-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2006/dsa-1007.wml 2014-04-30 13:16:09.000000000 +0600 +++ russian/security/2006/dsa-1007.wml 2016-09-19 22:39:24.733431658 +0500 @@ -1,45 +1,46 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>The Drupal Security Team discovered several vulnerabilities in Drupal, - -a fully-featured content management and discussion engine. The Common - -Vulnerabilities and Exposures project identifies the following - -problems:</p> +<p>Ðоманда безопаÑноÑÑи Drupal обнаÑÑжила неÑколÑко ÑÑзвимоÑÑей в Drupal, +полноÑÑнкÑионалÑном движке Ð´Ð»Ñ ÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ ÑодеÑжимÑм и обÑÑждениÑми. ÐÑÐ¾ÐµÐºÑ Common +Vulnerabilities and Exposures опÑеделÑÐµÑ ÑледÑÑÑие +пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2006-1225">CVE-2006-1225</a> - - <p>Due to missing input sanitising a remote attacker could inject - - headers of outgoing e-mail messages and use Drupal as a spam - - proxy.</p></li> + <p>Ðз-за оÑÑÑÑÑÑÐ²Ð¸Ñ Ð¾ÑиÑÑки Ð²Ñ Ð¾Ð´Ð½ÑÑ Ð´Ð°Ð½Ð½ÑÑ ÑдалÑннÑй злоÑмÑÑленник Ð¼Ð¾Ð¶ÐµÑ Ð²Ð²Ð¾Ð´Ð¸ÑÑ + заголовки в иÑÑ Ð¾Ð´ÑÑие ÑообÑÐµÐ½Ð¸Ñ ÑлекÑÑонной поÑÑÑ Ð¸ иÑполÑзоваÑÑ Drupal в каÑеÑÑве + пÑокÑи Ð´Ð»Ñ ÑаÑÑÑлки Ñпама.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2006-1226">CVE-2006-1226</a> - - <p>Missing input sanity checks allows attackers to inject arbitrary - - web script or HTML.</p></li> + <p>ÐÑÑÑÑÑÑвие пÑовеÑок ÑиÑÑоÑÑ Ð²Ñ Ð¾Ð´Ð½ÑÑ Ð´Ð°Ð½Ð½ÑÑ Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÐµÑ Ð·Ð»Ð¾ÑмÑÑленникам вводиÑÑ Ð¿ÑоизволÑнÑй + веб-ÑÑенаÑий или код HTML.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2006-1227">CVE-2006-1227</a> - - <p>Menu items created with the menu.module lacked access control, - - which might allow remote attackers to access administrator pages.</p></li> + <p>У пÑнкÑов менÑ, ÑозданнÑÑ Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ menu.module, оÑÑÑÑÑÑвÑÐµÑ ÐºÐ¾Ð½ÑÑÐ¾Ð»Ñ Ð´Ð¾ÑÑÑпа, + ÑÑо Ð¼Ð¾Ð¶ÐµÑ Ð¿Ð¾Ð·Ð²Ð¾Ð»Ð¸ÑÑ ÑдалÑннÑм злоÑмÑÑленникам полÑÑиÑÑ Ð´Ð¾ÑÑÑп к ÑÑÑаниÑам админиÑÑÑаÑоÑа.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2006-1228">CVE-2006-1228</a> - - <p>Markus Petrux discovered a bug in the session fixation which may - - allow remote attackers to gain Drupal user privileges.</p></li> + <p>ÐаÑкÑÑ ÐеÑÑÑÐºÑ Ð¾Ð±Ð½Ð°ÑÑжил оÑÐ¸Ð±ÐºÑ Ð² ÑикÑаÑии ÑеÑÑии, коÑоÑÐ°Ñ Ð¼Ð¾Ð¶ÐµÑ + позволиÑÑ ÑдалÑннÑм злоÑмÑÑленникам полÑÑиÑÑ Ð¿Ñивилегии полÑзоваÑÐµÐ»Ñ Drupal.</p></li> </ul> - -<p>The old stable distribution (woody) does not contain Drupal packages.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (woody) пакеÑÑ Drupal оÑÑÑÑÑÑвÑÑÑ.</p> - -<p>For the stable distribution (sarge) these problems have been fixed in - -version 4.5.3-6.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (sarge) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 4.5.3-6.</p> - -<p>For the unstable distribution (sid) these problems have been fixed in - -version 4.5.8-1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 4.5.8-1.</p> - -<p>We recommend that you upgrade your drupal package.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑ drupal.</p> </define-tag> # do not modify the following line - --- english/security/2006/dsa-1095.wml 2014-04-30 13:16:09.000000000 +0600 +++ russian/security/2006/dsa-1095.wml 2016-09-19 22:32:19.464851628 +0500 @@ -1,42 +1,43 @@ - -<define-tag description>integer overflows</define-tag> +#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov" +<define-tag description>пеÑеполнение ÑелÑÑ ÑиÑел</define-tag> <define-tag moreinfo> - -<p>Several problems have been discovered in the FreeType 2 font engine. - -The Common vulnerabilities and Exposures project identifies the - -following problems:</p> +<p>Ð FreeType 2, движке ÑÑиÑÑов, бÑло обнаÑÑжено неÑколÑко пÑоблем. +ÐÑÐ¾ÐµÐºÑ Common vulnerabilities and Exposures опÑеделÑÐµÑ +ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2006-0747">CVE-2006-0747</a> - - <p>Several integer underflows have been discovered which could allow - - remote attackers to cause a denial of service.</p></li> + <p>ÐÑло обнаÑÑжено неÑколÑко оÑÑиÑаÑелÑнÑÑ Ð¿ÐµÑеполнений ÑелÑÑ ÑиÑел, коÑоÑÑе могÑÑ Ð¿Ð¾Ð·Ð²Ð¾Ð»Ð¸ÑÑ + ÑдалÑннÑм злоÑмÑÑленникам вÑзÑваÑÑ Ð¾Ñказ в обÑлÑживании.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2006-1861">CVE-2006-1861</a> - - <p>Chris Evans discovered several integer overflows that lead to a - - denial of service or could possibly even lead to the execution of - - arbitrary code.</p></li> + <p>ÐÑÐ¸Ñ ÐÐ²Ð°Ð½Ñ Ð¾Ð±Ð½Ð°ÑÑжил неÑколÑко пеÑеполнений ÑелÑÑ ÑиÑел, коÑоÑÑе пÑиводÑÑ Ðº + оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании или могÑÑ Ð¿Ð¾ÑенÑиалÑно пÑиводиÑÑ Ðº вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ + пÑоизволÑного кода.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2006-2493">CVE-2006-2493</a> - - <p>Several more integer overflows have been discovered which could - - possibly lead to the execution of arbitrary code.</p></li> + <p>ÐÑло обнаÑÑжено еÑÑ Ð½ÐµÑколÑко пеÑеполнений ÑелÑÑ ÑиÑел, коÑоÑÑе поÑенÑиалÑно могÑÑ + пÑиводиÑÑ Ðº вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2006-2661">CVE-2006-2661</a> - - <p>A null pointer dereference could cause a denial of service.</p></li> + <p>РазÑменование null-ÑказаÑÐµÐ»Ñ Ð¼Ð¾Ð¶ÐµÑ Ð²ÑзÑваÑÑ Ð¾Ñказ в обÑлÑживании.</p></li> </ul> - -<p>For the old stable distribution (woody) these problems have been fixed in - -version 2.0.9-1woody1.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (woody) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 2.0.9-1woody1.</p> - -<p>For the stable distribution (sarge) these problems have been fixed in - -version 2.1.7-2.5.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (sarge) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 2.1.7-2.5.</p> - -<p>For the unstable distribution (sid) these problems will be fixed soon</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±ÑдÑÑ Ð¸ÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð¿Ð¾Ð·Ð¶Ðµ.</p> - -<p>We recommend that you upgrade your libfreetype packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ libfreetype.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJX4CLzAAoJEF7nbuICFtKlbS0P/1QLHEXxSiuvNEcy/EAqfGTH BVoVlMoKVrskpnkSEx27z9NYvVyGYpO6436QIwvZ91U0RgdAifOe4chsUIUV1J+G PKYjxIQivxk6kOQ+1vVmVryUrl6665HY7cDWkMFBw9A4HF8rwVYiDpVF+UtTOxjW /ahAhR72Mlf48Gd71CVR++f32WzPgN5P0YtX6MbQk46zX7C9ih1BiGVXzJB75AnF 3irgLROKj0byP9MshfJE8mrcOXb1sC8U24cqMaeu9OvuDO10wNY8dbOsdK66CQql ndGMVZr8tkv4mOVeCfSgS7OFsEdu+XSvSDNdyIARLs9TxR6DE/nGsZJIiYgWzG1U aTNMbLv0J/vh7zhKb5n36GQXbjXQeIs/81zIYwLF+wSW1utFc+jLB9mpvEZVwMdt xoXu6kcgfKuecuOhI9W5fwZAwD+T9z5c0XVBTnRxpihjg/rWIsH0rxRGqP2LAEb9 /6IMi+hsef+Cc5Vj0HSaY91WB70yaGBxcvOAefTlGGhTbP9C/Isw2nEZI2j/k1G9 uv1zXRrxhabP2ZZ6R+VTqO/q27uTcFcKeKUclaiYQ1xybOU8NMx7dkHEsKQpVfwZ Nz6ZF9KEXv+nJIVlWVJ/XblHIMJfOq+ZgnXS6L35zl/vl9m4j5Nkuhc+5+aeRMn2 RxcS4z+u06OIqfQ7IUbX =Caun -----END PGP SIGNATURE-----