-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2010/dsa-1976.wml 2014-04-30 13:16:22.000000000 +0600 +++ russian/security/2010/dsa-1976.wml 2016-09-30 23:53:23.604205197 +0500 @@ -1,47 +1,48 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities have been discovered in dokuwiki, a standards compliant - -simple to use wiki. - -The Common Vulnerabilities and Exposures project identifies the - -following problems:</p> +<p>Ð dokuwiki, пÑоÑÑой в иÑполÑзовании и ÑооÑвеÑÑÑвÑÑÑей ÑÑандаÑÑам ÑеализаÑии вики, +бÑло обнаÑÑжено неÑколÑко ÑÑзвимоÑÑей. +ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and Exposures опÑеделÑÐµÑ +ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2010-0287">CVE-2010-0287</a> - -<p>It was discovered that an internal variable is not properly sanitized before - -being used to list directories. This can be exploited to list contents of - -arbitrary directories.</p></li> +<p>ÐÑло обнаÑÑжено, ÑÑо внÑÑÑеннÑÑ Ð¿ÐµÑÐµÐ¼ÐµÐ½Ð½Ð°Ñ Ð½ÐµÐ¿ÑавилÑно оÑиÑаеÑÑÑ Ð´Ð¾ ÐµÑ +иÑполÑÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ Ð´Ð»Ñ Ð²Ñвода ÑпиÑка ÑодеÑжимого каÑалогов. ÐÑа ÑÑзвимоÑÑÑ Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑÑÑ +Ð´Ð»Ñ Ð²Ñвода ÑпиÑка ÑодеÑжимого пÑоизволÑнÑÑ ÐºÐ°Ñалогов.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2010-0288">CVE-2010-0288</a> - -<p>It was discovered that the ACL Manager plugin doesn't properly check the - -administrator permissions. This allow an attacker to introduce arbitrary ACL - -rules and thus gaining access to a closed Wiki.</p></li> +<p>ÐÑло обнаÑÑжено, ÑÑо дополнение ACL Manager непÑавилÑно вÑполнÑÐµÑ Ð¿ÑовеÑÐºÑ +пÑав доÑÑÑпа админиÑÑÑаÑоÑа. ÐÑо позволÑÐµÑ Ð·Ð»Ð¾ÑмÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÑ Ð´Ð¾Ð±Ð°Ð²Ð»ÑÑÑ Ð¿ÑоизволÑнÑе +ACL-пÑавила и полÑÑаÑÑ Ð´Ð¾ÑÑÑп к закÑÑÑой вики.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2010-0289">CVE-2010-0289</a> - -<p>It was discovered that the ACL Manager plugin doesn't have protections against - -cross-site request forgeries (CSRF). This can be exploited to change the - -access control rules by tricking a logged in administrator into visiting - -a malicious web site.</p></li> +<p>ÐÑло обнаÑÑжено, ÑÑо дополнение ACL не Ð¸Ð¼ÐµÐµÑ Ð·Ð°ÑиÑÑ Ð¾Ñ Ð¿Ð¾Ð´Ð´ÐµÐ»ÐºÐ¸ +межÑайÑовÑÑ Ð·Ð°Ð¿ÑоÑов (CSRF). ÐÑа ÑÑзвимоÑÑÑ Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑÑÑ Ð´Ð»Ñ Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ +пÑавил доÑÑÑпа в ÑлÑÑае, еÑли воÑедÑий в вики админиÑÑÑаÑÐ¾Ñ Ð¾ÑкÑÐ¾ÐµÑ +подконÑÑолÑнÑй злоÑмÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÑ Ð²ÐµÐ±-ÑайÑ.</p></li> </ul> - -<p>The oldstable distribution (etch) is not affected by these problems.</p> +<p>ÐÑедÑдÑÑий ÑÑабилÑнÑй вÑпÑÑке (etch) не подвеÑжен ÑÑим пÑоблемам.</p> - -<p>For the stable distribution (lenny), these problems have been fixed in - -version 0.0.20080505-4+lenny1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (lenny) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 0.0.20080505-4+lenny1.</p> - -<p>For the testing distribution (squeeze) and the unstable distribution - -(sid), these problems have been fixed in version 0.0.20090214b-3.1.</p> +<p>Ð ÑеÑÑиÑÑемом (squeeze) и неÑÑабилÑном (sid) вÑпÑÑÐºÐ°Ñ +ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² веÑÑии 0.0.20090214b-3.1.</p> - -<p>We recommend that you upgrade your dokuwiki package.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑ dokuwiki.</p> </define-tag> # do not modify the following line - --- english/security/2010/dsa-2051.wml 2014-04-30 13:16:22.000000000 +0600 +++ russian/security/2010/dsa-2051.wml 2016-09-30 23:46:06.205873140 +0500 @@ -1,41 +1,42 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Several local vulnerabilities have been discovered in PostgreSQL, an - -object-relational SQL database. The Common Vulnerabilities and - -Exposures project identifies the following problems:</p> +<p>Ð PostgreSQL, обÑекÑно-ÑелÑÑионной базе даннÑÑ SQL, бÑло обнаÑÑжено +неÑколÑко локалÑнÑÑ ÑÑзвимоÑÑей. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and +Exposures опÑеделÑÐµÑ ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2010-1169">CVE-2010-1169</a> - - <p>Tim Bunce discovered that the implementation of the procedural - - language PL/Perl insufficiently restricts the subset of allowed - - code, which allows authenticated users the execution of arbitrary - - Perl code.</p></li> + <p>Тим ÐÐ°Ð½Ñ Ð¾Ð±Ð½Ð°ÑÑжил, ÑÑо ÑеализаÑÐ¸Ñ Ð¿ÑоÑедÑÑного ÑзÑка + PL/Perl недоÑÑаÑоÑно огÑаниÑÐ¸Ð²Ð°ÐµÑ Ð¿Ð¾Ð´Ð¼Ð½Ð¾Ð¶ÐµÑÑво ÑазÑеÑÑнного + кода, ÑÑо позволÑÐµÑ Ð°ÑÑеÑиÑиÑиÑованнÑм полÑзоваÑелÑм вÑполнÑÑÑ Ð¿ÑоизволÑнÑй + код на ÑзÑке Perl.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2010-1170">CVE-2010-1170</a> - - <p>Tom Lane discovered that the implementation of the procedural - - language PL/Tcl insufficiently restricts the subset of allowed - - code, which allows authenticated users the execution of arbitrary - - Tcl code.</p></li> + <p>Том ÐÑйн обнаÑÑжил, ÑÑо ÑеализаÑÐ¸Ñ Ð¿ÑоÑедÑÑного ÑзÑка + PL/Tcl недоÑÑаÑоÑно огÑаниÑÐ¸Ð²Ð°ÐµÑ Ð¿Ð¾Ð´Ð¼Ð½Ð¾Ð¶ÐµÑÑво ÑазÑеÑÑнного + кода, ÑÑо позволÑÐµÑ Ð°ÑÑенÑиÑиÑиÑованнÑм полÑзоваÑелÑм вÑполнÑÑÑ Ð¿ÑоизволÑнÑй + код на ÑзÑке Tcl.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2010-1975">CVE-2010-1975</a> - - <p>It was discovered that an unprivileged user could reset - - superuser-only parameter settings.</p></li> + <p>ÐÑло обнаÑÑжено, ÑÑо непÑивилегиÑованнÑй полÑзоваÑÐµÐ»Ñ Ð¼Ð¾Ð¶ÐµÑ ÑбÑоÑиÑÑ + наÑÑÑойки паÑамеÑÑов, доÑÑÑпнÑÑ ÑолÑко ÑÑпеÑполÑзоваÑелÑ.</p></li> </ul> - -<p>For the stable distribution (lenny), these problems have been fixed in - -version 8.3.11-0lenny1. This update also introduces a fix for - -<a href="https://security-tracker.debian.org/tracker/CVE-2010-0442">CVE-2010-0442</a>, which was originally scheduled for the next Lenny point - -update.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (lenny) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 8.3.11-0lenny1. Ðанное обновление ÑодеÑÐ¶Ð¸Ñ Ð¸ÑпÑавление Ð´Ð»Ñ +<a href="https://security-tracker.debian.org/tracker/CVE-2010-0442">CVE-2010-0442</a>, коÑоÑое изнаÑалÑно бÑло запланиÑÐ¾Ð²Ð°Ð½Ñ Ð´Ð»Ñ Ð²ÐºÐ»ÑÑÐµÐ½Ð¸Ñ Ð² +ÑледÑÑÑÑÑ ÑедакÑÐ¸Ñ Lenny.</p> - -<p>For the unstable distribution (sid), these problems have been fixed in - -version 8.4.4-1 of postgresql-8.4.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 8.4.4-1 пакеÑа postgresql-8.4.</p> - -<p>We recommend that you upgrade your postgresql-8.3 packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ postgresql-8.3.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJX7rSmAAoJEF7nbuICFtKlpg0P/RqW1mFFMg8K0sVznUNrm/Yq 4XqbjO8uRVSxrioRAUu7mBAGsDao/jPjA8GQ4QJYO/ZmTMpj208gZE7Ct2kLlCeg asTA5xp0EOH0qDl/FgDN5OO16tgjufMk7+stq3sqW93TGMOD6varj8teho6pjsL9 zwi7RPNkHZMA0oenE4ZK45VWxuaSpPfw4OvWBYBk4QSaU7eospH54/uG8h4xTiwD H1tkfwQDXvip2Y4TVIdN7Ch15WYBcdDhO0LKpGYTEpdjfkhj6DU2E2OjihY2LUI5 eIPag9NYDiqXw6ZjkLddS4v1UZyBZ5v1Hv41Qj7CJAKkVocTTCw+BIQvni1XB9Gx 7glKgi1RbFDRU9RXEYqbXDQr7Fq+oaQ0wuihlHsLc1Ki4RMHUJ4Mr9sU1iAnPmen 3H4Q+S86kUw950mvysd9zym4FbDQ/RfKovVDl8sLLtRb3tt4HwnQNhG1UthC+Pn0 Kt3J947wsNcI480sCYBqGIbG37uBuFknwtmJIkVIZRIo0Qq6kUxp+H6BcY2+Nl9S 8sBZKT9a2vIkl/bVH/2Afa5rMGKGM1lBOZC/t55BsPdyx1tlRP9kE9ph565kDdtq Qbve66oGM2e1s9DV00ty+lS4mOKx2N6nIthDhIwQTfQ3VK8E5oxQmLDGBFGMv4w+ XH/6Xc1lqc1c1u9C3YDi =eKyn -----END PGP SIGNATURE-----

