-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2006/dsa-1011.wml 2014-04-30 13:16:09.000000000 +0600 +++ russian/security/2006/dsa-1011.wml 2016-10-02 23:52:59.824512096 +0500 @@ -1,42 +1,43 @@ - -<define-tag description>missing attribute support</define-tag> +#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov" +<define-tag description>оÑÑÑÑÑÑвие поддеÑжки аÑÑибÑÑов</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities have been discovered in the Debian vserver - -support for Linux. The Common Vulnerabilities and Exposures project - -identifies the following problems:</p> +<p>РподдеÑжке vserver Debian Ð´Ð»Ñ Linux бÑло обнаÑÑжено неÑколÑко +ÑÑзвимоÑÑей. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and Exposures +опÑеделÑÐµÑ ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2005-4347">CVE-2005-4347</a> - - <p>Bjørn Steinbrink discovered that the chroot barrier is not set - - correctly with util-vserver which may result in unauthorised - - escapes from a vserver to the host system.</p> - - - - <p>This vulnerability is limited to the 2.4 kernel patch included in - - kernel-patch-vserver. The correction to this problem requires - - updating the util-vserver package as well and installing a new - - kernel built from the updated kernel-patch-vserver package.</p></li> + <p>ÐÑÑÑн ШÑайнбÑинк обнаÑÑжил, ÑÑо огÑаниÑение chroot не ÑÑÑанавливаеÑÑÑ + коÑÑекÑнÑм обÑазом Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ util-vserver, ÑÑо Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº неавÑоÑÐ¸Ð·Ð¾Ð²Ð°Ð½Ð½Ð¾Ð¼Ñ + вÑÑ Ð¾Ð´Ñ Ð¸Ð· vserver в оÑновнÑÑ ÑиÑÑемÑ.</p> + + <p>ÐÑа ÑÑзвимоÑÑÑ Ð¾Ð³ÑаниÑена заплаÑой ÑдÑа 2.4, вклÑÑÑнной в + Ð¿Ð°ÐºÐµÑ kernel-patch-vserver. ÐÐ»Ñ Ð¸ÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ ÑÑой пÑÐ¾Ð±Ð»ÐµÐ¼Ñ ÑÑебÑеÑÑÑ + обновиÑÑ Ð¿Ð°ÐºÐµÑ util-vserver, а Ñакже ÑÑÑановиÑÑ Ð½Ð¾Ð²Ð¾Ðµ + ÑдÑо, ÑобÑанное из обновлÑнного пакеÑа kernel-patch-vserver.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2005-4418">CVE-2005-4418</a> - - <p>The default policy of util-vserver is set to trust all unknown - - capabilities instead of considering them as insecure.</p></li> + <p>ÐÑавила util-vserver по ÑмолÑÐ°Ð½Ð¸Ñ ÑÑÑанавливаÑÑÑÑ Ñаким обÑазом, ÑÑо вÑе + неизвеÑÑнÑе мандаÑÑ ÑÑиÑаÑÑÑÑ Ð´Ð¾Ð²ÐµÑеннÑми вмеÑÑо Ñого, ÑÑÐ¾Ð±Ñ ÑÑиÑаÑÑ Ð¸Ð· небезопаÑнÑми.</p></li> </ul> - -<p>The old stable distribution (woody) does not contain a - -kernel-patch-vserver package.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (woody) Ð¿Ð°ÐºÐµÑ kernel-patch-vserver +оÑÑÑÑÑÑвÑеÑ.</p> - -<p>For the stable distribution (sarge) this problem has been fixed in - -version 1.9.5.5 of kernel-patch-vserver and in version - -0.30.204-5sarge3 of util-vserver.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (sarge) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1.9.5.5 пакеÑа kernel-patch-vserver и в веÑÑии +0.30.204-5sarge3 пакеÑа util-vserver.</p> - -<p>For the unstable distribution (sid) this problem has been fixed in - -version 2.3 of kernel-patch-vserver and in version 0.30.208-1 of +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.3 пакеÑа kernel-patch-vserver и в веÑÑии 0.30.208-1 пакеÑа util-vserver.</p> - -<p>We recommend that you upgrade your util-vserver and - -kernel-patch-vserver packages and build a new kernel immediately.</p> +<p>РекомендÑеÑÑÑ ÐºÐ°Ðº можно ÑкоÑее обновиÑÑ Ð¿Ð°ÐºÐµÑÑ util-vserver и +kernel-patch-vserver, а Ñакже ÑобÑаÑÑ Ð½Ð¾Ð²Ð¾Ðµ ÑдÑо.</p> </define-tag> # do not modify the following line - --- english/security/2006/dsa-1087.wml 2014-04-30 13:16:09.000000000 +0600 +++ russian/security/2006/dsa-1087.wml 2016-10-03 00:00:48.066791565 +0500 @@ -1,44 +1,45 @@ - -<define-tag description>programming error</define-tag> +#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov" +<define-tag description>оÑибка пÑогÑаммиÑованиÑ</define-tag> <define-tag moreinfo> - -<p>Several encoding problems have been discovered in PostgreSQL, a - -popular SQL database. The Common Vulnerabilities and Exposures - -project identifies the following problems:</p> +<p>Ð PostgreSQL, попÑлÑÑной базе даннÑÑ SQL, бÑло обнаÑÑжено неÑколÑко +пÑоблем кодиÑованиÑ. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and Exposures +опÑеделÑÐµÑ ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2006-2313">CVE-2006-2313</a> - - <p>Akio Ishida and Yasuo Ohgaki discovered a weakness in the handling - - of invalidly-encoded multibyte text data which could allow an - - attacker to inject arbitrary SQL commands.</p></li> + <p>Ðкио ÐÑида и ЯÑÑо Ðгаки обнаÑÑжили ÑÑзвимоÑÑÑ Ð² обÑабоÑке + непÑавилÑно закодиÑованнÑÑ Ð¼Ð½Ð¾Ð³Ð¾Ð±Ð°Ð¹ÑовÑÑ ÑекÑÑовÑÑ Ð´Ð°Ð½Ð½ÑÑ , коÑоÑÐ°Ñ Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÐµÑ + злоÑмÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÑ Ð²Ð²Ð¾Ð´Ð¸ÑÑ Ð¿ÑоизволÑнÑе ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ SQL.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2006-2314">CVE-2006-2314</a> - - <p>A similar problem exists in client-side encodings (such as SJIS, - - BIG5, GBK, GB18030, and UHC) which contain valid multibyte - - characters that end with the backslash character. An attacker - - could supply a specially crafted byte sequence that is able to - - inject arbitrary SQL commands.</p> - - - - <p>This issue does not affect you if you only use single-byte (like - - SQL_ASCII or the ISO-8859-X family) or unaffected multibyte (like - - UTF-8) encodings.</p> + <p>Ð¡Ñ Ð¾Ð¶Ð°Ñ Ð¿Ñоблема пÑиÑÑÑÑÑвÑÐµÑ Ð² кодиÑÐ¾Ð²ÐºÐ°Ñ Ð½Ð° ÑÑоÑоне клиенÑа (ÑÐ°ÐºÐ¸Ñ ÐºÐ°Ðº SJIS, + BIG5, GBK, GB18030 и UHC), ÑодеÑжаÑÐ¸Ñ ÐºÐ¾ÑÑекÑнÑе многобайÑовÑе + ÑимволÑ, оканÑиваÑÑиеÑÑ Ð¾Ð±ÑаÑной коÑой ÑеÑÑой. ÐлоÑмÑÑленник + Ð¼Ð¾Ð¶ÐµÑ Ð¿ÐµÑедаÑÑ ÑпеÑиалÑно ÑÑоÑмиÑованнÑÑ Ð¿Ð¾ÑледоваÑелÑноÑÑÑ Ð±Ð°Ð¹Ñов, ÑÑо Ð¿Ð¾Ð·Ð²Ð¾Ð»Ð¸Ñ + ÐµÐ¼Ñ Ð²Ð²ÐµÑÑи пÑоизволÑнÑе ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ SQL.</p> + + <p>ÐÑа пÑоблема Ð´Ð»Ñ Ð²Ð°Ñ Ð½Ðµ акÑÑалÑна в ÑлÑÑае, еÑли Ð²Ñ Ð¸ÑполÑзÑеÑе однобайÑовÑе кодиÑовки (Ñакие + как SQL_ASCII или кодиÑовки из ÑемейÑÑва ISO-8859-X), либо кодиÑовки, коÑоÑÑе не подвеÑÐ¶ÐµÐ½Ñ + ÑÑой пÑоблеме (напÑимеÑ, UTF-8).</p> - - <p>psycopg and python-pgsql use the old encoding for binary data and - - may have to be updated.</p></li> + <p>psycopg и python-pgsql иÑполÑзÑÑÑ ÑÑаÑÑÑ ÐºÐ¾Ð´Ð¸ÑÐ¾Ð²ÐºÑ Ð´Ð»Ñ Ð´Ð²Ð¾Ð¸ÑнÑÑ Ð´Ð°Ð½Ð½ÑÑ . ÐеÑоÑÑно, + Ð¸Ñ ÑледÑÐµÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ.</p></li> </ul> - -<p>The old stable distribution (woody) is affected by these problems but - -we're unable to correct the package.</p> +<p>ÐÑедÑдÑÑий ÑÑабилÑнÑй вÑпÑÑк (woody) подвеÑжен ÑÑим пÑоблемам, но +Ð¼Ñ Ð½Ðµ можем иÑпÑавиÑÑ Ð¿Ð°ÐºÐµÑ.</p> - -<p>For the stable distribution (sarge) these problems have been fixed in - -version 7.4.7-6sarge2.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (sarge) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 7.4.7-6sarge2.</p> - -<p>For the unstable distribution (sid) these problems have been fixed in - -version 7.4.13-1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 7.4.13-1.</p> - -<p>We recommend that you upgrade your postgresql packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ postgresql.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJX8VljAAoJEF7nbuICFtKlCx8P/iHoo/Cz3yz4SWd+RwmTROaf BIE+Kx+483OPkfBoELtr4l8tqMDJ3yV+IsgdYR3FomoJWP6UUpFYfB56cho4oHMD CAAciv+0O1umiIaZNu0NWz+R5SvgAG2yTN86gtO6qpXvfbAmF8Bonvo/9Qk+mzN5 DoeA7O3WkzL3RY93kNcdesyxYpodbo2ISLUa+2hks0zop4TkPgD/8y0XglqNqvMp Zr4b7tqCXvoRghUIdhyZkWJK1090h+5KUtOVLx74pLGKGnaTW3nNGIlJWLP3UHi2 b/OZAPgc3U9AipxazpVJ6NaB7vGNCIrvyfXYCrb1FcxwlGUfCSEVJOGjMXImDAQp BruB2MuWtaTNnfC7yS/7lQFeTcoCKA7PshrPne77u8jcxEbW4G/0iwobVFKqFEeq 57AHqBn/b29BN1t6km14hygJnhE1JL1BciX5uhLkf5thnXqJ7cIHPzJLCzXzyP9L wS7qdREU1MRRqQtmjuT15NKkoaFaB1lxmQV4oezpjiG1PI6lTzrGxsxiJ3+2vD06 lSzFiK306SPow0tZwTQo9jeJf4xG42NANr963eutsjp9Ezo6kmnR71X0d90TZ6Vq HmUl0kupasTmn3III9Qqf9z25gJw7pCEt+I6n/HoVn4BSxy1YzjBWnZv4UydXBfJ 6w739ALjgSqS1q6EINZf =S44f -----END PGP SIGNATURE-----

