-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2016/dsa-3679.wml 2016-09-27 15:54:53.000000000 +0500 +++ russian/security/2016/dsa-3679.wml 2016-09-28 10:01:08.828377849 +0500 @@ -1,17 +1,18 @@ - -<define-tag description>security update</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи</define-tag> <define-tag moreinfo> - -<p>Lukas Reschke discovered that Apache Jackrabbit, an implementation of - -the Content Repository for Java Technology API, did not correctly - -check the Content-Type header on HTTP POST requests, enabling - -Cross-Site Request Forgery (CSRF) attacks by malicious web sites.</p> +<p>ÐÑÐºÐ°Ñ Ð ÐµÑке обнаÑÑжил, ÑÑо Apache Jackrabbit, ÑеализаÑÐ¸Ñ +ÑепозиÑоÑÐ¸Ñ ÑодеÑÐ¶Ð°Ð½Ð¸Ñ Ð´Ð»Ñ API Java Technology, непÑавилÑно +вÑполнÑÐµÑ Ð¿ÑовеÑÐºÑ Ð·Ð°Ð³Ð¾Ð»Ð¾Ð²ÐºÐ° Content-Type Ñ POST-запÑоÑов, ÑÑо позволÑÐµÑ +злоÑмÑÑленникам подделÑваÑÑ Ð¼ÐµÐ¶ÑайÑовÑе запÑоÑÑ (CSRF).</p> - -<p>For the stable distribution (jessie), this problem has been fixed in - -version 2.3.6-1+deb8u2.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (jessie) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.3.6-1+deb8u2.</p> - -<p>For the unstable distribution (sid), this problem has been fixed in - -version 2.12.4-1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.12.4-1.</p> - -<p>We recommend that you upgrade your jackrabbit packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ jackrabbit.</p> </define-tag> # do not modify the following line - --- english/security/2016/dsa-3680.wml 2016-09-28 03:14:59.000000000 +0500 +++ russian/security/2016/dsa-3680.wml 2016-09-28 10:06:02.311331118 +0500 @@ -1,28 +1,29 @@ - -<define-tag description>security update</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи</define-tag> <define-tag moreinfo> - -<p>Two vulnerabilities were reported in BIND, a DNS server.</p> +<p>Ð BIND, DNS-ÑеÑвеÑе, бÑли обнаÑÑÐ¶ÐµÐ½Ñ Ð´Ð²Ðµ ÑÑзвимоÑÑи.</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-2775">CVE-2016-2775</a> - - <p>The lwresd component in BIND (which is not enabled by default) - - could crash while processing an overlong request name. This could - - lead to a denial of service.</p></li> + <p>ÐÐ¾Ð¼Ð¿Ð¾Ð½ÐµÐ½Ñ lwresd в BIND (коÑоÑÑй по ÑмолÑÐ°Ð½Ð¸Ñ Ð½Ðµ вклÑÑен) + Ð¼Ð¾Ð¶ÐµÑ Ð°Ð²Ð°Ñийно завеÑÑиÑÑ ÑÐ²Ð¾Ñ ÑабоÑÑ Ð² Ñ Ð¾Ð´Ðµ обÑабоÑки ÑлиÑком длинного имени запÑоÑа. ÐÑо Ð¼Ð¾Ð¶ÐµÑ + пÑиводиÑÑ Ðº оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-2776">CVE-2016-2776</a> - - <p>A crafted query could crash the BIND name server daemon, leading - - to a denial of service. All server roles (authoritative, - - recursive and forwarding) in default configurations are - - affected.</p></li> + <p>СпеÑиалÑно ÑÑоÑмиÑованнÑй запÑÐ¾Ñ Ð¼Ð¾Ð¶ÐµÑ Ð²ÑзÑваÑÑ Ð°Ð²Ð°ÑийнÑÑ Ð¾ÑÑÐ°Ð½Ð¾Ð²ÐºÑ ÑлÑÐ¶Ð±Ñ ÑеÑвеÑа имÑн BIND, + пÑÐ¸Ð²Ð¾Ð´Ñ Ðº оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании. ÐÑой ÑÑзвимоÑÑи подвеÑÐ¶ÐµÐ½Ñ Ð²Ñе Ñоли + ÑеÑвеÑа (авÑоÑиÑеÑнаÑ, ÑекÑÑÑÐ¸Ð²Ð½Ð°Ñ Ð¸ ÑÑанÑпоÑÑнаÑ) пÑи наÑÑÑÐ¾Ð¹ÐºÐ°Ñ + по ÑмолÑаниÑ.</p></li> </ul> - -<p>For the stable distribution (jessie), these problems have been fixed in - -version 1:9.9.5.dfsg-9+deb8u7.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (jessie) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 1:9.9.5.dfsg-9+deb8u7.</p> - -<p>We recommend that you upgrade your bind9 packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ bind9.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJX60/QAAoJEF7nbuICFtKlDQMQAJUX/V9mqsSkUujs+//Cdof4 /n5y0bkPDqoYFOfgxy8WIi+ll+BA+w2NWphkRHY6dVxYUWipYzHB6uKmnOrZjxd7 aJdtu6FqCLhb1+x++04mFkL5ZVxpPHXPauqTXZo7jXyzHE12YX/hrEM+q2Kt9hUn 9ydKya5WdIN9OHS3MqC5DWIwNhl/KjKDIwvL4+KCAHtGQxBU45sjL9f8H/kmZ6Pl pG6C5wVftrclpWMNfEe4fJkqbPXPQ5dU2x0fKaL+XwQZIZC1Kg0styJM0uS+uepd 9arj3BpixSgk/LtBGUhU2pT/LXhl82Ji1Z4e0ji1mTwa+8lZi+gcXHahQxLd5ACK MumapI6esvIbUMn2vEqocqs2Y7HWn4B+3ST5e4TF6M3zzYQ5rnw5Xp3s7mucHGon J4dyzKbfVHVMFau2R02D8JHXXJeA0CfEEelW50BdaYlvUTTQaE3v3Cy/2LU06ihP 6LQZ7JrGpG7tKMqbz7MzXmBMzosTjFZlUccvX3ODMkq4NATbNhqPK/GWPSyvhHUp eL+9Q83Q0FT7ZyBXR6wD0yvN70RZxEz7d/fPm179JYLsW3HZeeIL0XYVNA0movmJ y4Nyk0kbMA16KF4gbZBIjgV8uX04WLUXJ04qGZwFe89ZnDpgKE6iF/X3vc181Nh7 IhAypmLjXS7A9vIzgfzH =6Q0+ -----END PGP SIGNATURE-----

