-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2009/dsa-1901.wml 2017-11-01 10:11:10.079828303 +0500 +++ russian/security/2009/dsa-1901.wml 2018-02-14 09:58:28.175458156 +0500 @@ -1,53 +1,54 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities have been discovered in mediawiki1.7, a website engine - -for collaborative work. The Common Vulnerabilities and Exposures project - -identifies the following problems:</p> +<p>Ð mediawiki1.7, движке веб-ÑайÑов Ð´Ð»Ñ ÑовмеÑÑной ÑабоÑÑ, бÑло обнаÑÑжено +неÑколÑко ÑÑзвимоÑÑей. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and Exposures +опÑеделÑÐµÑ ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-5249">CVE-2008-5249</a> - -<p>David Remahl discovered that mediawiki1.7 is prone to a cross-site scripting attack.</p></li> +<p>Ðавид Ð ÐµÐ¼Ð°Ð»Ñ Ð¾Ð±Ð½Ð°ÑÑжил, ÑÑо движок mediawiki1.7 ÑÑзвим к межÑайÑÐ¾Ð²Ð¾Ð¼Ñ ÑкÑипÑингÑ.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-5250">CVE-2008-5250</a> - -<p>David Remahl discovered that mediawiki1.7, when Internet Explorer is used and - -uploads are enabled, or an SVG scripting browser is used and SVG uploads are - -enabled, allows remote authenticated users to inject arbitrary web script or - -HTML by editing a wiki page.</p></li> +<p>Ðавид Ð ÐµÐ¼Ð°Ð»Ñ Ð¾Ð±Ð½Ð°ÑÑжил, ÑÑо mediawiki1.7 пÑи иÑполÑзовании Internet Explorer и +вклÑÑении загÑÑзок, либо пÑи иÑполÑзовании ÑкÑипÑового пÑоÑмоÑÑÑика SVG и вклÑÑении +загÑÑзок SVG позволÑÐµÑ ÑдалÑннÑм аÑÑенÑиÑиÑиÑованнÑм полÑзоваÑелÑм вводиÑÑ Ð¿ÑоизволÑнÑй +веб-ÑÑенаÑий или код HTML, ÑедакÑиÑÑÑ Ð²Ð¸ÐºÐ¸-ÑÑÑаниÑÑ.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2008-5252">CVE-2008-5252</a> - -<p>David Remahl discovered that mediawiki1.7 is prone to a cross-site request - -forgery vulnerability in the Special:Import feature.</p></li> +<p>Ðавид Ð ÐµÐ¼Ð°Ð»Ñ Ð¾Ð±Ð½Ð°ÑÑжил, ÑÑо движок mediawiki1.7 ÑÑзвим к подделке межÑайÑовÑÑ +запÑоÑов в Special:Import.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-0737">CVE-2009-0737</a> - -<p>It was discovered that mediawiki1.7 is prone to a cross-site scripting attack in - -the web-based installer.</p></li> +<p>ÐÑло обнаÑÑжено, ÑÑо движок mediawiki1.7 ÑÑзвим к межÑайÑÐ¾Ð²Ð¾Ð¼Ñ ÑкÑипÑÐ¸Ð½Ð³Ñ Ð² +пÑогÑамме ÑÑÑавки на оÑнове веб.</p></li> </ul> - -<p>For the oldstable distribution (etch), these problems have been fixed in version - -1.7.1-9etch1 for mediawiki1.7, and mediawiki is not affected (it is a - -metapackage for mediawiki1.7).</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (etch) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² веÑÑии +1.7.1-9etch1 пакеÑа mediawiki1.7, Ð¿Ð°ÐºÐµÑ mediawiki не подвеÑжен ÑказаннÑм ÑÑзвимоÑÑÑм +(он пÑедÑÑавлÑÐµÑ Ñобой меÑÐ°Ð¿Ð°ÐºÐµÑ Ð´Ð»Ñ ÑÑÑановки mediawiki1.7).</p> - -<p>The stable (lenny) distribution does not include mediawiki1.7, and these - -problems have been fixed in version 1:1.12.0-2lenny3 for mediawiki which was - -already included in the lenny release.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (lenny) Ð¿Ð°ÐºÐµÑ mediawiki1.7 оÑÑÑÑÑÑвÑеÑ, а ÑказаннÑе +пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² веÑÑии 1:1.12.0-2lenny3 пакеÑа mediawiki, коÑоÑÑй +бÑл Ñанее вклÑÑÑн в вÑпÑÑк lenny.</p> - -<p>The unstable (sid) and testing (squeeze) distributions do not - -include mediawiki1.7, and these problems have been fixed in version 1:1.14.0-1 - -for mediawiki.</p> +<p>РнеÑÑабилÑном (sid) и ÑеÑÑиÑÑемом (squeeze) вÑпÑÑÐºÐ°Ñ Ð¿Ð°ÐºÐµÑ mediawiki1.7 +оÑÑÑÑÑÑвÑеÑ, а ÑказаннÑе пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² веÑÑии 1:1.14.0-1 +пакеÑа mediawiki.</p> - -<p>We recommend that you upgrade your mediawiki1.7 packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ mediawiki1.7.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlqDwfsACgkQXudu4gIW 0qWp+BAArn/pIqCnoXicTEI1lrUkYJUpPfZRvvHAsqaZgC/PtyWdXagUGqJBjkMm mXrt4SF1r15Df8YqLzVAl8BDUghMldqZc1jkS/h8VbF9V6FpCarwug9+UrEvVk1U Dp7kS5Y1g0xUI7wnogel7iSR7tPBLb0Dcg5tUoj8Od+tFg7cIjE/dD2zKWDvd8AP VC/gpx5IUaOCu3oMFVZawFqFIIrAuNtxQEI5NGnSiwlWBtpEgYcuTw5SxO9SyVIw Bqd/PaTmROA6JfWo5dO2eYZCGbtUB4y3xYYKKEDh8h+GT+GdtbnZFhv2y+orIENG tlVnIUb5npjCFG2lMRL/RUk867u9GlWpxd7N+DigZBUFypy7jwbSeHTrIEhVzg6Y IU+45N3xnuONqzDY43dXugXjuu7S9pBXA3xeenud5gCF87G5Ua/bp0JUaEcvXn8d HSN+bINbwS5KwG3Yw1Sn1SrrYsXohI7K1bqs0aCttEeO7BAGImhAJLBEOPBnNEBQ y9SzNGMCkj548JE8gYTCM3zQbvx1TOSKaIusfvfS+kd4/TSpdQOcTuqHjYwJvbhP YFAR66hQz5mZut0P0eMQt3POD9WZf1eG6cBzQl+DYYLscby41XUjI52FFKrP9o76 IpuVS5K0t4LxEhb043PNvyA4d3aFcZVnGMvVL5iid0DheITopCc= =dbip -----END PGP SIGNATURE-----