-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2010/dsa-1999.wml 2014-04-30 13:16:22.000000000 +0600 +++ russian/security/2010/dsa-1999.wml 2016-09-27 11:10:25.929046187 +0500 @@ -1,48 +1,49 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Several remote vulnerabilities have been discovered in Xulrunner, a - -runtime environment for XUL applications, such as the Iceweasel web - -browser. The Common Vulnerabilities and Exposures project identifies - -the following problems:</p> +<p>Ð Xulrunner, окÑÑжении вÑемени иÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð´Ð»Ñ XUL-пÑиложений (ÑÐ°ÐºÐ¸Ñ ÐºÐ°Ðº +веб-бÑаÑÐ·ÐµÑ Iceweasel), бÑло обнаÑÑжено +неÑколÑко ÑдалÑннÑÑ ÑÑзвимоÑÑей. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and Exposures опÑеделÑÐµÑ +ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-1571">CVE-2009-1571</a> - - <p>Alin Rad Pop discovered that incorrect memory handling in the - - HTML parser could lead to the execution of arbitrary code.</p></li> + <p>Ðлин Рад Ðоп обнаÑÑжил, ÑÑо непÑавилÑÐ½Ð°Ñ ÑабоÑа Ñ Ð¿Ð°Ð¼ÑÑÑÑ Ð² + коде Ð´Ð»Ñ Ð³ÑаммаÑиÑеÑкого ÑазбоÑа HTML Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-3988">CVE-2009-3988</a> - - <p>Hidetake Jo discovered that the same-origin policy can be - - bypassed through window.dialogArguments.</p></li> + <p>ХидеÑаке Ðо обнаÑÑжил, ÑÑо пÑавило одного иÑÑоÑника можно + обойÑи Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ window.dialogArguments.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2010-0159">CVE-2010-0159</a> - - <p>Henri Sivonen, Boris Zbarsky, Zack Weinberg, Bob Clary, Martijn - - Wargers and Paul Nickerson reported crashes in layout engine, - - which might allow the execution of arbitrary code.</p></li> + <p>ÐенÑи Сивонен, ÐоÑÐ¸Ñ ÐбаÑÑкий, Ðак ÐайнбеÑг, Ðоб ÐлÑÑи, ÐаÑÑийн + ÐаÑгеÑÑ Ð¸ Ðол ÐикеÑÑон ÑообÑили об аваÑийнÑÑ Ð¾ÑÑÐ°Ð½Ð¾Ð²ÐºÐ°Ñ Ð² движке ÑазмеÑки, + коÑоÑÑе могÑÑ Ð¿Ð¾Ð·Ð²Ð¾Ð»Ð¸ÑÑ Ð²ÑполниÑÑ Ð¿ÑоизволÑнÑй код.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2010-0160">CVE-2010-0160</a> - - <p>Orlando Barrera II discovered that incorrect memory handling in the - - implementation of the web worker API could lead to the execution - - of arbitrary code.</p></li> + <p>ÐÑландо ÐаÑÑеÑа II обнаÑÑжил, ÑÑо непÑавилÑÐ½Ð°Ñ ÑабоÑа Ñ Ð¿Ð°Ð¼ÑÑÑÑ Ð² + ÑеализаÑии API web worker Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ + пÑоизволÑного кода.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2010-0162">CVE-2010-0162</a> - - <p>Georgi Guninski discovered that the same origin policy can be - - bypassed through specially crafted SVG documents.</p></li> + <p>ÐеоÑгий ÐанинÑкий обнаÑÑжил, ÑÑо пÑавило одного иÑÑоÑника можно + обойÑи Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ ÑпеÑиалÑно ÑÑоÑмиÑованнÑÑ Ð´Ð¾ÐºÑменÑов SVG.</p></li> </ul> - -<p>For the stable distribution (lenny), these problems have been fixed in - -version 1.9.0.18-1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (lenny) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 1.9.0.18-1.</p> - -<p>For the unstable distribution (sid), these problems have been fixed in - -version 1.9.1.8-1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 1.9.1.8-1.</p> - -<p>We recommend that you upgrade your xulrunner packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ xulrunner.</p> </define-tag> # do not modify the following line - --- english/security/2010/dsa-2130.wml 2014-04-30 13:16:22.000000000 +0600 +++ russian/security/2010/dsa-2130.wml 2016-09-27 11:04:52.449962550 +0500 @@ -1,43 +1,44 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Several remote vulnerabilities have been discovered in BIND, an - -implementation of the DNS protocol suite. The Common Vulnerabilities - -and Exposures project identifies the following problems:</p> +<p>Ð BIND, ÑеализаÑии набоÑа пÑоÑоколов DNS, бÑло обнаÑÑжено неÑколÑко +ÑÑзвимоÑÑей. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities +and Exposures опÑеделÑÐµÑ ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2010-3762">CVE-2010-3762</a> - - <p>When DNSSEC validation is enabled, BIND does not properly - - handle certain bad signatures if multiple trust anchors exist - - for a single zone, which allows remote attackers to cause a - - denial of service (server crash) via a DNS query.</p></li> + <p>ÐÑи оÑклÑÑении пÑовеÑки DNSSEC BIND непÑавилÑно + обÑабаÑÑÐ²Ð°ÐµÑ Ð½ÐµÐºÐ¾ÑоÑÑе Ð¿Ð»Ð¾Ñ Ð¸Ðµ подпиÑи в ÑлÑÑае, еÑли Ð´Ð»Ñ Ð¾Ð´Ð½Ð¾Ð¹ Ð·Ð¾Ð½Ñ Ð¸Ð¼ÐµÑÑÑÑ Ð½ÐµÑколÑко ÑоÑек + довеÑиÑ, ÑÑо позволÑÐµÑ ÑдалÑннÑÑ Ð·Ð»Ð¾ÑмÑÑленникам вÑзÑваÑÑ + оÑказ в обÑлÑживании (аваÑÐ¸Ð¹Ð½Ð°Ñ Ð¾ÑÑановка ÑеÑвеÑа) Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ DNS-запÑоÑа.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2010-3614">CVE-2010-3614</a> - - <p>BIND does not properly determine the security status of an NS - - RRset during a DNSKEY algorithm rollover, which may lead to - - zone unavailability during rollovers.</p></li> + <p>BIND непÑавилÑно опÑеделÑÐµÑ ÑÑаÑÑÑ Ð±ÐµÐ·Ð¾Ð¿Ð°ÑноÑÑи NS + RRset в Ñ Ð¾Ð´Ðµ вÑбоÑа алгоÑиÑма DNSKEY, ÑÑо Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº + недоÑÑÑпноÑÑи Ð·Ð¾Ð½Ñ Ð²Ð¾ вÑÐµÐ¼Ñ Ð²ÑделениÑ.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2010-3613">CVE-2010-3613</a> - - <p>BIND does not properly handle the combination of signed - - negative responses and corresponding RRSIG records in the - - cache, which allows remote attackers to cause a denial of - - service (server crash) via a query for cached data.</p></li> + <p>BIND непÑавилÑно обÑабаÑÑÐ²Ð°ÐµÑ ÐºÐ¾Ð¼Ð±Ð¸Ð½Ð°ÑÐ¸Ñ Ð¿Ð¾Ð´Ð¿Ð¸ÑаннÑÑ Ð¾ÑÑиÑаÑелÑнÑÑ + запÑоÑов и ÑооÑвеÑÑÑвÑÑÑÐ¸Ñ Ð·Ð°Ð¿Ð¸Ñей RRSIG в + кеÑе, ÑÑо позволÑÐµÑ ÑдалÑннÑм злоÑмÑÑленникам вÑзÑваÑÑ Ð¾Ñказ в + обÑлÑживании (аваÑÐ¸Ð¹Ð½Ð°Ñ Ð¾ÑÑановка ÑеÑвеÑа) Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ Ð·Ð°Ð¿ÑоÑа кеÑиÑованнÑÑ Ð´Ð°Ð½Ð½ÑÑ .</p></li> </ul> - -<p>In addition, this security update improves compatibility with - -previously installed versions of the bind9 package. As a result, it - -is necessary to initiate the update with "apt-get dist-upgrade" - -instead of "apt-get update".</p> +<p>ÐÑоме Ñого, данное обновление безопаÑноÑÑи ÑлÑÑÑÐ°ÐµÑ ÑовмеÑÑимоÑÑÑ Ñ +Ñанее ÑÑÑановленнÑми веÑÑиÑми пакеÑа bind9. Ð ÑезÑлÑÑаÑе ÑÑебÑеÑÑÑ +запÑÑÑиÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ðµ Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ "apt-get dist-upgrade", +а не Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ "apt-get update".</p> - -<p>For the stable distribution (lenny), these problems have been fixed in - -version 1:9.6.ESV.R3+dfsg-0+lenny1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (lenny) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 1:9.6.ESV.R3+dfsg-0+lenny1.</p> - -<p>For the upcoming stable distribution (squeeze) and the unstable - -distribution (sid), these problems have been fixed in version +<p>РгоÑовÑÑемÑÑ ÑÑабилÑном (squeeze) и неÑÑабилÑном (sid) +вÑпÑÑÐºÐ°Ñ ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² веÑÑии 1:9.7.2.dfsg.P3-1.</p> - -<p>We recommend that you upgrade your bind9 packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ bind9.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJX6g1UAAoJEF7nbuICFtKloQMQAKg3yz26fNavfIspmtqzl+ow hbGGtJ711d+mqQ2jYkg8Uw1lfg9jxYZSn0MCa7h7+D4x7fN1H0DYvgVT4U48kvZP fE3E+r6B0LYq/W0rNeNVL9N/c4dFJm71PetgcfMQlNWrD7MdC7R6392yubbWD33v I/D/ZEgd4jAqapHNoYIPt9/Ke1IfepfiQKQwD/lcZUEiiUFdw7Zy8QzVwXMeOhg1 baMOF9dXmv3BgdiebE7zOfRGJi64MjdAdlfcAeAW8QJhwzpi4IfqzFkE6a22deA7 8pqJr4vurL2zrDx/NyC/ACABjYQQoaX9+46tm+amp4kvK8Go+juCqMkEw2dudQVz 1tjmHjo+Ce8G/yuu6gTsUrgLe4l5CiJiVowZnFSzBcfvlOEh4MXHW81NhFZXbeNy M0Bb4gAV1TjxBFEQuvl3tiihlSO0HUefV9MttjUuqcg5Sw5lupq8KfEp70w4kHss iGCDxeq5G9W4JwJ+vcyGBfoccN+l1cw40mNBlPmsP1ukdvPm3g4LLpr9KxTHIi2W UY+Q/VDVhuf34LE6k1qRsmfudmrwy6hbVyOWGMYyUCIjwaraZ/qd6voMk4DawpR4 grPi0a+fOKeHvQTWhDpTBpLRpFNmIMzjbDmeho+BJtceemkjzpLHb1wCLlHudh6k 4bHa4Hkkfe5g6hbC0k4w =0B5s -----END PGP SIGNATURE-----

