-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- --- english/security/2002/dsa-122.wml 2002-03-12 12:41:28.0 +0500
+++ russian/security/2002/dsa-122.wml 2016-09-22 23:07:11.374049467 +0500
@@ -1,18 +1,19 @@
- -malloc error (double free)
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+оÑибка вÑÐ´ÐµÐ»ÐµÐ½Ð¸Ñ Ð¿Ð°Ð¼ÑÑи
(двойное оÑвобождение памÑÑи)
- -The compression library zlib has a flaw in which it attempts to free
- -memory more than once under certain conditions. This can possibly be
- -exploited to run arbitrary code in a program that includes zlib. If a
- -network application running as root is linked to zlib, this could
- -potentially lead to a remote root compromise. No exploits are known at
- -this time. This vulnerability is assigned the CVE candidate name of
+ÐиблиоÑека ÑжаÑÐ¸Ñ zlib ÑодеÑÐ¶Ð¸Ñ Ð¾ÑибкÑ,
из-за коÑоÑой пÑи опÑеделÑннÑÑ
ÑÑловиÑÑ
+она пÑÑаеÑÑÑ Ð¾ÑвободиÑÑ Ð¿Ð°Ð¼ÑÑÑ Ð±Ð¾Ð»ÐµÐµ
одного Ñаза. ÐÑа оÑибка поÑенÑиалÑно можеÑ
+иÑполÑзоваÑÑÑÑ Ð´Ð»Ñ Ð·Ð°Ð¿ÑÑка пÑоизволÑного
кода в пÑогÑамме, вклÑÑаÑÑей zlib. ÐÑли
+ÑеÑевое пÑиложение, запÑÑенное Ð¾Ñ Ð»Ð¸Ñа
ÑÑпеÑполÑзоваÑелÑ, Ñкомпоновано Ñ zlib, Ñо
ÑÑо поÑенÑиалÑно
+Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº ÑдалÑнной компÑомеÑаÑии
ÑÑпеÑполÑзоваÑелÑ. РнаÑÑоÑÑее вÑемÑ
ÑкÑплоиÑÑ
+не извеÑÑнÑ. ÐÐ°Ð½Ð½Ð°Ñ ÑÑзвимоÑÑÑ Ð¿Ð¾Ð»ÑÑила
кандидаÑ-иденÑиÑикаÑÐ¾Ñ CVE,
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0059;>CAN-2002-0059.
- -The zlib vulnerability is fixed in the Debian zlib package version
- -1.1.3-5.1. A number of programs either link statically to zlib or include
- -a private copy of zlib code. These programs must also be upgraded
- -to eliminate the zlib vulnerability. The affected packages and fixed
- -versions follow:
+УÑзвимоÑÑÑ Ð² zlib бÑла иÑпÑавлена в пакеÑе
zlib веÑÑии
+1.1.3-5.1. Ð Ñд пÑогÑамм ÑÑаÑиÑеÑки
ÑÐºÐ¾Ð¼Ð¿Ð¾Ð½Ð¾Ð²Ð°Ð½Ñ Ñ zlib, либо вклÑÑаÑÑ Ð² ÑебÑ
+ÑобÑÑвеннÑÑ ÐºÐ¾Ð¿Ð¸Ñ ÐºÐ¾Ð´Ð° zlib. ÐÑи пÑогÑаммÑ
Ñоже ÑледÑÐµÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ñ ÑелÑÑ
+ÑÑÑÑÐ°Ð½ÐµÐ½Ð¸Ñ ÑÑзвимоÑÑи в zlib. ÐодвеÑженнÑе
ÑÑзвимоÑÑи пакеÑÑ Ð¸ иÑ
иÑпÑавленнÑе
+веÑÑии пÑиводÑÑÑÑ Ð½Ð¸Ð¶Ðµ:
amaya 2.4-1potato1
@@ -25,15 +26,15 @@
vrweb 1.5-5.1
- -Those using the pre-release (testing) version of Debian should upgrade
- -to zlib 1.1.3-19.1 or a later version. Note that since this version of
- -Debian has not yet been released it may not be available immediately for
- -all architectures. Debian 2.2 (potato) is the latest supported release.
+Те, кÑо иÑполÑзÑÑÑ Ð¿ÑедваÑиÑелÑнÑй
(ÑеÑÑиÑÑемÑй) вÑпÑÑк Debian, должнÑ
+вÑполниÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ðµ до zlib веÑÑии 1.1.3-19.1
или более поздней. ÐамеÑÑÑе, ÑÑо поÑколÑкÑ
ÑÑа веÑÑиÑ
+Debian пока не бÑла вÑпÑÑенÑ, Ñо ÑÑÐ¾Ñ Ð¿Ð°ÐºÐµÑ
Ð¼Ð¾Ð¶ÐµÑ Ð½Ðµ бÑÑÑ Ð´Ð¾ÑÑÑпен Ð´Ð»Ñ Ð²ÑеÑ
аÑÑ
иÑекÑÑÑ
+одновÑеменно. Debian 2.2 (potato) ÑвлÑеÑÑÑ
наиболее Ñвежим поддеÑживаемÑм вÑпÑÑком.
- -We recommend that you upgrade your packages immediately. Note that you
- -should restart all programs that use the shared zlib library in order
- -for the fix to take effect. This is most easily done by rebooting the
- -system.
+РекомендÑеÑÑÑ ÐºÐ°Ðº можно ÑкоÑее обновиÑÑ
пакеÑÑ. ÐамеÑÑÑе, ÑÑо вам
+ÑледÑÐµÑ Ð¿ÐµÑезапÑÑÑиÑÑ Ð²Ñе пÑогÑаммÑ,
иÑполÑзÑÑÑие ÑазделÑемÑÑ Ð±Ð¸Ð±Ð»Ð¸Ð¾ÑÐµÐºÑ zlib
Ð´Ð»Ñ Ñого, ÑÑобÑ
+ÑÑо иÑпÑавление наÑало дейÑÑвоваÑÑ. ÐÑоÑе
вÑего можно ÑделаÑÑ Ð¿ÑÑÑм пеÑезапÑÑка
+вÑей ÑиÑÑемÑ.
# do not modify the following line
- --- english/security/2002/dsa-163.wml 2002-09-16 23:38:45.0 +0600
+++ russian/security/2002/dsa-163.wml 2016-09-22 22:57:55.471687847 +0500
@@ -1,19 +1,20 @@
- -cross site scripting
+#use wml::debian::translation-check translation="1.5" maintainer="Lev Lamberov"
+межÑайÑовÑй ÑкÑипÑинг
- -Jason Molenda and Hiromitsu Takagi
- -http://online.securityfocus.com/archive/1/268455;>found
- -ways to exploit cross site
- -scripting bugs in mhonarc, a mail to HTML converter. When processing
- -maliciously crafted mails of type text/html