-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2009/dsa-1805.wml 2014-04-30 13:16:19.000000000 +0600 +++ russian/security/2009/dsa-1805.wml 2016-09-26 22:58:24.153410514 +0500 @@ -1,41 +1,42 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities have been discovered in Pidgin, a graphical - -multi-protocol instant messaging client. The Common Vulnerabilities and - -Exposures project identifies the following problems:</p> +<p>Ð Pidgin, гÑаÑиÑеÑком клиенÑе Ð´Ð»Ñ Ð¾Ð±Ð¼ÐµÐ½Ð° мгновеннÑми ÑообÑениÑми Ñ Ð¿Ð¾Ð´Ð´ÐµÑжкой множеÑÑва +пÑоÑоколов, бÑло обнаÑÑжено неÑколÑко ÑÑзвимоÑÑей. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and +Exposures опÑеделÑÐµÑ ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-1373">CVE-2009-1373</a> - - <p>A buffer overflow in the Jabber file transfer code may lead to - - denial of service or the execution of arbitrary code.</p></li> + <p>ÐеÑеполнение бÑÑеÑа в коде пеÑедаÑи Ñайлов пÑи иÑполÑзовании Jabber Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº + оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании или вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-1375">CVE-2009-1375</a> - - <p>Memory corruption in an internal library may lead to denial of - - service.</p></li> + <p>ÐовÑеждение ÑодеÑжимого памÑÑи во внÑÑÑенней библиоÑеке Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº оÑÐºÐ°Ð·Ñ + в обÑлÑживании.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-1376">CVE-2009-1376</a> - - <p>The patch provided for the security issue tracked as <a href="https://security-tracker.debian.org/tracker/CVE-2008-2927">CVE-2008-2927</a> - - - integer overflows in the MSN protocol handler - was found to be - - incomplete.</p></li> + <p>ÐказалоÑÑ, ÑÑо заплаÑа, пÑедоÑÑÐ°Ð²Ð»ÐµÐ½Ð½Ð°Ñ Ð´Ð»Ñ Ð¸ÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±ÐµÐ·Ð¾Ð¿Ð°ÑноÑÑи <a href="https://security-tracker.debian.org/tracker/CVE-2008-2927">CVE-2008-2927</a> + — пеÑÐµÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ ÑелÑÑ ÑиÑел в обÑабоÑÑике пÑоÑокола MSN — + неполна.</p></li> </ul> - -<p>The old stable distribution (etch) is affected under the source package - -name gaim. However, due to build problems the updated packages couldn't - -be released along with the stable version. It will be released once the - -build problem is resolved.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (etch) ÑÑа ÑÑзвимоÑÑи акÑÑалÑÐ½Ñ Ð´Ð»Ñ Ð¿Ð°ÐºÐµÑа Ñ +иÑÑ Ð¾Ð´Ð½Ñм кодом gaim. Тем не менее, из-за пÑоблем Ñо ÑбоÑкой обновлÑннÑе пакеÑÑ Ð½ÐµÐ»ÑÐ·Ñ +вÑпÑÑÑиÑÑ Ð¾Ð´Ð½Ð¾Ð²Ñеменно Ñо ÑÑабилÑной веÑÑией. Ðни бÑдÑÑ Ð²ÑпÑÑÐµÐ½Ñ Ð¿Ð¾ +меÑе ÑеÑÐµÐ½Ð¸Ñ Ð¿Ñоблем Ñо ÑбоÑкой.</p> - -<p>For the stable distribution (lenny), these problems have been fixed in - -version 2.4.3-4lenny2.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (lenny) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 2.4.3-4lenny2.</p> - -<p>For the unstable distribution (sid), these problems have been fixed in - -version 2.5.6-1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 2.5.6-1.</p> - -<p>We recommend that you upgrade your pidgin packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ pidgin.</p> </define-tag> # do not modify the following line - --- english/security/2009/dsa-1814.wml 2014-04-30 13:16:19.000000000 +0600 +++ russian/security/2009/dsa-1814.wml 2016-09-26 22:52:42.734517792 +0500 @@ -1,42 +1,43 @@ - -<define-tag description>heap-based buffer overflow</define-tag> +#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov" +<define-tag description>пеÑеполнение динамиÑеÑкой памÑÑи</define-tag> <define-tag moreinfo> - -<p>Two vulnerabilities have been found in libsndfile, a library to read - -and write sampled audio data. The Common Vulnerabilities and Exposures - -project identified the following problems:</p> +<p>Ð libsndfile, библиоÑеке Ð´Ð»Ñ ÑÑÐµÐ½Ð¸Ñ Ð¸ запиÑи ÑÑмплиÑованнÑÑ Ð°ÑдиоданнÑÑ , бÑли +обнаÑÑÐ¶ÐµÐ½Ñ Ð´Ð²Ðµ ÑÑзвимоÑÑи. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and Exposures +опÑеделÑÐµÑ ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-1788">CVE-2009-1788</a> - -<p>Tobias Klein discovered that the VOC parsing routines suffer of a heap-based - -buffer overflow which can be triggered by an attacker via a crafted VOC - -header.</p></li> +<p>Ð¢Ð¾Ð±Ð¸Ð°Ñ ÐлÑйн обнаÑÑжил, ÑÑо ÑÑнкÑии Ð´Ð»Ñ Ð²ÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð³ÑаммаÑиÑеÑкого ÑазбоÑа VOC подвеÑÐ¶ÐµÐ½Ñ +пеÑÐµÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð´Ð¸Ð½Ð°Ð¼Ð¸ÑеÑкой памÑÑи, коÑоÑое злоÑмÑÑленник Ð¼Ð¾Ð¶ÐµÑ Ð²ÑзваÑÑ Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ ÑпеÑиалÑно +ÑÑоÑмиÑованного заголовка VOC.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-1791">CVE-2009-1791</a> - -<p>The vendor discovered that the AIFF parsing routines suffer of a heap-based - -buffer overflow similar to <a href="https://security-tracker.debian.org/tracker/CVE-2009-1788">CVE-2009-1788</a> which can be triggered by an attacker - -via a crafted AIFF header.</p></li> +<p>РазÑабоÑÑик обнаÑÑжил, ÑÑо ÑÑнкÑии Ð´Ð»Ñ Ð²ÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð³ÑаммаÑиÑеÑкого ÑазбоÑа AIFF подвеÑÐ¶ÐµÐ½Ñ +пеÑÐµÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð´Ð¸Ð½Ð°Ð¼Ð¸ÑеÑкой памÑÑи, ÑÑ Ð¾Ð´Ð½Ð¾Ð¼Ñ Ñ <a href="https://security-tracker.debian.org/tracker/CVE-2009-1788">CVE-2009-1788</a>, коÑоÑое злоÑмÑÑленник +Ð¼Ð¾Ð¶ÐµÑ Ð²ÑзваÑÑ Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ ÑпеÑиалÑно ÑÑоÑмиÑованного заголовка AIFF.</p></li> </ul> - -<p>In both cases the overflowing data is not completely attacker controlled but - -still leads to application crashes or under some circumstances might still - -lead to arbitrary code execution.</p> +<p>Ð Ð¾Ð±Ð¾Ð¸Ñ ÑлÑÑаÑÑ Ð´Ð°Ð½Ð½Ñе, иÑполÑзÑемÑе Ð´Ð»Ñ Ð¿ÐµÑеполнениÑ, не полноÑÑÑÑ ÐºÐ¾Ð½ÑÑолиÑÑÑÑÑÑ Ð·Ð»Ð¾ÑмÑÑленником, но +ÑÑо вÑÑ Ñавно пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº аваÑийной оÑÑановке пÑиложениÑ, а пÑи некоÑоÑÑÑ Ð¾Ð±ÑÑоÑÑелÑÑÑÐ²Ð°Ñ Ð¼Ð¾Ð¶ÐµÑ +пÑиводиÑÑ Ðº вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода.</p> - -<p>For the oldstable distribution (etch), this problem has been fixed in - -version 1.0.16-2+etch2.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (etch) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1.0.16-2+etch2.</p> - -<p>For the stable distribution (lenny), this problem has been fixed in - -version 1.0.17-4+lenny2.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (lenny) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1.0.17-4+lenny2.</p> - -<p>For the testing distribution (squeeze), this problem will be fixed soon.</p> +<p>Ð ÑеÑÑиÑÑемом вÑпÑÑке (squeeze) ÑÑа пÑоблема бÑдÑÑ Ð¸ÑпÑавлена позже.</p> - -<p>For the unstable distribution (sid), this problem has been fixed in - -version 1.0.20-1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1.0.20-1.</p> - -<p>We recommend that you upgrade your libsndfile packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ libsndfile.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJX6WHCAAoJEF7nbuICFtKlbcsP/irw2Jot4aRmKwDwdciGaHFa DoeTVLJP/fSWsTDrn4fK7MElGreBCeWZ6OSOvUnluZkXoPz0X/dXuULo/bC6mZAI ctA0JGUkrISq5U3qvpjIIjUjcjE9b+e7q4kjSxMAwxHr7PZVD5d6YfxzqygI8pzW 5qVZuybknsZYa+nS8/t1ME3wRyD1roYEMngvAXSltJ8cdQ64hyWphmE01KnjEeEs P0BDUeu13Wfttx1GIxYrtjYeqKcNgEHSEiktoeBS8phDiJysfZkupYZ1YQPLP8iS U76InZIdewn53tLLBZwVKeg6zZb+9qmxn4UfjEsJXc51xF+VHKGmI7DtIXCaJLv9 L2K3yt+zQx3run647ixQn1lf8NfMBnr3oCSDc306cu4JFKS1FcOWyB+v+Y1yoXRt aT+kOHxyj2HDmO4wmCBoMKRKiVcxqbAXTegbwzQjGG0RM2TAYEfLSnhvpG43ZJTq 6n/r8mis5qtg7HJ096vEzu7U4eR5mcli+lf5pmdIZhXxwFiubzfbTxWGpRHse7mV gHak4iT8ZBPmgw5e8pXQG7ynFY/q35qg9iu2hqOYS699Fw8rgN6Rc94YRjPU1U5n i9Azv/XSpfRUOX7EAV+0hnHpMNj4bs/H1CYf7D5Gcc85cbYo/PQFYBdKsvstRep8 pq7dhde7is7I06p/6C0h =fAtC -----END PGP SIGNATURE-----

