-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2005/dsa-805.wml 2005-09-09 15:14:14.000000000 +0600 +++ russian/security/2005/dsa-805.wml 2016-10-13 19:19:46.344105197 +0500 @@ -1,49 +1,50 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Several problems have been discovered in Apache2, the next generation, - -scalable, extendable web server. The Common Vulnerabilities and - -Exposures project identifies the following problems:</p> +<p>Ð Apache2, маÑÑÑабиÑÑемом ÑаÑÑиÑÑемом веб-ÑеÑÐ²ÐµÑ ÑледÑÑÑего поколениÑ, +бÑло обнаÑÑжено неÑколÑко пÑоблем. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and +Exposures опÑеделÑÐµÑ ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1268">CAN-2005-1268</a> - - <p>Marc Stern discovered an off-by-one error in the mod_ssl - - Certificate Revocation List (CRL) verification callback. When - - Apache is configured to use a CRL this can be used to cause a - - denial of service.</p> + <p>ÐаÑк ШÑеÑн обнаÑÑжил оÑÐ¸Ð±ÐºÑ Ð½Ð° единиÑÑ Ð² обÑаÑном вÑзове пÑовеÑки the mod_ssl + Certificate Revocation List (CRL). ÐÑли Apache наÑÑÑоен + на иÑполÑзование CRL, Ñо ÑÑа ÑÑзвимоÑÑÑ Ð¼Ð¾Ð¶ÐµÑ Ð²ÑзÑваÑÑ + оÑказ в обÑлÑживании.</p> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2088">CAN-2005-2088</a> - - <p>A vulnerability has been discovered in the Apache web server. - - When it is acting as an HTTP proxy, it allows remote attackers to - - poison the web cache, bypass web application firewall protection, - - and conduct cross-site scripting attacks, which causes Apache to - - incorrectly handle and forward the body of the request.</p> + <p>Рвеб-ÑеÑвеÑе Apache бÑла обнаÑÑжена ÑÑзвимоÑÑÑ. + Ðогда веб-ÑеÑÐ²ÐµÑ Ð²ÑполнÑÐµÑ ÑÐ¾Ð»Ñ HTTP-пÑокÑи, он позволÑÐµÑ ÑдалÑннÑм злоÑмÑÑленникам + оÑÑавлÑÑÑ Ð²ÐµÐ±-кеÑ, Ð¾Ð±Ñ Ð¾Ð´Ð¸ÑÑ Ð·Ð°ÑиÑÑ Ð¿ÑиложениÑ, + а Ñакже вÑполнÑÑÑ Ð°Ñаки по пÑинÑÐ¸Ð¿Ñ Ð¼ÐµÐ¶ÑайÑового ÑкÑипÑинга, ÑÑо пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº ÑомÑ, ÑÑо + Apache непÑавилÑно обÑабаÑÑÐ²Ð°ÐµÑ Ð¸ пеÑеÑÑÐ»Ð°ÐµÑ Ñело запÑоÑа.</p> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700">CAN-2005-2700</a> - - <p>A problem has been discovered in mod_ssl, which provides strong - - cryptography (HTTPS support) for Apache that allows remote - - attackers to bypass access restrictions.</p> + <p>ÐÑла обнаÑÑжена пÑоблема в модÑле mod_ssl, пÑедоÑÑавлÑÑÑем ÑÑойкое + ÑиÑÑование (поддеÑÐ¶ÐºÑ HTTPS) Ð´Ð»Ñ Apache, коÑоÑÐ°Ñ Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÐµÑ ÑдалÑннÑм + злоÑмÑÑленникам Ð¾Ð±Ñ Ð¾Ð´Ð¸ÑÑ Ð¾Ð³ÑаниÑÐµÐ½Ð¸Ñ Ð´Ð¾ÑÑÑпа.</p> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2728">CAN-2005-2728</a> - - <p>The byte-range filter in Apache 2.0 allows remote attackers to - - cause a denial of service via an HTTP header with a large Range - - field.</p> + <p>ФилÑÑÑ Ð±Ð°Ð¹Ñового диапазона в Apache 2.0 позволÑÐµÑ ÑдалÑннÑм злоÑмÑÑленникам + вÑзÑваÑÑ Ð¾Ñказ в обÑлÑживании Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ Ð·Ð°Ð³Ð¾Ð»Ð¾Ð²ÐºÐ° HTTP Ñ Ð±Ð¾Ð»ÑÑим + полем Range.</p> </ul> - -<p>The old stable distribution (woody) does not contain Apache2 packages.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (woody) пакеÑÑ Apache2 оÑÑÑÑÑÑвÑÑÑ.</p> - -<p>For the stable distribution (sarge) these problems have been fixed in - -version 2.0.54-5.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (sarge) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 2.0.54-5.</p> - -<p>For the unstable distribution (sid) these problems have been fixed in - -version 2.0.54-5.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 2.0.54-5.</p> - -<p>We recommend that you upgrade your apache2 packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ apache2.</p> </define-tag> # do not modify the following line - --- english/security/2005/dsa-838.wml 2005-10-04 14:29:12.000000000 +0600 +++ russian/security/2005/dsa-838.wml 2016-10-13 19:13:12.284274660 +0500 @@ -1,53 +1,54 @@ - -<define-tag description>multiple vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>многоÑиÑленнÑе ÑÑзвимоÑÑи</define-tag> <define-tag moreinfo> - -<p>Multiple security vulnerabilities have been identified in the - -mozilla-firefox web browser. These vulnerabilities could allow an - -attacker to execute code on the victim's machine via specially crafted - -network resources.</p> +<p>Рвеб-бÑазÑеÑе mozilla-firefox бÑли обнаÑÑжен многоÑиÑленнÑе ÑÑзвимоÑÑи, +ÑвÑзаннÑе Ñ Ð±ÐµÐ·Ð¾Ð¿Ð°ÑноÑÑÑÑ. ÐÑи ÑÑзвимоÑÑи могÑÑ Ð¿Ð¾Ð·Ð²Ð¾Ð»Ð¸ÑÑ +злоÑмÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÑ Ð²ÑполниÑÑ ÐºÐ¾Ð´ на маÑине жеÑÑÐ²Ñ Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ ÑпеÑиалÑно ÑÑоÑмиÑованнÑÑ +ÑеÑевÑÑ ÑеÑÑÑÑов.</p> <ul> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2701">CAN-2005-2701</a> - - <p>Heap overrun in XBM image processing</p></li> + <p>ÐеÑеполнение динамиÑеÑкой памÑÑи пÑи обÑабоÑке изобÑажений в ÑоÑмаÑе XBM</p></li> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2702">CAN-2005-2702</a> - - <p>Denial of service (crash) and possible execution of arbitrary - - code via Unicode sequences with "zero-width non-joiner" - - characters.</p></li> + <p>ÐÑказ в обÑлÑживании (аваÑÐ¸Ð¹Ð½Ð°Ñ Ð¾ÑÑановка) и возможное вÑполнение пÑоизволÑного + кода Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ Ð¿Ð¾ÑледоваÑелÑноÑÑей Unicode-Ñимволов Ñ Ñимволами + "zero-width non-joiner".</p></li> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2703">CAN-2005-2703</a> - - <p>XMLHttpRequest header spoofing</p></li> + <p>Ðодделка заголовка XMLHttpRequest</p></li> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2704">CAN-2005-2704</a> - - <p>Object spoofing using XBL <implements></p></li> + <p>Ðодделка обÑекÑа Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ XBL <implements></p></li> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2705">CAN-2005-2705</a> - - <p>JavaScript integer overflow</p></li> + <p>ÐеÑеполнение ÑелÑÑ ÑиÑел в JavaScript</p></li> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2706">CAN-2005-2706</a> - - <p>Privilege escalation using about: scheme</p></li> + <p>ÐовÑÑение пÑивилегий Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ ÑÑ ÐµÐ¼Ñ about:</p></li> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2707">CAN-2005-2707</a> - - <p>Chrome window spoofing allowing windows to be created without - - UI components such as a URL bar or status bar that could be - - used to carry out phishing attacks</p></li> + <p>Ðодделка окна Chrome, позволÑÑÑÐ°Ñ ÑоздаÑÑ Ð¾ÐºÐ½Ð° без + компоненÑов полÑзоваÑелÑÑкого инÑеÑÑейÑа (ÑÑÑока URL, ÑÑаÑÑÑÐ½Ð°Ñ ÑÑÑока), ÑÑо + Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑÑÑ Ð´Ð»Ñ ÑиÑинг-аÑак</p></li> </ul> - -<p>For the stable distribution (sarge), these problems have been fixed in - -version 1.0.4-2sarge5.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (sarge) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 1.0.4-2sarge5.</p> - -<p>For the unstable distribution (sid), these problems have been fixed in - -version 1.0.7-1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 1.0.7-1.</p> - -<p>We recommend that you upgrade your mozilla-firefox package.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑ mozilla-firefox.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJX/5gHAAoJEF7nbuICFtKlS6QP/0XyLFXONsz0Lz9ApMXa3LlR YYIlPlghxnl2ZN2tV+79mw4QOFnWtRybadXj/JsadKwODdoU4Oa6q4YRF+nBDuqv IDDKAY+fug/bSkodqoYIK609RhTlKHT+jMvHETGaNHVhtygFjxY40n4rTNSW4H6C 1pXOPhtUNkBo4qGo4ildAzpkgtObM+nOuVugwEW077nSV1nV9VSB7gBEzp7LD6Od 4iJb5yOoU1TYWeZ43ifwNtYMrr2DnIF2r87PgF3ULfvqrBbrz1HNkN73pFntQQ6C FY47HtJXWKcXh2ny0Ix8HlKanjSs8c6rGsRKbdbuZ9DadhV+VT1mzF5M/G4ades1 +P4v9LrF4CjyqDrCnqOSzDhN/46nyeAVGj+YEJVmQ8+HF9IAIPaIK7lEas4DY0GF NPIZZrv641gJ3ah+IBWh2ufO55PuB+2J0ALvltITut8B4hT6GxOQ/KQfsuWxn824 cM4VdfF4d6vX/IrOyHSPO5hqSgISvg6ZbCJmxfEJss8eUceP6shrYUJ0JxyxkGoD vLsqMtZUSjtYYDJxG22hlsjMqXLd/aabDXVM/oM1SVdVbAidmGJwwR1hxf+X8Tu/ J1dzVJJdjrgpLHhixrS5MDJ9AqgcdhXuw4o6W6Q3ISflT0mhppJZNPDz4+hNnOZp fSzAUfBW9KaXKo85AKr1 =bvfu -----END PGP SIGNATURE-----