-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2008/dsa-1613.wml 2017-11-01 10:11:09.895816307 +0500 +++ russian/security/2008/dsa-1613.wml 2018-03-06 22:04:30.519197680 +0500 @@ -1,48 +1,47 @@ - -<define-tag description>multiple vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov" +<define-tag description>многоÑиÑленнÑе ÑÑзвимоÑÑи</define-tag> <define-tag moreinfo> - -<p>Multiple vulnerabilities have been identified in libgd2, a library - -for programmatic graphics creation and manipulation. The Common - -Vulnerabilities and Exposures project identifies the following problems:</p> +<p>Ð libgd2, библиоÑеке Ð´Ð»Ñ ÑÐ¾Ð·Ð´Ð°Ð½Ð¸Ñ Ð¸ обÑабоÑки пÑогÑаммиÑÑемой гÑаÑики, +бÑли обнаÑÑÐ¶ÐµÐ½Ñ Ð¼Ð½Ð¾Ð³Ð¾ÑиÑленнÑе ÑÑзвимоÑÑи. ÐÑÐ¾ÐµÐºÑ Common +Vulnerabilities and Exposures опÑеделÑÐµÑ ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-2445">CVE-2007-2445</a> - - <p>Grayscale PNG files containing invalid tRNS chunk CRC values - - could cause a denial of service (crash), if a maliciously - - crafted image is loaded into an application using libgd.</p></li> + <p>Ð¤Ð°Ð¹Ð»Ñ Ñ Ð¿Ð¾Ð»ÑÑоновÑми изобÑажениÑми в ÑоÑмаÑе PNG, ÑодеÑжаÑие непÑавилÑнÑе конÑÑолÑнÑе + ÑÑÐ¼Ð¼Ñ tRNS-блоков, могÑÑ Ð²ÑзÑваÑÑ Ð¾Ñказ в обÑлÑживании (аваÑÐ¸Ð¹Ð½Ð°Ñ Ð¾ÑÑановка) в ÑлÑÑае + загÑÑзки ÑпеÑиалÑно ÑÑоÑмиÑованнÑÑ Ð¸Ð·Ð¾Ð±Ñажений в пÑиложении, иÑполÑзÑÑÑем libgd.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-3476">CVE-2007-3476</a> - - <p>An array indexing error in libgd's GIF handling could induce a - - denial of service (crash with heap corruption) if exceptionally - - large color index values are supplied in a maliciously crafted - - GIF image file.</p></li> + <p>ÐÑибка индекÑаÑии маÑÑива в коде ÑабоÑÑ Ñ GIF из libgd Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº оÑÐºÐ°Ð·Ñ Ð² + обÑлÑживании (аваÑÐ¸Ð¹Ð½Ð°Ñ Ð¾ÑÑановка Ñ Ð¿Ð¾Ð²Ñеждением ÑодеÑжимого динамиÑеÑкой памÑÑи) в ÑлÑÑае + пеÑедаÑи болÑÑÐ¸Ñ Ð·Ð½Ð°Ñений индекÑа ÑвеÑов в ÑпеÑиалÑно ÑÑоÑмиÑованном изобÑажении GIF.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-3477">CVE-2007-3477</a> - - <p>The imagearc() and imagefilledarc() routines in libgd allow - - an attacker in control of the parameters used to specify - - the degrees of arc for those drawing functions to perform - - a denial of service attack (excessive CPU consumption).</p></li> + <p>ФÑнкÑии imagearc() и imagefilledarc() в libgd позволÑÑÑ Ð·Ð»Ð¾ÑмÑÑленникÑ, + конÑÑолиÑÑÑÑÐµÐ¼Ñ Ð¿Ð°ÑамеÑÑÑ, иÑполÑзÑемÑе Ð´Ð»Ñ Ð¾Ð¿ÑÐµÐ´ÐµÐ»ÐµÐ½Ð¸Ñ Ð³ÑадÑÑов ÑÑÐ±ÐµÑ Ð² ÑказаннÑÑ + ÑÑнкÑиÑÑ ÑиÑованиÑ, вÑзÑваÑÑ Ð¾Ñказ в обÑлÑживании (ÑÑезмеÑное поÑÑебление ÑеÑÑÑÑов ЦÐ).</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2007-3996">CVE-2007-3996</a> - - <p>Multiple integer overflows exist in libgd's image resizing and - - creation routines; these weaknesses allow an attacker in control - - of the parameters passed to those routines to induce a crash or - - execute arbitrary code with the privileges of the user running - - an application or interpreter linked against libgd2.</p></li> + <p>Ð ÑÑнкÑиÑÑ Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ ÑазмеÑа и ÑÐ¾Ð·Ð´Ð°Ð½Ð¸Ñ Ð¸Ð·Ð¾Ð±Ñажений имеÑÑÑÑ Ð¼Ð½Ð¾Ð³Ð¾ÑиÑленнÑе + пеÑÐµÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ ÑелÑÑ ÑиÑел; ÑÑи ÑÑзвимоÑÑи позволÑÑÑ Ð·Ð»Ð¾ÑмÑÑленникÑ, конÑÑолиÑÑÑÑÐµÐ¼Ñ + паÑамеÑÑÑ, пеÑедаваемÑе ÑказаннÑм ÑÑнкÑиÑм, вÑзÑваÑÑ Ð°Ð²Ð°ÑийнÑÑ Ð¾ÑÑÐ°Ð½Ð¾Ð²ÐºÑ Ð¸Ð»Ð¸ вÑполнÑÑÑ + пÑоизволÑнÑй код Ñ Ð¿Ñавами полÑзоваÑелÑ, запÑÑÑивÑего пÑиложение + или инÑеÑпÑеÑаÑоÑ, ÑкомпанованнÑе Ñ libgd2.</p></li> </ul> - -<p>For the stable distribution (etch), these problems have been fixed in - -version 2.0.33-5.2etch1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (etch) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 2.0.33-5.2etch1.</p> - -<p>For the unstable distribution (sid), these - -problems have been fixed in version 2.0.35.dfsg-1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 2.0.35.dfsg-1.</p> - -<p>We recommend that you upgrade your libgd2 packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ libgd2.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlqeyiQACgkQXudu4gIW 0qWLdhAAgxJcXJkG+nLDOUk7Q1brqvSbxI0xgDvXsMwZDDK8wlEyceps8nhJPDHC 4ze6msJEu7orIk4d8rZvF1Z22xrKRDeniLsHh9iBo8Z9j8+FoXsW8kbbadCQZnTJ BUA7SkG6eTBKD2xihNCmHfgELbwnxbV1ywYdM5iUJ/waIxXpgAdzY2y+uJbjjzHh 9dpYcxl84HD963Ntnl9Kt9YaNnUBYQiFpjjHlB8iNgz2aDtE+Sk5GvVEPbrS2bzI RseDPkkOXY2jOOUAQOYBhqOCvWo7CQRdwDsg+MzxbMqD1HNlKQHiufNDUau7hP6w UTxiZBL5o9lvZ9KFTVZSS2mN5MLU1eIbX+i/Ums1U6tnuWzkEhCpz3urzECRPhcS WISGfhB4rML1lnCmXMM4JUI+9dSL5Win/DuiArcKABGs1U62rWHF/a3gz3Iq+NTG N5+5U5GdiaiUHyuLau4gAzou3O6xSt9k2ErlWb/mebxlhLJ4WDqs7Oo+35HxTca/ XbVxFdp27DitgNtnWr+HORUtenlywXJKKpkyxcdq8ftF0ll35W0p2ps26C2jAA9b alWQ/tU1iAnRwHw8kQULay8Z5xRZ4KMixrqts1h4cPvcjE4GY4Lbo3A+TENju0Gv yxNN7+X8vdTjphQ6BfuK0g3zUjGmQNydec9Q/7uSnXy/6Uqdz5U= =+N9Y -----END PGP SIGNATURE-----