-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2002/dsa-099.wml 2011-05-26 16:05:40.000000000 +0600 +++ russian/security/2002/dsa-099.wml 2016-02-19 22:11:19.882762220 +0500 @@ -1,22 +1,23 @@ - -<define-tag description>IRC session hijacking</define-tag> +#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov" +<define-tag description>Ð¿Ð¾Ñ Ð¸Ñение ÑеÑÑии IRC</define-tag> <define-tag moreinfo> - -<p>zen-parse found a <a href="http://online.securityfocus.com/archive/1/249113";>\ - -vulnerability</a> in the XChat IRC client that allows an - -attacker to take over the users IRC session.</p> +<p>zen-parse обнаÑÑжил <a href="http://online.securityfocus.com/archive/1/249113";>\ +ÑÑзвимоÑÑÑ</a> в IRC-клиенÑе XChat, коÑоÑÐ°Ñ Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÐµÑ +злоÑмÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÑ Ð·Ð°Ñ Ð²Ð°ÑиÑÑ IRC-ÑеÑÑÐ¸Ñ Ð¿Ð¾Ð»ÑзоваÑелÑ.</p> - -<p>It is possible to trick XChat IRC clients into sending arbitrary - -commands to the IRC server they are on, potentially allowing social - -engineering attacks, channel takeovers, and denial of service. This - -problem exists in versions 1.4.2 and 1.4.3. Later versions of XChat - -are vulnerable as well, but this behaviour is controlled by the - -configuration variable »percascii«, which defaults to 0. If it is set - -to 1 then the problem becomes apparent in 1.6/1.8 as well.</p> +<p>Ðожно заÑÑавиÑÑ IRC-клиенÑа XChat оÑпÑавиÑÑ Ð¿ÑоизволÑнÑе +ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ Ð½Ð° ÑеÑÐ²ÐµÑ IRC, к коÑоÑÐ¾Ð¼Ñ ÑÑÐ¾Ñ ÐºÐ»Ð¸ÐµÐ½Ñ Ð¿Ð¾Ð´ÐºÐ»ÑÑен, ÑÑо поÑенÑиалÑно позволÑÐµÑ +вÑполнÑÑÑ Ð°Ñаки в дÑÑ Ðµ ÑоÑиалÑного инжиниÑинга, Ð·Ð°Ñ Ð²Ð°Ñа каналов и оÑказа в обÑлÑживании. ÐÑа +пÑоблема пÑиÑÑÑÑÑвÑÐµÑ Ð² веÑÑиÑÑ 1.4.2 и 1.4.3. Ðолее поздние веÑÑии XChat +Ñакже ÑодеÑÐ¶Ð°Ñ ÑÑÑ ÑÑзвимоÑÑÑ, но поведение пÑогÑÐ°Ð¼Ð¼Ñ Ð¾Ð¿ÑеделÑеÑÑÑ Ð¿ÐµÑеменной +окÑÑÐ¶ÐµÐ½Ð¸Ñ Â»percascii«, коÑоÑÐ°Ñ Ð¿Ð¾ ÑмолÑÐ°Ð½Ð¸Ñ Ð¸Ð¼ÐµÐµÑ Ð·Ð½Ð°Ñение 0. ÐÑли она Ð¸Ð¼ÐµÐµÑ +знаÑение 1, Ñо ÑÐºÐ°Ð·Ð°Ð½Ð½Ð°Ñ Ð¿Ñоблема ÑÑановиÑÑÑ Ð°ÐºÑÑалÑно и в веÑÑиÑÑ 1.6/1.8.</p> - -<p>This problem has been fixed in upstream version 1.8.7 and in version - -1.4.3-1 for the current stable Debian release (2.2) with a patch - -provided from the upstream author Peter Zelezny. We recommend that - -you upgrade your XChat packages immediately, since this problem is - -already actively being exploited.</p> +<p>ÐÑа пÑоблема бÑла иÑпÑавлена в веÑÑии 1.8.7 из оÑновной веÑки ÑазÑабоÑки и в веÑÑии +1.4.3-1 Ð´Ð»Ñ ÑекÑÑего ÑÑабилÑного вÑпÑÑка Debian (2.2) благодаÑÑ Ð·Ð°Ð¿Ð»Ð°Ñе, +пÑедоÑÑавленной ÐиÑеÑом ÐелезнÑ, авÑоÑом оÑновной веÑки ÑазÑабоÑки. РекомендÑеÑÑÑ +как можно ÑкоÑее обновиÑÑ Ð¿Ð°ÐºÐµÑÑ XChat, Ñак как ÑÑа пÑоблема +Ñже акÑивно иÑполÑзÑеÑÑÑ Ð·Ð»Ð¾ÑмÑÑленниками.</p> </define-tag> # do not modify the following line - --- english/security/2002/dsa-111.wml 2002-06-19 20:20:24.000000000 +0600 +++ russian/security/2002/dsa-111.wml 2016-02-19 21:47:57.009812199 +0500 @@ -1,28 +1,29 @@ - -<define-tag description>remote exploit</define-tag> +#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov" +<define-tag description>ÑдалÑÐ½Ð½Ð°Ñ ÑÑзвимоÑÑÑ</define-tag> <define-tag moreinfo> - -<p>The Secure Programming Group of the Oulu University did a study on - -SNMP implementations and uncovered multiple problems which can - -cause problems ranging from Denial of Service attacks to remote - -exploits.</p> +<p>ÐÑÑппа безопаÑного пÑогÑаммиÑÐ¾Ð²Ð°Ð½Ð¸Ñ Ð¸Ð· ÑнивеÑÑиÑеÑа ÐÑÐ»Ñ Ð¿Ñовела иÑÑÐ»ÐµÐ´Ð¾Ð²Ð°Ð½Ð¸Ñ +ÑеализаÑий SNMP и обнаÑÑжила многоÑиÑленнÑе пÑоблемÑ, коÑоÑÑе могÑÑ +вÑзÑваÑÑ ÑазлиÑнÑе ÑÑзвимоÑÑи, Ð¾Ñ Ð¾Ñказа в обÑлÑживании до ÑдалÑннÑÑ +ÑÑзвимоÑÑей.</p> - -<p>New UCD-SNMP packages have been prepared to fix these problems - -as well as a few others. The complete list of fixed problems is:</p> +<p>ÐÑли подгоÑÐ¾Ð²Ð»ÐµÐ½Ñ Ð½Ð¾Ð²Ñе пакеÑÑ UCD-SNMP Ð´Ð»Ñ Ð¸ÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ ÑÑи пÑоблем, +а Ñакже неÑколÑÐºÐ¸Ñ Ð´ÑÑÐ³Ð¸Ñ . ÐолнÑй ÑпиÑок иÑпÑавленнÑÑ Ð¿Ñоблем:</p> <ul> - -<li> When running external programs snmpd used temporary files insecurely</li> - -<li> snmpd did not properly reset supplementary groups after changing - - its uid and gid</li> - -<li> Modified most code to use buffers instead of fixed-length strings to - - prevent buffer overflows</li> - -<li> The ASN.1 parser did not check for negative lengths</li> - -<li> The IFINDEX response handling in snmpnetstat did not do a sanity check - - on its input</li> +<li> ÐÑи запÑÑке внеÑÐ½Ð¸Ñ Ð¿ÑогÑамм snmpd иÑполÑзÑÐµÑ Ð²ÑеменнÑе ÑÐ°Ð¹Ð»Ñ Ð½ÐµÐ±ÐµÐ·Ð¾Ð¿Ð°ÑнÑм обÑазом</li> +<li> snmpd непÑавилÑно ÑбÑаÑÑÐ²Ð°ÐµÑ Ð´Ð¾Ð¿Ð¾Ð»Ð½Ð¸ÑелÑнÑе гÑÑÐ¿Ð¿Ñ Ð¿Ð¾Ñле Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ + иденÑиÑикаÑоÑов полÑзоваÑÐµÐ»Ñ Ð¸ гÑÑппÑ</li> +<li> ÐÐ»Ñ Ð¿ÑедоÑвÑаÑÐµÐ½Ð¸Ñ Ð¿ÐµÑÐµÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð±ÑÑеÑа бÑл изменÑн болÑÑой ÑÑаÑÑок кода Ñ Ñем, + ÑÑÐ¾Ð±Ñ Ð¸ÑполÑзоваÑÑ Ð±ÑÑеÑа вмеÑÑо ÑÑÑок ÑикÑиÑованной длинÑ</li> +<li> Ðод Ð´Ð»Ñ Ð³ÑаммаÑиÑеÑкого ÑазбоÑа ASN.1 не вÑполнÑÐµÑ Ð¿ÑовеÑÐºÑ Ð½Ð° Ð´Ð»Ð¸Ð½Ñ Ñ Ð¾ÑÑиÑаÑелÑнÑм знаÑением</li> +<li> ÐбÑабоÑка оÑвеÑа IFINDEX в snmpnetstat не вÑполнÑÐµÑ Ð¿ÑовеÑÐºÑ + Ð²Ñ Ð¾Ð´Ð½ÑÑ Ð´Ð°Ð½Ð½ÑÑ </li> </ul> - -<p>(thanks to Caldera for most of the work on those patches)</p> +<p>(благодаÑим Caldera за болÑÑÑÑ ÑаÑÑÑ ÑабоÑÑ Ð½Ð°Ð´ ÑÑими заплаÑами)</p> - -<p>The new version is 4.1.1-2.1 and we recommend you upgrade your - -snmp packages immediately.</p> +<p>ÐÐ¾Ð²Ð°Ñ Ð²ÐµÑÑÐ¸Ñ — 4.1.1-2.1, ÑекомендÑем как можно ÑкоÑее обновиÑÑ +пакеÑÑ snmp.</p> </define-tag> # do not modify the following line - --- english/security/2002/dsa-130.wml 2002-12-09 15:37:12.000000000 +0500 +++ russian/security/2002/dsa-130.wml 2016-02-19 21:36:10.376053727 +0500 @@ -1,22 +1,22 @@ - -<define-tag description>remotely triggered memory allocation error</define-tag> +#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov" +<define-tag description>ÑдалÑнно вÑзÑÐ²Ð°ÐµÐ¼Ð°Ñ Ð¾Ñибка вÑÐ´ÐµÐ»ÐµÐ½Ð¸Ñ Ð¿Ð°Ð¼ÑÑи</define-tag> <define-tag moreinfo> - -<p>Ethereal versions prior to 0.9.3 were vulnerable to an allocation error - -in the ASN.1 parser. This can be triggered when analyzing traffic using - -the SNMP, LDAP, COPS, or Kerberos protocols in ethereal. This - -vulnerability was announced in the ethereal security advisory +<p>УÑилиÑа ethereal до веÑÑии 0.9.3 ÑÑзвима к оÑибке вÑÐ´ÐµÐ»ÐµÐ½Ð¸Ñ Ð¿Ð°Ð¼ÑÑи, коÑоÑÐ°Ñ Ð²Ð¾Ð·Ð½Ð¸ÐºÐ°ÐµÑ +в коде Ð´Ð»Ñ Ð³ÑаммаÑиÑеÑкого ÑазбоÑа ASN.1. ÐÑа оÑибка Ð¼Ð¾Ð¶ÐµÑ Ð±ÑÑÑ Ð²Ñзвана пÑи анализе ÑÑаÑика, иÑполÑзÑÑ +пÑоÑÐ¾ÐºÐ¾Ð»Ñ SNMP, LDAP, COPS или Kerberos. Рданной +ÑÑзвимоÑÑи ÑообÑаеÑÑÑ Ð² ÑекомендаÑии по безопаÑноÑÑи ethereal <a href="http://www.ethereal.com/appnotes/enpa-sa-00003.html";>enpa-sa-00003</a>. - -This issue has been corrected in ethereal version 0.8.0-3potato for +ÐÑоблема бÑла иÑпÑавлена в ethereal веÑÑии 0.8.0-3potato Ð´Ð»Ñ Debian 2.2 (potato).</p> - -<p>Additionally, a number of vulnerabilities were discussed in ethereal - -security advisory - -<a href="http://www.ethereal.com/appnotes/enpa-sa-00004.html";>enpa-sa-00004</a>; - -the version of ethereal in Debian 2.2 - -(potato) is not vulnerable to the issues raised in this later advisory. - -Users of the not-yet-released woody distribution should ensure that they - -are running ethereal 0.9.4-1 or a later version.</p> +<p>ÐÑоме Ñого, в ÑекомендаÑии по безопаÑноÑÑи ethereal +<a href="http://www.ethereal.com/appnotes/enpa-sa-00004.html";>enpa-sa-00004</a> +обÑÑждаеÑÑÑ ÑÑд ÑÑзвимоÑÑей; веÑÑÐ¸Ñ ethereal в Debian 2.2 +(potato) не подвеÑжена пÑоблемам, ÑказаннÑм в более поздней ÑекомендаÑии. +ÐолÑзоваÑелÑм еÑÑ Ð½Ðµ вÑпÑÑенного диÑÑÑибÑÑива woody ÑледÑÐµÑ ÑбедиÑÑÑÑ, ÑÑо они +иÑполÑзÑÑ ethereal 0.9.4-1 или более поздней веÑÑии.</p> - -<p>We recommend you upgrade your ethereal package immediately.</p> +<p>РекомендÑеÑÑÑ ÐºÐ°Ðº можно ÑкоÑее обновиÑÑ Ð¿Ð°ÐºÐµÑ ethereal.</p> </define-tag> # do not modify the following line - --- english/security/2002/dsa-141.wml 2002-08-02 16:09:55.000000000 +0600 +++ russian/security/2002/dsa-141.wml 2016-02-19 22:29:33.457009807 +0500 @@ -1,23 +1,24 @@ - -<define-tag description>buffer overflow</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>пеÑеполнение бÑÑеÑа</define-tag> <define-tag moreinfo> - -<p>Eckehard Berns discovered a buffer overflow in the munpack program - -which is used for decoding (respectively) binary files in MIME - -(Multipurpose Internet Mail Extensions) format mail messages. If - -munpack is run on an appropriately malformed email (or news article) - -then it will crash, and perhaps can be made to run arbitrary code.</p> +<p>ÐÐºÐµÑ Ð°Ñд ÐеÑÐ½Ñ Ð¾Ð±Ð½Ð°ÑÑжил пеÑеполнение бÑÑеÑа в пÑогÑамме munpack, +коÑоÑÐ°Ñ Ð¸ÑполÑзÑеÑÑÑ Ð´Ð»Ñ Ð´ÐµÐºÐ¾Ð´Ð¸ÑÐ¾Ð²Ð°Ð½Ð¸Ñ (ÑооÑвеÑÑÑвенно) двоиÑнÑÑ Ñайлов в ÑоÑÐ¼Ð°Ñ +ÑообÑений MIME (многоÑелевÑе ÑаÑÑиÑÐµÐ½Ð¸Ñ Ð¿Ð¾ÑÑÑ ÐнÑеÑнеÑ). ÐÑли +munpack запÑÑкаеÑÑÑ Ð´Ð»Ñ Ð¾Ð±ÑабоÑки ÑпеÑиалÑно ÑÑоÑмиÑованного ÑообÑÐµÐ½Ð¸Ñ ÑлекÑÑонной поÑÑÑ (или ÑÑаÑÑи новоÑÑей), +Ñо его ÑабоÑа завеÑÑаеÑÑÑ Ð°Ð²Ð°Ñийно, возможно Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ ÑÑой ÑÑзвимоÑÑи можно запÑÑÑиÑÑ Ð¿ÑоизволÑнÑй код.</p> - -<p>Herbert Xu reported a second vulnerability which affected malformed - -filenames that refer to files in upper directories like "../a". The - -security impact is limited, though, because only a single leading - -"../" was accepted and only new files can be created (i.e. no files - -will be overwritten).</p> +<p>ÐеÑбеÑÑ Ð¨Ñ Ð¾Ð±Ð½Ð°ÑÑжил вÑоÑÑÑ ÑÑзвимоÑÑÑ, коÑоÑÐ°Ñ ÐºÐ°ÑаеÑÑÑ Ð½ÐµÐºÐ¾ÑÑекÑнÑÑ +имÑн Ñайлов, ÑказÑваÑÑÐ¸Ñ Ð½Ð° ÑÐ°Ð¹Ð»Ñ Ð² каÑÐ°Ð»Ð¾Ð³Ð°Ñ Ð²ÐµÑÑ Ð½ÐµÐ³Ð¾ ÑÑÐ¾Ð²Ð½Ñ (напÑимеÑ, "../a"). ÐлиÑние +ÑÑой пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð½Ðµ безопаÑноÑÑÑ Ð¾Ð³ÑаниÑено, поÑколÑÐºÑ Ð¿ÑинимаеÑÑÑ Ð»Ð¸ÑÑ Ð¿ÐµÑÐµÑ Ð¾Ð´ на один +ÑÑÐ¾Ð²ÐµÐ½Ñ Ð²Ð²ÐµÑÑ , "../", и Ñаким ÑпоÑобом можно ÑоздаÑÑ ÑолÑко новÑе ÑÐ°Ð¹Ð»Ñ (Ñо еÑÑÑ, нелÑÐ·Ñ +пеÑезапиÑаÑÑ Ñже имеÑÑиеÑÑ ÑайлÑ).</p> - -<p>Both problems have been fixed in version 1.5-5potato2 for the old - -stable distribution (potato), in version 1.5-7woody2 for the current - -stable distribution (woody) and in version 1.5-9 for the unstable - -distribution (sid).</p> +<p>Ðбе пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² веÑÑии 1.5-5potato2 Ð´Ð»Ñ Ð¿ÑедÑдÑÑего ÑÑабилÑного +вÑпÑÑка (potato), в веÑÑии 1.5-7woody2 Ð´Ð»Ñ ÑекÑÑего +ÑÑабилÑного вÑпÑÑка (woody) и в веÑÑии 1.5-9 Ð´Ð»Ñ Ð½ÐµÑÑабилÑного +вÑпÑÑка (sid).</p> - -<p>We recommend that you upgrade your mpack package immediately.</p> +<p>РекомендÑеÑÑÑ ÐºÐ°Ðº можно ÑкоÑее обновиÑÑ Ð¿Ð°ÐºÐµÑ mpack.</p> </define-tag> # do not modify the following line - --- english/security/2002/dsa-144.wml 2002-08-06 15:08:35.000000000 +0600 +++ russian/security/2002/dsa-144.wml 2016-02-19 22:45:52.506186388 +0500 @@ -1,23 +1,24 @@ - -<define-tag description>improper input handling</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>непÑавилÑÐ½Ð°Ñ Ð¾Ð±ÑабоÑка Ð²Ñ Ð¾Ð´Ð½ÑÑ Ð´Ð°Ð½Ð½ÑÑ </define-tag> <define-tag moreinfo> - -<p>A problem with wwwoffle has been discovered. The web proxy didn't - -handle input data with negative Content-Length settings properly which - -causes the processing child to crash. It is at this time not obvious - -how this can lead to an exploitable vulnerability; however, it's better - -to be safe than sorry, so here's an update.</p> +<p>ÐÑла обнаÑÑжен пÑоблема Ñ wwwoffle. УказаннÑй веб-пÑокÑи непÑавилÑно +обÑабаÑÑÐ²Ð°ÐµÑ Ð²Ñ Ð¾Ð´Ð½Ñе даннÑе Ñ Ð¾ÑÑиÑаÑелÑнÑм знаÑением Content-Length, ÑÑо +пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº аваÑийной оÑÑановке обÑабаÑÑваÑÑего доÑеÑнего пÑоÑеÑÑа. РнаÑÑоÑÑее вÑÐµÐ¼Ñ +не ÑÑно, как ÑÑо Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑÑÑ Ð·Ð»Ð¾ÑмÑÑленниками; Ñем не менее, лÑÑÑе +обезопаÑиÑÑÑÑ, Ñем ÑожалеÑÑ, поÑÑÐ¾Ð¼Ñ Ð½Ð¸Ð¶Ðµ пÑиведено обновление.</p> - -<p>Additionally, in the woody version empty passwords will be treated as - -wrong when trying to authenticate. In the woody version we also - -replaced CanonicaliseHost() with the latest routine from 2.7d, offered - -by upstream. This stops bad IPv6 format IP addresses in URLs from - -causing problems (memory overwriting, potential exploits).</p> +<p>ÐÑоме Ñого, в веÑÑии из woody пÑи попÑÑке аÑÑенÑиÑикаÑии пÑÑÑÑе паÑоли +ÑÑакÑÑÑÑÑÑ ÐºÐ°Ðº непÑавилÑнÑе. РвеÑÑии из woody ÑÑнкÑÐ¸Ñ +CanonicaliseHost() бÑла заменена на ÑÑнкÑÐ¸Ñ Ð¸Ð· веÑÑии 2.7d, пÑедоÑÑавлÑемой +оÑновной веÑкой ÑазÑабоÑки. Ðна не позволÑÐµÑ IP адÑеÑам IPv6 в непÑавилÑном ÑоÑмаÑе +вÑзÑваÑÑ Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ñ (пеÑезапиÑÑ ÑодеÑжимого памÑÑи, поÑенÑиалÑнÑе ÑÑзвимоÑÑи).</p> - -<p>This problem has been fixed in version 2.5c-10.4 for the old stable - -distribution (potato), in version 2.7a-1.2 for the current stable - -distribution (woody) and in version 2.7d-1 for the unstable - -distribution (sid).</p> +<p>ÐÑа пÑоблема бÑла иÑпÑавлена в веÑÑии 2.5c-10.4 Ð´Ð»Ñ Ð¿ÑедÑдÑÑего ÑÑабилÑного +вÑпÑÑка (potato), в веÑÑии 2.7a-1.2 Ð´Ð»Ñ ÑекÑÑего ÑÑабилÑного +вÑпÑÑка (woody) и в веÑÑии 2.7d-1 Ð´Ð»Ñ Ð½ÐµÑÑабилÑного +вÑпÑÑка (sid).</p> - -<p>We recommend that you upgrade your wwwoffle packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ wwwoffle.</p> </define-tag> # do not modify the following line - --- english/security/2002/dsa-167.wml 2002-09-16 21:00:33.000000000 +0600 +++ russian/security/2002/dsa-167.wml 2016-02-19 22:17:30.605879631 +0500 @@ -1,21 +1,22 @@ - -<define-tag description>cross site scripting</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>межÑайÑовÑй ÑкÑипÑинг</define-tag> <define-tag moreinfo> - -<p>A cross site scripting problem has been discovered in Konqueror, a - -famous browser for KDE and other programs using KHTML. The KDE team - -<a href="http://www.kde.org/info/security/advisory-20020908-2.txt";>reports</a> - -that Konqueror's cross site scripting protection fails to - -initialize the domains on sub-(i)frames correctly. As a result, - -JavaScript is able to access any foreign subframe which is defined in - -the HTML source. Users of Konqueror and other KDE software that uses - -the KHTML rendering engine may become victim of a cookie stealing and - -other cross site scripting attacks.</p> +<p>Ð Konqueror, знамениÑом бÑаÑзеÑе Ð´Ð»Ñ KDE, и дÑÑÐ³Ð¸Ñ Ð¿ÑогÑÐ°Ð¼Ð¼Ð°Ñ , иÑполÑзÑÑÑÐ¸Ñ +KHTML, бÑл обнаÑÑжен межÑайÑовÑй ÑкÑипÑинг. Ðоманда KDE +<a href="http://www.kde.org/info/security/advisory-20020908-2.txt";>ÑообÑаеÑ</a>, +ÑÑо заÑиÑа Konqueror Ð¾Ñ Ð¼ÐµÐ¶ÑайÑового ÑкÑипÑинга не Ð¼Ð¾Ð¶ÐµÑ ÐºÐ¾ÑÑекÑно +иниÑиализиÑоваÑÑ Ð´Ð¾Ð¼ÐµÐ½Ñ Ñ Ð¿Ð¾Ð´-(i)ÑÑеймами. Ð ÑезÑлÑÑаÑе +код на JavaScript Ð¼Ð¾Ð¶ÐµÑ Ð¿Ð¾Ð»ÑÑиÑÑ Ð´Ð¾ÑÑÑп к лÑÐ±Ð¾Ð¼Ñ Ð²Ð½ÐµÑÐ½ÐµÐ¼Ñ Ð¿Ð¾Ð´ÑÑеймÑ, коÑоÑÑе опÑеделÑеÑÑÑ Ð² +иÑÑ Ð¾Ð´Ð½Ð¾Ð¼ коде HTML. ÐолÑзоваÑели Konqueror и дÑÑÐ³Ð¸Ñ Ð¿Ñиложений KDE, иÑполÑзÑÑÑÐ¸Ñ +движок оÑÑиÑовки KHTML, могÑÑ ÑÑаÑÑ Ð¶ÐµÑÑвами кÑаж кÑки и +дÑÑÐ³Ð¸Ñ Ð°Ñак по пÑинÑипам межÑайÑового ÑкÑипÑинга.</p> - -<p>This problem has been fixed in version 2.2.2-13.woody.3 for the - -current stable distribution (woody) and in version 2.2.2-14 for the - -unstable distribution (sid). The old stable distribution (potato) is - -not affected since it didn't ship KDE.</p> +<p>ÐÑа пÑоблема бÑла иÑпÑавлена в веÑÑии 2.2.2-13.woody.3 Ð´Ð»Ñ +ÑекÑÑего ÑÑабилÑного вÑпÑÑка (woody) и в веÑÑии 2.2.2-14 Ð´Ð»Ñ +неÑÑабилÑного вÑпÑÑка (sid). ÐÑедÑдÑÑий ÑÑабилÑнÑй вÑпÑÑк (potato) +не подвеÑжен данной пÑоблеме, поÑколÑÐºÑ Ð² нÑм Ð½ÐµÑ KDE.</p> - -<p>We recommend that you upgrade your kdelibs package and restart +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑ kdelibs и пеÑезапÑÑÑиÑÑ Konqueror.</p> </define-tag> - --- english/security/2002/dsa-171.wml 2002-10-07 21:15:33.000000000 +0600 +++ russian/security/2002/dsa-171.wml 2016-02-19 22:00:34.391769885 +0500 @@ -1,22 +1,23 @@ - -<define-tag description>buffer overflows</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>пеÑеполнение бÑÑеÑа</define-tag> <define-tag moreinfo> - -<p>Stefan Esser <a href="http://security.e-matters.de/advisories/032002.html";>\ - -discovered</a> several buffer overflows and a broken boundary - -check within fetchmail. If fetchmail is running in multidrop mode - -these flaws can be used by remote attackers to crash it or to execute - -arbitrary code under the user id of the user running fetchmail. - -Depending on the configuration this even allows a remote root - -compromise.</p> +<p>ШÑеÑан ÐÑÑÐµÑ <a href="http://security.e-matters.de/advisories/032002.html";>\ +обнаÑÑжил</a> неÑколÑко пеÑеполнений бÑÑеÑа и ÑломаннÑÑ Ð¿ÑовеÑÐºÑ +гÑÐ°Ð½Ð¸Ñ Ð¼Ð°ÑÑива в fetchmail. ÐÑли fetchmail ÑабоÑÐ°ÐµÑ Ð² многоÑоÑеÑном Ñежиме, +Ñо ÑÑи ÑÑзвимоÑÑи могÑÑ Ð¸ÑполÑзоваÑÑ ÑдалÑннÑми злоÑмÑÑленниками Ð´Ð»Ñ Ð°Ð²Ð°Ñийной оÑÑановки ÑÑилиÑÑ Ð¸Ð»Ð¸ +вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода Ð¾Ñ Ð»Ð¸Ñа полÑзоваÑелÑ, запÑÑÑивÑего fetchmail. +РзавиÑимоÑÑи Ð¾Ñ Ð½Ð°ÑÑÑоек ÑÑа ÑÑзвимоÑÑÑ Ð¼Ð¾Ð¶ÐµÑ Ð¿Ð¾Ð·Ð²Ð¾Ð»Ð¸ÑÑ ÑдалÑнно ÑкомпÑомеÑиÑоваÑÑ +ÑÑпеÑполÑзоваÑелÑ.</p> - -<p>These problems have been fixed in version 5.9.11-6.1 for both - -fetchmail and fetchmail-ssl for the current stable distribution - -(woody), in version 5.3.3-4.2 for fetchmail for the old stable - -distribution (potato) and in version 6.1.0-1 for both fetchmail and - -fetchmail-ssl for the unstable distribution (sid). There are no - -fetchmail-ssl packages for the old stable distribution (potato) and - -thus no updates.</p> +<p>ÐÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² веÑÑии 5.9.11-6.1 Ð´Ð»Ñ +пакеÑов fetchmail и fetchmail-ssl в ÑекÑÑем ÑÑабилÑном вÑпÑÑке +(woody), в веÑÑии 5.3.3-4.2 Ð´Ð»Ñ Ð¿Ð°ÐºÐµÑа fetchmail в пÑедÑдÑÑем ÑÑабилÑном +вÑпÑÑке (potato) и в веÑÑии 6.1.0-1 Ð´Ð»Ñ Ð¿Ð°ÐºÐµÑов fetchmail и +fetchmail-ssl в неÑÑабилÑном вÑпÑÑке (sid). ÐакеÑÑ +fetchmail-ssl в пÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (potato) оÑÑÑÑÑÑвÑÑÑ, и +поÑÑÐ¾Ð¼Ñ Ð¾Ð½Ð¸ не бÑли обновленÑ.</p> - -<p>We recommend that you upgrade your fetchmail packages immediately.</p> +<p>РекомендÑеÑÑÑ ÐºÐ°Ðº можно ÑкоÑее обновиÑÑ Ð¿Ð°ÐºÐµÑÑ fetchmail.</p> </define-tag> # do not modify the following line - --- english/security/2002/dsa-173.wml 2002-10-09 21:15:30.000000000 +0600 +++ russian/security/2002/dsa-173.wml 2016-02-19 21:54:11.511886061 +0500 @@ -1,22 +1,23 @@ - -<define-tag description>privilege escalation</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>повÑÑение пÑивилегий</define-tag> <define-tag moreinfo> - -<p>The developers of Bugzilla, a web-based bug tracking system, - -discovered a problem in the handling of more than 47 groups. When a - -new product is added to an installation with 47 groups or more and - -"usebuggroups" is enabled, the new group will be assigned a groupset - -bit using Perl math that is not exact beyond 2<sup>48</sup>. - -This results in - -the new group being defined with a "bit" that has several bits set. - -As users are given access to the new group, those users will also gain - -access to spurious lower group privileges. Also, group bits were not - -always reused when groups were deleted.</p> +<p>РазÑабоÑÑики Bugzilla, ÑиÑÑÐµÐ¼Ñ Ð¾ÑÑÐ»ÐµÐ¶Ð¸Ð²Ð°Ð½Ð¸Ñ Ð¾Ñибок на оÑнове веб, +обнаÑÑжили пÑоблемÑ, коÑоÑÐ°Ñ Ð¿ÑоÑвлÑеÑÑÑ Ð¿Ñи обÑабоÑке более, Ñем 47 гÑÑпп. Ðогда +добавлÑеÑÑÑ Ð½Ð¾Ð²Ñй пÑодÑÐºÑ Ð² ÑÑÑÐ°Ð½Ð¾Ð²ÐºÑ Ñ Ñже имеÑÑимиÑÑ 47 или более гÑÑппами, а Ñакже +когда вклÑÑена опÑÐ¸Ñ "usebuggroups", Ñо новой гÑÑппе бÑÐ´ÐµÑ Ð½Ð°Ð·Ð½Ð°Ñен гÑÑпповой Ð±Ð¸Ñ +Ñ Ð¸ÑполÑзованием маÑемаÑиÑеÑкого модÑÐ»Ñ Perl, коÑоÑÑе не пÑедоÑÑавлÑÐµÑ ÑоÑнÑÑ ÑиÑел болÑÑе 2<sup>48</sup>. +ÐÑо пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº ÑомÑ, ÑÑо +Ð½Ð¾Ð²Ð°Ñ Ð³ÑÑппа опÑеделÑеÑÑÑ <q>биÑом</q>, коÑоÑÑе Ð¸Ð¼ÐµÐµÑ Ð½ÐµÑколÑко ÑÑÑановленнÑÑ Ð±Ð¸Ñов. +ÐоÑколÑÐºÑ Ð¿Ð¾Ð»ÑзоваÑели полÑÑаÑÑ Ð´Ð¾ÑÑÑп к новой гÑÑппе, Ñо ÑÑи полÑзоваÑели Ñакже оÑибоÑно полÑÑаÑÑ +доÑÑÑп к более низким гÑÑппам. ÐÑоме Ñого, биÑÑ Ð³ÑÑпп не вÑегда +повÑоÑно иÑполÑзÑÑÑÑÑ Ð¿Ñи Ñдалении гÑÑппÑ.</p> - -<p>This problem has been fixed in version 2.14.2-0woody2 for the current - -stable distribution (woody) and will soon be fixed in the unstable - -distribution (sid). The old stable distribution (potato) doesn't - -contain a bugzilla package.</p> +<p>ÐÑа пÑоблема бÑла иÑпÑавлена в веÑÑии 2.14.2-0woody2 Ð´Ð»Ñ ÑекÑÑего +ÑÑабилÑного вÑпÑÑка (woody) и ÑкоÑо бÑÐ´ÐµÑ Ð¸ÑпÑавлена в неÑÑабилÑном +вÑпÑÑке (sid). РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (potato) Ð¿Ð°ÐºÐµÑ +bugzilla оÑÑÑÑÑÑвÑеÑ.</p> - -<p>We recommend that you upgrade your bugzilla package.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑ bugzilla.</p> </define-tag> # do not modify the following line - --- english/security/2002/dsa-193.wml 2002-11-18 15:45:39.000000000 +0500 +++ russian/security/2002/dsa-193.wml 2016-02-19 21:40:11.662854773 +0500 @@ -1,21 +1,22 @@ - -<define-tag description>buffer overflow</define-tag> +#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov" +<define-tag description>пеÑеполнение бÑÑеÑа</define-tag> <define-tag moreinfo> <p>iDEFENSE <a href="http://www.idefense.com/advisory/11.11.02.txt";>\ - -reports</a> a security vulnerability in the klisa package, that - -provides a LAN information service similar to "Network Neighbourhood", - -which was discovered by Texonet. It is possible for a local attacker - -to exploit a buffer overflow condition in resLISa, a restricted - -version of KLISa. The vulnerability exists in the parsing of the - -LOGNAME environment variable, an overly long value will overwrite the - -instruction pointer thereby allowing an attacker to seize control of - -the executable.</p> +ÑообÑаеÑ</a> об ÑÑзвимоÑÑи в пакеÑе klisa, пÑедоÑÑавлÑÑÑем +ÑлÑÐ¶Ð±Ñ Ð¸Ð½ÑоÑмаÑии локалÑной ÑеÑи, ÑÑ Ð¾Ð¶ÑÑ Ñ <q>СеÑевÑм окÑÑжением</q>, +ÑÑзвимоÑÑÑ Ð¾Ð±Ð½Ð°ÑÑжена Texonet. ÐокалÑнÑй злоÑмÑÑленник Ð¼Ð¾Ð¶ÐµÑ +иÑполÑзоваÑÑ ÑоÑÑоÑние пеÑÐµÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð±ÑÑеÑа в resLISa, огÑаниÑенной +веÑÑии KLISa. ÐÑа ÑÑзвимоÑÑÑ Ð¿ÑиÑÑÑÑÑвÑÐµÑ Ð² коде Ð´Ð»Ñ Ð³ÑаммаÑиÑеÑкого ÑазбоÑа +пеÑеменной окÑÑÐ¶ÐµÐ½Ð¸Ñ LOGNAME, ÑÑезмеÑно болÑÑое знаÑение пеÑезапиÑÑÐ²Ð°ÐµÑ +ÑказаÑÐµÐ»Ñ Ð¸Ð½ÑÑÑÑкÑии, ÑÑо позволÑÐµÑ Ð·Ð»Ð¾ÑмÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÑ Ð¿ÐµÑÐµÑ Ð²Ð°ÑÑваÑÑ ÑпÑавление +иÑполнÑемÑм Ñайлом.</p> - -<p>This problem has been fixed in version 2.2.2-14.2 for the current stable - -distribution (woody) and in version 2.2.2-14.3 for the unstable - -distribution (sid). The old stable distribution (potato) is not - -affected since it doesn't contain a kdenetwork package.</p> +<p>ÐÑа пÑоблема бÑла иÑпÑавлена в веÑÑии 2.2.2-14.2 в ÑекÑÑем ÑÑабилÑном +вÑпÑÑке (woody) и в веÑÑии 2.2.2-14.3 в неÑÑабилÑном +вÑпÑÑке (sid). ÐÑедÑдÑÑий ÑÑабилÑнÑй вÑпÑÑк (potato) не +подвеÑжен данной пÑоблеме, Ñак как в нÑм оÑÑÑÑÑÑвÑÐµÑ Ð¿Ð°ÐºÐµÑ kdenetwork.</p> - -<p>We recommend that you upgrade your klisa package immediately.</p> +<p>РекомендÑеÑÑÑ ÐºÐ°Ðº можно ÑкоÑее обновиÑÑ Ð¿Ð°ÐºÐµÑ klisa.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJWx1UdAAoJEF7nbuICFtKl0RcP/RJp21oFkEOv3Vz+5EkaiBHy xFT90eY4u2SD2qZGYyqhkRijo8sGPYfqdS0idJzatDZo5WeXVHUhsHr5T/r0ZYeu HlmVqvf6tF1dxDK2cP7ZDH9IWu4EgRU+8II8TSalzv/aOOr6cRIBE3Wf5xOCHAY/ Y43OE8dvGtmzzL5aruHp9ppi4E5aRO0dVO2WcXsbvVFbcbrXdlD1SRnmY58siEKg 8qmHSe8K5ORWRuLieFsToPriscYzWbAiKvXF63QgNnECtNJalwQRbZTX6wj0EUEf jWzUuMOxYjkH6mvvnvts8dTniKXBXp4DjsfkjjLKgSuci+K1DGxmKtYhv3wkMKaz r9IqAxKXX9zBMS2TE3YQJkuB4zIcFfb30t3/p1fOiCtoM04kgK08IkiEXoYp4865 twEiNmRuiLiONKD/y/ygPD9GAnRiUTs9/novPgz43Un6Conr33LFTvjF1MAsj9mi Da+BKNmdmzMBRTs0Or5bjMW6zfF3/iH8+TlvQbmAk0s/Ho7aYjaNrKNLF6UZLrmO B1ThJYWF727ojvT92+fyj3H01fw4Yz1ilKrBnLbIKo17f4hMPl/z8rAVZDq1S81y +MXREBJZeWJcmQYc6YxFjb79cUNDMFImGmsAEeCSYhZ7+VQ842pSSuZne7Jp5sd0 dQGlgkCPaMIC/c0qAVud =CP8J -----END PGP SIGNATURE-----
