-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2012/dsa-2400.wml 2014-04-30 13:16:28.000000000 +0600 +++ russian/security/2012/dsa-2400.wml 2016-09-21 18:00:02.597572231 +0500 @@ -1,44 +1,45 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities have been discovered in Iceweasel, a web browser - -based on Firefox. The included XULRunner library provides rendering - -services for several other applications included in Debian.</p> +<p>Ð Iceweasel, веб-бÑаÑзеÑе на оÑнове Firefox, бÑло обнаÑÑжено неÑколÑко +ÑÑзвимоÑÑей. СодеÑжаÑаÑÑÑ Ð² пакеÑе библиоÑека XULRunner пÑедоÑÑавлÑÐµÑ Ð²Ð¾Ð·Ð¼Ð¾Ð¶Ð½Ð¾ÑÑи +оÑÑиÑовки Ð´Ð»Ñ Ð½ÐµÑколÑÐºÐ¸Ñ Ð´ÑÑÐ³Ð¸Ñ Ð¿Ñиложений из Debian.</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-3670";>CVE-2011-3670</a> - - <p>Gregory Fleischer discovered that IPv6 URLs were incorrectly parsed, - - resulting in potential information disclosure.</p></li> + <p>ÐÑегоÑи ФлÑйÑÐµÑ Ð¾Ð±Ð½Ð°ÑÑжил, ÑÑо гÑаммаÑиÑеÑкий ÑÐ°Ð·Ð±Ð¾Ñ URL IPv6 вÑполнÑеÑÑÑ Ð½ÐµÐ¿ÑавилÑно, + ÑÑо пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº поÑенÑиалÑÐ½Ð¾Ð¼Ñ ÑаÑкÑÑÑÐ¸Ñ Ð¸Ð½ÑоÑмаÑии.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-0442";>CVE-2012-0442</a> - - <p>Jesse Ruderman and Bob Clary discovered memory corruption bugs, which - - may lead to the execution of arbitrary code.</p></li> + <p>ÐжеÑÑ Ð Ð°Ð´ÐµÑман и Ðоб ÐлÑÑи обнаÑÑжили оÑибки Ñ Ð¿Ð¾Ð²Ñеждением ÑодеÑжимого памÑÑи, коÑоÑÑе + могÑÑ Ð¿ÑиводиÑÑ Ðº вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-0444";>CVE-2012-0444</a> - - <p><q>regenrecht</q> discovered that missing input sanitising in the Ogg Vorbis - - parser may lead to the execution of arbitrary code.</p></li> + <p><q>regenrecht</q> обнаÑÑжил, ÑÑо оÑÑÑÑÑÑвие оÑиÑÑки Ð²Ñ Ð¾Ð´Ð½ÑÑ Ð´Ð°Ð½Ð½ÑÑ Ð² коде Ð´Ð»Ñ Ð³ÑаммаÑиÑеÑкого + ÑазбоÑа Ogg Vorbis Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-0449";>CVE-2012-0449</a> - - <p>Nicolas Gregoire and Aki Helin discovered that missing input - - sanitising in XSLT processing may lead to the execution of arbitrary - - code.</p></li> + <p>ÐÐ¸ÐºÐ¾Ð»Ð°Ñ ÐÑегоÑи и Ðки Хелин обнаÑÑжили, ÑÑо оÑÑÑÑÑÑвие оÑиÑÑки Ð²Ñ Ð¾Ð´Ð½ÑÑ + даннÑÑ Ð² коде обÑабоÑки XSLT Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного + кода.</p></li> </ul> - -<p>For the oldstable distribution (lenny), this problem has been fixed in - -version 1.9.0.19-13 of the xulrunner source package.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (lenny) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1.9.0.19-13 пакеÑа Ñ Ð¸ÑÑ Ð¾Ð´Ð½Ñм кодом xulrunner.</p> - -<p>For the stable distribution (squeeze), this problem has been fixed in - -version 3.5.16-12.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 3.5.16-12.</p> - -<p>For the unstable distribution (sid), this problem has been fixed in - -version 10.0-1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 10.0-1.</p> - -<p>We recommend that you upgrade your iceweasel packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ iceweasel.</p> </define-tag> # do not modify the following line - --- english/security/2012/dsa-2435.wml 2014-04-30 13:16:28.000000000 +0600 +++ russian/security/2012/dsa-2435.wml 2016-09-21 17:55:00.032371375 +0500 @@ -1,41 +1,42 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities have been identified in Gnash, the GNU Flash - -player.</p> +<p>Ð Gnash, пÑоигÑÑваÑеле Flash Ð¾Ñ GNU, бÑло обнаÑÑжено неÑколÑко +ÑÑзвимоÑÑей.</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-1175";>CVE-2012-1175</a> - - <p>Tielei Wang from Georgia Tech Information Security Center discovered a - - vulnerability in GNU Gnash which is caused due to an integer overflow - - error and can be exploited to cause a heap-based buffer overflow by - - tricking a user into opening a specially crafted SWF file.</p></li> + <p>ТелÑй Ðан из Georgia Tech Information Security Center обнаÑÑжил + ÑÑзвимоÑÑÑ Ð² GNU Gnash, коÑоÑÐ°Ñ Ð²Ð¾Ð·Ð½Ð¸ÐºÐ°ÐµÑ Ð¸Ð·-за пеÑÐµÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ ÑелÑÑ ÑиÑел + и Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑÑÑ Ð´Ð»Ñ Ð²Ñзова пеÑÐµÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð´Ð¸Ð½Ð°Ð¼Ð¸ÑеÑкой памÑÑи пÑи ÑÑловии, ÑÑо + полÑзоваÑÐµÐ»Ñ Ð¾ÑкÑÑÐ²Ð°ÐµÑ ÑпеÑиалÑно ÑÑоÑмиÑованнÑй SWF-Ñайл.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-4328";>CVE-2011-4328</a> - - <p>Alexander Kurtz discovered an unsafe management of HTTP cookies. Cookie - - files are stored under /tmp and have predictable names, and the vulnerability - - allows a local attacker to overwrite arbitrary files the users has - - write permissions for, and are also world-readable which may cause - - information leak.</p></li> + <p>ÐлекÑÐ°Ð½Ð´ÐµÑ ÐÑÑÑ Ð¾Ð±Ð½Ð°ÑÑжил небезопаÑнÑÑ ÑабоÑÑ Ñ HTTP-кÑки. Ð¤Ð°Ð¹Ð»Ñ + кÑки ÑÐ¾Ñ ÑанÑÑÑÑÑ Ð² /tmp и имеÑÑ Ð¿ÑедÑказÑемÑе имена, ÑÑа ÑÑзвимоÑÑÑ + позволÑÐµÑ Ð»Ð¾ÐºÐ°Ð»ÑÐ½Ð¾Ð¼Ñ Ð·Ð»Ð¾ÑмÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÑ Ð¿ÐµÑезапиÑÑваÑÑ Ð¿ÑоизволÑнÑе ÑайлÑ, к коÑоÑÑм полÑзоваÑÐµÐ»Ñ + Ð¸Ð¼ÐµÐµÑ Ð´Ð¾ÑÑÑп Ñ Ð¿Ñавами на запиÑÑ, Ñакже ÑÐ°Ð¹Ð»Ñ ÐºÑки оÑкÑÑÑÑ Ð´Ð»Ñ ÑÑÐµÐ½Ð¸Ñ Ð²Ñем полÑзоваÑелÑм, + ÑÑо Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº ÑÑеÑке инÑоÑмаÑии.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2010-4337";>CVE-2010-4337</a> - - <p>Jakub Wilk discovered an unsafe management of temporary files during the - - build process. Files are stored under /tmp and have predictable names, and the - - vulnerability allows a local attacker to overwrite arbitrary files - - the users has write permissions for.</p></li> + <p>ЯкÑб Ðилк обнаÑÑжил небезопаÑнÑÑ ÑабоÑÑ Ñ Ð²ÑеменнÑми Ñайлами в Ñ Ð¾Ð´Ðµ + пÑоÑеÑÑа ÑбоÑки. Ð¤Ð°Ð¹Ð»Ñ ÑÐ¾Ñ ÑанÑÑÑÑÑ Ð² /tmp и имеÑÑ Ð¿ÑедÑказÑемÑе имена, ÑÑа + ÑÑзвимоÑÑÑ Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÐµÑ Ð»Ð¾ÐºÐ°Ð»ÑÐ½Ð¾Ð¼Ñ Ð·Ð»Ð¾ÑмÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÑ Ð¿ÐµÑезапиÑÑваÑÑ Ð¿ÑоизволÑнÑе + ÑайлÑ, к коÑоÑÑм полÑзоваÑÐµÐ»Ñ Ð¸Ð¼ÐµÐµÑ Ð´Ð¾ÑÑÑп Ñ Ð¿Ñавами на запиÑÑ.</p></li> </ul> - -<p>For the stable distribution (squeeze), this problem has been fixed in - -version 0.8.8-5+squeeze1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 0.8.8-5+squeeze1.</p> - -<p>For the unstable distribution (sid), this problem has been fixed in - -version 0.8.10-5.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 0.8.10-5.</p> - -<p>We recommend that you upgrade your gnash packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ gnash.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJX4oRXAAoJEF7nbuICFtKl5K8P/0B9be1usKCA8HLdsPmCsomm np2xIRwUlY4hyt99bF2ChL3GSxIFG+LFAMWzbUzEhrQfFVfm9UAiY/toxfuTv7N1 fjeukkY16gJ2/UXBBulrfEVoo1DvrL2s6ZFHGtvxcSZezIE5wfoDhhNIb0RWxlTN D+A7Groa3gIWiYIr0ThMu4x5TU3UX/HIEgbJkVUo3zzTnTW2pAFDAaU7oR2yCOou AJjfPnw8QHf2pqFw9e84vzlIxfL6HkDFXMKwNy9eUWWB7KCbWGKlCmvp0xpfK7FW HnWHnhyyFxVElcuREOPprICXdikSkamxlpWtz+Oa3IsqktAtzGeE0NKGGAF0osTO mE5n/cq1jJ/voomJ6SygWsb5McL54nvI6sCsVp0vDhSZx9B18h9/b2aSI4ueV82s AInEbzi2Og2PWYsHUrj84A5NlX4zuvRenbuetecGEG1ph6Sw2v3NCwOxYFl4fCXP d2gJ8hTOtG49QlTP/1yrJk1RDal5CNsocbXBZ7rm7FmT19mLs/PENN6D9AYypMz0 yAf1W2Hosdz24JwbM/ci9o64xlhV1k9Uhu9qC4aHyfnhdw8EIAOh8htE6Vj8MJoD ZVeMSKYVi0vKPC/xhuuW/BCHH1mHPmF9oiuUYjgeoYCND6wvJ58NC5khNljGhQMf 7w7xbZbCcwWqCiahnQ8T =S8gm -----END PGP SIGNATURE-----
