-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2006/dsa-1000.wml 2006-04-04 01:15:48.000000000 +0600 +++ russian/security/2006/dsa-1000.wml 2015-12-25 12:07:25.673305096 +0500 @@ -1,25 +1,26 @@ - -<define-tag description>design error</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>оÑибка ÑазÑабоÑки</define-tag> <define-tag moreinfo> - -<p>Gunnar Wolf noticed that the correction for the following problem was - -not complete and requires an update. For completeness we're - -providing the original problem description:</p> +<p>ÐÑÐ½Ð½Ð°Ñ ÐолÑÑ Ð·Ð°Ð¼ÐµÑил, ÑÑо иÑпÑавление ÑледÑÑÑей пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли +неполнÑм и ÑÑебÑÐµÑ Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ. ÐÐ»Ñ Ð¿Ð¾Ð»Ð½Ð¾ÑÑ ÐºÐ°ÑÑÐ¸Ð½Ñ +пÑедоÑÑавлÑем оÑигиналÑное опиÑание пÑоблемÑ:</p> <blockquote> - -<p>An algorithm weakness has been discovered in Apache2::Request, the - -generic request library for Apache2 which can be exploited remotely - -and cause a denial of service via CPU consumption.</p> +<p>Ð Apache2::Request, библиоÑека обÑÐ¸Ñ Ð·Ð°Ð¿ÑоÑов Ð´Ð»Ñ Apache2, бÑл +обнаÑÑжен ÑлабÑй алгоÑиÑм, коÑоÑÑй Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑ ÑдалÑнно +и Ð¼Ð¾Ð¶ÐµÑ Ð²ÑзÑваÑÑ Ð¾Ñказ в обÑлÑживании из-за ÑÑезмеÑного поÑÑÐµÐ±Ð»ÐµÐ½Ð¸Ñ ÑеÑÑÑÑов ЦÐ.</p> </blockquote> - -<p>The old stable distribution (woody) does not contain this package.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (woody) ÑÑÐ¾Ñ Ð¿Ð°ÐºÐµÑ Ð¾ÑÑÑÑÑÑвÑеÑ.</p> - -<p>For the stable distribution (sarge) this problem has been fixed in - -version 2.04-dev-1sarge2.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (sarge) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.04-dev-1sarge2.</p> - -<p>For the unstable distribution (sid) this problem has been fixed in - -version 2.07-1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.07-1.</p> - -<p>We recommend that you upgrade your libapreq2, libapache2-mod-apreq2 - -and libapache2-request-perl packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ libapreq2, libapache2-mod-apreq2 +и libapache2-request-perl.</p> </define-tag> # do not modify the following line - --- english/security/2006/dsa-1026.wml 2006-04-06 13:43:28.000000000 +0600 +++ russian/security/2006/dsa-1026.wml 2015-12-25 12:23:35.256577185 +0500 @@ -1,24 +1,25 @@ - -<define-tag description>buffer overflows</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>пеÑеполнение бÑÑеÑа</define-tag> <define-tag moreinfo> - -<p>Markus Oberhumer discovered a flaw in the way zlib, a library used for - -file compression and decompression, handles invalid input. This flaw can - -cause programs which use zlib to crash when opening an invalid file. - -A further error in the way zlib handles the inflation of certain - -compressed files can cause a program which uses zlib to crash when opening - -an invalid file.</p> +<p>ÐаÑкÑÑ ÐбеÑÑ ÑÐ¼ÐµÑ Ð¾Ð±Ð½Ð°ÑÑжил ÑÑзвимоÑÑÑ Ð² ÑпоÑобе, иÑполÑзÑемом zlib, библиоÑекой Ð´Ð»Ñ +ÑжаÑÐ¸Ñ Ð¸ ÑаÑпаковки Ñайлов, Ð´Ð»Ñ Ð¾Ð±ÑабоÑки некоÑÑекÑнÑÑ Ð²Ñ Ð¾Ð´Ð½ÑÑ Ð´Ð°Ð½Ð½ÑÑ . ÐÑа ÑÑзвимоÑÑÑ Ð¼Ð¾Ð¶ÐµÑ +пÑиводиÑÑ Ðº аваÑÐ¸Ð¹Ð½Ð¾Ð¼Ñ Ð·Ð°Ð²ÐµÑÑÐµÐ½Ð¸Ñ Ð¿ÑогÑамм, иÑполÑзÑÑÑÐ¸Ñ zlib, пÑи оÑкÑÑÑии некоÑÑекÑного Ñайла. +ÐÑÑ Ð¾Ð´Ð½Ð° оÑибка в ÑпоÑобе, иÑполÑзÑемом zlib Ð´Ð»Ñ Ð¾Ð±ÑабоÑки ÑвелиÑÐµÐ½Ð¸Ñ Ð½ÐµÐºÐ¾ÑоÑÑÑ +ÑжаÑÑÑ Ñайлов, Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº аваÑÐ¸Ð¹Ð½Ð¾Ð¼Ñ Ð·Ð°Ð²ÐµÑÑÐµÐ½Ð¸Ñ Ð¿ÑогÑамм, иÑполÑзÑÑÑÐ¸Ñ zlib, пÑи оÑкÑÑÑии +некоÑÑекÑного Ñайла.</p> - -<p>sash, the stand-alone shell, links statically against zlib, and was - -thus affected by these problems.</p> +<p>sash, оÑделÑÐ½Ð°Ñ ÑÑилиÑа Ð´Ð»Ñ ÐºÐ¾Ð¼Ð°Ð½Ð´Ð½Ð¾Ð¹ оболоÑки, ÑÑаÑиÑеÑки ÑвÑзÑваеÑÑÑ Ñ zlib и поÑÑÐ¾Ð¼Ñ +подвеÑжена ÑказаннÑм пÑоблемам.</p> - -<p>The old stable distribution (woody) isn't affected by these problems.</p> +<p>ÐÑедÑдÑÑий ÑÑабилÑнÑй вÑпÑÑк (woody) не подвеÑжен ÑÑим пÑоблемам.</p> - -<p>For the stable distribution (sarge) these problems have been fixed in - -version 3.7-5sarge1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (sarge) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 3.7-5sarge1.</p> - -<p>For the unstable distribution (sid) these problems have been fixed in - -version 3.7-6.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 3.7-6.</p> - -<p>We recommend that you upgrade your sash package.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑ sash.</p> </define-tag> # do not modify the following line - --- english/security/2006/dsa-1075.wml 2006-05-31 16:37:11.000000000 +0600 +++ russian/security/2006/dsa-1075.wml 2015-12-25 12:37:55.821725680 +0500 @@ -1,25 +1,26 @@ - -<define-tag description>programming error</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>оÑибка пÑогÑаммиÑованиÑ</define-tag> <define-tag moreinfo> - -<p>Hendrik Weimer discovered that awstats can execute arbitrary commands - -under the user id the web-server runs when users are allowed to supply - -arbitrary configuration files. Even though, this bug was referenced - -in DSA 1058 accidentally, it was not fixed yet.</p> - - - -<p>The new default behaviour is not to accept arbitrary configuration - -directories from the user. This can be overwritten by the - -AWSTATS_ENABLE_CONFIG_DIR environment variable when users are to be - -trusted.</p> - - - -<p>The old stable distribution (woody) does not seem to be affected by - -this problem.</p> +<p>ХендÑик ÐÐ°Ð¹Ð¼ÐµÑ Ð¾Ð±Ð½Ð°ÑÑжил, ÑÑо awstats Ð¼Ð¾Ð¶ÐµÑ Ð²ÑполнÑÑÑ Ð¿ÑоизволÑнÑе ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ +Ð¾Ñ Ð»Ð¸Ñа полÑзоваÑелÑ, запÑÑÑивÑего веб-ÑеÑвеÑ, в ÑлÑÑае, когда полÑзоваÑелÑм ÑазÑеÑено +пеÑедаваÑÑ Ð¿ÑоизволÑнÑе ÑÐ°Ð¹Ð»Ñ Ð½Ð°ÑÑÑойки. ХоÑÑ ÑÑа оÑибка и бÑла ÑлÑÑайно +Ñказана в DSA 1058, она не бÑла иÑпÑавлена.</p> + +<p>Ðо ÑмолÑÐ°Ð½Ð¸Ñ ÑепеÑÑ Ð¿ÑоизволÑнÑе каÑалоги Ñ Ð½Ð°ÑÑÑойками Ð¾Ñ Ð¿Ð¾Ð»ÑзоваÑелей +не пÑинимаÑÑÑÑ. ÐÑо можно измениÑÑ Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ Ð¿ÐµÑеменной окÑÑÐ¶ÐµÐ½Ð¸Ñ +AWSTATS_ENABLE_CONFIG_DIR в Ñом ÑлÑÑае, еÑли Ð²Ñ Ð´Ð¾Ð²ÐµÑÑеÑе Ñвоим +полÑзоваÑелÑм.</p> + +<p>ÐÑедÑдÑÑий ÑÑабилÑнÑй вÑпÑÑк (woody), как кажеÑÑÑ, не подвеÑжен +данной пÑоблеме.</p> - -<p>For the stable distribution (sarge) this problem has been fixed in - -version 6.4-1sarge3.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (sarge) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 6.4-1sarge3.</p> - -<p>For the unstable distribution (sid) this problem has been fixed in - -version 6.5-2.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 6.5-2.</p> - -<p>We recommend that you upgrade your awstats package.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑ awstats.</p> </define-tag> # do not modify the following line - --- english/security/2006/dsa-1090.wml 2006-07-20 17:51:08.000000000 +0600 +++ russian/security/2006/dsa-1090.wml 2015-12-25 12:51:49.218495010 +0500 @@ -1,24 +1,25 @@ - -<define-tag description>programming error</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>оÑибка пÑогÑаммиÑованиÑ</define-tag> <define-tag moreinfo> - -<p>A vulnerability has been discovered in SpamAssassin, a Perl-based spam - -filter using text analysis, that can allow remote attackers to execute - -arbitrary commands. This problem only affects systems where spamd is - -reachable via the internet and used with vpopmail virtual users, via - -the "-v" / "--vpopmail" switch, and with the "-P" / "--paranoid" - -switch which is not the default setting on Debian.</p> +<p>Ð SpamAssassin, Ñпам-ÑилÑÑÑе на оÑнове Perl, иÑполÑзÑÑÑем +меÑÐ¾Ð´Ñ Ð°Ð½Ð°Ð»Ð¸Ð·Ð° ÑекÑÑа, бÑла обнаÑÑжена ÑÑзвимоÑÑÑ, коÑоÑÐ°Ñ Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÐµÑ ÑдалÑннÑм злоÑмÑÑленникам вÑполнÑÑÑ +пÑоизволÑнÑе командÑ. ÐÑа пÑоблема акÑÑалÑна ÑолÑко Ð´Ð»Ñ ÑÐµÑ ÑиÑÑем, в коÑоÑÑÑ spamd +доÑÑÑпен ÑеÑез ÐнÑеÑÐ½ÐµÑ Ð¸ иÑполÑзÑеÑÑÑ Ð²Ð¸ÑÑÑалÑнÑми полÑзоваÑелÑми vpopmail ÑеÑез +опÑÐ¸Ñ "-v" / "--vpopmail" Ñ Ð¾Ð¿Ñией "-P" / "--paranoid", +ÑÑо по ÑмолÑÐ°Ð½Ð¸Ñ Ð¾ÑклÑÑено в Debian.</p> - -<p>The old stable distribution (woody) is not affected by this problem.</p> +<p>ÐÑедÑдÑÑий ÑÑабилÑнÑй вÑпÑÑк (woody) не подвеÑжен данной пÑоблеме.</p> - -<p>For the stable distribution (sarge) this problem has been fixed in - -version 3.0.3-2sarge1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (sarge) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 3.0.3-2sarge1.</p> - -<p>For the volatile archive for the stable distribution (sarge) this - -problem has been fixed in version 3.1.0a-0volatile3.</p> +<p>РволаÑилÑном аÑÑ Ð¸Ð²Ðµ Ð´Ð»Ñ ÑÑабилÑного вÑпÑÑка (sarge) ÑÑа +пÑоблема бÑла иÑпÑавлена в веÑÑии 3.1.0a-0volatile3.</p> - -<p>For the unstable distribution (sid) this problem has been fixed in - -version 3.1.3-1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 3.1.3-1.</p> - -<p>We recommend that you upgrade your spamd package.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑ spamd.</p> </define-tag> # do not modify the following line - --- english/security/2006/dsa-1145.wml 2014-04-30 13:16:09.000000000 +0600 +++ russian/security/2006/dsa-1145.wml 2015-12-25 13:00:35.809275211 +0500 @@ -1,31 +1,32 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Several remote vulnerabilities have been discovered in freeradius, a - -high-performance RADIUS server, which may lead to SQL injection or denial - -of service. The Common Vulnerabilities and Exposures project identifies - -the following problems:</p> +<p>Ð freeradius, вÑÑокопÑоизводиÑелÑном ÑеÑвеÑе RADIUS, бÑло обнаÑÑжено +неÑколÑко ÑÑзвимоÑÑей, коÑоÑÑе могÑÑ Ð¿ÑиводиÑÑ Ðº SQL-инÑекÑиÑм или оÑÐºÐ°Ð·Ñ +в обÑлÑживании. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and Exposures опÑеделÑÐµÑ +ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2005-4745">CVE-2005-4745</a> - - <p>An SQL injection vulnerability has been discovered in the - - rlm_sqlcounter module.</p></li> + <p>ÐÑла обнаÑÑжена SQL-инÑекÑÐ¸Ñ Ð² + модÑле rlm_sqlcounter.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2005-4746">CVE-2005-4746</a> - - <p>Multiple buffer overflows have been discovered, allowing denial of - - service.</p></li> + <p>ÐÑли обнаÑÑÐ¶ÐµÐ½Ñ Ð¼Ð½Ð¾Ð³Ð¾ÑиÑленнÑе пеÑÐµÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð±ÑÑеÑа, пÑиводÑÑие к оÑÐºÐ°Ð·Ñ + в обÑлÑживании.</p></li> </ul> - -<p>For the stable distribution (sarge) these problems have been fixed in - -version 1.0.2-4sarge3.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (sarge) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 1.0.2-4sarge3.</p> - -<p>For the unstable distribution (sid) these problems have been fixed in - -version 1.0.5-1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 1.0.5-1.</p> - -<p>We recommend that you upgrade your freeradius packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ freeradius.</p> </define-tag> # do not modify the following line - --- english/security/2006/dsa-1180.wml 2014-04-30 13:16:10.000000000 +0600 +++ russian/security/2006/dsa-1180.wml 2015-12-25 13:04:50.598229565 +0500 @@ -1,30 +1,31 @@ - -<define-tag description>programming error</define-tag> +#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov" +<define-tag description>оÑибка пÑогÑаммиÑованиÑ</define-tag> <define-tag moreinfo> - -<p>Luigi Auriemma discovered two security related bugs in bomberclone, a - -free Bomberman clone. The Common Vulnerabilities and Exposures - -project identifies the following problems:</p> +<p>ÐÑиджи ÐÑÑимма обнаÑÑжил две ÑÑзвимоÑÑи в bomberclone, Ñвободном +клоне Bomberman. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and Exposures +опÑеделÑÐµÑ ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2006-4005">CVE-2006-4005</a> - - <p>The program copies remotely provided data unchecked which could - - lead to a denial of service via an application crash.</p></li> + <p>ÐÑогÑамма копиÑÑÐµÑ Ð¿ÐµÑедаваемÑе ÑдалÑнно даннÑÑ Ð±ÐµÐ· пÑовеÑки, ÑÑо Ð¼Ð¾Ð¶ÐµÑ + пÑиводиÑÑ Ðº оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании из-за аваÑийного завеÑÑÐµÐ½Ð¸Ñ ÑабоÑÑ Ð¿ÑиложениÑ.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2006-4006">CVE-2006-4006</a> - - <p>Bomberclone uses remotely provided data as length argument which - - can lead to the disclosure of private information.</p></li> + <p>Bomberclone иÑполÑзÑÐµÑ Ð¿ÐµÑедаваемÑе ÑдалÑнно даннÑÑ Ð² виде аÑгÑменÑа длинÑ, ÑÑо + Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº ÑаÑкÑÑÑÐ¸Ñ Ð»Ð¸Ñной инÑоÑмаÑии.</p></li> </ul> - -<p>For the stable distribution (sarge) these problems have been fixed in - -version 0.11.5-1sarge2.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (sarge) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 0.11.5-1sarge2.</p> - -<p>For the unstable distribution (sid) these problems have been fixed in - -version 0.11.7-0.1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 0.11.7-0.1.</p> - -<p>We recommend that you upgrade your bomberclone package.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑ bomberclone.</p> </define-tag> # do not modify the following line - --- english/security/2006/dsa-1188.wml 2014-04-30 13:16:10.000000000 +0600 +++ russian/security/2006/dsa-1188.wml 2015-12-25 13:08:06.627848739 +0500 @@ -1,31 +1,32 @@ - -<define-tag description>format string</define-tag> +#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov" +<define-tag description>ÑоÑмаÑÐ½Ð°Ñ ÑÑÑока</define-tag> <define-tag moreinfo> - -<p>Several security related problems have been discovered in mailman, the - -web-based GNU mailing list manager. The Common Vulnerabilities and - -Exposures project identifies the following problems:</p> +<p>Ð mailman, менеджеÑе ÑпиÑков ÑаÑÑÑлки Ð¾Ñ GNU Ñ Ð²ÐµÐ±-инÑеÑÑейÑов, +бÑло обнаÑÑжено неÑколÑко ÑÑзвимоÑÑей. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and +Exposures опÑеделÑÐµÑ ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2006-3636">CVE-2006-3636</a> - - <p>Moritz Naumann discovered several cross-site scripting problems - - that could allow remote attackers to inject arbitrary web script code - - or HTML.</p></li> + <p>ÐоÑÐ¸Ñ ÐаÑман обнаÑÑжил неÑколÑко пÑоблемÑ, ÑвÑзаннÑÑ Ñ Ð¼ÐµÐ¶ÑайÑовÑм ÑкÑипÑингом, + коÑоÑÑе позволÑÑÑ ÑдалÑннÑÑ Ð·Ð»Ð¾ÑмÑÑленникам вводиÑÑ Ð¿ÑоизволÑнÑй код веб-ÑÑенаÑÐ¸Ñ + или HTML.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2006-4624">CVE-2006-4624</a> - - <p>Moritz Naumann discovered that a remote attacker can inject - - arbitrary strings into the logfile.</p></li> + <p>ÐоÑÐ¸Ñ ÐаÑман обнаÑÑжил, ÑÑо ÑдалÑннÑй злоÑмÑÑленник Ð¼Ð¾Ð¶ÐµÑ Ð²Ð²Ð¾Ð´Ð¸ÑÑ + пÑоизволÑнÑе ÑÑÑоки в Ñайл жÑÑнала.</p></li> </ul> - -<p>For the stable distribution (sarge) these problems have been fixed in - -version 2.1.5-8sarge5.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (sarge) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 2.1.5-8sarge5.</p> - -<p>For the unstable distribution (sid) these problems have been fixed in - -version 2.1.8-3.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 2.1.8-3.</p> - -<p>We recommend that you upgrade your mailman package.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑ mailman.</p> </define-tag> # do not modify the following line - --- english/security/2006/dsa-930.wml 2011-05-26 16:05:47.000000000 +0600 +++ russian/security/2006/dsa-930.wml 2015-12-25 12:12:07.806943569 +0500 @@ -1,23 +1,24 @@ - -<define-tag description>format string attack</define-tag> +#use wml::debian::translation-check translation="1.6" maintainer="Lev Lamberov" +<define-tag description>аÑака на ÑоÑмаÑнÑÑ ÑÑÑокÑ</define-tag> <define-tag moreinfo> - -<p>Ulf Härnhammar from the Debian Security Audit project discovered a - -format string attack in the logging code of smstools, which may be - -exploited to execute arbitrary code with root privileges.</p> +<p>УлÑÑ Ð¥ÑÑÐ½Ñ Ð°Ð¼Ð¼Ð°Ñ Ð¸Ð· пÑоекÑа Debian Security Audit обнаÑÑжил +аÑака на ÑоÑмаÑнÑÑ ÑÑÑÐ¾ÐºÑ Ð² коде Ð²ÐµÐ´ÐµÐ½Ð¸Ñ Ð¶ÑÑнала в smstools, коÑоÑÐ°Ñ +Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑÑÑ Ð´Ð»Ñ Ð²ÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода Ñ Ð¿Ñавами ÑÑпеÑполÑзоваÑелÑ.</p> - -<p>The original advisory for this issue said that the old stable - -distribution (woody) was not affected because it did not contain - -smstools. This was incorrect, and the only change in this updated - -advisory is the inclusion of corrected packages for woody.</p> +<p>РоÑигиналÑной ÑекомендаÑии по данной пÑоблеме ÑÑвеÑждалоÑÑ, ÑÑо пÑедÑдÑÑий +ÑÑабилÑнÑй вÑпÑÑк (woody) не подвеÑжен, Ñак как в Ð¿Ð°ÐºÐµÑ smstools в нÑм +оÑÑÑÑÑÑвÑеÑ. ÐÑо невеÑно, единÑÑвеннÑм изменением в обновлÑнной +ÑедакÑии ÑвлÑеÑÑÑ Ð´Ð¾Ð±Ð°Ð²Ð»ÐµÐ½Ð¸Ðµ иÑпÑавленнÑÑ Ð¿Ð°ÐºÐµÑов Ð´Ð»Ñ woody.</p> - -<p>For the old stable distribution (woody) this problem has been fixed in - -version 1.5.0-2woody0.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (woody) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1.5.0-2woody0.</p> - -<p>For the stable distribution (sarge) this problem has been fixed in - -version 1.14.8-1sarge0.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (sarge) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1.14.8-1sarge0.</p> - -<p>For the unstable distribution the package will be updated shortly.</p> +<p>РнеÑÑабилÑном вÑпÑÑке ÑÑÐ¾Ñ Ð¿Ð°ÐºÐµÑ Ð±ÑÐ´ÐµÑ Ð² ÑкоÑом вÑемени обновлÑн.</p> - -<p>We recommend that you upgrade your smstools package.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑ smstools.</p> </define-tag> # do not modify the following line - --- english/security/2006/dsa-947.wml 2006-03-02 17:05:33.000000000 +0500 +++ russian/security/2006/dsa-947.wml 2015-12-25 12:46:48.890977928 +0500 @@ -1,24 +1,25 @@ - -<define-tag description>heap overflow</define-tag> +#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov" +<define-tag description>пеÑеполнение динамиÑеÑкой памÑÑи</define-tag> <define-tag moreinfo> - -<p>A heap overflow has been discovered in ClamAV, a virus scanner, which - -could allow an attacker to execute arbitrary code by sending a carefully - -crafted UPX-encoded executable to a system running ClamAV. In addition, - -other potential overflows have been corrected.</p> +<p>Ð ClamAV, анÑивиÑÑÑнÑй ÑканеÑ, бÑло обнаÑÑжено пеÑеполнение +динамиÑеÑкой памÑÑи, коÑоÑое Ð¼Ð¾Ð¶ÐµÑ Ð¿Ð¾Ð·Ð²Ð¾Ð»Ð¸ÑÑ Ð·Ð»Ð¾ÑмÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÑ Ð²ÑполниÑÑ Ð¿ÑоизволÑнÑй код пÑÑÑм оÑпÑавки ÑпеÑиалÑно +ÑÑоÑмиÑованнÑÑ Ð¸ÑполнÑемÑÑ Ñайлов, закодиÑованнÑÑ Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ UPX, в ÑиÑÑемÑ, на коÑоÑой запÑÑен ClamAV. ÐÑоме Ñого, +бÑли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð´ÑÑгие поÑенÑиалÑнÑе пеÑеполнениÑ.</p> - -<p>Packages for the ARM architecture were not available when DSA 947-1 was - -released; these packages are now available. Also, DSA 947-1 incorrectly - -identified the package version which corrected these issues in the - -unstable distribution (sid).</p> +<p>ÐакеÑÑ Ð´Ð»Ñ Ð°ÑÑ Ð¸ÑекÑÑÑÑ ARM в Ð¼Ð¾Ð¼ÐµÐ½Ñ Ð²ÑпÑÑка DSA 947-1 +не бÑли доÑÑÑпнÑ; ÑепеÑÑ Ð¾Ð½Ð¸ доÑÑÑпнÑ. ÐÑоме Ñого, в DSA 947-1 бÑла +непÑавилÑно Ñказан веÑÑÐ¸Ñ Ð¿Ð°ÐºÐµÑа, в коÑоÑой ÑказаннÑе пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð´Ð»Ñ +неÑÑабилÑного вÑпÑÑка (sid).</p> - -<p>The old stable distribution (woody) does not include ClamAV.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (woody) пакеÑÑ ClamAV оÑÑÑÑÑÑвÑÑÑ.</p> - -<p>For the stable distribution (sarge) this problem has been fixed in - -version 0.84-2.sarge.7.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (sarge) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 0.84-2.sarge.7.</p> - -<p>For the unstable distribution (sid) this problem has been fixed in - -version 0.88-1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 0.88-1.</p> - -<p>We recommend that you upgrade your clamav package immediately.</p> +<p>РекомендÑеÑÑÑ ÐºÐ°Ðº можно ÑкоÑее обновиÑÑ Ð¿Ð°ÐºÐµÑ clamav.</p> </define-tag> # do not modify the following line - --- english/security/2006/dsa-975.wml 2006-02-15 16:49:58.000000000 +0500 +++ russian/security/2006/dsa-975.wml 2015-12-25 12:56:59.710946297 +0500 @@ -1,26 +1,27 @@ - -<define-tag description>buffer overflow</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>пеÑеполнение бÑÑеÑа</define-tag> <define-tag moreinfo> - -<p>Marcus Meissner discovered that attackers can trigger a buffer overflow - -in the path handling code by creating or abusing existing symlinks, which - -may lead to the execution of arbitrary code.</p> +<p>ÐаÑкÑÑ ÐайÑÐ½ÐµÑ Ð¾Ð±Ð½Ð°ÑÑжил, ÑÑо злоÑмÑÑленники могÑÑ Ð²ÑзÑваÑÑ Ð¿ÐµÑеполнение бÑÑеÑа +в коде обÑабоÑки пÑÑи пÑÑÑм ÑÐ¾Ð·Ð´Ð°Ð½Ð¸Ñ Ð¸Ð»Ð¸ непÑавилÑного иÑполÑÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ ÑÑÑеÑÑвÑÑÑÐ¸Ñ ÑимволÑнÑÑ ÑÑÑлок, ÑÑо +Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода.</p> - -<p>This vulnerability isn't present in the kernel NFS server.</p> +<p>Ð ÑеÑвеÑе NFS в ÑдÑе ÑÑа ÑÑзвимоÑÑÑ Ð¾ÑÑÑÑÑÑвÑеÑ.</p> - -<p>This update includes a bugfix for attribute handling of symlinks. This - -fix does not have security implications, but at the time when this DSA - -was prepared it was already queued for the next stable point release, so - -we decided to include it beforehand.</p> +<p>Ðанное обновление вклÑÑÐ°ÐµÑ Ð² ÑÐµÐ±Ñ Ð¸ÑпÑавление оÑибки в коде обÑабоÑки аÑÑибÑÑов ÑимволÑнÑÑ ÑÑÑлок. Ðанное +иÑпÑавление не каÑаеÑÑÑ Ð¿Ñоблем безопаÑноÑÑи, но в Ð¼Ð¾Ð¼ÐµÐ½Ñ Ð²ÑпÑÑка данной DSA +оно бÑло добавлено в оÑеÑÐµÐ´Ñ Ð´Ð»Ñ ÑледÑÑÑей ÑедакÑии ÑÑабилÑного вÑпÑÑка, поÑÑÐ¾Ð¼Ñ +бÑло ÑеÑено добавиÑÑ ÐµÐ³Ð¾ заÑанее.</p> - -<p>For the old stable distribution (woody) this problem has been fixed in - -version 2.2beta47-12woody1.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (woody) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.2beta47-12woody1.</p> - -<p>For the stable distribution (sarge) this problem has been fixed in - -version 2.2beta47-20sarge2.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (sarge) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.2beta47-20sarge2.</p> - -<p>For the unstable distribution (sid) this problem has been fixed in - -version 2.2beta47-22.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.2beta47-22.</p> - -<p>We recommend that you upgrade your nfs-user-server package.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑ nfs-user-server.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJWfPl3AAoJEF7nbuICFtKliAoQAKjgylA3xT4MBbcTYSp8IBoC aKYhWGRrlDTCpOgGeUa9X0LL1yb5dW4pYUIJNoaObXz7NlmtDeR7nNXUKTNZUp+N ZH3WgL5iRTmzdFET4K8R82puKzanKL0tE4/l8HKyxFYIAz5TC7EYqRAoX17i3Kuk DbweBsazprx7IXScKkfPfNdNgBEgW6Laq+YN/hwcUiZ0S+PN5jc8RkI8R/K2Nzcm TeVkJ7mcCFM770Jt1ooMNOY3cp4zVgscX2Iex4ov3iExRSZRTyIQGvGUEvNLQET4 EQ1672nvB5518apqUAEA6QpQe59iIIrHEn0R1qHjOtWD2yEHGoEM6Nly38d7gBgu O6sjYNk6DYA8Le14zWd0ByUe+dWKvtuZvzFhuYlxF3pTtk5P63hTrDl+EnSJHCjV bu7YK1qegs/o8ZaxKvYyhs9w/GDbdI6aRf4SR8IYtkgc82AySU8T2tU3mfXzKdOy aHJYTMO2j5Z4kjCsUj7D5IBZNmwqpF+oY87/jN5Lm95rlUmt9cxv/RARo0SArB/8 wmF2BAUJ4EXgnJifB9Rxxa1F4nM2vZ4K39zDMkk3yS/GqLSftwsBYppivHtIL3iG hDIuTdzdFRWJNAqw+S3Hp9bMDdeaAq1dmKqBfDSWDd4+lfUqFe5NcQKdSLoWhBSg xAsjRbvgI12L5+9FY+Jz =uDXT -----END PGP SIGNATURE-----

