-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2015/dla-140.wml 2016-04-09 01:32:23.000000000 +0500 +++ russian/security/2015/dla-140.wml 2016-05-04 11:50:35.517767132 +0500 @@ -1,35 +1,36 @@ - -<define-tag description>LTS security update</define-tag> +#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи LTS</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities have been fixed in rpm:</p> +<p>Ð rpm бÑло обнаÑÑжено неÑколÑко ÑÑзвимоÑÑей:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-8118">CVE-2014-8118</a> - - <p>Fix integer overflow which allowed remote attackers to execute arbitrary - - code.</p></li> + <p>ÐÑпÑавление пеÑÐµÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ ÑелÑÑ ÑиÑел, позволÑÑÑего ÑдалÑннÑм злоÑмÑÑленникам вÑполнÑÑÑ Ð¿ÑоизволÑнÑй + код.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2013-6435">CVE-2013-6435</a> - - <p>Prevent remote attackers from executing arbitrary code via crafted - - RPM files.</p></li> + <p>ÐÑедоÑвÑаÑение вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода ÑдалÑннÑми злоÑмÑÑленниками Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ ÑпеÑиалÑно + ÑÑоÑмиÑованнÑÑ Ñайлов RPM.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-0815">CVE-2012-0815</a> - - <p>Fix denial of service and possible code execution via negative value in - - region offset in crafted RPM files.</p></li> + <p>ÐÑпÑавление оÑказа в обÑлÑживании и возможного вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ ÐºÐ¾Ð´Ð° Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ Ð¾ÑÑиÑаÑелÑного знаÑÐµÐ½Ð¸Ñ Ð² + оÑÑÑÑпе Ñегиона в ÑпеÑиалÑно ÑÑоÑмиÑованнÑÑ ÑÐ°Ð¹Ð»Ð°Ñ RPM.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2012-0060">CVE-2012-0060</a> - -<p>and <a href="https://security-tracker.debian.org/tracker/CVE-2012-0061">CVE-2012-0061</a></p> +<p>и <a href="https://security-tracker.debian.org/tracker/CVE-2012-0061">CVE-2012-0061</a></p> - - <p>Prevent denial of service (crash) and possibly execute arbitrary code - - execution via an invalid region tag in RPM files.</p></li> + <p>ÐÑедоÑвÑаÑение оÑказа в обÑлÑживании (аваÑÐ¸Ð¹Ð½Ð°Ñ Ð¾ÑÑановка) и возможного вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного + кода Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ Ð½ÐµÐ¿ÑавилÑного Ñега Ñегиона в ÑÐ°Ð¹Ð»Ð°Ñ RPM.</p></li> </ul> - -<p>We recommend that you upgrade your rpm packages.</p> - -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in rpm version 4.8.1-6+squeeze2</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ rpm.</p> +<p>Ð Debian 6 <q>Squeeze</q> ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² rpm веÑÑии 4.8.1-6+squeeze2</p> </define-tag> # do not modify the following line - --- english/security/2015/dla-373.wml 2016-04-08 01:24:54.000000000 +0500 +++ russian/security/2015/dla-373.wml 2016-05-04 11:47:01.440898963 +0500 @@ -1,19 +1,20 @@ - -<define-tag description>LTS security update</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи LTS</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities were discovered in libxml2, a library providing - -support to read, modify and write XML and HTML files. A remote attacker - -could provide a specially crafted XML or HTML file that, when processed - -by an application using libxml2, would cause that application to use an - -excessive amount of CPU, leak potentially sensitive information, or - -crash the application.</p> +<p>Ð libxml2, библиоÑеке, пÑедоÑÑавлÑÑÑей поддеÑÐ¶ÐºÑ ÑÑениÑ, Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ Ð¸ запиÑи +Ñайлов XML и HTML, бÑло обнаÑÑжено неÑколÑко ÑÑзвимоÑÑей. УдалÑннÑй злоÑмÑÑленник +Ð¼Ð¾Ð¶ÐµÑ Ð¿ÐµÑедаÑÑ ÑпеÑиалÑно ÑÑоÑмиÑованнÑй Ñайл XML или HTML, коÑоÑÑй пÑи его обÑабоÑке +пÑиложением, иÑполÑзÑÑÑим libxml2, пÑиведÑÑ Ðº иÑполÑÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ ÑÑезмеÑного колиÑеÑÑва ÑеÑÑÑÑов ЦÐ, +ÑÑеÑке ÑÑвÑÑвиÑелÑной инÑоÑмаÑии или аваÑийной оÑÑановке +пÑиложениÑ.</p> <ul> - -<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-5312">CVE-2015-5312</a>: <p>CPU exhaustion when processing specially crafted XML input.</p></li> - -<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7497">CVE-2015-7497</a>: <p>Heap-based buffer overflow in xmlDictComputeFastQKey.</p></li> - -<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7498">CVE-2015-7498</a>: <p>Heap-based buffer overflow in xmlParseXmlDecl.</p></li> - -<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7499">CVE-2015-7499</a>: <p>Heap-based buffer overflow in xmlGROW.</p></li> - -<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7500">CVE-2015-7500</a>: <p>Heap buffer overflow in xmlParseMisc.</p></li> +<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-5312">CVE-2015-5312</a>: <p>ЧÑезмеÑное поÑÑебление ÑеÑÑÑÑов ЦРпÑи обÑабоÑке ÑпеÑиалÑно ÑÑоÑмиÑованнÑÑ Ð²Ñ Ð¾Ð´Ð½ÑÑ Ð´Ð°Ð½Ð½ÑÑ XML.</p></li> +<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7497">CVE-2015-7497</a>: <p>ÐеÑеполнение динамиÑеÑкой памÑÑи в xmlDictComputeFastQKey.</p></li> +<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7498">CVE-2015-7498</a>: <p>ÐеÑеполнение динамиÑеÑкой памÑÑи в xmlParseXmlDecl.</p></li> +<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7499">CVE-2015-7499</a>: <p>ÐеÑеполнение динамиÑеÑкой памÑÑи в xmlGROW.</p></li> +<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-7500">CVE-2015-7500</a>: <p>ÐеÑеполнение динамиÑеÑкой памÑÑи в xmlParseMisc.</p></li> </ul> </define-tag> -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXKZvAAAoJEF7nbuICFtKlPDcP/3JJAQtq3PGc/r2eRuU8VINZ GwNbxByERVWOElmqSXkCGoLnIIlAGZdawFVoAFSlX0MhLfJGBzrL3lgZ4AH8hn3S 507XAjjkvMyn9VV3TWC+RVbpGnEQMhjn/WzaxrKru8z6X9V35qQE5DjAKpfJpyoF 1uO36UaAg70wG7RerxMWDzqZasXoRmnFcRs8xwQWTpNPZ6V21kxZ+NOYCYA7t8Z2 OhLYQEMxNH1EtR/dykg1jr2T4diQpGjJXkiLf0TDQq7YEow1TAjLys4GZQFCK0ZY ffcZyDSlFvZ8aXs2kqE6YwuLho30kay02a0D0x/Xo37BJCOF5A6XSZGjEUptLY97 hQlhcRpHaph2tg2+aj2nfW3DVfPCmnXJ3uq9jTjadWQDxWNgOKg3/xPkPuL03LHg pJiDMad6j8Pt5QAyeWP9Ix/HPHX24mnGfA7vXz2jdMPPfIbcMoK2j2ntGbC17DyW 2kUl6EfLVVP8rqo/CCPHuPIgj26rDX6IZe3a5J0OQzS041/BQuyxC7ZBNyaOltcc 7XDaM9Pq5lEC2IwAzibarKzRTWBcPghOwdmPZiHegCB26e5Km85DISbkGpSWsMTj 7zreYVOwh4SfaMyvd4xVEexgPOwaZF2c8EuaXhoS5pi5kB/N801mu/KH6stI9Khq nP1i2qZjYxTQBWx7sQFn =WraI -----END PGP SIGNATURE-----