-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2015/dla-210.wml 2016-04-07 03:47:55.000000000 +0500 +++ russian/security/2015/dla-210.wml 2016-05-03 12:57:21.483300271 +0500 @@ -1,20 +1,21 @@ - -<define-tag description>LTS security update</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи LTS</define-tag> <define-tag moreinfo> - -<p>This update fixes multiple security issues in the Qt library.</p> +<p>Ðанное обновление иÑпÑавлÑÐµÑ Ð¼Ð½Ð¾Ð³Ð¾ÑиÑленнÑе ÑÑзвимоÑÑи в библиоÑеке Qt.</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2013-0254">CVE-2013-0254</a> - - <p>The QSharedMemory class uses weak permissions (world-readable and - - world-writable) for shared memory segments, which allows local users - - to read sensitive information or modify critical program data, as - - demonstrated by reading a pixmap being sent to an X server.</p></li> + <p>ÐлаÑÑ QSharedMemory иÑполÑзÑеÑÑÑ ÑлабÑе пÑава доÑÑÑпа (доÑÑÑп Ð´Ð»Ñ ÑÑÐµÐ½Ð¸Ñ Ð¸ запиÑи + Ð´Ð»Ñ Ð²ÑÐµÑ Ð¿Ð¾Ð»ÑзоваÑелей) Ð´Ð»Ñ ÑегменÑов ÑазделÑемой памÑÑи, ÑÑо позволÑÐµÑ Ð»Ð¾ÐºÐ°Ð»ÑнÑм полÑзоваÑелÑм + ÑÑиÑÑваÑÑ ÑÑвÑÑвиÑелÑнÑÑ Ð¸Ð½ÑоÑмаÑÐ¸Ñ Ð¸Ð»Ð¸ изменÑÑÑ ÐºÑиÑиÑеÑкие даннÑе пÑогÑаммÑ, ÑÑо + демонÑÑÑиÑÑеÑÑÑ ÑÑением пикÑелÑнÑÑ Ð¸Ð·Ð¾Ð±Ñажений, оÑпÑавлÑемÑÑ X-ÑеÑвеÑÑ.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-0295">CVE-2015-0295</a> / <a href="https://security-tracker.debian.org/tracker/CVE-2015-1858">CVE-2015-1858</a> / <a href="https://security-tracker.debian.org/tracker/CVE-2015-1859">CVE-2015-1859</a> / <a href="https://security-tracker.debian.org/tracker/CVE-2015-1860">CVE-2015-1860</a> - - <p>Denial of service (via segmentation faults) through crafted - - images (BMP, GIF, ICO).</p></li> + <p>ÐÑказ в обÑлÑживании (ÑеÑез оÑибки ÑегменÑиÑованиÑ) пÑи помоÑи ÑпеÑиалÑно + ÑÑоÑмиÑованнÑÑ Ð¸Ð·Ð¾Ð±Ñажений (BMP, GIF, ICO).</p></li> </ul> </define-tag> - --- english/security/2015/dla-356.wml 2016-04-08 00:21:20.000000000 +0500 +++ russian/security/2015/dla-356.wml 2016-05-03 12:54:25.796707383 +0500 @@ -1,25 +1,26 @@ - -<define-tag description>LTS security update</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи LTS</define-tag> <define-tag moreinfo> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9496">CVE-2014-9496</a> - - <p>The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows - - attackers to have unspecified impact via vectors related to a (1) map - - offset or (2) rsrc marker, which triggers an out-of-bounds read.</p></li> + <p>ФÑнкÑÐ¸Ñ sd2_parse_rsrc_fork в sd2.c в libsndfile позволÑÐµÑ + злоÑмÑÑленникам оказÑваÑÑ Ð½ÐµÐ¾Ð¿ÑеделÑнное влиÑние на безопаÑноÑÑÑ ÑеÑез векÑоÑÑ, ÑвÑзаннÑе Ñ (1) оÑобÑажением + ÑмеÑÐµÐ½Ð¸Ñ Ð¸Ð»Ð¸ (2) rsrc-маÑкеÑом, коÑоÑÑе вÑзÑваÑÑ ÑÑение за пÑеделами вÑделенного бÑÑеÑа памÑÑи.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-9756">CVE-2014-9756</a> - - <p>The psf_fwrite function in file_io.c in libsndfile allows attackers to - - cause a denial of service (divide-by-zero error and application crash) - - via unspecified vectors related to the headindex variable.</p></li> + <p>ФÑнкÑÐ¸Ñ psf_fwrite function в file_io.c в libsndfile позволÑÐµÑ Ð·Ð»Ð¾ÑмÑÑленникам + вÑзÑваÑÑ Ð¾Ñказ в обÑлÑживании (оÑибка пÑи делении на Ð½Ð¾Ð»Ñ Ð¸ аваÑÐ¸Ð¹Ð½Ð°Ñ Ð¾ÑÑановка пÑиложениÑ) + ÑеÑез неопÑеделÑннÑе векÑоÑÑ, ÑвÑзаннÑе Ñ Ð¿ÐµÑеменной headindex.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7805">CVE-2015-7805</a> - - <p>Heap-based buffer overflow in libsndfile 1.0.25 allows remote - - attackers to have unspecified impact via the headindex value in the - - header in an AIFF file.</p></li> + <p>ÐеÑеполнение динамиÑеÑкой памÑÑи в libsndfile веÑÑии 1.0.25 позволÑÐµÑ ÑдалÑннÑм + злоÑмÑÑленникам оказÑваÑÑ Ð½ÐµÐ¾Ð¿ÑеделÑнное влиÑние на безопаÑноÑÑÑ ÑеÑез пеÑеменнÑÑ headindex в + заголовке Ñайла в ÑоÑмаÑе AIFF.</p></li> </ul> </define-tag> -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXKFnkAAoJEF7nbuICFtKl97oQAK60XRS2pH795eQdwTJQUX3V O2gvxenaKxlEcwcc3L/Qp9VJS3oBhz+nfwEN+HH6mfadQP9KrtSsbc2WutdKrnyZ PYGkg7M+4HDh0ZFu27Krg5hK8/Y+ek8SNwbBcyRz8gip7fdahlbtgjjZk8pXUpDe Yb6PGBo8X0zve2gSIcI6oXtoc21o483AKkT8LuKEbPSxDYZt1dMd5AQ1dfdIZHhi Fv4XxAT1FN5X/VQ+eiYAhthOx4KqJXVKpv4yjaFcUGKfNItBgczQYZvZ25c+BjqJ 3ng0GDSSNqsMx4SiaCjp5yYg80hky8NWRgn9fwNr7/wRNyUBiR/7cF7JgZpwurEm qiW/AHtrpJcwNWOxEVWCRvEvX2EBmZYcVTA8GHru6ix2T1Ojd9VzYfKE54AWP5nn ofOeHYwOh8b4U4zDnRt/3mj73RJKsqW6+6MnQafEBt8+y6GRxllBYy8WOXOv/Uh1 TYvjlin1K1mXpEe0GvpKE85yYy3ccbJ0OdSbZkSrXLISW3Cxrc3+rEXV/Jk2zOu7 QGdSRkWYHkp+zYRzTLp7NUJQnlBmWMk4NcvrRXieqXNpFYHVjgYb6R5peVW8CVE5 WUiMcuI6hCjBdFBYZQwrpJdn1oGfkZG9G78a7mDv3WI7PYqEkNM55V797eo93f/K T/Wfq7lQ5gKPdP94lH2a =Q70A -----END PGP SIGNATURE-----