-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2009/dsa-1956.wml 2017-11-01 10:11:10.111830390 +0500 +++ russian/security/2009/dsa-1956.wml 2018-03-02 13:23:26.260001846 +0500 @@ -1,52 +1,53 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Several remote vulnerabilities have been discovered in Xulrunner, a - -runtime environment for XUL applications, such as the Iceweasel web - -browser. The Common Vulnerabilities and Exposures project identifies - -the following problems:</p> +<p>Ð Xulrunner, окÑÑжении вÑемени иÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð´Ð»Ñ XUL-пÑиложений, ÑÐ°ÐºÐ¸Ñ +как веб-бÑаÑÐ·ÐµÑ Iceweasel, бÑло обнаÑÑжено неÑколÑко ÑдалÑннÑÑ +ÑÑзвимоÑÑей. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and Exposures опÑеделÑÐµÑ +ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-3986">CVE-2009-3986</a>: - - <p>David James discovered that the window.opener property allows Chrome - - privilege escalation.</p></li> + <p>ÐÑвид ÐÐ¶ÐµÐ¹Ð¼Ñ Ð¾Ð±Ð½Ð°ÑÑжил, ÑÑо ÑвойÑÑво window.opener позволÑÐµÑ Ð²ÑполнÑÑÑ + повÑÑение пÑивилегий Chrome.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-3985">CVE-2009-3985</a>: - - <p>Jordi Chanel discovered a spoofing vulnerability of the URL location bar - - using the document.location property.</p></li> + <p>ÐоÑди Ð§Ð°Ð½ÐµÐ»Ñ Ð¾Ð±Ð½Ð°ÑÑжил возможноÑÑÑ Ð¿Ð¾Ð´Ð´ÐµÐ»ÐºÐ¸ ÑÑÑоки URL Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ + ÑвойÑÑва document.location.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-3984">CVE-2009-3984</a>: - - <p>Jonathan Morgan discovered that the icon indicating a secure connection - - could be spoofed through the document.location property.</p></li> + <p>ÐжонаÑан ÐоÑган обнаÑÑжил возможноÑÑÑ Ð¿Ð¾Ð´Ð´ÐµÐ»ÐºÐ¸ иконки ÑÑаÑÑÑа безопаÑного + ÑÐ¾ÐµÐ´Ð¸Ð½ÐµÐ½Ð¸Ñ Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ ÑвойÑÑва document.location.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-3983">CVE-2009-3983</a>: - - <p>Takehiro Takahashi discovered that the NTLM implementation is vulnerable - - to reflection attacks.</p></li> + <p>Ð¢Ð°ÐºÐµÑ Ð¸Ñо Ð¢Ð°ÐºÐ°Ñ Ð°Ñи обнаÑÑжил, ÑÑо ÑеализаÑÐ¸Ñ NTLM ÑÑзвима к + аÑакам меÑодом оÑÑажениÑ.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-3981">CVE-2009-3981</a>: - - <p>Jesse Ruderman discovered a crash in the layout engine, which might allow - - the execution of arbitrary code.</p></li> + <p>ÐжеÑÑ Ð Ð°Ð´ÐµÑман обнаÑÑжил аваÑийнÑÑ Ð¾ÑÑÐ°Ð½Ð¾Ð²ÐºÑ Ð² движке ÑазмеÑки, коÑоÑÐ°Ñ Ð¼Ð¾Ð¶ÐµÑ + позволиÑÑ Ð²Ñполнение пÑоизволÑного кода.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2009-3979">CVE-2009-3979</a>: - - <p>Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel and Olli Pettay - - discovered crashes in the layout engine, which might allow the execution - - of arbitrary code.</p></li> + <p>ÐжеÑÑ Ð Ð°Ð´ÐµÑман, ÐÐ¶Ð¾Ñ Ð¡Ð¾ÑеÑ, ÐаÑÑейн ÐаÑгеÑÑ, ХоÑе Ðнгел и Ðлли ÐеÑÑай + обнаÑÑжили аваÑийнÑе оÑÑановки в движке ÑазмеÑки, коÑоÑÑе могÑÑ Ð¿Ð¾Ð·Ð²Ð¾Ð»Ð¸ÑÑ Ð²Ñполнение + пÑоизволÑного кода.</p></li> </ul> - -<p>For the stable distribution (lenny), these problems have been fixed in - -version 1.9.0.16-1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (lenny) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 1.9.0.16-1.</p> - -<p>For the unstable distribution (sid), these problems have been fixed in - -version 1.9.1.6-1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 1.9.1.6-1.</p> - -<p>We recommend that you upgrade your xulrunner packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ xulrunner.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlqZCgMACgkQXudu4gIW 0qXXrQ//bQR6VXlwCJbhDOhtzn8qIPdURy6xLwienpLGbGU5G24PsSgGOzsyXp0m k0mCJEIsm/sx5wuAvCnc79X+uIcn1p8eolsN1zwgg6PHUiGAPDjuuTqoY+IGkA/E JuQb8G6W+6E4Kxypqjmkqd5xXNnd8zNQ+aOqUxCdv89uWI440b5emT3lIZibTev5 Rl/qcgde3CPS9+GuGz6OT1w7oPur4DJ1/3YqY4MexUgJBr+3uTQjDYjS0xo8VJuK qcMdg86ePx5Pr+8oDekxsa/4CZdc5UvXys1i4f9Es/3fiddNaJwMfmcuLtSVLg86 p+m1+J7Hk+kZweyQgwrunLXngstlSEBH27kHzsnunAn2pfmBDbzcOq5Odv/4Shtc yeYv6CQ95BA07nn5PpNBKbv9oP6A+N6vdGlwlRtLsS24dq23DDWs/sOPlTt8w7FQ c3XZlg8XdKr6i36efJTo0Z5vWpku0/t28gbXvic4jWAhKwYIVm+/KnsuGZY7kCc5 kON288OFJvwJErNJpD6t05fibS9yBqPNPks9J7rivgQHoD7lofon3e0RIe+9us60 wC79ugqcTVT7/dC1EPbomLnVbsBgGqmZenSQvrCu/QIiMjDAhLEKGlzFDXZV3lhM O5R0nxjq6xB/+3q2E4nOalmmio8Z+qUMMcayTvvCHvz018vSQHE= =yAB7 -----END PGP SIGNATURE-----