-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2015/dla-187.wml 2016-04-08 01:24:53.000000000 +0500 +++ russian/security/2015/dla-187.wml 2016-05-03 13:04:47.755866347 +0500 @@ -1,22 +1,23 @@ - -<define-tag description>LTS security update</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи LTS</define-tag> <define-tag moreinfo> - -<p>Several hidden service related denial-of-service issues have been - -discovered in Tor, a connection-based low-latency anonymous - -communication system.</p> +<p>Ð ÑлÑжбе ÑкÑÑÑÑÑ ÑеÑвиÑов Tor, ÑиÑÑеме анонимного взаимодейÑÑÐ²Ð¸Ñ +Ñ Ð½Ð¸Ð·ÐºÐ¾Ð¹ задеÑжкой на оÑнове Ñоединений, бÑло обнаÑÑжено неÑколÑко +оÑказов в обÑлÑживании.</p> - -<p><q>disgleirio</q> discovered that a malicious client could trigger an - - assertion failure in a Tor instance providing a hidden service, thus - - rendering the service inaccessible. +<p><q>disgleirio</q> обнаÑÑжил, ÑÑо злоÑмÑÑленник Ð¼Ð¾Ð¶ÐµÑ Ð²ÑзваÑÑ + оÑÐ¸Ð±ÐºÑ ÑÑвеÑÐ¶Ð´ÐµÐ½Ð¸Ñ Ð½Ð° Ñзле Tor, пÑедоÑÑавлÑÑÑем ÑкÑÑÑÑй ÑеÑвиÑ, Ð´ÐµÐ»Ð°Ñ + ÑÑÐ¾Ñ ÑеÑÑÐ¸Ñ Ð½ÐµÐ´Ð¾ÑÑÑпнÑм. [<a href="https://security-tracker.debian.org/tracker/CVE-2015-2928">CVE-2015-2928</a>]</p> - -<p><q>DonnchaC</q> discovered that Tor clients would crash with an assertion - - failure upon parsing specially crafted hidden service descriptors. +<p><q>DonnchaC</q> обнаÑÑжил, ÑÑо клиенÑÑ Tor могÑÑ Ð°Ð²Ð°Ñийно завеÑÑиÑÑ ÑабоÑÑ Ñ Ð¾Ñибкой + ÑÑвеÑÐ¶Ð´ÐµÐ½Ð¸Ñ Ð¿Ñи вÑполнении гÑаммаÑиÑеÑкого ÑазбоÑа ÑпеÑиалÑно ÑÑоÑмиÑованнÑÑ Ð´ÐµÑкÑипÑоÑов ÑкÑÑÑого ÑеÑвиÑа. [<a href="https://security-tracker.debian.org/tracker/CVE-2015-2929">CVE-2015-2929</a>]</p> - -<p>Introduction points would accept multiple INTRODUCE1 cells on one - - circuit, making it inexpensive for an attacker to overload a hidden - - service with introductions. Introduction points no longer allow - - multiple such cells on the same circuit.</p> +<p>ТоÑки Ð²Ñ Ð¾Ð´Ð° пÑинимаÑÑ Ð¼Ð½Ð¾Ð³Ð¾ÑиÑленнÑе клеÑки INTRODUCE1 на одном + кÑÑге, ÑÑо облегÑÐ°ÐµÑ Ð·Ð»Ð¾ÑмÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÑ Ð¿ÐµÑеполнение ÑкÑÑÑого + ÑеÑвиÑа Ð²Ñ Ð¾Ð´Ð°Ð¼Ð¸. ТоÑки Ð²Ñ Ð¾Ð´Ð° более не позволÑÑÑ + иÑполÑзоваÑÑ Ð¼Ð½Ð¾Ð³Ð¾ÑиÑленнÑе клеÑки на одном и Ñом же кÑÑге.</p> </define-tag> # do not modify the following line - --- english/security/2015/dla-278.wml 2016-04-07 03:10:35.000000000 +0500 +++ russian/security/2015/dla-278.wml 2016-05-03 13:20:13.868100872 +0500 @@ -1,28 +1,29 @@ - -<define-tag description>LTS security update</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи LTS</define-tag> <define-tag moreinfo> - -<p>Several SQL injection vulnerabilities were discovered in cacti, a - -frontend to rrdtool for monitoring systems and service:</p> +<p>Ð cacti, инÑеÑÑейÑе Ð´Ð»Ñ rrdtool Ð´Ð»Ñ Ð¾ÑÑÐ»ÐµÐ¶Ð¸Ð²Ð°Ð½Ð¸Ñ ÑиÑÑем и ÑлÑжб, бÑло обнаÑÑжено +неÑколÑко возможноÑÑей вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ SQL-инÑекÑий:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-4634">CVE-2015-4634</a> - - <p>SQL injection vulnerability in Cacti before 0.8.8e allows remote - - attackers to execute arbitrary SQL commands in graphs.php</p> + <p>SQL-инÑекÑÐ¸Ñ Ð² Cacti до веÑÑии 0.8.8e позволÑÐµÑ ÑдалÑннÑм + злоÑмÑÑленникам вÑполнÑÑÑ Ð¿ÑоизволÑнÑе ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ SQL в graphs.php</p> - -<p>Currently unknown or unassigned CVE's - - SQL injection vulnerability in Cacti before 0.8.8e allows remote - - attackers to execute arbitrary SQL commands in cdef.php, color.php, +<p>РнаÑÑоÑÑее вÑÐµÐ¼Ñ Ð¸Ð´ÐµÐ½ÑиÑикаÑоÑÑ CVE не назнаÑÐµÐ½Ñ Ð¸Ð»Ð¸ не извеÑÑÐ½Ñ + SQL-инÑекÑÐ¸Ñ Ð² Cacti до веÑÑии 0.8.8e позволÑÑÑ ÑдалÑннÑм + злоÑмÑÑленникам вÑполнÑÑÑ Ð¿ÑоизволÑнÑе ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ SQL в cdef.php, color.php, data_input.php, data_queries.php, data_sources.php, data_templates.php, gprint_presets.php, graph_templates.php, graph_templates_items.php, graphs_items.php, host.php, - - host_templates.php, lib/functions.php, rra.php, tree.php and + host_templates.php, lib/functions.php, rra.php, tree.php и user_admin.php</p></li> </ul> - -<p>For the oldoldstable distribution (squeeze), these problems have been - -fixed in version 0.8.7g-1+squeeze7.</p> +<p>РпÑедÑдÑÑем ÑÑаÑом ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли +иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² веÑÑии 0.8.7g-1+squeeze7.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXKF8/AAoJEF7nbuICFtKlGsUQAK6rPxPW/cP26duxUXBkVlEg UB+Xisslecw5n/TihwUBcdNDzECOpyRCJ+IoopPaR4a3RxC6KDZK4YSQf9c72yjT aC3sulNiDrncLEz1IXpJDv83udNQhYtSW1q1xlASIsE9cOg3jb1vNr6cuIgdKUKL B+lGdqVpZ22xQfbcdI8so7Cts3mGl4eB+x0BiRNnFxGP9Gn22Seg4aXmLGCBYtnp JDqXJYaJz98WNcW9CE1JCymCJ+OSiGMM+XxBfodP7kKzRyZadszsrQqEVJhVY3Dj Q1E55ts6gD1ofkep8k3TCi/FKsTx29LCa+fsW0yczILYUAOdIHUmxeT13H/IiVnI Oe60kaFbGZJzJU8zh8Nl/k9dsKdDkYNo+Dey/BGDYDOgcRJSLD0EEjw+rcvJM43Z 6LoFhUrl8VCVtRgYml7b4Yaatqlybj8+MSoOmKeIZ3/c/QipCfKd5DT5qmGHR8H0 lmFQrYvrMZpqxUptTFewYoQVCqbsYJeo17Z9tjALKUz6gTHoJ95FG4TQxbyyRTOl PCjQgDeUPkjZ5NKeqdNWG28JCEaEXhTNxYxgoJzM8PFGe5jmUjWO0sAXAzdnZHyn +X7pwaySi0JpJkL9WFAnkhWj2lwatDZDy9trKwddxj0kQiWS3sVzuTuWGUicguuR LhWKsb3WuQ7fikxL5HJY =Rp5X -----END PGP SIGNATURE-----