[DONE] wml://{security/2017/dsa-3844.wml}
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - --- english/security/2017/dsa-3844.wml2017-05-04 09:20:02.0 +0500 +++ russian/security/2017/dsa-3844.wml 2017-05-04 09:22:21.178564961 +0500 @@ -1,19 +1,20 @@ - -security update +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +обновление безопаÑноÑÑи - -Multiple vulnerabilities have been discovered in the libtiff library and - -the included tools, which may result in denial of service, memory - -disclosure or the execution of arbitrary code. +РбиблиоÑеке libtiff и ÑопÑÑÑÑвÑÑÑÐ¸Ñ Ð¸Ð½ÑÑÑÑменÑÐ°Ñ Ð±Ñли обнаÑÑÐ¶ÐµÐ½Ñ Ð¼Ð½Ð¾Ð³Ð¾ÑиÑленнÑе +ÑÑзвимоÑÑи, коÑоÑÑе могÑÑ Ð¿ÑиводиÑÑ Ðº оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании, ÑаÑкÑÑÑÐ¸Ñ ÑодеÑжимого +памÑÑи или вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода. - -For the stable distribution (jessie), these problems have been fixed in - -version 4.0.3-12.3+deb8u3. +Ð ÑÑабилÑном вÑпÑÑке (jessie) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 4.0.3-12.3+deb8u3. - -For the upcoming stable distribution (stretch), these problems have been - -fixed in version 4.0.7-6. +РгоÑовÑÑемÑÑ ÑÑабилÑном вÑпÑÑке (stretch) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли +иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² веÑÑии 4.0.7-6. - -For the unstable distribution (sid), these problems have been fixed in - -version 4.0.7-6. +РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 4.0.7-6. - -We recommend that you upgrade your tiff packages. +РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ tiff. # do not modify the following line -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlkKrIAACgkQXudu4gIW 0qVIVBAAg06He7AAAVmAJbnmAA/xQJynZw7eixX2OCoTr11aURi1+o33Mtew7PF7 /ABbEV+q1lqLWiqaAHAI+awDR9A5+PupOfQcaJWJIGtGXp/l8leZVpT/M8rMGnB0 lbYa4stVwVI3sL0bEfmMugaa1nRw8G9VpaBrKYUzxfVijCNgGPDo87Cfq7IQIiw5 2oPkpoP/x1MTxZcW2OWHYCt5CN4IACS3ThIKzDT48RWzUHd/AQhEQ9AH3OPtkM+4 BRsK2UGBD4Kq6fopZ4GgvCxAy3SayxWT3aEBe5J5SWYP/h64uHAeCHj4gZLVoBLs MSGwabOJZVsDZ38ZNGSgguLwIBFaM2pM1WmyyDAfecxKqOqhtAcNKIpgg0lSUcw0 E/sriL1iOMSpusFB9iu8t1SlpfapcOPDPA8ONHb1PkbsQUfShi3/q13AG4RpddzR xbqLvllwBYmY+TY33MLhbKZPo1nuyj6O5bb+wik5TIf9m45P/njEpDgNJhZOJ5vw CFxX4wBG5tNMUyFoLTQWhtl8JP9og059NdduW4W1ks651vrYsMauCUWS9j75Q7/2 4RuYl3YPLKEQxceGCY1cD4FGfPH4qh++CTshscq9n6XRDij5VuPEDVaKm28sxxcx YYDJtENN6zT2o0kttUmKzKPk2U9OsBFTTR5Bla17JIKR19cJ/cY= =Ryea -END PGP SIGNATURE-
[DONE] wml://security/2017/dsa-384{0,1,2,3}.wml
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - --- english/security/2017/dsa-3840.wml2017-05-03 02:21:50.0 +0500 +++ russian/security/2017/dsa-3840.wml 2017-05-03 22:10:50.774844527 +0500 @@ -1,21 +1,22 @@ - -security update +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +обновление безопаÑноÑÑи - -Thijs Alkemade discovered that unexpected automatic deserialisation of - -Java objects in the MySQL Connector/J JDBC driver may result in the - -execution of arbitary code. For additional details, please refer to the - -advisory at +Ð¢Ð¸Ð¹Ñ Ðлкемад обнаÑÑжил, ÑÑо Ð½ÐµÐ¾Ð¶Ð¸Ð´Ð°Ð½Ð½Ð°Ñ Ð°Ð²ÑомаÑиÑеÑÐºÐ°Ñ Ð´ÐµÑеÑиализаÑÐ¸Ñ +Java-обÑекÑов в MySQL-движке Connector/J JDBC Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº +вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода. Ðа дополниÑелÑнÑми подÑобноÑÑÑми обÑаÑайÑеÑÑ Ð² +ÑекомендаÑии по адÑеÑÑ https://www.computest.nl/advisories/CT-2017-0425_MySQL-Connector-J.txt;>https://www.computest.nl/advisories/CT-2017-0425_MySQL-Connector-J.txt - -For the stable distribution (jessie), this problem has been fixed in - -version 5.1.41-1~deb8u1. +Ð ÑÑабилÑном вÑпÑÑке (jessie) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 5.1.41-1~deb8u1. - -For the upcoming stable distribution (stretch), this problem has been - -fixed in version 5.1.41-1. +РгоÑовÑÑемÑÑ ÑÑабилÑном вÑпÑÑке (stretch) ÑÑа пÑоблема бÑла +иÑпÑавлена в веÑÑии 5.1.41-1. - -For the unstable distribution (sid), this problem has been fixed in - -version 5.1.41-1. +РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 5.1.41-1. - -We recommend that you upgrade your mysql-connector-java packages. +РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ mysql-connector-java. # do not modify the following line - --- english/security/2017/dsa-3841.wml2017-05-03 13:11:01.0 +0500 +++ russian/security/2017/dsa-3841.wml 2017-05-03 22:12:55.037754573 +0500 @@ -1,19 +1,20 @@ - -security update +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +обновление безопаÑноÑÑи - -It was discovered that XStream, a Java library to serialise objects to - -XML and back again, was suspectible to denial of service during - -unmarshalling. +ÐÑло обнаÑÑжено, ÑÑо XStream, Java-библиоÑека Ð´Ð»Ñ ÑеÑиализаÑии обÑекÑов в +XML и обÑаÑно, ÑодеÑÐ¶Ð¸Ñ Ð¾Ñказ в обÑлÑживании, возникаÑÑий в Ñ Ð¾Ð´Ðµ +вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð´ÐµÑеÑиализаÑии. - -For the stable distribution (jessie), this problem has been fixed in - -version 1.4.7-2+deb8u2. +Ð ÑÑабилÑном вÑпÑÑке (jessie) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1.4.7-2+deb8u2. - -For the upcoming stable distribution (stretch), this problem will be - -fixed soon. +РгоÑовÑÑемÑÑ ÑÑабилÑном вÑпÑÑке (stretch) ÑÑа пÑоблема бÑÐ´ÐµÑ +иÑпÑавлена позже. - -For the unstable distribution (sid), this problem has been fixed in - -version 1.4.9-2. +РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1.4.9-2. - -We recommend that you upgrade your libxstream-java packages. +РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ libxstream-java. # do not modify the following line - --- english/security/2017/dsa-3842.wml2017-05-03 13:11:17.0 +0500 +++ russian/security/2017/dsa-3842.wml 2017-05-03 22:19:37.104235339 +0500 @@ -1,31 +1,32 @@ - -security update +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +обновление безопаÑноÑÑи - -Two vulnerabilities were discovered in tomcat7, a servlet and JSP - -engine. +Ð tomcat7, ÑеÑвлеÑе и движке JSP, бÑли обнаÑÑÐ¶ÐµÐ½Ñ Ð´Ð²Ðµ +ÑÑзвимоÑÑи. https://security-tracker.debian.org/tracker/CVE-2017-5647;>CVE-2017-5647 - - Pipelined requests were processed incorrectly, which could result in - - some responses appearing to be sent for the wrong request. + ÐонвейеÑно обÑабаÑÑваемÑе запÑоÑÑ Ð¾Ð±ÑабаÑÑваÑÑÑÑ Ð½ÐµÐ¿ÑавилÑно, ÑÑо Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº + ÑомÑ, ÑÑо некоÑоÑÑе оÑвеÑÑ Ð¾ÑмеÑаÑÑÑÑ Ð´Ð»Ñ Ð¾ÑпÑавки в оÑÐ²ÐµÑ Ð½Ð° неÑооÑвеÑÑÑвÑÑÑие запÑоÑÑ. https://security-tracker.debian.org/tracker/CVE-2017-5648;>CVE-2017-5648 - - Some application listeners calls were issued against the wrong - - objects,
Validation failed
*** Errors validating /srv/www.debian.org/www/international/l10n/po/en_GB.ru.html: *** Line 117, character 351: "128513" is not a character number in the document character set Line 308, character 337: "128513" is not a character number in the document character set Line 1314, character 241: "128513" is not a character number in the document character set -- You received this mail for the language code ru. Please edit webwml/english/devel/website/validation.data if this is not accurate Please also update webwml/english/devel/website/ with the new coordinator(s) data
Re: Список непереведённых описаний пакетов
On 17-05-03 09:19, Sergey Alyoshin wrote: > On Wed, May 3, 2017 at 12:23 AM, Sergey Alyoshinwrote: > > Странно, но с | tee похоже не работает. > > Дело в буферизации stdout: > > PYTHONUNBUFFERED=1 ./ddtp-popcon.py -v | tee log Я попробовал, но что-то как-то медлено работает... Слишком много он запросов делает к ddtp2.debian.net. Сервер весьма неспешно отвечает на запросы. Кстати, popcon тянуть, думаю, лучше тоже в сжатом виде. Я набросал небольшой скрипт, которые решает эту задачу. Popcon выгружается только раз, так как он нечасто меняется, список пакетов обновляется переодически. При каждом запросе выгружается только список описаний, находящихся на согласовании. Работает весьма быстро. -- Best regards, Andrey Skvortsov signature.asc Description: PGP signature
Re: DDTP: list of untranslated package descriptions
On 17-05-02 11:05, Andrey Skvortsov wrote: > On 17-05-02 09:44, Beatrice Torracca wrote: > > On martedì 02 maggio 2017, at 10:26 +0300, Andrey Skvortsov wrote: > > > Hi, > > > > > > is somewhere list of untranslated package descriptions for specific > > > language sorted by popcon rank? I couldn't find such list in DDTS. > > > > > > Just list of untranslated package descriptions for specific language > > > would be also ok. Then I could combine it with > > > http://popcon.debian.org/by_vote. > > > > Hi, > > > > just some tips from a user, probably someone more savy with the inner > > workings of the system can give more info. > > > > You can get the whole list of untranslated package descriptions for a > > specific language at a page with the following URL (where is the 2 > > letter code for the language, e.g. "it" for Italian). > > > > http://ddtp2.debian.net/ddt.cgi?alluntranslatedpackages= > > > > e.g. for Italian is > > http://ddtp2.debian.net/ddt.cgi?alluntranslatedpackages=it > Hi Beatrice, > thank you very much. Your link is very useful, now I can combine it > PopCon-rank-by-vote list. Thanks for all the tips, I wrote shell script that creates list of untranslated packages sorted by popcon rank and it takes descriptions that are under review as well. Maybe it'll be useful for someone. Link to the script is added in wiki as well. https://wiki.debian.org/L10n/DDTSS -- Best regards, Andrey Skvortsov get_untranslated_descriptions.sh Description: Bourne shell script signature.asc Description: PGP signature
Re: Список непереведённых описаний пакетов
В Wed, 3 May 2017 09:19:24 +0300 Sergey Alyoshinпишет: > On Wed, May 3, 2017 at 12:23 AM, Sergey Alyoshin > wrote: > > Странно, но с | tee похоже не работает. > > Дело в буферизации stdout: > > PYTHONUNBUFFERED=1 ./ddtp-popcon.py -v | tee log А может лучше на Python 3?! ;) во вложении... #!/usr/bin/python3 desc = 'Checking untranslated packages description for language' popcon_addr = 'http://popcon.debian.org/by_vote' ddtp_addr = 'https://ddtp2.debian.net' import urllib.request import re import argparse check_lang = 'ru' total_packages_num = 1000 arg = argparse.ArgumentParser(description = desc) arg.add_argument('-n', '--number', help = 'check number of package') arg.add_argument('-l', '--language', help = 'check for language') arg.add_argument('-v', '--verbose', help = 'be verbose', action = 'store_true') args = arg.parse_args() if args.language != None: check_lang = args.language if args.number != None: total_packages_num = int(args.number) print('Checking for "%s" from %s by %s ...' % (check_lang, ddtp_addr, popcon_addr), flush=True) uo = urllib.request.urlopen(popcon_addr) # Description: 237239 # This Description is active desc_re = re.compile('(Description: not_trans_re = re.compile('(.*Description is not yet translated to ' + check_lang + ') ') c = 0 while True: l = str(uo.readline(), 'utf-8') l = l.strip() # Skipping comment if l[0] == '#': continue c += 1 if c > total_packages_num: break # Package name pkg = l.split()[1] for i in urllib.request.urlopen(ddtp_addr + '/ddt.cgi?package=' + pkg): desc_id = desc_re.match(str(i, 'utf-8')) if desc_id == None: continue desc_id = desc_id.group(2) if args.verbose: print('%s of %s %s id %s' % (c, total_packages_num, pkg, desc_id), flush=True) for j in urllib.request.urlopen(ddtp_addr + '/ddt.cgi?desc_id=' + desc_id): not_trans = not_trans_re.match(str(j, 'utf-8')) if not_trans == None: continue print('%s id %s\t%s/%s' % (pkg, desc_id, ddtp_addr, not_trans.group(2)), flush=True) # Check only first (active) description id break uo.close()
Re: Список непереведённых описаний пакетов
On Wed, May 3, 2017 at 12:23 AM, Sergey Alyoshinwrote: > Странно, но с | tee похоже не работает. Дело в буферизации stdout: PYTHONUNBUFFERED=1 ./ddtp-popcon.py -v | tee log