-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2011/dsa-2312.wml 2017-11-01 10:11:10.283841606 +0500 +++ russian/security/2011/dsa-2312.wml 2018-02-05 09:55:10.526521714 +0500 @@ -1,53 +1,54 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities have been found in the Iceape internet suite, - -an unbranded version of Seamonkey:</p> +<p>Ð Iceape, набоÑе пÑогÑамм Ð´Ð»Ñ ÑабоÑÑ Ð² ÐнÑеÑнеÑ, безбÑендовой веÑÑии Seamonkey, +бÑло обнаÑÑжено неÑколÑко ÑÑзвимоÑÑей:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-2372">CVE-2011-2372</a> - - <p>Mariusz Mlynski discovered that websites could open a download - - dialog â which has <q>open</q> as the default action â, while a user - - presses the ENTER key.</p></li> + <p>ÐаÑиÑÑ ÐлинÑкий обнаÑÑжил, ÑÑо веб-ÑайÑÑ Ð¼Ð¾Ð³ÑÑ Ð¾ÑкÑÑваÑÑ Ð´Ð¸Ð°Ð»Ð¾Ð³Ð¾Ð²Ð¾Ðµ окно + загÑÑзки, в коÑоÑом по ÑмолÑÐ°Ð½Ð¸Ñ Ð²ÑбÑано дейÑÑвие <q>оÑкÑÑÑÑ</q>, в Ñо вÑÐµÐ¼Ñ ÐºÐ°Ðº полÑзоваÑÐµÐ»Ñ + Ð½Ð°Ð¶Ð¸Ð¼Ð°ÐµÑ ÐºÐ»Ð°Ð²Ð¸ÑÑ ENTER.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-2995">CVE-2011-2995</a> - - <p>Benjamin Smedberg, Bob Clary and Jesse Ruderman discovered crashes - - in the rendering engine, which could lead to the execution of - - arbitrary code.</p></li> + <p>Ðенджамин СмедбеÑг, Ðоб ÐлÑÑи и ÐÐ¶ÐµÑ Ð Ð°Ð´ÐµÑман обнаÑÑжили ÑлÑÑаи аваÑийной оÑÑановки + в движке оÑÑиÑовки, коÑоÑÑе могÑÑ Ð¿ÑиводиÑÑ Ðº вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ + пÑоизволÑного кода.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-2998">CVE-2011-2998</a> - - <p>Mark Kaplan discovered an integer underflow in the JavaScript - - engine, which could lead to the execution of arbitrary code.</p></li> + <p>ÐаÑк Ðаплан обнаÑÑжил оÑÑиÑаÑелÑное пеÑеполнение ÑелÑÑ ÑиÑел в движке + JavaScript, коÑоÑое Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-2999">CVE-2011-2999</a> - - <p>Boris Zbarsky discovered that incorrect handling of the - - window.location object could lead to bypasses of the same-origin - - policy.</p></li> + <p>ÐоÑÐ¸Ñ ÐбаÑÑкий обнаÑÑжил, ÑÑо непÑавилÑÐ½Ð°Ñ Ð¾Ð±ÑабоÑка обÑекÑа + window.location Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº Ð¾Ð±Ñ Ð¾Ð´Ñ Ð¿Ñавила одного + иÑÑоÑника.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-3000">CVE-2011-3000</a> - - <p>Ian Graham discovered that multiple Location headers might lead to - - CRLF injection.</p></li> + <p>ÐÑн ÐÑÑÑ Ñм обнаÑÑжил, ÑÑо множеÑÑвеннÑе заголовки Location могÑÑ Ð¿ÑиводиÑÑ Ðº + CRLF-инÑекÑии.</p></li> </ul> - -<p>The oldstable distribution (lenny) is not affected. The iceape package - -only provides the XPCOM code.</p> +<p>ÐÑедÑдÑÑий ÑÑабилÑнÑй вÑпÑÑк (lenny) не подвеÑжен ÑÑим ÑÑзвимоÑÑÑм. ÐÐ°ÐºÐµÑ iceape +пÑедоÑÑавлÑÐµÑ ÑолÑко код XPCOM.</p> - -<p>For the stable distribution (squeeze), this problem has been fixed in - -version 2.0.11-8. This update also marks the compromised DigiNotar - -root certs as revoked rather then untrusted.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.0.11-8. Ðанное обновление Ñакже оÑмеÑÐ°ÐµÑ ÐºÐ¾Ð¼Ð¿ÑомеÑиÑованÑе коÑневÑе +ÑеÑÑиÑикаÑÑ DigiNotar как оÑозваннÑе, а не как недовеÑеннÑе.</p> - -<p>For the unstable distribution (sid), this problem has been fixed in - -version 2.0.14-8.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.0.14-8.</p> - -<p>We recommend that you upgrade your iceape packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ iceape.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlp347oACgkQXudu4gIW 0qUIGBAAoKI94XChjiiMIACM0ScEzin0hn5a5B8A65r1f6skDBzLyW4Yl98eEn9+ O6HS8XwCW1UcswKf9Xaw+5opIeRHrgtDeSiUZkrO94kN7+XAm6G/ZKiGwVM3wRdG LC7MYmf4G+nB/66H5D/ygQyTG46O1c1Ov9Tf+4SP5DjmqwizA4ImjyrurP0y1WWR cjckLNUxjSmpiP6ZQhqNG6tvK3aRWN9z22yStkUYLV3iBBwz3/hCWuNx+qS+oYR7 m46sLEd8QywnHboFobcp/HxXwAT/SCMhpXZIw7RVf2+nRkz5zD3zAK0eGChTQXOb kVMlLJVa8CeOM/rpYe+eLonJmyp8eOoW0xJt1AzsJrUlgwlIFdhntZ5mayFAO4FL YJxCeJEy3hcTj/8TzUyhhuRloAnpOwljZ5BbQpvBkTC+pMFmFBazYRMYMTEueoXE 2Un6G52JPwXdkyh8QX15M23JW2o44fZFiQ/BT+QPXhjj15ygOg+Ynfpbo65EI3tT PKapN1HRKMKBYWzDWr4KxXQRbwBkZxtU3oeiq4Yqe28EU7j/Z115VeHqwKZp5U6M HJFKq2u5nqMB494N3bG2hohs9FsY9d/cKzZ7fEkA0Fx8e3nbkfUNLtbiKL9f6Uqd Vb9hY6bmPQjitREL9RJ8sjzSyfHjIr6yltTwEAuaW4kVTb93L3E= =QXLN -----END PGP SIGNATURE-----