-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2009/dsa-1719.wml 2014-04-30 13:16:18.000000000 +0600 +++ russian/security/2009/dsa-1719.wml 2016-01-24 13:16:46.360007984 +0500 @@ -1,24 +1,25 @@ - -<define-tag description>design flaw</define-tag> +#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov" +<define-tag description>оÑибка ÑазÑабоÑки</define-tag> <define-tag moreinfo> - -<p>Martin von Gagern discovered that GNUTLS, an implementation of the - -TLS/SSL protocol, handles verification of X.509 certificate chains - -incorrectly if a self-signed certificate is configured as a trusted - -certificate. This could cause clients to accept forged server - -certificates as genuine. (<a href="https://security-tracker.debian.org/tracker/CVE-2008-4989";>CVE-2008-4989</a>)</p> +<p>ÐаÑÑин Ñон ÐагеÑн обнаÑÑжил, ÑÑо GNUTLS, ÑеализаÑÐ¸Ñ Ð¿ÑоÑокола +TLS/SSL, некоÑÑекÑно вÑполнÑÐµÑ Ð¿ÑовеÑÐºÑ ÑепоÑек ÑеÑÑиÑикаÑов +X.509 в ÑлÑÑае, еÑли ÑамозавеÑеннÑй ÑеÑÑиÑÐ¸ÐºÐ°Ñ Ñказан как довеÑеннÑй +ÑеÑÑиÑикаÑ. ÐÑо Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº ÑомÑ, ÑÑо клиенÑÑ Ð±ÑдÑÑ Ð¿ÑинимаÑÑ Ð¿Ð¾Ð´Ð´ÐµÐ»ÑнÑе ÑеÑвеÑнÑе +ÑеÑÑиÑикаÑÑ Ð·Ð° наÑÑоÑÑие. (<a href="https://security-tracker.debian.org/tracker/CVE-2008-4989";>CVE-2008-4989</a>)</p> - -<p>In addition, this update tightens the checks for X.509v1 certificates - -which causes GNUTLS to reject certain certificate chains it accepted - -before. (In certificate chain processing, GNUTLS does not recognize - -X.509v1 certificates as valid unless explicitly requested by the - -application.)</p> +<p>ÐÑоме Ñого, данное обновление ÑлÑÑÑÐ°ÐµÑ Ð¿ÑовеÑки ÑеÑÑиÑикаÑов X.509v1, +ÑÑо пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº ÑомÑ, ÑÑо GNUTLS оÑклонÑÐµÑ Ð¾Ð¿ÑеделÑннÑе ÑепоÑки ÑеÑÑиÑикаÑов, пÑинимаемÑÑ +Ñанее. (Ркоде обÑабоÑки ÑепоÑек ÑеÑÑиÑикаÑов GNUTLS не ÑаÑпознаÑÑ ÑеÑÑиÑикаÑÑ +X.509v1 как пÑавилÑнÑе ÑеÑÑиÑикаÑÑ Ð´Ð¾ ÑÐµÑ Ð¿Ð¾Ñ, пока об ÑÑом не поÑÑÑÐ¿Ð¸Ñ ÑвнÑй запÑÐ¾Ñ Ð¾Ñ +пÑиложениÑ.)</p> - -<p>For the stable distribution (etch), this problem has been fixed in - -version 1.4.4-3+etch3.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (etch) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1.4.4-3+etch3.</p> - -<p>For the unstable distribution (sid), this problem has been fixed in - -version 2.4.2-3 of the gnutls26 package.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.4.2-3 пакеÑа gnutls26.</p> - -<p>We recommend that you upgrade your gnutls13 packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ gnutls13.</p> </define-tag> # do not modify the following line - --- english/security/2009/dsa-1734.wml 2009-03-06 20:04:30.000000000 +0500 +++ russian/security/2009/dsa-1734.wml 2016-01-24 12:49:36.911508456 +0500 @@ -1,25 +1,26 @@ - -<define-tag description>programming error</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>оÑибка пÑогÑаммиÑованиÑ</define-tag> <define-tag moreinfo> - -<p>b.badrignans discovered that OpenSC, a set of smart card utilities, - -could stores private data on a smart card without proper access - -restrictions.</p> - - - -<p>Only blank cards initialised with OpenSC are affected by this problem. - -This update only improves creating new private data objects, but cards - -already initialised with such private data objects need to be - -modified to repair the access control conditions on such cards. - -Instructions for a variety of situations can be found at the OpenSC - -web site: http://www.opensc-project.org/security.html</p> - - - -<p>The oldstable distribution (etch) is not affected by this problem.</p> +<p>b.badrignans обнаÑÑжил, ÑÑо OpenSC, Ð½Ð°Ð±Ð¾Ñ ÑÑÐ¸Ð»Ð¸Ñ Ð´Ð»Ñ ÑабоÑÑ Ñо ÑмаÑÑ-каÑÑами, +Ð¼Ð¾Ð¶ÐµÑ Ñ ÑаниÑÑ Ð»Ð¸ÑнÑе даннÑе на ÑмаÑÑ-каÑÑе без должного огÑаниÑÐµÐ½Ð¸Ñ Ð¿Ñав +доÑÑÑпа.</p> + +<p>ÐÑой пÑоблеме подвеÑжен ÑолÑко пÑÑÑÑе каÑÑÑ, иниÑиализиÑованнÑе Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ OpenSC. +Ðанное обновление лиÑÑ ÑлÑÑÑÐ°ÐµÑ Ñоздание новÑÑ Ð¾Ð±ÑекÑов Ñ Ð»Ð¸ÑнÑми даннÑми, каÑÑÑ, +коÑоÑÑе Ñже бÑли иниÑиализиÑованÑ, Ð´Ð¾Ð»Ð¶Ð½Ñ Ð±ÑÑÑ +Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ñ Ñ ÑелÑÑ Ð¸ÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ ÑÑловий ÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ Ð´Ð¾ÑÑÑпом. +ÐнÑÑÑÑкÑии к дейÑÑÐ²Ð¸Ñ Ð² ÑазлиÑнÑÑ ÑиÑÑаÑиÑÑ Ð¼Ð¾Ð¶Ð½Ð¾ найÑи на веб-ÑайÑе +OpenSC: http://www.opensc-project.org/security.html</p> + +<p>ÐÑедÑдÑÑий ÑÑабилÑнÑй вÑпÑÑк (etch) не подвеÑжен данной пÑоблеме.</p> - -<p>For the stable distribution (lenny), this problem has been fixed in - -version 0.11.4-5+lenny1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (lenny) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 0.11.4-5+lenny1.</p> - -<p>For the unstable distribution (sid), this problem wil be fixed soon.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑÐ´ÐµÑ Ð¸ÑпÑавлена позже.</p> - -<p>We recommend that you upgrade your opensc package and recreate any - -private data objects stored on your smart cards.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑ opensc и заново ÑоздаÑÑ Ð»ÑбÑе +обÑекÑÑ Ð»Ð¸ÑнÑÑ Ð´Ð°Ð½Ð½ÑÑ , ÑÐ¾Ñ ÑанÑннÑе на ÑмаÑÑ-каÑÑÐ°Ñ .</p> </define-tag> # do not modify the following line - --- english/security/2009/dsa-1738.wml 2009-03-11 22:01:15.000000000 +0500 +++ russian/security/2009/dsa-1738.wml 2016-01-24 12:42:02.183536007 +0500 @@ -1,26 +1,27 @@ - -<define-tag description>arbitrary file access</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>доÑÑÑп к пÑоизволÑÐ½Ð¾Ð¼Ñ ÑайлÑ</define-tag> <define-tag moreinfo> - -<p>David Kierznowski discovered that libcurl, a multi-protocol file transfer - -library, when configured to follow URL redirects automatically, does not - -question the new target location. As libcurl also supports file:// and - -scp:// URLs - depending on the setup - an untrusted server could use that - -to expose local files, overwrite local files or even execute arbitrary - -code via a malicious URL redirect.</p> +<p>Ðавид ÐиÑжновÑки обнаÑÑжил, ÑÑо libcurl, библиоÑека пеÑедаÑи Ñайлов Ñ Ð¿Ð¾Ð´Ð´ÐµÑжкой +множеÑÑва пÑоÑоколов, пÑи вклÑÑении авÑомаÑиÑеÑкого ÑÐ»ÐµÐ´Ð¾Ð²Ð°Ð½Ð¸Ñ Ð¿ÐµÑенапÑавлениÑм URL не +ÑпÑаÑÐ¸Ð²Ð°ÐµÑ Ð¾ новом ÑазмеÑении Ñели. ÐоÑколÑÐºÑ libcurl поддеÑÐ¶Ð¸Ð²Ð°ÐµÑ Ð´Ð¾ÑÑÑп к URL +вида file:// и scp:// (в завиÑимоÑÑи Ð¾Ñ Ð½Ð°ÑÑÑоек), Ñо недовеÑеннÑй ÑеÑÐ²ÐµÑ Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑ +ÑÑÑ Ð²Ð¾Ð·Ð¼Ð¾Ð¶Ð½Ð¾ÑÑÑ Ð´Ð»Ñ ÑаÑкÑÑÑÐ¸Ñ Ð»Ð¾ÐºÐ°Ð»ÑнÑÑ Ñайлов, пеÑезапиÑи локалÑнÑÑ Ñайлов или даже вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ +пÑоизволÑного кода пÑи помоÑи некоÑÑекÑного пеÑенапÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ URL.</p> - -<p>This update introduces a new option called CURLOPT_REDIR_PROTOCOLS which by - -default does not include the scp and file protocol handlers.</p> +<p>Ðанное обновление добавлÑÐµÑ Ð½Ð¾Ð²ÑÑ Ð¾Ð¿ÑиÑ, CURLOPT_REDIR_PROTOCOLS, коÑоÑÐ°Ñ +по ÑмолÑÐ°Ð½Ð¸Ñ Ð½Ðµ вклÑÑÐ°ÐµÑ ÐºÐ¾Ð´ обÑабоÑки пÑоÑоколов scp и file.</p> - -<p>For the oldstable distribution (etch) this problem has been fixed in - -version 7.15.5-1etch2.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (etch) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 7.15.5-1etch2.</p> - -<p>For the stable distribution (lenny) this problem has been fixed in - -version 7.18.2-8lenny2.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (lenny) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 7.18.2-8lenny2.</p> - -<p>For the unstable distribution (sid) this problem has been fixed in - -version 7.18.2-8.1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 7.18.2-8.1.</p> - -<p>We recommend that you upgrade your curl packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ curl.</p> </define-tag> # do not modify the following line - --- english/security/2009/dsa-1772.wml 2014-04-30 13:16:18.000000000 +0600 +++ russian/security/2009/dsa-1772.wml 2016-01-24 12:36:50.945518214 +0500 @@ -1,31 +1,32 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Sebastian Kramer discovered two vulnerabilities in udev, the /dev and - -hotplug management daemon.</p> +<p>СебаÑÑиан ÐÑÐ°Ð¼ÐµÑ Ð¾Ð±Ð½Ð°ÑÑжил две ÑÑзвимоÑÑи в udev, ÑлÑжбе ÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ /dev и +гоÑÑÑими подклÑÑениÑми.</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-1185";>CVE-2009-1185</a> - - <p>udev does not check the origin of NETLINK messages, allowing local - - users to gain root privileges.</p></li> + <p>udev не вÑполнÑÐµÑ Ð¿ÑовеÑÐºÑ Ð¸ÑÑоÑника ÑообÑÐµÐ½Ð¸Ñ NETLINK, ÑÑо позволÑÐµÑ Ð»Ð¾ÐºÐ°Ð»ÑнÑм + полÑзоваÑелÑм полÑÑаÑÑ Ð¿Ñава доÑÑÑпа ÑÑÐ¾Ð²Ð½Ñ ÑÑпеÑполÑзоваÑелÑ.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-1186";>CVE-2009-1186</a> - - <p>udev suffers from a buffer overflow condition in path encoding, - - potentially allowing arbitrary code execution.</p></li> + <p>udev ÑодеÑÐ¶Ð¸Ñ Ð¿ÐµÑеполнение бÑÑеÑа в коде кодиÑÐ¾Ð²Ð°Ð½Ð¸Ñ Ð¿ÑÑи, + ÑÑо поÑенÑиалÑно позволÑÐµÑ Ð²ÑполнÑÑÑ Ð¿ÑоизволÑнÑй код.</p></li> </ul> - -<p>For the old stable distribution (etch), these problems have been fixed in - -version 0.105-4etch1.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (etch) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 0.105-4etch1.</p> - -<p>For the stable distribution (lenny), these problems have been fixed in - -version 0.125-7+lenny1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (lenny) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 0.125-7+lenny1.</p> - -<p>For the unstable distribution (sid), these problems will be fixed soon.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±ÑдÑÑ Ð¸ÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð¿Ð¾Ð·Ð¶Ðµ.</p> - -<p>We recommend that you upgrade your udev package.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑ udev.</p> </define-tag> # do not modify the following line - --- english/security/2009/dsa-1825.wml 2009-07-03 21:56:14.000000000 +0600 +++ russian/security/2009/dsa-1825.wml 2016-01-24 12:34:01.221197386 +0500 @@ -1,27 +1,28 @@ - -<define-tag description>insufficient input validation</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>недоÑÑаÑоÑÐ½Ð°Ñ Ð¿ÑовеÑка Ð²Ñ Ð¾Ð´Ð½ÑÑ Ð´Ð°Ð½Ð½ÑÑ </define-tag> <define-tag moreinfo> - -<p>It was discovered that the statuswml.cgi script of nagios, a monitoring - -and management system for hosts, services and networks, is prone to a - -command injection vulnerability. Input to the ping and traceroute parameters - -of the script is not properly validated which allows an attacker to execute - -arbitrary shell commands by passing a crafted value to these parameters.</p> +<p>ÐÑло обнаÑÑжено, ÑÑо ÑÑенаÑий statuswml.cgi из nagios, ÑиÑÑÐµÐ¼Ñ Ð¼Ð¾Ð½Ð¸ÑоÑинга +и ÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ Ð´Ð»Ñ Ñзлов, ÑлÑжб и ÑеÑей, ÑÑзвима к +инÑекÑии команд. ÐÑ Ð¾Ð´Ð½Ñе паÑамеÑÑÑ ÐºÐ¾Ð¼Ð°Ð½Ð´ ping и traceroute +Ñказанного ÑÑенаÑÐ¸Ñ Ð¿ÑовеÑÑÑÑÑÑ Ð½ÐµÐ¿ÑавилÑно, ÑÑо позволÑÐµÑ Ð·Ð»Ð¾ÑмÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÑ Ð²ÑполнÑÑÑ +пÑоизволÑнÑе ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ ÐºÐ¾Ð¼Ð°Ð½Ð´Ð½Ð¾Ð¹ оболоÑки пÑÑÑм пеÑедаÑи ÑпеÑиалÑно ÑÑоÑмиÑованного знаÑениÑ.</p> - -<p>For the oldstable distribution (etch), this problem has been fixed in - -version 2.6-2+etch3 of nagios2.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (etch) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.6-2+etch3 пакеÑа nagios2.</p> - -<p>For the stable distribution (lenny), this problem has been fixed in - -version 3.0.6-4~lenny2 of nagios3.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (lenny) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 3.0.6-4~lenny2 пакеÑа nagios3.</p> - -<p>For the testing distribution (squeeze), this problem has been fixed in - -version 3.0.6-5 of nagios3.</p> +<p>Ð ÑеÑÑиÑÑемом вÑпÑÑке (squeeze) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 3.0.6-5 пакеÑа nagios3.</p> - -<p>For the unstable distribution (sid), this problem has been fixed in - -version 3.0.6-5 of nagios3.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 3.0.6-5 пакеÑа nagios3.</p> - -<p>We recommend that you upgrade your nagios2/nagios3 packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ nagios2/nagios3.</p> </define-tag> # do not modify the following line - --- english/security/2009/dsa-1841.wml 2009-07-25 20:46:55.000000000 +0600 +++ russian/security/2009/dsa-1841.wml 2016-01-24 13:21:08.089941772 +0500 @@ -1,28 +1,29 @@ - -<define-tag description>denial of service</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>оÑказ в обÑлÑживании</define-tag> <define-tag moreinfo> - -<p>It was discovered that git-daemon which is part of git-core, a popular - -distributed revision control system, is vulnerable to denial of service - -attacks caused by a programming mistake in handling requests containing - -extra unrecognized arguments which results in an infinite loop. While - -this is no problem for the daemon itself as every request will spawn a - -new git-daemon instance, this still results in a very high CPU consumption - -and might lead to denial of service conditions.</p> +<p>ÐÑло обнаÑÑжено, ÑÑо ÑлÑжба git-daemon, коÑоÑÐ°Ñ ÑвлÑеÑÑÑ ÑаÑÑÑÑ of git-core, попÑлÑÑной +ÑаÑпÑеделÑнной ÑиÑÑÐµÐ¼Ñ ÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ ÑевизиÑми, ÑодеÑÐ¶Ð¸Ñ Ð¾Ñказ в обÑлÑживании, +коÑоÑÑй Ð²Ð¾Ð·Ð½Ð¸ÐºÐ°ÐµÑ Ð¸Ð·-за оÑибки пÑогÑаммиÑÐ¾Ð²Ð°Ð½Ð¸Ñ Ð² коде обÑабоÑки запÑоÑов, ÑодеÑжаÑÐ¸Ñ +дополниÑелÑнÑе неÑаÑпознаваемÑе аÑгÑменÑÑ, ÑÑо пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ð² конеÑном ÑÑÑÑе к беÑконеÑÐ½Ð¾Ð¼Ñ ÑиклÑ. ХоÑÑ +ÑÑо и не пÑоблема Ñамой ÑлÑжбÑ, поÑколÑÐºÑ ÐºÐ°Ð¶Ð´Ñй запÑÐ¾Ñ Ð·Ð°Ð¿ÑÑÐºÐ°ÐµÑ +новÑй обÑÐ°Ð·ÐµÑ git-daemon, ÑÑо вÑÑ Ñавно пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº ÑÑезмеÑÐ½Ð¾Ð¼Ñ Ð¿Ð¾ÑÑÐµÐ±Ð»ÐµÐ½Ð¸Ñ ÑеÑÑÑÑов ЦР+и Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании.</p> - -<p>For the oldstable distribution (etch), this problem has been fixed in - -version 1.4.4.4-4+etch3.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (etch) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1.4.4.4-4+etch3.</p> - -<p>For the stable distribution (lenny), this problem has been fixed in - -version 1.5.6.5-3+lenny2.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (lenny) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1.5.6.5-3+lenny2.</p> - -<p>For the testing distribution (squeeze), this problem has been fixed in - -version 1:1.6.3.3-1.</p> +<p>Ð ÑеÑÑиÑÑемом вÑпÑÑке (squeeze) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1:1.6.3.3-1.</p> - -<p>For the unstable distribution (sid), this problem has been fixed in - -version 1:1.6.3.3-1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1:1.6.3.3-1.</p> - -<p>We recommend that you upgrade your git-core packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ git-core.</p> </define-tag> # do not modify the following line - --- english/security/2009/dsa-1856.wml 2009-08-09 14:19:17.000000000 +0600 +++ russian/security/2009/dsa-1856.wml 2016-01-24 12:05:39.314363847 +0500 @@ -1,25 +1,26 @@ - -<define-tag description>information leak</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>ÑÑеÑка инÑоÑмаÑии</define-tag> <define-tag moreinfo> - -<p>It was discovered that the Debian Mantis package, a web based bug - -tracking system, installed the database credentials in a file with - -world-readable permissions onto the local filesystem. This allows - -local users to acquire the credentials used to control the Mantis - -database.</p> - - - -<p>This updated package corrects this problem for new installations and - -will carefully try to update existing ones. Administrators can check - -the permissions of the file /etc/mantis/config_db.php to see if they - -are safe for their environment.</p> - - - -<p>The old stable distribution (etch) does not contain a mantis package.</p> +<p>ÐÑло обнаÑÑжено, ÑÑо Debian-Ð¿Ð°ÐºÐµÑ Mantis, ÑиÑÑема оÑÑÐ»ÐµÐ¶Ð¸Ð²Ð°Ð½Ð¸Ñ +оÑибок на оÑнове веб, ÑÑÑÐ°Ð½Ð°Ð²Ð»Ð¸Ð²Ð°ÐµÑ Ð´Ð°Ð½Ð½Ñе ÑÑÑÑной запиÑи Ð´Ð»Ñ ÑабоÑÑ Ñ Ð±Ð°Ð·Ð¾Ð¹ даннÑÑ +в Ñайл на локалÑной Ñайловой ÑиÑÑеме, оÑкÑÑÑÑй Ð´Ð»Ñ ÑÑÐµÐ½Ð¸Ñ Ð²Ñем полÑзоваÑелÑм. ÐÑо позволÑÐµÑ +локалÑнÑм полÑзоваÑелÑм полÑÑиÑÑ Ð´Ð°Ð½Ð½Ñе ÑÑÑÑной запиÑи, иÑполÑзÑемой Ð´Ð»Ñ ÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ +базой даннÑÑ Mantis.</p> + +<p>ÐбновлÑннÑй Ð¿Ð°ÐºÐµÑ Ð¸ÑпÑавлÑÐµÑ ÑÑÑ Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð´Ð»Ñ Ð½Ð¾Ð²ÑÑ ÑÑÑановок, Ñакже бÑÐ´ÐµÑ +пÑедпÑинÑÑа оÑÑоÑÐ¾Ð¶Ð½Ð°Ñ Ð¿Ð¾Ð¿ÑÑка Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ ÑÑÑеÑÑвÑÑÑей ÑÑÑановки. ÐдминиÑÑÑаÑоÑÑ Ð¼Ð¾Ð³ÑÑ Ð¿ÑовеÑиÑÑ +пÑава доÑÑÑпа к ÑÐ°Ð¹Ð»Ñ /etc/mantis/config_db.php, ÑÑÐ¾Ð±Ñ ÑбедиÑÑÑÑ, ÑÑо +Ð´Ð»Ñ Ð¸Ñ Ð¾ÐºÑÑÐ¶ÐµÐ½Ð¸Ñ Ð¿Ñоблема ÑеÑена.</p> + +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (etch) Ð¿Ð°ÐºÐµÑ mantis оÑÑÑÑÑÑвÑеÑ.</p> - -<p>For the stable distribution (lenny), this problem has been fixed in - -version 1.1.6+dfsg-2lenny1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (lenny) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1.1.6+dfsg-2lenny1.</p> - -<p>For the unstable distribution (sid), this problem has been fixed in - -version 1.1.8+dfsg-2.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1.1.8+dfsg-2.</p> - -<p>We recommend that you upgrade your mantis package.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑ mantis.</p> </define-tag> # do not modify the following line - --- english/security/2009/dsa-1876.wml 2014-04-30 13:16:19.000000000 +0600 +++ russian/security/2009/dsa-1876.wml 2016-01-24 13:04:31.550169610 +0500 @@ -1,30 +1,31 @@ - -<define-tag description>buffer overflow</define-tag> +#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov" +<define-tag description>пеÑеполнение бÑÑеÑа</define-tag> <define-tag moreinfo> - -<p>Several remote vulnerabilities have been discovered in the TFTP - -component of dnsmasq. The Common Vulnerabilities and Exposures - -project identifies the following problems:</p> +<p>РкомпоненÑе TFTP Ð´Ð»Ñ dnsmasq, бÑло обнаÑÑжено неÑколÑко ÑдалÑннÑÑ +ÑÑзвимоÑÑей. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and Exposures +опÑеделÑÐµÑ ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-2957";>CVE-2009-2957</a> - - <p>A buffer overflow in TFTP processing may enable arbitrary code - - execution to attackers which are permitted to use the TFTP service.</p></li> + <p>ÐеÑеполнение бÑÑеÑа в коде обÑабоÑки TFTP Ð¼Ð¾Ð¶ÐµÑ Ð¿Ð¾Ð·Ð²Ð¾Ð»Ð¸ÑÑ Ð²ÑполниÑÑ + пÑоизволÑнÑй код злоÑмÑÑленникам, коÑоÑÑе оÑкÑÑÑ Ð´Ð¾ÑÑÑп к ÑлÑжбе TFTP.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-2958";>CVE-2009-2958</a> - - <p>Malicious TFTP clients may crash dnsmasq, leading to denial of - - service.</p></li> + <p>ÐекоÑÑекÑнÑе клиенÑÑ TFTP могÑÑ Ð²ÑзÑваÑÑ Ð°Ð²Ð°ÑийнÑÑ Ð¾ÑÑÐ°Ð½Ð¾Ð²ÐºÑ dnsmasq, ÑÑо пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº + оÑказ в обÑлÑживании.</p></li> </ul> - -<p>The old stable distribution is not affected by these problems.</p> +<p>ÐÑедÑдÑÑий ÑÑабилÑнÑй вÑпÑÑк не подвеÑжен ÑказаннÑм пÑоблемам.</p> - -<p>For the stable distribution (lenny), these problems have been fixed in - -version 2.45-1+lenny1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (lenny) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 2.45-1+lenny1.</p> - -<p>For the unstable distribution (sid), these problems have been fixed in - -version 2.50-1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 2.50-1.</p> - -<p>We recommend that you upgrade your dnsmasq packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ dnsmasq.</p> </define-tag> # do not modify the following line - --- english/security/2009/dsa-1884.wml 2009-09-14 23:50:24.000000000 +0600 +++ russian/security/2009/dsa-1884.wml 2016-01-24 12:16:21.582045712 +0500 @@ -1,26 +1,27 @@ - -<define-tag description>buffer underflow</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>пеÑеполнение бÑÑеÑа</define-tag> <define-tag moreinfo> - -<p>Chris Ries discovered that nginx, a high-performance HTTP server, reverse - -proxy and IMAP/POP3 proxy server, is vulnerable to a buffer underflow when - -processing certain HTTP requests. An attacker can use this to execute - -arbitrary code with the rights of the worker process (www-data on Debian) - -or possibly perform denial of service attacks by repeatedly crashing - -worker processes via a specially crafted URL in an HTTP request.</p> +<p>ÐÑÐ¸Ñ Ð Ð¸Ñ Ð¾Ð±Ð½Ð°ÑÑжил, ÑÑо nginx, вÑÑокопÑоизводиÑелÑнÑй ÑеÑÐ²ÐµÑ HTTP, обÑаÑнÑй +пÑокÑи и пÑокÑи-ÑеÑÐ²ÐµÑ Ð´Ð»Ñ IMAP/POP3, ÑодеÑÐ¶Ð¸Ñ Ð¿ÐµÑеполнение бÑÑеÑа, возникаÑÑее пÑи +обÑабоÑке опÑеделÑннÑÑ Ð·Ð°Ð¿ÑоÑов HTTP. ÐлоÑмÑÑленник Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑ ÑÑÑ Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð´Ð»Ñ +вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода Ñ Ð¿Ñавами ÑабоÑего пÑоÑеÑÑа (www-data в Debian) +или вÑзÑваÑÑ Ð¾Ñказ в обÑлÑживании пÑÑÑм завеÑÑÐµÐ½Ð¸Ñ ÑабоÑÑ +ÑабоÑего пÑоÑеÑÑа пÑи помоÑи ÑпеÑиалÑно ÑÑоÑмиÑованного URL в HTTP-запÑоÑе.</p> - -<p>For the oldstable distribution (etch), this problem has been fixed in - -version 0.4.13-2+etch2.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (etch) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 0.4.13-2+etch2.</p> - -<p>For the stable distribution (lenny), this problem has been fixed in - -version 0.6.32-3+lenny2.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (lenny) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 0.6.32-3+lenny2.</p> - -<p>For the testing distribution (squeeze), this problem will be fixed soon.</p> +<p>Ð ÑеÑÑиÑÑемом вÑпÑÑке (squeeze) ÑÑа пÑоблема бÑÐ´ÐµÑ Ð¸ÑпÑавлена позже.</p> - -<p>For the unstable distribution (sid), this problem has been fixed in - -version 0.7.61-3.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 0.7.61-3.</p> - -<p>We recommend that you upgrade your nginx packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ nginx.</p> </define-tag> # do not modify the following line - --- english/security/2009/dsa-1916.wml 2011-04-10 03:42:34.000000000 +0600 +++ russian/security/2009/dsa-1916.wml 2016-01-24 12:25:59.110473032 +0500 @@ -1,22 +1,23 @@ - -<define-tag description>insufficient input validation</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>недоÑÑаÑоÑÐ½Ð°Ñ Ð¿ÑовеÑка Ð²Ñ Ð¾Ð´Ð½ÑÑ Ð´Ð°Ð½Ð½ÑÑ </define-tag> <define-tag moreinfo> - -<p>Dan Kaminsky and Moxie Marlinspike discovered that kdelibs, core libraries from - -the official KDE release, does not properly handle a '\0' character in a domain - -name in the Subject Alternative Name field of an X.509 certificate, which allows - -man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted - -certificate issued by a legitimate Certification Authority.</p> +<p>ÐÑн ÐаминÑки и ÐокÑи ÐаÑлинÑпайк обнаÑÑжили, ÑÑо kdelibs, базовÑе библиоÑеки из +оÑиÑиалÑного вÑпÑÑка KDE, непÑавилÑно обÑабаÑÑваÑÑ Ñимвол '\0' в имени домена +в поле Subject Alternative Name ÑеÑÑиÑикаÑа X.509, ÑÑо позволÑÐµÑ Ð·Ð»Ð¾ÑмÑÑленникам, оÑÑÑеÑÑвлÑÑÑим +аÑÐ°ÐºÑ Ð¿Ð¾ пÑинÑÐ¸Ð¿Ñ Ñеловек-в-ÑеÑедине, подделÑваÑÑ Ð¿ÑоизволÑнÑе ÑеÑвеÑнÑе пакеÑÑ +SSL Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ ÑпеÑиалÑно ÑÑоÑмиÑованного ÑеÑÑиÑикаÑа, вÑданного авÑоÑиÑеÑнÑм иÑÑоÑником.</p> - -<p>For the oldstable distribution (etch), this problem has been fixed in - -version 4:3.5.5a.dfsg.1-8etch3.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (etch) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 4:3.5.5a.dfsg.1-8etch3.</p> - -<p>Due to a bug in the archive system, the fix for the stable distribution - -(lenny), will be released as version 4:3.5.10.dfsg.1-0lenny3 once it is - -available.</p> +<p>Ðз-за оÑибки в ÑиÑÑеме аÑÑ Ð¸Ð²Ð° иÑпÑавление Ð´Ð»Ñ ÑÑабилÑного вÑпÑÑка +(lenny) бÑÐ´ÐµÑ Ð²ÑпÑÑено в веÑÑии 4:3.5.10.dfsg.1-0lenny3 по меÑе +доÑÑÑпноÑÑи.</p> - -<p>For the testing distribution (squeeze), and the unstable distribution (sid), - -this problem has been fixed in version 4:3.5.10.dfsg.1-2.1.</p> +<p>Ð ÑеÑÑиÑÑемом (squeeze) и неÑÑабилÑном (sid) вÑпÑÑÐºÐ°Ñ +ÑÑа пÑоблема бÑла иÑпÑавлена в веÑÑии 4:3.5.10.dfsg.1-2.1.</p> - -<p>We recommend that you upgrade your kdelibs packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ kdelibs.</p> </define-tag> # do not modify the following line - --- english/security/2009/dsa-1923.wml 2009-10-30 17:17:43.000000000 +0500 +++ russian/security/2009/dsa-1923.wml 2016-01-24 12:30:17.967672170 +0500 @@ -1,26 +1,27 @@ - -<define-tag description>denial of service</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>оÑказ в обÑлÑживании</define-tag> <define-tag moreinfo> - -<p>A denial of service vulnerability has been found in libhtml-parser-perl, - -a collection of modules to parse HTML in text documents which is used by - -several other projects like e.g. SpamAssassin.</p> +<p>Ð libhtml-parser-perl, набоÑе модÑлей Ð´Ð»Ñ Ð²ÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð³ÑаммаÑиÑеÑкого ÑазбоÑа кода HTML +в ÑекÑÑÐ°Ñ Ð´Ð¾ÐºÑменÑов, иÑполÑзÑемом некоÑоÑÑми дÑÑгими пÑоекÑами, напÑимеÑ, SpamAssassin, +бÑла обнаÑÑжена ÑÑзвимоÑÑÑ, пÑиводÑÑÑÑ Ðº оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании.</p> - -<p>Mark Martinec discovered that the decode_entities() function will get stuck - -in an infinite loop when parsing certain HTML entities with invalid UTF-8 - -characters. An attacker can use this to perform denial of service attacks - -by submitting crafted HTML to an application using this functionality.</p> +<p>ÐаÑк ÐаÑинек обнаÑÑжил, ÑÑо ÑÑнкÑÐ¸Ñ decode_entities() Ð²Ñ Ð¾Ð´Ð¸Ñ Ð² +беÑконеÑнÑй Ñикл пÑи вÑполнении гÑаммаÑиÑеÑкого ÑазбоÑа ÑÑÑноÑÑей HTML Ñ Ð½ÐµÐºÐ¾ÑÑекÑнÑми +Ñимволами в кодиÑовке UTF-8. ÐлоÑмÑÑленник Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑ ÑÑÑ ÑÑзвимоÑÑÑ Ð´Ð»Ñ Ð²Ñзова оÑказа в обÑлÑживании +пÑÑÑм оÑпÑавки ÑпеÑиалÑно ÑÑоÑмиÑованного кода HTML пÑиложениÑ, иÑполÑзÑÑÑÐµÐ¼Ñ ÑказаннÑÑ ÑÑнкÑионалÑноÑÑÑ.</p> - -<p>For the oldstable distribution (etch), this problem has been fixed in - -version 3.55-1+etch1.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (etch) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 3.55-1+etch1.</p> - -<p>For the stable distribution (lenny), this problem has been fixed in - -version 3.56-1+lenny1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (lenny) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 3.56-1+lenny1.</p> - -<p>For the testing (squeeze) and unstable (sid) distribution, this problem - -will be fixed soon.</p> +<p>Ð ÑеÑÑиÑÑемом (squeeze) и неÑÑабилÑном (sid) вÑпÑÑÐºÐ°Ñ ÑÑа пÑоблема +бÑÐ´ÐµÑ Ð¸ÑпÑавлена позже.</p> - -<p>We recommend that you upgrade your libhtml-parser-perl packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ libhtml-parser-perl.</p> </define-tag> # do not modify the following line - --- english/security/2009/dsa-1943.wml 2009-12-03 03:42:25.000000000 +0500 +++ russian/security/2009/dsa-1943.wml 2016-01-24 12:12:21.034374611 +0500 @@ -1,22 +1,23 @@ - -<define-tag description>insufficient input validation</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>недоÑÑаÑоÑÐ½Ð°Ñ Ð¿ÑовеÑка Ð²Ñ Ð¾Ð´Ð½ÑÑ Ð´Ð°Ð½Ð½ÑÑ </define-tag> <define-tag moreinfo> - -<p>It was discovered that OpenLDAP, a free implementation of the Lightweight - -Directory Access Protocol, when OpenSSL is used, does not properly handle a '\0' - -character in a domain name in the subject's Common Name (CN) field of an X.509 - -certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL - -servers via a crafted certificate issued by a legitimate Certification Authority.</p> +<p>ÐÑло обнаÑÑжено, ÑÑо OpenLDAP, ÑÐ²Ð¾Ð±Ð¾Ð´Ð½Ð°Ñ ÑеализаÑÐ¸Ñ Ð¿ÑоÑокола Lightweight +Directory Access, пÑи иÑполÑзовании OpenSSL непÑавилÑно обÑабаÑÑÐ²Ð°ÐµÑ Ñимвол '\0' +в имени домена в поле Common Name (CN) ÑеÑÑиÑикаÑа X.509, ÑÑо позволÑÐµÑ Ð·Ð»Ð¾ÑмÑÑленникам, +оÑÑÑеÑÑвлÑÑÑим аÑÐ°ÐºÑ Ð¿Ð¾ пÑинÑÐ¸Ð¿Ñ Ñеловек-в-ÑеÑедине, подделÑваÑÑ Ð¿ÑоизволÑнÑе ÑеÑвеÑнÑе пакеÑÑ +SSL Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ ÑпеÑиалÑно ÑÑоÑмиÑованного ÑеÑÑиÑикаÑа, вÑданного авÑоÑиÑеÑнÑм иÑÑоÑником.</p> - -<p>For the oldstable distribution (etch), this problem has been fixed in version - -2.3.30-5+etch3 for openldap2.3.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (etch) ÑÑа пÑоблема бÑла иÑпÑавлена в веÑÑии +2.3.30-5+etch3 пакеÑа openldap2.3.</p> - -<p>For the stable distribution (lenny), this problem has been fixed in version - -2.4.11-1+lenny1 for openldap.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (lenny) ÑÑа пÑоблема бÑла иÑпÑавлена в веÑÑии +2.4.11-1+lenny1 пакеÑа openldap.</p> - -<p>For the testing distribution (squeeze), and the unstable distribution (sid), - -this problem has been fixed in version 2.4.17-2.1 for openldap.</p> +<p>Ð ÑеÑÑиÑÑемом (squeeze) и неÑÑабилÑном (sid) вÑпÑÑÐºÐ°Ñ +ÑÑа пÑоблема бÑла иÑпÑавлена в веÑÑии 2.4.17-2.1 пакеÑа openldap.</p> - -<p>We recommend that you upgrade your openldap2.3/openldap packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ openldap2.3/openldap.</p> </define-tag> # do not modify the following line - --- english/security/2009/dsa-1947.wml 2009-12-08 04:58:04.000000000 +0500 +++ russian/security/2009/dsa-1947.wml 2016-01-24 12:45:12.289907713 +0500 @@ -1,22 +1,23 @@ - -<define-tag description>missing input sanitising</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>оÑÑÑÑÑÑвие оÑиÑÑки Ð²Ñ Ð¾Ð´Ð½ÑÑ Ð´Ð°Ð½Ð½ÑÑ </define-tag> <define-tag moreinfo> - -<p>Matt Elder discovered that Shibboleth, a federated web single sign-on - -system is vulnerable to script injection through redirection URLs. More - -details can be found in the Shibboleth advisory at +<p>ÐÑÑ ÐÐ»Ð´ÐµÑ Ð¾Ð±Ð½Ð°ÑÑжил, ÑÑо Shibboleth, инÑегÑиÑÐ¾Ð²Ð°Ð½Ð½Ð°Ñ ÑиÑÑема единого +Ð²Ñ Ð¾Ð´Ð°, ÑÑзвима к инÑекÑии ÑÑенаÑиев ÑеÑез пеÑенапÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ URL. ÐополниÑелÑÐ½Ð°Ñ +инÑоÑмаÑÐ¸Ñ Ð¼Ð¾Ð¶ÐµÑ Ð±ÑÑÑ Ð½Ð°Ð¹Ð´ÐµÐ½Ð° в ÑекомендаÑии Shibboleth по адÑеÑÑ <a href="http://shibboleth.internet2.edu/secadv/secadv_20091104.txt";>http://shibboleth.internet2.edu/secadv/secadv_20091104.txt</a>.</p> - -<p>For the old stable distribution (etch), this problem has been fixed in - -version 1.3f.dfsg1-2+etch2 of shibboleth-sp.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (etch) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1.3f.dfsg1-2+etch2 пакеÑа shibboleth-sp.</p> - -<p>For the stable distribution (lenny), this problem has been fixed in - -version 1.3.1.dfsg1-3+lenny2 of shibboleth-sp, version 2.0.dfsg1-4+lenny2 - -of shibboleth-sp2 and version 2.0-2+lenny2 of opensaml2.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (lenny) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1.3.1.dfsg1-3+lenny2 пакеÑа shibboleth-sp, веÑÑии 2.0.dfsg1-4+lenny2 +пакеÑа shibboleth-sp2 и веÑÑии 2.0-2+lenny2 пакеÑа opensaml2.</p> - -<p>For the unstable distribution (sid), this problem has been fixed in - -version 2.3+dfsg-1 of shibboleth-sp2, version 2.3-1 of opensaml2 and - -version 1.3.1-1 of xmltooling.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.3+dfsg-1 пакеÑа shibboleth-sp2, веÑÑии 2.3-1 пакеÑа opensaml2 и +веÑÑии 1.3.1-1 пакеÑа xmltooling.</p> - -<p>We recommend that you upgrade your Shibboleth packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ Shibboleth.</p> </define-tag> # do not modify the following line - --- english/security/2009/dsa-1948.wml 2009-12-10 12:57:32.000000000 +0500 +++ russian/security/2009/dsa-1948.wml 2016-01-24 13:11:40.185405230 +0500 @@ -1,27 +1,28 @@ - -<define-tag description>denial of service</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>оÑказ в обÑлÑживании</define-tag> <define-tag moreinfo> - -<p>Robin Park and Dmitri Vinokurov discovered that the daemon component of - -the ntp package, a reference implementation of the NTP protocol, is - -not properly reacting to certain incoming packets.</p> +<p>Робин ÐаÑк и ÐмиÑÑий ÐинокÑов обнаÑÑжили, ÑÑо ÑлÑжба из пакеÑа +ntp, ÑÑалонной ÑеализаÑии пÑоÑокола NTP, непÑавилÑно +ÑеагиÑÑÐµÑ Ð½Ð° опÑеделÑннÑе Ð²Ñ Ð¾Ð´ÑÑие пакеÑÑ.</p> - -<p>An unexpected NTP mode 7 packet (MODE_PRIVATE) with spoofed IP data can lead - -ntpd to reply with a mode 7 response to the spoofed address. This may result - -in the service playing packet ping-pong with other ntp servers or even itself - -which causes CPU usage and excessive disk use due to logging. An attacker - -can use this to conduct denial of service attacks.</p> +<p>ÐеожиданнÑй Ð¿Ð°ÐºÐµÑ NTP Ñежима 7 (MODE_PRIVATE) Ñ Ð´Ð°Ð½Ð½Ñми и подделанÑм IP Ð¼Ð¾Ð¶ÐµÑ +пÑиводиÑÑ Ðº ÑомÑ, ÑÑо ntpd оÑвеÑÐ¸Ñ Ñ Ð¾ÑвеÑом Ñежима 7 на подделÑнÑй адÑеÑ. ÐÑо Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ +к ÑомÑ, ÑÑо ÑлÑжба наÑнÑÑ Ð¸Ð³ÑаÑÑ Ð² пинг-понг Ñ Ð´ÑÑгими ÑеÑвеÑами ntp или даже Ñ Ñобой, +ÑÑо пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº ÑÑезмеÑÐ½Ð¾Ð¼Ñ Ð¿Ð¾ÑÑÐµÐ±Ð»ÐµÐ½Ð¸Ñ ÑеÑÑÑÑов ЦРи диÑкового пÑоÑÑÑанÑÑва из-за ÑаздÑÐ²Ð°Ð½Ð¸Ñ Ð¶ÑÑнала. ÐлоÑмÑÑленник +Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑ ÑÑÑ ÑÑзвимоÑÑÑ Ð´Ð»Ñ Ð²Ñзова оÑказа в обÑлÑживании.</p> - -<p>For the oldstable distribution (etch), this problem has been fixed in - -version 1:4.2.2.p4+dfsg-2etch4.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (etch) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1:4.2.2.p4+dfsg-2etch4.</p> - -<p>For the stable distribution (lenny), this problem has been fixed in - -version 1:4.2.4p4+dfsg-8lenny3.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (lenny) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1:4.2.4p4+dfsg-8lenny3.</p> - -<p>For the testing (squeeze) and unstable (sid) distribution, this problem - -will be fixed soon.</p> +<p>Ð ÑеÑÑиÑÑемом (squeeze) и неÑÑабилÑном (sid) вÑпÑÑÐºÐ°Ñ ÑÑа пÑоблема +бÑÐ´ÐµÑ Ð¸ÑпÑавлена позже.</p> - -<p>We recommend that you upgrade your ntp packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ ntp.</p> </define-tag> # do not modify the following line - --- english/security/2009/dsa-1955.wml 2009-12-16 23:19:14.000000000 +0500 +++ russian/security/2009/dsa-1955.wml 2016-01-24 12:22:25.629658625 +0500 @@ -1,27 +1,28 @@ - -<define-tag description>information disclosure</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>ÑаÑкÑÑÑие инÑоÑмаÑии</define-tag> <define-tag moreinfo> - -<p>It was discovered that network-manager-applet, a network management - -framework, lacks some dbus restriction rules, which allows local users - -to obtain sensitive information.</p> +<p>ÐÑло обнаÑÑжено, ÑÑо Ñ network-manager-applet, инÑÑаÑÑÑÑкÑÑÑÑ ÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ +ÑеÑÑÑ, оÑÑÑÑÑÑвÑÑÑ Ð½ÐµÐºÐ¾ÑоÑÑе огÑаниÑиваÑÑие пÑавила dbus, ÑÑо позволÑÐµÑ Ð»Ð¾ÐºÐ°Ð»ÑнÑм полÑзоваÑелÑм +полÑÑаÑÑ ÑÑвÑÑвиÑелÑнÑÑ Ð¸Ð½ÑоÑмаÑиÑ.</p> - -<p>If you have locally modified the /etc/dbus-1/system.d/nm-applet.conf - -file, then please make sure that you merge the changes from this fix - -when asked during upgrade.</p> +<p>ÐÑли Ñ Ð²Ð°Ñ Ð¸ÑполÑзÑеÑÑÑ Ð»Ð¾ÐºÐ°Ð»Ñно изменÑннÑй Ñайл /etc/dbus-1/system.d/nm-applet.conf, +ÑбедиÑеÑÑ, ÑÑо Ð²Ñ Ð²ÐºÐ»ÑÑили в него Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ Ð´Ð°Ð½Ð½Ð¾Ð³Ð¾ иÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ +пÑи запÑоÑе обновлениÑ.</p> - -<p>For the oldstable distribution (etch), this problem has been fixed in - -version 0.6.4-6+etch1 of network-manager.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (etch) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 0.6.4-6+etch1 пакеÑа network-manager.</p> - -<p>For the stable distribution (lenny), this problem has been fixed in - -version 0.6.6-4+lenny1 of network-manager-applet.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (lenny) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 0.6.6-4+lenny1 пакеÑа network-manager-applet.</p> - -<p>For the testing distribution (squeeze) and the unstable distribution - -(sid), this problem has been fixed in version 0.7.0.99-1 of +<p>Ð ÑеÑÑиÑÑемом (squeeze) и неÑÑабилÑном (sid) вÑпÑÑÐºÐ°Ñ +ÑÑа пÑоблема бÑла иÑпÑавлена в веÑÑии 0.7.0.99-1 пакеÑа network-manager-applet.</p> - -<p>We recommend that you upgrade your network-manager and - -network-manager-applet packages accordingly.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ network-manager и +network-manager-applet ÑооÑвеÑÑÑвенно.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJWpIm6AAoJEF7nbuICFtKlJ8MP/jgxH1zc/qRI1HQ0XZCS5tnd PoT3tMqmnsVdrraqoevkN8FyUIrMIztUmbJIOgC6ZP+U0nDPOMG6ZIUUWLK3QtZc ndRvRWaVfBaic8PdEuVCj2CSOjoRgau3OneZCSkonfuE1l30+JIMqTYF1TntVjqe Rx2HR1Z4kdaFpljnD/YjlL3wtG/QQxdRlG02bjLjKlYeqcsU0vNN/IWT3GJPsjYe NDTArtinK9AhpsRGPDqzxqUvhkBc01izPTCI6JjVgpkpoySg/kudjIxNT8mumzVX qQVT97tdVXic7JIS/RSYp1/u9b6xyITZTTIoMLV3+u9Uep3D4JzgyWLQK28UcY8p Eu/uQ2kCKL5rD9jqc1sEB9J6DRJAw3nN3IgtqeBT8nKbOxYTYvDIAEaS2i80i7nv HnCUk5Hz+GcvFEsbNg1R411niBT1uF9oUNkanCX5FdUhC8reLnzxvXCUV1cA9TCe oJQw4VkG6ZcPUKtS43W4YIwCsFrHrldZXPrko+S/s9GzJQUltm5MS3Ixy1sCop+D hFr6pnbNVHAYXc092hwHMMqoOPus4taVUu04gmIzfzVVLz+4JNBZeSJEbXfEPKIK UJK1fZu1HWNSInMU4aujZfrdFOTh9Qc3ZBRMstocIc6/nnrlgr7fmXSJRHTLIBS5 ubkXG+5PFjHNzUPbgRx6 =8bda -----END PGP SIGNATURE-----
