-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2015/dla-175.wml 2016-04-09 01:32:24.000000000 +0500 +++ russian/security/2015/dla-175.wml 2016-05-04 13:49:51.258453880 +0500 @@ -1,38 +1,39 @@ - -<define-tag description>LTS security update</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи LTS</define-tag> <define-tag moreinfo> - -<p>Multiple vulnerabilities were discovered in GnuPG, the GNU Privacy Guard:</p> +<p>Ð GnuPG, GNU Privacy Guard, бÑли обнаÑÑÐ¶ÐµÐ½Ñ Ð¼Ð½Ð¾Ð³Ð¾ÑиÑленнÑе ÑÑзвимоÑÑи:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2014-3591">CVE-2014-3591</a> - - <p>The Elgamal decryption routine was susceptible to a side-channel - - attack discovered by researchers of Tel Aviv University. Ciphertext - - blinding was enabled to counteract it. Note that this may have a quite - - noticeable impact on Elgamal decryption performance.</p></li> + <p>ФÑнкÑÐ¸Ñ ÑаÑÑиÑÑовки Elgamal Ð¼Ð¾Ð¶ÐµÑ Ð±ÑÑÑ Ð¿Ð¾Ð´Ð²ÐµÑжена аÑаке ÑеÑез ÑÑоÑонний + канал, ÑÑо бÑло обнаÑÑжено иÑÑледоваÑелÑми из ТелÑ-ÐвивÑкого ÑнивеÑÑиÑеÑе. ÐÐ»Ñ Ñого, ÑÑÐ¾Ð±Ñ + пÑоÑивоÑÑоÑÑÑ ÑÑой пÑоблеме бÑла вклÑÑена маÑкиÑовка ÑиÑÑоÑекÑÑа. ÐамеÑÑÑе, ÑÑо ÑÑо ÑилÑно + влиÑÐµÑ Ð½Ð° пÑоизводиÑелÑноÑÑÑ ÑаÑÑиÑÑовки Elgamal.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-0837">CVE-2015-0837</a> - - <p>The modular exponentiation routine mpi_powm() was susceptible to a - - side-channel attack caused by data-dependent timing variations when - - accessing its internal pre-computed table.</p></li> + <p>ФÑнкÑÐ¸Ñ mpi_powm() Ð´Ð»Ñ Ð¼Ð¾Ð´ÑлÑного поÑенÑиÑÐ¾Ð²Ð°Ð½Ð¸Ñ Ð¼Ð¾Ð¶ÐµÑ Ð±ÑÑÑ Ð¿Ð¾Ð´Ð²ÐµÑжена аÑаке + ÑеÑез ÑÑоÑонний канал, ÑÑо вÑзвано ваÑиаÑиÑми Ñаймингов в завиÑимоÑÑи Ð¾Ñ Ð´Ð°Ð½Ð½Ñе пÑи + обÑаÑении к внÑÑÑенней пÑедваÑиÑелÑно вÑÑиÑленной ÑаблиÑе.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-1606">CVE-2015-1606</a> - - <p>The keyring parsing code did not properly reject certain packet types - - not belonging in a keyring, which caused an access to memory already - - freed. This could allow remote attackers to cause a denial of service - - (crash) via crafted keyring files.</p></li> + <p>Ðод Ð´Ð»Ñ Ð³ÑаммаÑиÑеÑкого ÑазбоÑа бÑелоков клÑÑей непÑавилÑно оÑклонÑÐµÑ Ð¾Ð¿ÑеделÑннÑе ÑÐ¸Ð¿Ñ Ð¿Ð°ÐºÐµÑов, + не оÑноÑÑÑÐ¸Ñ ÑÑ Ðº бÑелокÑ, ÑÑо пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº обÑаÑÐµÐ½Ð¸Ñ Ðº памÑÑи, коÑоÑÐ°Ñ Ñже бÑла + оÑвобождена. ÐÑо Ð¼Ð¾Ð¶ÐµÑ Ð¿Ð¾Ð·Ð²Ð¾Ð»Ð¸ÑÑ ÑдалÑннÑм злоÑмÑÑленникам вÑзваÑÑ Ð¾Ñказ в обÑлÑживании + (аваÑÐ¸Ð¹Ð½Ð°Ñ Ð¾ÑÑановка) Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ ÑпеÑиалÑно ÑÑоÑмиÑованнÑÑ Ñайлов бÑелоков клÑÑей.</p></li> </ul> - -<p>For the oldstable distribution (squeeze), those problems have been fixed in - -version 1.4.10-4+squeeze7.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 1.4.10-4+squeeze7.</p> - -<p>For the stable distribution (wheezy), these problems have been fixed in - -version 1.4.12-7+deb7u7.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (wheezy) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 1.4.12-7+deb7u7.</p> - -<p>We recommend that you upgrade your gnupg packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ gnupg.</p> </define-tag> # do not modify the following line - --- english/security/2015/dla-294.wml 2016-04-08 01:24:54.000000000 +0500 +++ russian/security/2015/dla-294.wml 2016-05-04 13:55:13.629715021 +0500 @@ -1,41 +1,42 @@ - -<define-tag description>LTS security update</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи LTS</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities have been fixed in Wordpress, the popular - -blogging engine.</p> +<p>Ð Wordpress, попÑлÑÑном движке Ð²ÐµÐ´ÐµÐ½Ð¸Ñ Ð±Ð»Ð¾Ð³Ð°, бÑло обнаÑÑжено +неÑколÑко ÑÑзвимоÑÑей.</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-2213">CVE-2015-2213</a> - - <p>SQL Injection allowed a remote attacker to compromise the site.</p></li> + <p>SQL-инÑекÑÐ¸Ñ Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÐµÑ ÑдалÑÐ½Ð½Ð¾Ð¼Ñ Ð·Ð»Ð¾ÑмÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÑ ÐºÐ¾Ð¼Ð¿ÑомеÑиÑоваÑÑ ÑайÑ.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-5622">CVE-2015-5622</a> - - <p>The robustness of the shortcodes HTML tags filter has been - - improved. The parsing is a bit more strict, which may affect - - your installation. This is the corrected version of the patch - - that needed to be reverted in DSA 3328-2.</p></li> + <p>ÐÑла ÑлÑÑÑена надÑжноÑÑÑ ÑилÑÑÑа кÑаÑÐºÐ¸Ñ Ñегов + HTML. ÐÑаммаÑиÑеÑкий ÑÐ°Ð·Ð±Ð¾Ñ ÑÑал более ÑÑÑогим, ÑÑо Ð¼Ð¾Ð¶ÐµÑ Ð¿Ð¾Ð²Ð»Ð¸ÑÑÑ + на ваÑи наÑÑÑойки. ÐÑо иÑпÑÐ°Ð²Ð»ÐµÐ½Ð½Ð°Ñ Ð²ÐµÑÑÐ¸Ñ Ð·Ð°Ð¿Ð»Ð°ÑÑ, + коÑоÑÑÑ Ð½Ñжно бÑло оÑмениÑÑ Ð² DSA 3328-2.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-5731">CVE-2015-5731</a> - - <p>An attacker could lock a post that was being edited.</p></li> + <p>ÐлоÑмÑÑленник Ð¼Ð¾Ð¶ÐµÑ Ð·Ð°ÐºÑÑÑÑ ÑедакÑиÑÑемое ÑообÑение.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-5732">CVE-2015-5732</a> - - <p>Cross site scripting in a widget title allows an attacker to - - steal sensitive information.</p></li> + <p>ÐежÑайÑовÑй ÑкÑипÑинг в заголовке виджеÑа позволÑÐµÑ Ð·Ð»Ð¾ÑмÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÑ + кÑаÑÑÑ ÑÑвÑÑвиÑелÑнÑÑ Ð¸Ð½ÑоÑмаÑиÑ.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2015-5734">CVE-2015-5734</a> - - <p>Fix some broken links in the legacy theme preview.</p></li> + <p>ÐÑпÑавление неÑколÑÐºÐ¸Ñ ÑломаннÑÑ ÑÑÑлок в пÑедваÑиÑелÑном пÑоÑмоÑÑе ÑÐµÐ¼Ñ legacy.</p></li> </ul> - -<p>The issues were discovered by Marc-Alexandre Montpas of Sucuri, Helen - -Hou-Sandà of the WordPress security team, Netanel Rubin of Check Point, - -Ivan Grigorov, Johannes Schmitt of Scrutinizer and Mohamed A. Baset.</p> +<p>ÐÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли обнаÑÑÐ¶ÐµÐ½Ñ ÐаÑком-ÐлекÑандÑом ÐонпаÑом из Sucuri, Хелен +ХоÑ-Санди из ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ Ð±ÐµÐ·Ð¾Ð¿Ð°ÑноÑÑи WordPress, ÐÑÑанелем Рабином из Check Point, +Ðваном ÐÑигоÑовÑм, ÐÐ¾Ñ Ð°Ð½Ð½ÐµÑом ШмиÑÑом из Scrutinizer и ÐÐ¾Ñ Ð°Ð¼ÐµÐ´Ð¾Ð¼ ÐаÑе.</p> - -<p>We recommend that you upgrade your wordpress packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ wordpress.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXKbj0AAoJEF7nbuICFtKl0gcP/RR7DePChkQ9n20lHLYq9HXa snjJUWyAvi59/DGIKx6dbPmvU9ayxCk3+smfBm1mZBBkwCk9tMBIwzYWSqQ3FWiI URlf6EpIwKqX0wN1AhI0ov+MRi3kDv6iyc2OhBJVsgS9quraYI4LWKNQS+aJZde4 dP6B/e2wNowlvdKiR1aCel/V2qYqHOrp+KtNnwB6gpQO9i5ZWccoy+zztgQb/SOc jQukQpe4EwsyOAQbuw3YT3EUQL2SFIlE/CX2xIaE3A1MtJAgIRBrNFsw1u6v/uO1 o4muwECmNRpXqxqDvhDKeTkU+cS6rijg6LR8B0X7i3vD9gLkGTPiw0ZBENaFIzSD 1V2ELJiyphV/BdXAQDS4l9WkPSLhIlQ1MeOUL0RVkgJzACyyWcBs1bVytHcFYlRv 4EKGo1Ooz8XnPr9z4JfUFNPhUl2q4mBVo9wllu4E8HPYVQPUYB+aXwU45kJ3+FA9 A7FnUzHWvNlm8yI6YowE5BQMrFR4TlEJTaczTMNL2CGsY/WjV3ndDKRD1/WfBbz8 ubYE5NQ7koNTiHnI1R3bPLz3YBl+6eyg6hPTfs++CQBmNxtgLRjqOUKrQulTv4no 59OAnc6TyGMJLdWMIw5AcxUlH4bpx3hGQJhEEBdT7U5zWEmU8Kce8/q2BVltlRT9 LNrYSloCy+EPHIWpxN0p =mVno -----END PGP SIGNATURE-----