-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2005/dsa-899.wml 2017-11-01 10:11:09.499790492 +0500 +++ russian/security/2005/dsa-899.wml 2018-02-23 12:33:55.628733587 +0500 @@ -1,49 +1,50 @@ - -<define-tag description>programming errors</define-tag> +#use wml::debian::translation-check translation="1.5" maintainer="Lev Lamberov" +<define-tag description>оÑибки пÑогÑаммиÑованиÑ</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities have been discovered in egroupware, a - -web-based groupware suite. The Common Vulnerabilities and Exposures - -project identifies the following problems:</p> +<p>Ð egroupware, набоÑе веб-пÑиложений Ð´Ð»Ñ ÑовмеÑÑной ÑабоÑÑ, бÑло +обнаÑÑжено неÑколÑко ÑÑзвимоÑÑей. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and Exposures +опÑеделÑÐµÑ ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0870">CVE-2005-0870</a> - - <p>Maksymilian Arciemowicz discovered several cross site scripting - - problems in phpsysinfo, which are also present in the imported - - version in egroupware and of which not all were fixed in + <p>ÐакÑимилиан ÐÑÑÐ¸Ð¼Ð¾Ð²Ð¸Ñ Ð¾Ð±Ð½Ð°ÑÑжил неÑколÑко ÑлÑÑаев межÑайÑового + ÑкÑипÑинга в phpsysinfo, коÑоÑÑе Ñакже ÑодеÑжаÑÑÑ Ð² ÑоÑÑаве иÑполÑзÑемой + в egroupware веÑÑии, и из коÑоÑÑÑ Ð½Ðµ вÑе бÑли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² DSA <a href="dsa-724">724</a>.</p></li> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2600">CVE-2005-2600</a> - - <p>Alexander Heidenreich discovered a cross-site scripting problem in - - the tree view of FUD Forum Bulletin Board Software, which is also - - present in egroupware and allows remote attackers to read private - - posts via a modified mid parameter.</p></li> + <p>ÐлекÑÐ°Ð½Ð´Ñ Ð¥Ð°Ð¹Ð´ÐµÐ½ÑÐ°Ð¹Ñ Ð¾Ð±Ð½Ð°ÑÑжил межÑайÑовÑй ÑкÑипÑинг в + дÑевовидном Ð¼ÐµÐ½Ñ FUD Forum Bulletin Board Software, коÑоÑÑй Ñакже ÑодеÑжиÑÑÑ + в egroupware и позволÑÐµÑ ÑдалÑннÑм злоÑмÑÑленникам ÑиÑаÑÑ Ð·Ð°ÐºÑÑÑÑе + ÑообÑÐµÐ½Ð¸Ñ Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ Ð¸Ð·Ð¼ÐµÐ½Ñнного паÑамеÑÑа mid.</p></li> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3347">CVE-2005-3347</a> - - <p>Christopher Kunz discovered that local variables get overwritten - - unconditionally in phpsysinfo, which are also present in - - egroupware, and are trusted later, which could lead to the - - inclusion of arbitrary files.</p></li> + <p>ÐÑиÑÑоÑÐµÑ ÐÑÐ½Ñ Ð¾Ð±Ð½Ð°ÑÑжил, ÑÑо в phpsysinfo вÑполнÑеÑÑÑ Ð¿ÐµÑезапиÑÑ Ð»Ð¾ÐºÐ°Ð»ÑнÑÑ + пеÑеменнÑÑ , ÑÑо Ñакже пÑиÑÑÑÑÑвÑÐµÑ Ð² egroupware, в далÑнейÑем пеÑеменнÑе + не ÑеÑÑÑÑ Ð´Ð¾Ð²ÐµÑиÑ, ÑÑо Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº вклÑÑÐµÐ½Ð¸Ñ Ð¿ÑоизволÑнÑÑ + Ñайлов.</p></li> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3348">CVE-2005-3348</a> - - <p>Christopher Kunz discovered that user-supplied input is used - - unsanitised in phpsysinfo and imported in egroupware, causing a - - HTTP Response splitting problem.</p></li> + <p>ÐÑиÑÑоÑÐµÑ ÐÑÐ½Ñ Ð¾Ð±Ð½Ð°ÑÑжил, ÑÑо пеÑеданнÑе полÑзоваÑелем даннÑе иÑполÑзÑÑÑÑÑ + в неоÑиÑенном виде в phpsysinfo и импоÑÑиÑÑÑÑÑÑ Ð² egroupware, ÑÑо пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ + к ÑÐ°Ð·Ð´ÐµÐ»ÐµÐ½Ð¸Ñ HTTP-оÑвеÑа.</p></li> </ul> - -<p>The old stable distribution (woody) does not contain egroupware packages.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (woody) пакеÑÑ egroupware оÑÑÑÑÑÑвÑÑÑ.</p> - -<p>For the stable distribution (sarge) this problem has been fixed in - -version 1.0.0.007-2.dfsg-2sarge4.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (sarge) ÑÑа пÑоблема бÑла иÑпÑавлена в +вÑеÑии 1.0.0.007-2.dfsg-2sarge4.</p> - -<p>For the unstable distribution (sid) this problem has been fixed in - -version 1.0.0.009.dfsg-3-3.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1.0.0.009.dfsg-3-3.</p> - -<p>We recommend that you upgrade your egroupware packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ egroupware.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlqPw+oACgkQXudu4gIW 0qVtgg//Vc69TiA5L40wqKOFnzPojtJwA1C0ol1fFNK/SsnjKTrRLmjxQfEq9r4e VeKYflYGy3xeSyZVXsSPzRN7Hnt8XSvmY9zMw0YVSJUJ7U5by764XTvMBqJvCP/A kILEC7rUPoF+tYzuPjiKMoiuojR0sk7z5KWQqS6/vTCDHQY6BW2fT9+YZWOfx/4S armdKqFGO8tlaf3NFxJACMqaqjF5fQ1uGhp93pr8DhnP6149ghKJico7MlSKR0NO iVCxFgy5aj5C6pvRNILSx/WltWt2WW5EnIM9x/kl0TkbV3oVR3BjK/mnTlnYu2F2 X00T844PpcG/oL2B5DuSCrWnZ5QUFeiCbdXMXVf6VWKuiEQlj2qS3Eup22bcWDAI fLVi4rGKCAo3oLVndwb13Wxw7NS/dNen3UF4OGsY/ARrF3A7dihdRu2QiXYHxFZH WSv8mLhRRERnBXpJrJIwz0LpafEQ8pNE8wg/+lQkpSdVcDsYzylINTUez0ADuj3f bQqFSfCcA1q2K66IukpEtySgJswXUsv085kIcaaU3wb2T7iEZ3FVApYx0lYPdrOh JaBJiZ/i9z+XPilarw3ZNBvfV3N2JQH3D/j3qnXX5W3zl8j5JgVdnU8+mvFhXyZo D+53iK/tKmpXqCmkuNjqDJbV3HMIpqoQ/Qgf9caPmA6BKXJQfkk= =3fkD -----END PGP SIGNATURE-----