-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2010/dsa-1979.wml 2014-04-30 13:16:22.000000000 +0600 +++ russian/security/2010/dsa-1979.wml 2016-09-27 11:18:04.117007506 +0500 @@ -1,49 +1,50 @@ - -<define-tag description>multiple vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov" +<define-tag description>многоÑиÑленнÑе ÑÑзвимоÑÑи</define-tag> <define-tag moreinfo> - -<p>Multiple vulnerabilities have been discovered in lintian, - -a Debian package checker. The following Common Vulnerabilities and - -Exposures project ids have been assigned to identify them:</p> +<p>Ð lintian, ÑÑилиÑе Ð´Ð»Ñ Ð¿ÑовеÑки пакеÑов Debian, бÑли обнаÑÑÐ¶ÐµÐ½Ñ +многоÑиÑленнÑе ÑÑзвимоÑÑи. ÐÑим ÑÑзвимоÑÑÑм бÑли опÑÐµÐ´ÐµÐ»ÐµÐ½Ñ +ÑледÑÑÑие иденÑиÑикаÑоÑÑ CVE:</p> <ul> - -<li><a href="https://security-tracker.debian.org/tracker/CVE-2009-4013">CVE-2009-4013</a>: missing control files sanitation +<li><a href="https://security-tracker.debian.org/tracker/CVE-2009-4013">CVE-2009-4013</a>: оÑÑÑÑÑÑвие оÑиÑÑки Ñайлов control - - <p>Control field names and values were not sanitised before using them - - in certain operations that could lead to directory traversals.</p> + <p>Ðмена полей и знаÑÐµÐ½Ð¸Ñ Ð² ÑÐ°Ð¹Ð»Ð°Ñ control не оÑиÑаÑÑÑÑ Ð´Ð¾ Ð¸Ñ Ð¸ÑполÑÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ + в опÑеделÑннÑÑ Ð¾Ð¿ÐµÑаÑиÑÑ , ÑÑо Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº Ð¾Ð±Ñ Ð¾Ð´Ñ ÐºÐ°Ñалога.</p> - - <p>Patch systems' control files were not sanitised before using them - - in certain operations that could lead to directory traversals.</p> + <p>УпÑавлÑÑÑие ÑÐ°Ð¹Ð»Ñ Ð·Ð°Ð¿Ð»Ð°Ñ Ð½Ðµ оÑиÑаÑÑÑÑ Ð´Ð¾ Ð¸Ñ Ð¸ÑполÑÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ + в опÑеделÑннÑÑ Ð¾Ð¿ÐµÑаÑиÑÑ , ÑÑо Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº Ð¾Ð±Ñ Ð¾Ð´Ñ ÐºÐ°Ñалога.</p> - - <p>An attacker could exploit these vulnerabilities to overwrite - - arbitrary files or disclose system information.</p></li> + <p>ÐлоÑмÑÑленник Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑ ÑÑи ÑÑзвимоÑÑи Ð´Ð»Ñ Ð¿ÐµÑезапиÑи + пÑоизволÑнÑй Ñайлов или ÑаÑкÑÑÑÐ¸Ñ ÑиÑÑемной инÑоÑмаÑии.</p></li> - -<li><a href="https://security-tracker.debian.org/tracker/CVE-2009-4014">CVE-2009-4014</a>: format string vulnerabilities +<li><a href="https://security-tracker.debian.org/tracker/CVE-2009-4014">CVE-2009-4014</a>: ÑÑзвимоÑÑи ÑоÑмаÑной ÑÑÑоки - - <p>Multiple check scripts and the Lintian::Schedule module were using - - user-provided input as part of the sprintf/printf format string.</p></li> + <p>ÐногоÑиÑленнÑе ÑÑенаÑии пÑовеÑки и модÑÐ»Ñ Lintian::Schedule иÑполÑзÑÑÑ + пеÑедаваемÑе полÑзоваÑелем даннÑÑ Ð² каÑеÑÑве ÑаÑÑи ÑоÑмаÑной ÑÑÑоки sprintf/printf.</p></li> - -<li><a href="https://security-tracker.debian.org/tracker/CVE-2009-4015">CVE-2009-4015</a>: arbitrary command execution +<li><a href="https://security-tracker.debian.org/tracker/CVE-2009-4015">CVE-2009-4015</a>: вÑполнение пÑоизволÑной ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ - - <p>File names were not properly escaped when passing them as arguments - - to certain commands, allowing the execution of other commands as - - pipes or as a set of shell commands.</p></li> + <p>Ðмена Ñайлов непÑавилÑно ÑкÑаниÑÑÑÑÑÑ Ð¿Ñи пеÑедаÑе Ð¸Ñ Ð² каÑеÑÑве аÑгÑменÑов + опÑеделÑннÑм командам, ÑÑо позволÑÐµÑ Ð²ÑполнÑÑÑ ÑеÑез ÐºÐ°Ð½Ð°Ð»Ñ Ð´ÑÑгие ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ + или набоÑÑ ÐºÐ¾Ð¼Ð°Ð½Ð´ командной оболоÑки.</p></li> </ul> - -<p>For the oldstable distribution (etch), these problems have been fixed in - -version 1.23.28+etch1.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (etch) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 1.23.28+etch1.</p> - -<p>For the stable distribution (lenny), these problems have been fixed in - -version 1.24.2.1+lenny1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (lenny) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 1.24.2.1+lenny1.</p> - -<p>For the testing distribution (squeeze), these problems will be fixed - -soon.</p> +<p>Ð ÑеÑÑиÑÑемом вÑпÑÑке (squeeze) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±ÑдÑÑ Ð¸ÑпÑÐ°Ð²Ð»ÐµÐ½Ñ +позже.</p> - -<p>For the unstable distribution (sid), these problems have been fixed in - -version 2.3.2</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 2.3.2</p> - -<p>We recommend that you upgrade your lintian packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ lintian.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJX6g8eAAoJEF7nbuICFtKlNVwQAJ5JpWde8Ey1rijyEsMvSUOs gRShu9SIu92lRrsN+QjAQfU9cFChhB+qHJFypVCwyKBVA0f6sTIFdBFizFmAkrAo dgUd2KCEdr0TD7+4GlELTstEtKdHdLCdgRYCbVVDwoCVbNqeEycSszQgr2uWgAw5 VY65AzN7Is6j0DG0zCd82heUa/TbhvMM3p7phKH0uwQCk+pJgqRFnCbHoe5G9mcn RdEU7nAw2loFmFdGshPrKm8hNTbRN3JoyBBLvO1lxnVMntmPOMoI1Den/jkslVWO LBPsVtXQPuStZg5ScexqvOTYZAftCG0norOhVEUppz2I5DeXkb8pzeGyAgI0x1mw AfQ1AzjZSgv0vAF0mPl1LCIsD92wz0JpcL9NXUc7a2D4vONT6dVxyfuox986K1U0 31NhqKujUTdvJtO9lq0zl0x3ZEJAMPMLiFXSJwWCpzaekIKWd7Zgqju7Hw7UyPKe FpS7ZsquJMmfotJB1CNU0DoXNBPqixSH9Xu9q8fxIuhAJj1vdco7gKGSq1ytL1sC vq5dBR+6IFzZlns51M3VaP/TMgtywiJuF27+UNbmWhRJy76bIHgW6Z/sx7u5NROs RC05q4K8WhNFZTRuMMdflU3cG7A82tMnD4IV2v48EEjrflYdRZKCBDXHKWArb2qt QUxuBk/7x0T7eLnR3PLS =2RyP -----END PGP SIGNATURE-----

