-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2012/dsa-2377.wml 2012-01-02 06:48:44.000000000 +0600 +++ russian/security/2012/dsa-2377.wml 2015-12-29 16:56:44.023870604 +0500 @@ -1,24 +1,25 @@ - -<define-tag description>NULL pointer dereference</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>ÑазÑменование NULL-ÑказаÑелÑ</define-tag> <define-tag moreinfo> - -<p>It was discovered that cyrus-imapd, a highly scalable mail system designed - -for use in enterprise environments, is not properly parsing mail headers - -when a client makes use of the IMAP threading feature. As a result, a NULL - -pointer is dereferenced which crashes the daemon. An attacker can trigger - -this by sending a mail containing crafted reference headers and access the - -mail with a client that uses the server threading feature of IMAP.</p> +<p>ÐÑло обнаÑÑжено, ÑÑо cyrus-imapd, Ñ Ð¾ÑоÑо маÑÑÑабиÑÑÐµÐ¼Ð°Ñ Ð¿Ð¾ÑÑÐ¾Ð²Ð°Ñ ÑиÑÑема, ÑазÑабоÑÐ°Ð½Ð½Ð°Ñ +Ð´Ð»Ñ Ð¸ÑполÑÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ Ð² коÑпоÑаÑивнÑÑ Ð¾ÐºÑÑжениÑÑ , непÑавилÑно вÑполнÑÐµÑ Ð³ÑаммаÑиÑеÑкий ÑÐ°Ð·Ð±Ð¾Ñ Ð·Ð°Ð³Ð¾Ð»Ð¾Ð²ÐºÐ¾Ð² +ÑообÑений ÑлекÑÑонной поÑÑÑ Ð² ÑлÑÑае, когда ÐºÐ»Ð¸ÐµÐ½Ñ Ð¸ÑполÑзÑеÑÑÑ Ð¼Ð½Ð¾Ð³Ð¾Ð¿Ð¾ÑоÑноÑÑÑ IMAP. Ð ÑезÑлÑÑаÑе +пÑоиÑÑ Ð¾Ð´Ð¸Ñ ÑазÑменование NULL-ÑказаÑелÑ, ÑÑо пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº аваÑÐ¸Ð¹Ð½Ð¾Ð¼Ñ Ð·Ð°Ð²ÐµÑÑÐµÐ½Ð¸Ñ ÑабоÑÑ ÑлÑжбÑ. ÐлоÑмÑÑленник +Ð¼Ð¾Ð¶ÐµÑ Ð²ÑзваÑÑ ÑÑо пÑÑÑм оÑпÑавки ÑообÑениÑ, ÑодеÑжаÑего ÑпеÑиалÑно ÑÑоÑмиÑованнÑе заголовки, и обÑаÑÐµÐ½Ð¸Ñ +к ÑÑÐ¾Ð¼Ñ ÑообÑÐµÐ½Ð¸Ñ Ð¿Ñи помоÑи клиенÑа, иÑполÑзÑÑÑего многопоÑоÑноÑÑÑ IMAP.</p> - -<p>For the oldstable distribution (lenny), this problem has been fixed in - -version 2.2.13-14+lenny6.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (lenny) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.2.13-14+lenny6.</p> - -<p>For the stable distribution (squeeze), this problem has been fixed in - -version 2.2.13-19+squeeze3.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.2.13-19+squeeze3.</p> - -<p>For the testing (wheezy) and unstable (sid) distributions, this problem has been - -fixed in cyrus-imapd-2.4 version 2.4.11-1.</p> +<p>Ð ÑеÑÑиÑÑемом (wheezy) и неÑÑабилÑном (sid) вÑпÑÑÐºÐ°Ñ ÑÑа пÑоблема бÑла +иÑпÑавлена в пакеÑе cyrus-imapd-2.4 веÑÑии 2.4.11-1.</p> - -<p>We recommend that you upgrade your cyrus-imapd-2.2 packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ cyrus-imapd-2.2.</p> </define-tag> # do not modify the following line - --- english/security/2012/dsa-2419.wml 2014-04-30 13:16:28.000000000 +0600 +++ russian/security/2012/dsa-2419.wml 2015-12-29 16:51:32.761731145 +0500 @@ -1,30 +1,31 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Two vulnerabilities were discovered in Puppet, a centralized - -configuration management tool.</p> +<p>Ð Puppet, инÑÑÑÑменÑе ÑенÑÑализованного ÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ Ð½Ð°ÑÑÑойками, обнаÑÑжено +две ÑÑзвимоÑÑи.</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-1053">CVE-2012-1053</a> - - <p>Puppet runs execs with an unintended group privileges, - - potentially leading to privilege escalation.</p></li> + <p>Puppet запÑÑÐºÐ°ÐµÑ Ð¸ÑполнÑемÑе ÑÐ°Ð¹Ð»Ñ Ð¾Ñ Ð»Ð¸Ñа гÑÑппÑ, пÑава коÑоÑой не Ð´Ð¾Ð»Ð¶Ð½Ñ + пеÑедаваÑÑÑÑ Ð¸ÑполнÑÐµÐ¼Ð¾Ð¼Ñ ÑайлÑ, ÑÑо поÑенÑиалÑно пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº повÑÑÐµÐ½Ð¸Ñ Ð¿Ñивилегий.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-1054">CVE-2012-1054</a> - - <p>The k5login type writes to untrusted locations, - - enabling local users to escalate their privileges - - if the k5login type is used.</p></li> + <p>Тип k5login вÑполнÑÐµÑ Ð·Ð°Ð¿Ð¸ÑÑ Ð² недовеÑеннÑе меÑÑа, + ÑÑо позволÑÐµÑ Ð»Ð¾ÐºÐ°Ð»ÑнÑм полÑзоваÑелÑм повÑÑаÑÑ Ñвои пÑава доÑÑÑпа в ÑлÑÑае, + еÑли иÑполÑзÑеÑÑÑ Ñип k5login.</p></li> </ul> - -<p>For the stable distribution (squeeze), these problems have been fixed - -in version 2.6.2-5+squeeze4.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ +в веÑÑии 2.6.2-5+squeeze4.</p> - -<p>For the testing distribution (wheezy) and the unstable distribution - -(sid), these problems have been fixed in version 2.7.11-1.</p> +<p>Ð ÑеÑÑиÑÑемом (wheezy) и неÑÑабилÑном (sid) вÑпÑÑÐºÐ°Ñ +ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² веÑÑии 2.7.11-1.</p> - -<p>We recommend that you upgrade your puppet packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ puppet.</p> </define-tag> # do not modify the following line - --- english/security/2012/dsa-2429.wml 2012-03-09 02:45:40.000000000 +0600 +++ russian/security/2012/dsa-2429.wml 2015-12-29 17:52:51.509927948 +0500 @@ -1,27 +1,28 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> <p> - - Due to the non-disclosure of security patch information from Oracle, - - we are forced to ship an upstream version update of MySQL 5.1. - - There are several known incompatible - - changes, which are listed in /usr/share/doc/mysql-server/NEWS.Debian.gz. + Ðз-за ÑокÑÑÑÐ¸Ñ Oracle инÑоÑмаÑии о заплаÑÐ°Ñ Ð´Ð»Ñ Ð¸ÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ Ð¿Ñоблем безопаÑноÑÑи + Ð¼Ñ Ð±Ñли вÑнÑÐ¶Ð´ÐµÐ½Ñ Ð¿ÑедоÑÑавиÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð»ÑннÑÑ Ð²ÐµÑÑÐ¸Ñ MySQL 5.1 из оÑновной веÑки ÑазÑабоÑки. + ÐзвеÑÑно, ÑÑо она ÑодеÑÐ¶Ð¸Ñ Ð½ÐµÑколÑко неÑовмеÑÑимÑÑ Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ð¹, + коÑоÑÑе пÑиводÑÑÑÑ Ð² Ñайле /usr/share/doc/mysql-server/NEWS.Debian.gz. </p> - -<p>Several security vulnerabilities were discovered in MySQL, a database - -management system. The vulnerabilities are addressed by upgrading - -MySQL to a new upstream version, 5.1.61, which includes additional - -changes, such as performance improvements and corrections for data - -loss defects. These changes are described in the MySQL release notes - -at: <url http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html>.</p> +<p>Ð MySQL, ÑиÑÑеме ÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ Ð±Ð°Ð·Ð°Ð¼Ð¸ даннÑÑ , бÑло обнаÑÑжено +неÑколÑко ÑÑзвимоÑÑей. УÑзвимоÑÑи ÑеÑÐµÐ½Ñ Ð¿ÑÑÑм Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ +MySQL до новой веÑÑии, 5.1.61, из оÑновной веÑки ÑазÑабоÑки, коÑоÑÐ°Ñ ÑодеÑÐ¶Ð¸Ñ +и дÑÑгие изменениÑ, Ñакие как ÑлÑÑÑÐµÐ½Ð¸Ñ Ð¿ÑоизводиÑелÑноÑÑи и иÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ Ð¿Ñоблем Ñ +поÑеÑей даннÑÑ . ÐÑи Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ Ð¾Ð¿Ð¸ÑÐ°Ð½Ñ Ð² инÑоÑмаÑии о вÑпÑÑке MySQL, +коÑоÑÐ°Ñ Ð´Ð¾ÑÑÑпна по ÑледÑÑÑÐµÐ¼Ñ Ð°Ð´ÑеÑÑ: <url http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html>.</p> - -<p>For the stable distribution (squeeze), these problems have been fixed - -in version 5.1.61-0+squeeze1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ +в веÑÑии 5.1.61-0+squeeze1.</p> - -<p>For the unstable distribution (sid), these problems have been fixed in - -version 5.1.61-2.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 5.1.61-2.</p> - -<p>We recommend that you upgrade your mysql-5.1 packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ mysql-5.1.</p> </define-tag> # do not modify the following line - --- english/security/2012/dsa-2460.wml 2014-04-30 13:16:28.000000000 +0600 +++ russian/security/2012/dsa-2460.wml 2015-12-29 17:30:36.334700278 +0500 @@ -1,33 +1,34 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities were discovered in the Asterisk PBX and telephony - -toolkit:</p> +<p>Ð Asterisk, набоÑе инÑÑÑÑменÑов Ð´Ð»Ñ Ð¾ÑиÑнÑÑ ÐТС и ÑелеÑонии, бÑло обнаÑÑжено +неÑколÑко ÑÑзвимоÑÑей:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-1183">CVE-2012-1183</a> - - <p>Russell Bryant discovered a buffer overflow in the Milliwatt - - application.</p></li> + <p>РаÑÑел ÐÑÐ¸Ð°Ð½Ñ Ð¾Ð±Ð½Ð°ÑÑжил пеÑеполнение бÑÑеÑа в пÑиложении + Milliwatt.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-2414">CVE-2012-2414</a> - - <p>David Woolley discovered a privilege escalation in the Asterisk - - manager interface.</p></li> + <p>ÐÑвид ÐÑлли обнаÑÑжил повÑÑение пÑивилегий в ÑпÑавлÑÑÑем инÑеÑÑейÑе + Asterisk.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-2415">CVE-2012-2415</a> - - <p>Russell Bryant discovered a buffer overflow in the Skinny - - driver.</p></li> + <p>РаÑÑел ÐÑÐ¸Ð°Ð½Ñ Ð¾Ð±Ð½Ð°ÑÑжил пеÑеполнение бÑÑеÑа в движке + Skinny.</p></li> </ul> - -<p>For the stable distribution (squeeze), this problem has been fixed in - -version 1:1.6.2.9-2+squeeze5.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1:1.6.2.9-2+squeeze5.</p> - -<p>For the unstable distribution (sid), this problem will be fixed soon.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑÐ´ÐµÑ Ð¸ÑпÑавлена позже.</p> - -<p>We recommend that you upgrade your asterisk packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ asterisk.</p> </define-tag> # do not modify the following line - --- english/security/2012/dsa-2470.wml 2012-05-12 03:57:20.000000000 +0600 +++ russian/security/2012/dsa-2470.wml 2015-12-29 17:03:45.933771908 +0500 @@ -1,24 +1,25 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities were identified in WordPress, a web blogging - -tool. As the CVEs were allocated from releases announcements and - -specific fixes are usually not identified, it has been decided to - -upgrade the wordpress package to the latest upstream version instead - -of backporting the patches.</p> - - - -<p>This means extra care should be taken when upgrading, especially when - -using third-party plugins or themes, since compatibility may have been - -impacted along the way. We recommend that users check their install - -before doing the upgrade.</p> +<p>Ð WordPress, инÑÑÑÑменÑе Ð´Ð»Ñ Ð²ÐµÐ´ÐµÐ½Ð¸Ñ Ð±Ð»Ð¾Ð³Ð°, бÑло обнаÑÑжено +неÑколÑко ÑÑзвимоÑÑей. ÐоÑколÑÐºÑ Ð¸Ð´ÐµÐ½ÑиÑикаÑоÑÑ CVE бÑли вÑÐ´ÐµÐ»ÐµÐ½Ñ Ð² инÑоÑмаÑии о вÑпÑÑÐºÐ°Ñ , а +конкÑеÑнÑе иÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ Ð¾Ð¿ÑÐµÐ´ÐµÐ»ÐµÐ½Ñ Ð±Ñл не могÑÑ, бÑло ÑеÑено +обновиÑÑ Ð¿Ð°ÐºÐµÑ wordpress до поÑледней веÑÑии оÑновной веÑки ÑазÑабоÑки вмеÑÑо +оÑÑÑеÑÑÐ²Ð»ÐµÐ½Ð¸Ñ Ð¾Ð±ÑаÑного пеÑеноÑа заплаÑ.</p> + +<p>ÐÑо ознаÑаеÑ, ÑÑо ÑледÑÐµÑ Ð¾Ñобенно внимаÑелÑно подойÑи к обновлениÑ, оÑобенно в Ñом ÑлÑÑае, +еÑли Ð²Ñ Ð¸ÑполÑзÑеÑе Ð´Ð¾Ð¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¸Ð»Ð¸ ÑÐµÐ¼Ñ Ð¾Ñ ÑÑеÑÑÐ¸Ñ Ð»Ð¸Ñ, Ñак как ÑовмеÑÑимоÑÑÑ Ð¼Ð¾Ð¶ÐµÑ +бÑÑÑ Ð½Ð°ÑÑÑена. РекомендÑеÑÑÑ Ð´Ð¾ вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ ÑÑÑановки пÑовеÑиÑÑ +Ñвои наÑÑÑойки.</p> - -<p>For the stable distribution (squeeze), those problems have been fixed in - -version 3.3.2+dfsg-1~squeeze1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 3.3.2+dfsg-1~squeeze1.</p> - -<p>For the testing distribution (wheezy) and the unstable distribution - -(sid), those problems have been fixed in version 3.3.2+dfsg-1.</p> +<p>Ð ÑеÑÑиÑÑемом (wheezy) и неÑÑабилÑном (sid) вÑпÑÑÐºÐ°Ñ +ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² веÑÑии 3.3.2+dfsg-1.</p> - -<p>We recommend that you upgrade your wordpress packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ wordpress.</p> </define-tag> # do not modify the following line - --- english/security/2012/dsa-2483.wml 2012-06-01 00:06:36.000000000 +0600 +++ russian/security/2012/dsa-2483.wml 2015-12-29 16:47:11.440709965 +0500 @@ -1,25 +1,26 @@ - -<define-tag description>authentication bypass</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>Ð¾Ð±Ñ Ð¾Ð´ аÑÑенÑиÑикаÑии</define-tag> <define-tag moreinfo> - -<p>An authentication bypass issue was discovered by the Codenomicon CROSS - -project in strongSwan, an IPsec-based VPN solution. When using - -RSA-based setups, a missing check in the gmp plugin could allow an - -attacker presenting a forged signature to successfully authenticate - -against a strongSwan responder.</p> - - - -<p>The default configuration in Debian does not use the gmp plugin for - -RSA operations but rather the OpenSSL plugin, so the packages as - -shipped by Debian are not vulnerable.</p> - - - -<p>For the stable distribution (squeeze), this problem has been fixed in - -version 4.4.1-5.2.</p> +<p>РпÑоекÑе Codenomicon CROSS из strongSwan, ÑеÑÐµÐ½Ð¸Ñ Ð´Ð»Ñ VPN на оÑнове IPsec, бÑла +обнаÑÑжена пÑоблема, ÑвÑÐ·Ð°Ð½Ð½Ð°Ñ Ñ Ð¾Ð±Ñ Ð¾Ð´Ð¾Ð¼ аÑÑенÑиÑикаÑии. ÐÑи иÑполÑзовании +наÑÑÑоек на оÑнове RSA оÑÑÑÑÑÑвÑÑÑÐ°Ñ Ð¿ÑовеÑка в дополнении gmp Ð¼Ð¾Ð¶ÐµÑ Ð¿Ð¾Ð·Ð²Ð¾Ð»Ð¸ÑÑ +злоÑмÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÑ Ð¿ÑедоÑÑавиÑÑ Ð¿Ð¾Ð´Ð´ÐµÐ»ÑнÑÑ Ð¿Ð¾Ð´Ð¿Ð¸ÑÑ Ñ ÑелÑÑ ÑÑпеÑной аÑÑенÑиÑикаÑии +в ÑлÑжбе оÑвеÑов strongSwan.</p> + +<p>Ðо ÑмолÑÐ°Ð½Ð¸Ñ Ð² Debian дополнение gmp Ð´Ð»Ñ Ð¾Ð¿ÐµÑаÑий Ñ RSA не +иÑполÑзÑеÑÑÑ, вмеÑÑо него иÑполÑзÑеÑÑÑ Ð´Ð¾Ð¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ðµ OpenSSL, поÑÑÐ¾Ð¼Ñ Ð¿Ð°ÐºÐµÑÑ, +поÑÑавлÑемÑе Debian Ñ Ð½Ð°ÑÑÑойками по ÑмолÑÐ°Ð½Ð¸Ñ Ð½Ðµ подвеÑÐ¶ÐµÐ½Ñ Ñказанной пÑоблеме.</p> + +<p>Ð ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 4.4.1-5.2.</p> - -<p>For the testing distribution (wheezy), this problem has been fixed in - -version 4.5.2-1.4.</p> +<p>Ð ÑеÑÑиÑÑемом вÑпÑÑке (wheezy) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 4.5.2-1.4.</p> - -<p>For the unstable distribution (sid), this problem has been fixed in - -version 4.5.2-1.4.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 4.5.2-1.4.</p> - -<p>We recommend that you upgrade your strongswan packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ strongswan.</p> </define-tag> # do not modify the following line - --- english/security/2012/dsa-2487.wml 2014-04-30 13:16:29.000000000 +0600 +++ russian/security/2012/dsa-2487.wml 2015-12-29 16:40:00.398758385 +0500 @@ -1,28 +1,29 @@ - -<define-tag description>buffer overflow</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>пеÑеполнение бÑÑеÑа</define-tag> <define-tag moreinfo> - -<p>It was discovered that OpenOffice.org would not properly process - -crafted document files, possibly leading to arbitrary code execution.</p> +<p>ÐÑло обнаÑÑжено, ÑÑо OpenOffice.org непÑавилÑном обÑабаÑÑÐ²Ð°ÐµÑ +ÑпеÑиалÑно ÑÑоÑмиÑованнÑе докÑменÑÑ, ÑÑо Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода.</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-1149">CVE-2012-1149</a> - - <p>Integer overflows in PNG image handling.</p></li> + <p>ÐеÑÐµÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ ÑелÑÑ ÑиÑел в коде обÑабоÑки изобÑажений в ÑоÑмаÑе PNG.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-2334">CVE-2012-2334</a> - - <p>Integer overflow in operator new[] invocation and heap-based - - buffer overflow inside the MS-ODRAW parser.</p></li> + <p>ÐеÑеполнение ÑелÑÑ ÑиÑел в вÑзове опеÑаÑоÑа new[] и пеÑеполнение динамиÑеÑкой + памÑÑи в коде Ð´Ð»Ñ Ð³ÑаммаÑиÑеÑкого ÑазбоÑа MS-ODRAW.</p></li> </ul> - -<p>For the stable distribution (squeeze), this problem has been fixed in - -version 1:3.2.1-11+squeeze6.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1:3.2.1-11+squeeze6.</p> - -<p>For the unstable distribution (sid), these problems have been fixed in - -version 1:3.5.2~rc2-1 of the libreoffice package.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 1:3.5.2~rc2-1 пакеÑа libreoffice.</p> - -<p>We recommend that you upgrade your openoffice.org packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ openoffice.org.</p> </define-tag> # do not modify the following line - --- english/security/2012/dsa-2494.wml 2014-04-30 13:16:29.000000000 +0600 +++ russian/security/2012/dsa-2494.wml 2015-12-29 17:06:11.555762614 +0500 @@ -1,22 +1,23 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>It was discovered that FFmpeg, Debian's version of the Libav media - -codec suite, contains vulnerabilities in the DPCM codecs +<p>ÐÑло обнаÑÑжено, ÑÑо FFmpeg, веÑÑÐ¸Ñ Ð½Ð°Ð±Ð¾Ñа кодеков Libav Ð´Ð»Ñ Debian, +ÑодеÑÐ¶Ð¸Ñ ÑÑзвимоÑÑи в ÐºÐ¾Ð´ÐµÐºÐ°Ñ DPCM (<a href="https://security-tracker.debian.org/tracker/CVE-2011-3951">CVE-2011-3951</a>), H.264 (<a href="https://security-tracker.debian.org/tracker/CVE-2012-0851">CVE-2012-0851</a>), - -ADPCM (<a href="https://security-tracker.debian.org/tracker/CVE-2012-0852">CVE-2012-0852</a>), and the - -KMVC decoder (<a href="https://security-tracker.debian.org/tracker/CVE-2011-3952">CVE-2011-3952</a>).</p> +ADPCM (<a href="https://security-tracker.debian.org/tracker/CVE-2012-0852">CVE-2012-0852</a>) и +декодеÑе KMVC (<a href="https://security-tracker.debian.org/tracker/CVE-2011-3952">CVE-2011-3952</a>).</p> - -<p>In addition, this update contains bug fixes from the Libav 0.5.9 - -upstream release.</p> +<p>ÐÑоме Ñого, данное обновление ÑодеÑÐ¶Ð¸Ñ Ð¸ÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ Ð¾Ñибок из вÑпÑÑка оÑновной +веÑки ÑазÑабоÑки 0.5.9.</p> - -<p>For the stable distribution (squeeze), these problems have been fixed - -in version 4:0.5.9-1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ +в веÑÑии 4:0.5.9-1.</p> - -<p>For the unstable distribution (sid), these problems have been fixed in - -version 6:0.8.3-1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 6:0.8.3-1.</p> - -<p>We recommend that you upgrade your ffmpeg packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ ffmpeg.</p> </define-tag> # do not modify the following line - --- english/security/2012/dsa-2506.wml 2012-07-04 21:01:42.000000000 +0600 +++ russian/security/2012/dsa-2506.wml 2015-12-29 17:16:12.253734328 +0500 @@ -1,25 +1,26 @@ - -<define-tag description>ModSecurity bypass</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>Ð¾Ð±Ñ Ð¾Ð´ ModSecurity</define-tag> <define-tag moreinfo> - -<p>Qualys Vulnerability & Malware Research Labs discovered a vulnerability in - -ModSecurity, a security module for the Apache webserver. In situations where - -both <q>Content:Disposition: attachment</q> and <q>Content-Type: multipart</q> were - -present in HTTP headers, the vulnerability could allow an attacker to bypass - -policy and execute cross-site script (XSS) attacks through properly crafted - -HTML documents.</p> - - - -<p>For the stable distribution (squeeze), this problem has been fixed in - -version 2.5.12-1+squeeze1.</p> +<p>СоÑÑÑдники Qualys Vulnerability & Malware Research Labs обнаÑÑжили ÑÑзвимоÑÑÑ Ð² +ModSecurity, модÑле безопаÑноÑÑи Ð´Ð»Ñ Ð²ÐµÐ±-ÑеÑвеÑа Apache. Ð ÑиÑÑаÑиÑÑ , когда +в Ð·Ð°Ð³Ð¾Ð»Ð¾Ð²ÐºÐ°Ñ HTTP одновÑеменно ÑодеÑжаÑÑÑ Ð¸ <q>Content:Disposition: attachment</q>, +и <q>Content-Type: multipart</q>, ÑÑа ÑÑзвимоÑÑÑ Ð¼Ð¾Ð¶ÐµÑ Ð¿Ð¾Ð·Ð²Ð¾Ð»Ð¸ÑÑ Ð·Ð»Ð¾ÑмÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÑ Ð¾Ð±Ð¾Ð¹Ñи +пÑавило и вÑполниÑÑ Ð°ÑÐ°ÐºÑ ÑеÑез межÑайÑовÑй ÑкÑипÑинг (XSS) пÑи помоÑи ÑпеÑиалÑно +ÑÑоÑмиÑованнÑÑ Ð´Ð¾ÐºÑменÑов в ÑоÑмаÑе HTML.</p> + +<p>Ð ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.5.12-1+squeeze1.</p> - -<p>For the testing distribution (wheezy), this problem has been fixed in - -version 2.6.6-1.</p> +<p>Ð ÑеÑÑиÑÑемом вÑпÑÑке (wheezy) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.6.6-1.</p> - -<p>For the unstable distribution (sid), this problem has been fixed in - -version 2.6.6-1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.6.6-1.</p> - -<p>In testing and unstable distribution, the source package has been renamed to +<p>Ð ÑеÑÑиÑÑемом и неÑÑабилÑном вÑпÑÑÐºÐ°Ñ Ð¿Ð°ÐºÐµÑ Ñ Ð¸ÑÑ Ð¾Ð´Ð½Ñм кодом бÑл пеÑеименован в modsecurity-apache.</p> - -<p>We recommend that you upgrade your libapache-mod-security packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ libapache-mod-security.</p> </define-tag> # do not modify the following line - --- english/security/2012/dsa-2510.wml 2012-07-13 06:52:36.000000000 +0600 +++ russian/security/2012/dsa-2510.wml 2015-12-29 17:24:01.929754776 +0500 @@ -1,24 +1,25 @@ - -<define-tag description>Cross-site request forgery</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>подделка межÑайÑовÑÑ Ð·Ð°Ð¿ÑоÑов</define-tag> <define-tag moreinfo> - -<p>John Leitch has discovered a vulnerability in eXtplorer, a very feature - -rich web server file manager, which can be exploited by malicious people - -to conduct cross-site request forgery attacks.</p> +<p>Ðжон ÐÐµÐ¹Ñ Ð¾Ð±Ð½Ð°ÑÑжил ÑÑзвимоÑÑÑ Ð² eXtplorer, многоÑÑнкÑионалÑном +Ñайловом менеджеÑе Ð´Ð»Ñ Ð²ÐµÐ±-ÑеÑвеÑа, коÑоÑÐ°Ñ Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑ Ð·Ð»Ð¾ÑмÑÑленниками +Ð´Ð»Ñ Ð²ÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð°Ñак по подделке межÑайÑовÑÑ Ð·Ð°Ð¿ÑоÑов.</p> - -<p>The vulnerability allows users to perform certain actions via HTTP requests - -without performing any validity checks to verify the request. This can be - -exploited for example, to create an administrative user account by tricking - -an logged administrator to visiting an attacker-defined web link.</p> +<p>УÑзвимоÑÑÑ Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÐµÑ Ð¿Ð¾Ð»ÑзоваÑелÑм вÑполниÑÑ Ð¾Ð¿ÑеделÑннÑе дейÑÑÐ²Ð¸Ñ Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ +HTTP-запÑоÑов без вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ ÐºÐ°ÐºÐ¸Ñ -либо пÑоекÑов ÑÑÐ¸Ñ Ð·Ð°Ð¿ÑоÑов. ÐÑо Ð¼Ð¾Ð¶ÐµÑ +иÑполÑзоваÑÑÑÑ, напÑимеÑ, Ð´Ð»Ñ ÑÐ¾Ð·Ð´Ð°Ð½Ð¸Ñ Ð¿Ð¾Ð»ÑзоваÑÐµÐ»Ñ Ñ Ð¿Ñавами админиÑÑÑаÑоÑа, еÑли воÑедÑий +админиÑÑÑаÑÐ¾Ñ Ð¾ÑкÑÐ¾ÐµÑ ÑÑÑÐ»ÐºÑ Ð·Ð»Ð¾ÑмÑÑленника.</p> - -<p>For the stable distribution (squeeze), this problem has been fixed in - -version 2.1.0b6+dfsg.2-1+squeeze1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.1.0b6+dfsg.2-1+squeeze1.</p> - -<p>For the testing distribution (wheezy), this problem has been fixed in - -version 2.1.0b6+dfsg.3-3.</p> +<p>Ð ÑеÑÑиÑÑемом вÑпÑÑке (wheezy) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.1.0b6+dfsg.3-3.</p> - -<p>For the unstable distribution (sid), this problem has been fixed in - -version 2.1.0b6+dfsg.3-3.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.1.0b6+dfsg.3-3.</p> - -<p>We recommend that you upgrade your extplorer packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ extplorer.</p> </define-tag> # do not modify the following line - --- english/security/2012/dsa-2520.wml 2012-08-04 21:30:19.000000000 +0600 +++ russian/security/2012/dsa-2520.wml 2015-12-29 16:34:10.741569999 +0500 @@ -1,23 +1,24 @@ - -<define-tag description>Multiple heap-based buffer overflows</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>многоÑиÑленнÑе пеÑÐµÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð´Ð¸Ð½Ð°Ð¼Ð¸ÑеÑкой памÑÑи</define-tag> <define-tag moreinfo> - -<p>Timo Warns from PRE-CERT discovered multiple heap-based buffer overflows in - -OpenOffice.org, an office productivity suite. The issues lies in the XML - -manifest encryption tag parsing code. Using specially crafted files, an - -attacker can cause application crash and could cause arbitrary code execution.</p> +<p>Тимо УоÑÐ½Ñ Ð¸Ð· PRE-CERT обнаÑÑжил многоÑиÑленнÑе пеÑÐµÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð´Ð¸Ð½Ð°Ð¼Ð¸ÑеÑкой памÑÑи в +OpenOffice.org, набоÑе Ð´Ð»Ñ Ð¾ÑиÑной ÑабоÑÑ. ÐÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð¾Ð±Ð½Ð°ÑÑÐ¶ÐµÐ½Ñ Ð² коде Ð´Ð»Ñ Ð³ÑаммаÑиÑеÑкого +ÑазбоÑа обÑÑвлений ÑиÑÑÐ¾Ð²Ð°Ð½Ð¸Ñ XML. ÐÑполÑзÑÑ ÑпеÑиалÑно ÑÑоÑмиÑованнÑе ÑайлÑ, злоÑмÑÑленник +Ð¼Ð¾Ð¶ÐµÑ Ð²ÑзваÑÑ Ð°Ð²Ð°Ñийное завеÑÑение ÑабоÑÑ Ð¿ÑÐ¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Ð¸ вÑполнение пÑоизволÑного кода.</p> - -<p>For the stable distribution (squeeze), this problem has been fixed in - -version 1:3.2.1-11+squeeze7.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1:3.2.1-11+squeeze7.</p> - -<p>openoffice.org package has been replaced by libreoffice in testing (wheezy) and - -unstable (sid) distributions.</p> +<p>ÐÐ°ÐºÐµÑ openoffice.org бÑл заменÑн на Ð¿Ð°ÐºÐµÑ libreoffice в ÑеÑÑиÑÑемом (wheezy) и +неÑÑабилÑном (sid) вÑпÑÑÐºÐ°Ñ .</p> - -<p>For the testing distribution (wheezy), this problem has been fixed in - -version 1:3.5.4-7.</p> +<p>Ð ÑеÑÑиÑÑемом вÑпÑÑке (wheezy) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1:3.5.4-7.</p> - -<p>For the unstable distribution (sid), this problem has been fixed in - -version 1:3.5.4-7.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1:3.5.4-7.</p> - -<p>We recommend that you upgrade your openoffice.org packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ openoffice.org.</p> </define-tag> # do not modify the following line - --- english/security/2012/dsa-2527.wml 2014-04-30 13:16:29.000000000 +0600 +++ russian/security/2012/dsa-2527.wml 2015-12-29 17:08:56.201886647 +0500 @@ -1,30 +1,31 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities have been discovered in PHP, the web scripting - -language. The Common Vulnerabilities and Exposures project identifies - -the following issues:</p> +<p>Ð PHP, ÑзÑке Ð´Ð»Ñ Ð½Ð°Ð¿Ð¸ÑÐ°Ð½Ð¸Ñ Ð²ÐµÐ±-ÑÑенаÑиев, бÑло обнаÑÑжено +неÑколÑко ÑÑзвимоÑÑей. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and Exposures +опÑеделÑÐµÑ ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-2688">CVE-2012-2688</a> - - <p>A buffer overflow in the scandir() function could lead to denial of - - service or the execution of arbitrary code.</p></li> + <p>ÐеÑеполнение бÑÑеÑа в ÑÑнкÑии scandir() Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº оÑÐºÐ°Ð·Ñ Ð² + обÑлÑживании или вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-3450">CVE-2012-3450</a> - - <p>It was discovered that inconsistent parsing of PDO prepared - - statements could lead to denial of service.</p></li> + <p>ÐÑло обнаÑÑжено, ÑÑо некоÑÑекÑнÑй гÑаммаÑиÑеÑкий ÑÐ°Ð·Ð±Ð¾Ñ Ð¿Ð¾Ð´Ð³Ð¾ÑовленнÑÑ PDO + ÑÑвеÑждений Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании.</p></li> </ul> - -<p>For the stable distribution (squeeze), this problem has been fixed in - -version 5.3.3-7+squeeze14.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 5.3.3-7+squeeze14.</p> - -<p>For the unstable distribution (sid), this problem has been fixed in - -version 5.4.4-4.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 5.4.4-4.</p> - -<p>We recommend that you upgrade your php5 packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ php5.</p> </define-tag> # do not modify the following line - --- english/security/2012/dsa-2550.wml 2012-09-26 23:28:01.000000000 +0600 +++ russian/security/2012/dsa-2550.wml 2015-12-29 17:33:14.712040759 +0500 @@ -1,23 +1,24 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities were discovered in Asterisk, a PBX and telephony - -toolkit, allowing privilege escalation in the Asterisk Manager, denial of - -service or privilege escalation.</p> +<p>Ð Asterisk, набоÑе инÑÑÑÑменÑов Ð´Ð»Ñ Ð¾ÑиÑнÑÑ ÐТС и ÑелеÑонии, бÑло +обнаÑÑжено неÑколÑко ÑÑзвимоÑÑей, позволÑÑÑÐ¸Ñ Ð²ÑполнÑÑÑ Ð¿Ð¾Ð²ÑÑение пÑивилегий в менеджеÑе Asterisk, вÑзÑваÑÑ Ð¾Ñказ +в обÑлÑживании или повÑÑаÑÑ Ð¿Ñивилегии.</p> - -<p>More detailed information can be found in the Asterisk advisories: +<p>ÐодÑобноÑÑи можно найÑи в ÑекомендаÑиÑÑ Asterisk: <a href="http://downloads.asterisk.org/pub/security/AST-2012-010.html">AST-2012-010</a>, <a href="http://downloads.asterisk.org/pub/security/AST-2012-011.html">AST-2012-011</a>, - -<a href="http://downloads.asterisk.org/pub/security/AST-2012-012.html">AST-2012-012</a>, and +<a href="http://downloads.asterisk.org/pub/security/AST-2012-012.html">AST-2012-012</a> и <a href="http://downloads.asterisk.org/pub/security/AST-2012-013.html">AST-2012-013</a>. </p> - -<p>For the stable distribution (squeeze), these problems have been fixed in - -version 1:1.6.2.9-2+squeeze8.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 1:1.6.2.9-2+squeeze8.</p> - -<p>For the testing distribution (wheezy) and the unstable distribution (sid), - -these problems have been fixed in version 1:1.8.13.1~dfsg-1.</p> +<p>Ð ÑеÑÑиÑÑемом (wheezy) и неÑÑабилÑном (sid) вÑпÑÑÐºÐ°Ñ +ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² веÑÑии 1:1.8.13.1~dfsg-1.</p> - -<p>We recommend that you upgrade your asterisk packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ asterisk.</p> </define-tag> # do not modify the following line - --- english/security/2012/dsa-2570.wml 2012-11-01 03:11:42.000000000 +0600 +++ russian/security/2012/dsa-2570.wml 2015-12-29 16:43:07.278937280 +0500 @@ -1,24 +1,25 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>High-Tech Bridge SA Security Research Lab discovered multiple null-pointer - -dereferences based vulnerabilities in OpenOffice.org which could cause - -application crash or even arbitrary code execution using specially crafted - -files. Affected file types are LWP (Lotus Word Pro), ODG, PPT (PowerPoint - -2003) and XLS (Excel 2003).</p> +<p>СоÑÑÑдники High-Tech Bridge SA Security Research Lab обнаÑÑжили многоÑиÑленнÑе ÑÑзвимоÑÑи, +ÑвÑзаннÑе Ñ ÑазÑменованием null-ÑказаÑелÑ, в OpenOffice.org, коÑоÑÑе могÑÑ Ð²ÑзÑваÑÑ +аваÑийное завеÑÑение ÑабоÑÑ Ð¿ÑÐ¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Ð¸Ð»Ð¸ даже вÑполнение пÑоизволÑного кода пÑи иÑполÑзовании ÑпеÑиалÑно +ÑÑоÑмиÑованнÑÑ Ñайлов. УÑзвимоÑÑи пÑоÑвлÑÑÑÑÑ Ð¿Ñи обÑабоÑке Ñайлов LWP (Lotus Word Pro), ODG, PPT (PowerPoint +2003) и XLS (Excel 2003).</p> - -<p>For the stable distribution (squeeze), this problem has been fixed in - -version 1:3.2.1-11+squeeze8.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1:3.2.1-11+squeeze8.</p> - -<p>openoffice.org package has been replaced by libreoffice in testing (wheezy) - -and unstable (sid) distributions.</p> +<p>ÐÐ°ÐºÐµÑ openoffice.org бÑла заменÑн на Ð¿Ð°ÐºÐµÑ libreoffice в ÑеÑÑиÑÑемом (wheezy) +и неÑÑабилÑном (sid) вÑпÑÑÐºÐ°Ñ .</p> - -<p>For the testing distribution (wheezy), this problem has been fixed in - -version 1:3.5.4+dfsg-3.</p> +<p>Ð ÑеÑÑиÑÑемом вÑпÑÑке (wheezy) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1:3.5.4+dfsg-3.</p> - -<p>For the unstable distribution (sid), this problem has been fixed in - -version 1:3.5.4+dfsg-3.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1:3.5.4+dfsg-3.</p> - -<p>We recommend that you upgrade your openoffice.org packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ openoffice.org.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJWgr3YAAoJEF7nbuICFtKlPVEP/iBlDDlEX6uFwexi9omwlvgr LYkWP/s6WTFbgkQUMXZiXsmZ4uEVdwKlSAyeJ6krS1XmBPPXHrPq1mcq1LynAxR0 vQ++s5haTG2HInoB1tZ5VDTBRs+G2lHxQvA04ooUwW8TJ4kMYi/Hy0nBtCSmMZa/ 4UUurONNHwmSn/nKFsI6CkxaQangsRCv4aullHdHt680CnQi75x3XlCer/eGD8qi VkYVydwbnPSFhRX1mWPH5wqzjZbrxMMMaLxpwqv7vZG48EVHk+JC9j6jnLLi8+fW rD/whm03YN5A1o2mYNPD8T3hr+2N7aaB+7EHpIIfNxECVMSYOYWSv3wRAo7YQczp adjCAz8pc6Jhvg/bMsCJEFK5To0uxRCAbvxB2EbIkKNwk7eSunPUijRmaj9RQqgv mU/5j9x4g6N0j7mhEi1MV6UdS8uY+11uxS2dZrN1wek6UbcseYqvq3+VVlfzqiE0 EDRRv/45yVS7cQaheyqiKnImImKMHQIlvGio8YyoWvXjUTvri3ucIdUp16jiqnJN V2Mi7Idnnr+ZczzEF41jTG9XXXcO7aNrWGSczgRbGb/7EfQtvdmKr3fNOJrrLtCA pyjngi52Oj7wcQKunFwQbKRlBx8hzPuZnwUIj+fIexuioGslGQ3d7yrFSMrEADBc clxDiNcwT0bWl+mbjDbH =T8UN -----END PGP SIGNATURE-----

