¿Ð°ÑноÑÑи по адÑеÑÑ +<a href="https://security-tracker.debian.org/tracker/cgit">\ +https://security-tracker.debian.org/tracker/cgit</a></p> </define-tag> # do not modify the following line #include "$(ENGLISHDIR)/security/2018/dsa-4263.data" -# $Id: $