[DONE] wml://{security/2016/dsa-3668.wml}
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - --- english/security/2016/dsa-3668.wml2016-09-15 17:25:40.0 +0500 +++ russian/security/2016/dsa-3668.wml 2016-09-15 17:27:53.372261126 +0500 @@ -1,16 +1,17 @@ - -security update +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +обновление безопаÑноÑÑи - -It was discovered that there was a CSRF vulnerability in mailman, a - -web-based mailing list manager, which could allow an attacker to obtain - -a user's password. +ÐÑло обнаÑÑжено, ÑÑо в mailman, пÑогÑамме Ð´Ð»Ñ ÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ ÑпиÑками ÑаÑÑÑлки +ÑеÑез веб, имееÑÑÑ CSRF-ÑÑзвимоÑÑÑ, коÑоÑÐ°Ñ Ð¼Ð¾Ð¶ÐµÑ Ð¿Ð¾Ð·Ð²Ð¾Ð»Ð¸ÑÑ Ð·Ð»Ð¾ÑмÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÑ Ð¿Ð¾Ð»ÑÑиÑÑ +паÑÐ¾Ð»Ñ Ð¿Ð¾Ð»ÑзоваÑелÑ. - -For the stable distribution (jessie), this problem has been fixed in - -version 1:2.1.18-2+deb8u1. +Ð ÑÑабилÑном вÑпÑÑке (jessie) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1:2.1.18-2+deb8u1. - -For the unstable distribution (sid), this problem has been fixed in - -version 1:2.1.23-1. +РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1:2.1.23-1. - -We recommend that you upgrade your mailman packages. +РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ mailman. # do not modify the following line -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJX2pPMAAoJEF7nbuICFtKlfCYP/1mT6ihKqYOB6yZSdU5fv67X uryiN/zN0+dEUhqISFJf6vOX7gM4+eeaB7QLYWXq8SfSm6QFemiK0OWxJ9rl48Sc I5pOGUJN4o89v4NELF8y4Mr266CwCd5ppCcRiSigiW9Psj/odE9cSkQdg4uJ4J1C 1JO69Q9/eIzCYYDwub1I3IZ5guLz7kThiQ+2cPyMVAuC4pnGZ9RBCdi7rOMhEoqd NGu793NscQFc+JdqWkaDMre3KS+zi67AA9xpyoiC4oSsFMWsNELULFuHlfAieCp5 mtYXVIEAoLQe2cIjxdAlA+XeZ63w3X3GNQS3Ttbx9qK2Hp4qpSpT6B7xf0AFfQTs FQtlXcnG8yMc2nmM09UmFc3EYCoLDMvKiSIKop9HtTCIvgQpYxnK0H9PvaK4OX/h RqmjaS8ingQFvSynMQp5d7NQ/Bme+mKpaBtHJeaL10I5jsSLssoNN5FL8QxDdF9R U14AUIf3qsB+l9JP2WqSlJxl8zpl/BgH/Ja8TW+SOq+9YNZGReQvRSamPLiQLM/7 USu6uzBj+j0ELoiE09LNA+K/usjmVuyPJYB77VVjZ3b9m6T23b6uD+TJqskypNtk TK2luTa+V3lAz6xysY2Suv7I0bC2dJdGaMy6xZ1ibuqrERKmrbyQXMwoMpoFaAJh CbP8NWaPc4bz01w9mear =GAKV -END PGP SIGNATURE-
[DONE] wml://security/2016/dsa-36{69,70}.wml
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - --- english/security/2016/dsa-3669.wml2016-09-15 22:46:04.0 +0500 +++ russian/security/2016/dsa-3669.wml 2016-09-15 22:49:51.705311138 +0500 @@ -1,13 +1,14 @@ - -security update +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +обновление безопаÑноÑÑи - -Dawid Golunski of LegalHackers discovered that the Tomcat init script - -performed unsafe file handling, which could result in local privilege - -escalation. +Ðавид ÐолÑнÑкий из LegalHackers обнаÑÑжил, ÑÑо ÑÑенаÑий иниÑиализаÑии Tomcat +вÑполнÑÐµÑ Ð½ÐµÐ±ÐµÐ·Ð¾Ð¿Ð°ÑнÑÑ Ð¾Ð±ÑабоÑÐºÑ Ñайлов, ÑÑо Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº локалÑÐ½Ð¾Ð¼Ñ +повÑÑÐµÐ½Ð¸Ñ Ð¿Ñивилегий. - -For the stable distribution (jessie), this problem has been fixed in - -version 7.0.56-3+deb8u4. +Ð ÑÑабилÑном вÑпÑÑке (jessie) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 7.0.56-3+deb8u4. - -We recommend that you upgrade your tomcat7 packages. +РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ tomcat7. # do not modify the following line - --- english/security/2016/dsa-3670.wml2016-09-15 22:47:20.0 +0500 +++ russian/security/2016/dsa-3670.wml 2016-09-15 22:51:18.420013493 +0500 @@ -1,15 +1,16 @@ - -security update +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +обновление безопаÑноÑÑи - -Dawid Golunski of LegalHackers discovered that the Tomcat init script - -performed unsafe file handling, which could result in local privilege - -escalation. +Ðавид ÐолÑнÑкий из LegalHackers обнаÑÑжил, ÑÑо ÑÑенаÑий иниÑиализаÑии Tomcat +вÑполнÑÐµÑ Ð½ÐµÐ±ÐµÐ·Ð¾Ð¿Ð°ÑнÑÑ Ð¾Ð±ÑабоÑÐºÑ Ñайлов, ÑÑо Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº локалÑÐ½Ð¾Ð¼Ñ +повÑÑÐµÐ½Ð¸Ñ Ð¿Ñивилегий. - -For the stable distribution (jessie), this problem has been fixed in - -version 8.0.14-1+deb8u3. +Ð ÑÑабилÑном вÑпÑÑке (jessie) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 8.0.14-1+deb8u3. - -For the unstable distribution (sid), this problem will be fixed soon. +РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑÐ´ÐµÑ Ð¸ÑпÑавлена позже. - -We recommend that you upgrade your tomcat8 packages. +РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ tomcat8. # do not modify the following line -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJX2t+cAAoJEF7nbuICFtKlG7EQAIW0NQleUEm45ljzRmpo2go7 448BE189ZAFiGr+Ke5TkmN7cPZF++/nRjcSypNe9nLu/JkU3AbVB5yk0F8yc+hfV qTCo5crMPxk6cGARdXDyrhY68j5yH6/lhu8CHwbxOqZzEhWk2q9R+xomcMacqH2g /6AH0pyIWsCP05xyBpcqV4HvfHKCzmurOSd7qi4X4zK7XlOwhyDgzrPr+crvJPMt 244l8VaU4SCSraFDhvusJIb53U4/oGuYAV30wiPRirw2arQ+rScSTvWhHKBwMdFm c8zcBCeNw67VKVM0Y3qbwSmJwMwyHM8WcBErHprtB8wMEVxeNKu6AWZehyDA/eQS XnZHfb42WZSuwovIObkaQER5/Rlv9zupLrS9qz6NlrTo1QplieE1iq6St+RMpQPh j8lDT7nys+5HbKxIyPaoD6vyAohvqwEN2Vho/b7DVHk4z226NfJEv1CLydYsKtPd 8b23HZj7dGeBSs3/KjTA8bO/eAxlqkgjFCWFtyLYv1rnqZbnCj86VoZY2RxZ6dKU px6SI7cTEOaJ7ZGECCDyEEQwxLHnFfYPjeIQRyNSNkdADI/rihDVtXBr2vzTnFCE UA148NcVjpLr0O7lwyLtd+RCPAYelyyIRYfS4ksSQ5Z9R51RUlgggw2iUkguFE3L 7VhJ3wi5Gv6bB1CPO6Nz =AYD1 -END PGP SIGNATURE-
[DONE] wml://{security/2016/dsa-3667.wml}
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - --- english/security/2016/dsa-3667.wml2016-09-15 12:27:17.0 +0500 +++ russian/security/2016/dsa-3667.wml 2016-09-15 14:21:17.560240902 +0500 @@ -1,51 +1,52 @@ - -security update +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +обновление безопаÑноÑÑи - -Several vulnerabilities have been discovered in the chromium web browser. +Рвеб-бÑаÑзеÑе chromium бÑло обнаÑÑжено неÑколÑко ÑÑзвимоÑÑей. https://security-tracker.debian.org/tracker/CVE-2016-5170;>CVE-2016-5170 - -A use-after-free issue was discovered in Blink/Webkit. +Ð Blink/Webkit бÑло обнаÑÑжено иÑполÑзование ÑказаÑелей поÑле оÑÐ²Ð¾Ð±Ð¾Ð¶Ð´ÐµÐ½Ð¸Ñ Ð¿Ð°Ð¼ÑÑи. https://security-tracker.debian.org/tracker/CVE-2016-5171;>CVE-2016-5171 - -Another use-after-free issue was discovered in Blink/Webkit. +Ð Blink/Webkit бÑло обнаÑÑжено еÑÑ Ð¾Ð´Ð½Ð¾ иÑполÑзование ÑказаÑелей поÑле оÑÐ²Ð¾Ð±Ð¾Ð¶Ð´ÐµÐ½Ð¸Ñ Ð¿Ð°Ð¼ÑÑи. https://security-tracker.debian.org/tracker/CVE-2016-5172;>CVE-2016-5172 - -Choongwoo Han discovered an information leak in the v8 javascript - -library. +ЧÑÐ½Ð²Ñ Ð¥Ð°Ð½Ñ Ð¾Ð±Ð½Ð°ÑÑжил ÑÑеÑÐºÑ Ð¸Ð½ÑоÑмаÑии в javascript-библиоÑеке +v8. https://security-tracker.debian.org/tracker/CVE-2016-5173;>CVE-2016-5173 - -A resource bypass issue was discovered in extensions. +Ð ÑаÑÑиÑÐµÐ½Ð¸Ñ Ð±Ñл обнаÑÑжен Ð¾Ð±Ñ Ð¾Ð´ огÑаниÑÐµÐ½Ð¸Ñ ÑеÑÑÑÑов. https://security-tracker.debian.org/tracker/CVE-2016-5174;>CVE-2016-5174 - -Andrey Kovalev discoved a way to bypass the popup blocker. +ÐндÑей ÐовалÑв обнаÑÑжил ÑпоÑоб Ð¾Ð±Ñ Ð¾Ð´Ð° блокиÑовÑика вÑплÑваÑÑÐ¸Ñ Ð¾ÐºÐ¾Ð½. https://security-tracker.debian.org/tracker/CVE-2016-5175;>CVE-2016-5175 - -The chrome development team found and fixed various issues during - -internal auditing. +Ðоманда ÑазÑабоÑки chrome обнаÑÑжила и иÑпÑавила ÑазлиÑнÑе пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð² Ñ Ð¾Ð´Ðµ +внÑÑÑеннего аÑдиÑа. https://security-tracker.debian.org/tracker/CVE-2016-7395;>CVE-2016-7395 - -An uninitialized memory read issue was discovered in the skia - -library. +РбиблиоÑеке skia бÑло обнаÑÑжено ÑÑение неиниÑиализиÑованной +памÑÑи. - -For the stable distribution (jessie), these problems have been fixed in - -version 53.0.2785.113-1~deb8u1. +Ð ÑÑабилÑном вÑпÑÑке (jessie) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 53.0.2785.113-1~deb8u1. - -For the testing distribution (stretch), these problems will be fixed soon. +Ð ÑеÑÑиÑÑемом вÑпÑÑке (stretch) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±ÑдÑÑ Ð¸ÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð¿Ð¾Ð·Ð¶Ðµ. - -For the unstable distribution (sid), these problems have been fixed in - -version 53.0.2785.113-1. +РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 53.0.2785.113-1. - -We recommend that you upgrade your chromium-browser packages. +РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ chromium-browser. # do not modify the following line -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJX2mgRAAoJEF7nbuICFtKl17sP/A1kqStyyIO/O1Q1bOIZO666 mk1kYK93JNxx3XamdNmmZjxiaNTMmMOkSUBAiBbQ4T/FDgWKwZlVXi7t2fsut6vy mqci+iBts7jjrgNAmCUuwTEnt1TXu8EiV3AU/GHTNscRL/fSlRC8aHhalTZr22qp Hi5g970nmm1VGxTTZGgW48marX9GnW258VtSANwm39v+FRtqjN177LnpjSVfNl29 2iMY3/De4CEmW45kbhIXedx+La+iR/3BlTHHkX25xdcCQlysbE0hqdIM5SNFncPy 3Jn5sakxItF+/S1MpZLcCehBEoJh9tMoU9B7LGkyrOsjqf2sf8Hw0bF4qLCpm8AP 3MJTwT3tUr3fCQOilzpTQZeJfIUJNe9+jdKrNV03LrBBVBX88dRGcdvJHTZwEV3s +WtHEcxGf0t7xb9amWjydPCABUI+atOPGqkayk47nrL8f+sLERf3ctBnKgRNUoHD 8HokhD2M5OqFZ07UPuZDB5dTmyS8vA44VTEC/9+YxHs8e/u69Xtx7DEknhnQEbPR /9P+DEO/MHUryvMItQxsAGhtTpZPklwU2j0KkDCaSxyB3VXB6jd3DIb2ah79t+xm 7oItUS1feowlRThlKANsTPRG1hD8buwcct6qNEwjR3D+cL/knYlEddWFjW8eGRui 0+VRqDcxqqOJfh71iuPu =c/ie -END PGP SIGNATURE-