-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2010/dsa-1966.wml 2014-04-30 13:16:22.000000000 +0600 +++ russian/security/2010/dsa-1966.wml 2016-09-25 23:45:14.001040688 +0500 @@ -1,43 +1,44 @@ - -<define-tag description>insufficient input sanitising</define-tag> +#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov" +<define-tag description>недоÑÑаÑоÑÐ½Ð°Ñ Ð¾ÑиÑÑка Ð²Ñ Ð¾Ð´Ð½ÑÑ Ð´Ð°Ð½Ð½ÑÑ </define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities have been found in horde3, the horde web application - -framework. The Common Vulnerabilities and Exposures project identifies - -the following problems:</p> +<p>Ð horde3, инÑÑаÑÑÑÑкÑÑÑе веб-пÑиложений horde, бÑло обнаÑÑжено неÑколÑко +ÑÑзвимоÑÑей. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and Exposures опÑеделÑÐµÑ +ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-3237">CVE-2009-3237</a> - -<p>It has been discovered that horde3 is prone to cross-site scripting - -attacks via crafted number preferences or inline MIME text parts when - -using text/plain as MIME type. - -For lenny this issue was already fixed, but as an additional security - -precaution, the display of inline text was disabled in the configuration - -file.</p></li> +<p>ÐÑло обнаÑÑжено, ÑÑо инÑÑаÑÑÑÑкÑÑÑа horde3 ÑÑзвима к межÑайÑÐ¾Ð²Ð¾Ð¼Ñ ÑкÑипÑÐ¸Ð½Ð³Ñ +Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ ÑпеÑиалÑно ÑÑоÑмиÑованнÑÑ Ð½Ð°ÑÑÑоек ÑиÑел или вÑÑÑоеннÑÑ ÑекÑÑовÑÑ ÑаÑÑей MIME в +ÑлÑÑае иÑполÑÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ text/plain в каÑеÑÑве Ñипа MIME. +Ð lenny ÑÑа пÑоблема Ñже бÑла иÑпÑавлена, но в каÑеÑÑве дополниÑелÑной пÑедоÑÑоÑожноÑÑи +в Ñайле наÑÑÑоек бÑло оÑклÑÑено оÑобÑажение вÑÑÑоенного +ÑекÑÑа.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-3701">CVE-2009-3701</a> - -<p>It has been discovered that the horde3 administration interface is prone - -to cross-site scripting attacks due to the use of the PHP_SELF variable. - -This issue can only be exploited by authenticated administrators.</p></li> +<p>ÐÑло обнаÑÑжено, ÑÑо инÑеÑÑÐµÐ¹Ñ Ð°Ð´Ð¼Ð¸Ð½Ð¸ÑÑÑаÑоÑа horde3 ÑÑзвим к +межÑайÑÐ¾Ð²Ð¾Ð¼Ñ ÑкÑипÑÐ¸Ð½Ð³Ñ Ð¸Ð·-за иÑполÑÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ Ð¿ÐµÑеменной PHP_SELF. +ÐÑа пÑоблема Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑÑÑ ÑолÑко аÑÑенÑиÑиÑиÑованнÑми админиÑÑÑаÑоÑами.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-4363">CVE-2009-4363</a> - -<p>It has been discovered that horde3 is prone to several cross-site - -scripting attacks via crafted data:text/html values in HTML messages.</p></li> +<p>ÐÑло обнаÑÑжено, ÑÑо инÑÑаÑÑÑÑкÑÑÑа horde3 ÑÑзвима к неÑколÑким ÑлÑÑаÑм межÑайÑового +ÑкÑипÑинга Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ ÑпеÑиалÑно ÑÑоÑмиÑованнÑÑ Ð·Ð½Ð°Ñений data:text/html в ÑообÑениÑÑ HTML.</p></li> </ul> - -<p>For the stable distribution (lenny), these problems have been fixed in - -version 3.2.2+debian0-2+lenny2.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (lenny) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 3.2.2+debian0-2+lenny2.</p> - -<p>For the oldstable distribution (etch), these problems have been fixed in - -version 3.1.3-4etch7.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (etch) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 3.1.3-4etch7.</p> - -<p>For the testing distribution (squeeze) and the unstable distribution - -(sid), these problems have been fixed in version 3.3.6+debian0-1.</p> +<p>Ð ÑеÑÑиÑÑемом (squeeze) и неÑÑабилÑном (sid) вÑпÑÑÐºÐ°Ñ +ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² веÑÑии 3.3.6+debian0-1.</p> - -<p>We recommend that you upgrade your horde3 packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ horde3.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJX6BtHAAoJEF7nbuICFtKl2Y4P/R4qrppxXSnti41gVP+mZUaz eDREdXGqWXvJFvHyRnqybRZTM1/suRn5ihPv+Mmr7JO+fBYAHCWiokojA4BymKE7 gmvXD66ay5sboB8nyeyUNnILFYG3fUloJWktopc0MY78dHgJXQwzkCvKeNKwppwy R7xgf7lTgEr8VwnpOKRMAzAW+IFcGP07uyf7KtDFfoCRGF0ySL1eQYg0rKyRbaln tS2N714ymigrzFLGH5kn55ec13M+SU3S90KcHMqRiEpuLcDpVQ1yWWJAfpfV2Jrt 6nmPsB0iHXG/V3uzVsFbxGnWhE3fMe+F/s6hlh1IxyfMMPeDyx2Mhgix5vwkTtOG 5sO6wKKYXTg+8tjwcUjpVn5lccQpDw1IYcWfJMmjbDZlU1wfruClulfQSL2VlRXh KTWmUz/PpfFMN/Xfx2oEfVTwDmpmm1XGWUcTYncZNnp5nz3VwgdCSQ6enSZ6uVhU XNyXlKCacl5ZG41YYD2cHHIAbvR5tylK/54w6eVypzTgFJovYbsJWtF8HWwThbq5 pE8yt/mlxCx7DPWNRh+Bm6w030sjABV6O3QWJyZzTsOfTcRLsfolU1uJ/wvQ58Lw yzKuBWuNxvDBL/PvkHTuBy5VyXAIDJYnxeuMkPVO44RPrOHOClOWMci3vaSyju+1 iGuqwr+E+dVo0rq+wCSW =VJBY -----END PGP SIGNATURE-----

