dla-1{21,12,24,17}.wml

Lev Lamberov Wed, 22 Jun 2016 04:23:45 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2014/dla-112.wml 2016-04-09 01:32:21.000000000 +0500
+++ russian/security/2014/dla-112.wml   2016-06-22 16:16:19.529579532 +0500
@@ -1,16 +1,17 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ðµ Ð±ÐµÐ·Ð¾Ð¿Ð°ÑÐ½Ð¾ÑÑÐ¸ 
LTS</define-tag>
 <define-tag moreinfo>
- -<p>This update fixes a denial of service vulnerability in BIND, a DNS 
server.</p>
+<p>ÐÐ°Ð½Ð½Ð¾Ðµ Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ðµ Ð¸ÑÐ¿ÑÐ°Ð²Ð»ÑÐµÑ Ð¾ÑÐºÐ°Ð· Ð² 
Ð¾Ð±ÑÐ»ÑÐ¶Ð¸Ð²Ð°Ð½Ð¸Ð¸ Ð² BIND, ÑÐµÑÐ²ÐµÑÐµ DNS.</p>
 
- -<p>By making use of maliciously-constructed zones or a rogue server, an 
attacker
- -could exploit an oversight in the code BIND 9 used to follow delegations in
- -the Domain Name Service, causing BIND to issue unlimited queries in an 
attempt
- -to follow the delegation.</p>
+<p>ÐÑÐ¿Ð¾Ð»ÑÐ·ÑÑ ÑÐ¿ÐµÑÐ¸Ð°Ð»ÑÐ½Ð¾ ÑÑÐ¾ÑÐ¼Ð¸ÑÐ¾Ð²Ð°Ð½Ð½ÑÐµ 
Ð·Ð¾Ð½Ñ Ð¸Ð»Ð¸ ÑÐ¾Ð±ÑÑÐ²ÐµÐ½Ð½ÑÐ¹ ÑÐµÑÐ²ÐµÑ, Ð·Ð»Ð¾ÑÐ¼ÑÑÐ»ÐµÐ½Ð½Ð¸Ðº
+Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑÐ¿Ð¾Ð»ÑÐ·Ð¾Ð²Ð°ÑÑ Ð¾ÑÐ¸Ð±ÐºÑ Ð² ÐºÐ¾Ð´Ðµ BIND 9, 
Ð¸ÑÐ¿Ð¾Ð»ÑÐ·ÑÐµÐ¼Ð¾Ð¼ Ð´Ð»Ñ ÑÐ»ÐµÐ´Ð¾Ð²Ð°Ð½Ð¸Ñ Ð´ÐµÐ»ÐµÐ³Ð°ÑÐ¸ÑÐ¼
+Ð² ÑÐ»ÑÐ¶Ð±Ðµ Ð´Ð¾Ð¼ÐµÐ½Ð½ÑÑ Ð¸Ð¼ÑÐ½, ÑÑÐ¾ Ð¿ÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº 
ÑÐ¾Ð¼Ñ, ÑÑÐ¾ BIND Ð¾ÑÐ¿ÑÐ°Ð²Ð»ÑÐµÑ Ð½ÐµÐ¾Ð³ÑÐ°Ð½Ð¸ÑÐµÐ½Ð½Ð¾Ðµ 
ÐºÐ¾Ð»Ð¸ÑÐµÑÑÐ²Ð¾ Ð·Ð°Ð¿ÑÐ¾ÑÐ¾Ð² Ð² Ð¿Ð¾Ð¿ÑÑÐºÐµ
+ÑÐ»ÐµÐ´Ð¾Ð²Ð°Ð½Ð¸Ñ Ð´ÐµÐ»ÐµÐ³Ð°ÑÐ¸ÑÐ¼Ð¸.</p>
 
- -<p>This can lead to resource exhaustion and denial of service (up to and
- -including termination of the named server process).</p>
+<p>ÐÑÐ¾ Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑÐ¸Ð²Ð¾Ð´Ð¸ÑÑ Ðº Ð¸ÑÑÐ¾ÑÐµÐ½Ð¸Ñ ÑÐµÑÑÑÑÐ¾Ð² 
Ð¸ Ð¾ÑÐºÐ°Ð·Ñ Ð² Ð¾Ð±ÑÐ»ÑÐ¶Ð¸Ð²Ð°Ð½Ð¸Ð¸ (Ð²Ð¿Ð»Ð¾ÑÑ Ð´Ð¾
+Ð·Ð°Ð²ÐµÑÑÐµÐ½Ð¸Ñ Ð¿ÑÐ¾ÑÐµÑÑÐ° Ð¸Ð¼ÐµÐ½Ð¾Ð²Ð°Ð½Ð½Ð¾Ð³Ð¾ 
ÑÐµÑÐ²ÐµÑÐ°).</p>
 
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in bind9 
version 9.7.3.dfsg-1~squeeze13</p>
+<p>Ð Debian 6 <q>Squeeze</q> ÑÑÐ¸ Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±ÑÐ»Ð¸ 
Ð¸ÑÐ¿ÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² Ð¿Ð°ÐºÐµÑÐµ bind9 Ð²ÐµÑÑÐ¸Ð¸ 
9.7.3.dfsg-1~squeeze13</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2014/dla-117.wml 2016-04-09 01:32:21.000000000 +0500
+++ russian/security/2014/dla-117.wml   2016-06-22 16:22:54.764305584 +0500
@@ -1,24 +1,25 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov"
+<define-tag description>Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ðµ Ð±ÐµÐ·Ð¾Ð¿Ð°ÑÐ½Ð¾ÑÑÐ¸ 
LTS</define-tag>
 <define-tag moreinfo>
 
 <ul>
 
 <li><a 
href="https://security-tracker.debian.org/tracker/CVE-2011-3193";>CVE-2011-3193</a>
 
- -    <p>Check for buffer overflow in Lookup_MarkMarkPos that may cause crash
- -    in this function with certain fonts.</p></li>
+    <p>ÐÑÐ¾Ð²ÐµÑÐºÐ° Ð½Ð° Ð²Ð¾Ð·Ð¼Ð¾Ð¶Ð½Ð¾Ðµ Ð²Ð¾Ð·Ð½Ð¸ÐºÐ½Ð¾Ð²ÐµÐ½Ð¸Ðµ 
Ð¿ÐµÑÐµÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð±ÑÑÐµÑÐ° Ð² Lookup_MarkMarkPos, ÐºÐ¾ÑÐ¾ÑÐ¾Ðµ 
Ð¼Ð¾Ð¶ÐµÑ
+    Ð²ÑÐ·Ð²Ð°ÑÑ Ð°Ð²Ð°ÑÐ¸Ð¹Ð½ÑÑ Ð¾ÑÑÐ°Ð½Ð¾Ð²ÐºÑ Ð² ÑÑÐ¾Ð¹ 
ÑÑÐ½ÐºÑÐ¸Ð¸ Ð¿ÑÐ¸ ÑÐ°Ð±Ð¾ÑÐµ Ñ Ð¾Ð¿ÑÐµÐ´ÐµÐ»ÑÐ½Ð½ÑÐ¼Ð¸ 
ÑÑÐ¸ÑÑÐ°Ð¼Ð¸.</p></li>
 
 <li><a 
href="https://security-tracker.debian.org/tracker/CVE-2011-3194";>CVE-2011-3194</a>
 
- -    <p>Fix tiff reader to handle TIFFTAG_SAMPLESPERPIXEL for grayscale
- -    images. The reader uses QImage::Format_Indexed8, but since the samples
- -    per pixel value this should be (non-existent) QImage::Format_Indexed16,
- -    causing memory corruption. The fix falls back to the <q>normal</q> way of
- -    reading tiff images.</p></li>
+    <p>ÐÑÐ¿ÑÐ°Ð²Ð»ÐµÐ½Ð¸Ðµ ÐºÐ¾Ð´Ð° Ð´Ð»Ñ ÑÑÐµÐ½Ð¸Ñ tiff ÑÐ°Ðº, 
ÑÑÐ¾Ð±Ñ Ð¾Ð½ Ð¾Ð±ÑÐ°Ð±Ð°ÑÑÐ²Ð°Ð» TIFFTAG_SAMPLESPERPIXEL Ð´Ð»Ñ 
Ð¸Ð·Ð¾Ð±ÑÐ°Ð¶ÐµÐ½Ð¸Ð¹,
+    Ð¸ÑÐ¿Ð¾Ð»ÑÐ·ÑÑÑÐ¸Ñ Ð³ÑÐ°Ð´Ð°ÑÐ¸Ð¸ ÑÐµÑÐ¾Ð³Ð¾ Ð² ÐºÐ°ÑÐµÑÑÐ²Ðµ 
ÑÐ²ÐµÑÐ¾Ð²Ð¾Ð¹ Ð¿Ð°Ð»Ð¸ÑÑÑ. ÐÐ¾Ð´ Ð´Ð»Ñ ÑÑÐµÐ½Ð¸Ñ 
Ð¸ÑÐ¿Ð¾Ð»ÑÐ·ÑÐµÑ QImage::Format_Indexed8, Ð½Ð¾ Ð¿Ð¾ÑÐºÐ¾Ð»ÑÐºÑ 
Ð·Ð½Ð°ÑÐµÐ½Ð¸Ðµ
+    Ð¾Ð±ÑÐ°Ð·ÑÐ¾Ð² Ð½Ð° Ð¿Ð¸ÐºÑÐµÐ»Ñ Ð´Ð¾Ð»Ð¶Ð½Ð¾ Ð±ÑÑÑ 
(Ð½ÐµÑÑÑÐµÑÑÐ²ÑÑÑÐ¸Ð¼) QImage::Format_Indexed16,
+    ÑÐ¾ ÑÑÐ¾ Ð¿ÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº Ð¿Ð¾Ð²ÑÐµÐ¶Ð´ÐµÐ½Ð¸Ñ 
ÑÐ¾Ð´ÐµÑÐ¶Ð¸Ð¼Ð¾Ð³Ð¾ Ð¿Ð°Ð¼ÑÑÐ¸. ÐÑÐ¿ÑÐ°Ð²Ð»ÐµÐ½Ð¸Ðµ 
Ð¿ÑÐµÐ´ÑÑÐ°Ð²Ð»ÑÐµÑ ÑÐ¾Ð±Ð¾Ð¹ Ð¾ÑÐºÐ°Ñ Ðº <q>Ð½Ð¾ÑÐ¼Ð°Ð»ÑÐ½Ð¾Ð¼Ñ</q> 
ÑÐ¿Ð¾ÑÐ¾Ð±Ñ
+    ÑÑÐµÐ½Ð¸Ñ Ð¸Ð·Ð¾Ð±ÑÐ°Ð¶ÐµÐ½Ð¸Ð¹ tiff.</p></li>
 
 </ul>
 
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in qt4-x11 
version 4:4.6.3-4+squeeze2</p>
+<p>Ð Debian 6 <q>Squeeze</q> ÑÑÐ¸ Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±ÑÐ»Ð¸ 
Ð¸ÑÐ¿ÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² Ð¿Ð°ÐºÐµÑÐµ qt4-x11 Ð²ÐµÑÑÐ¸Ð¸ 4:4.6.3-4+squeeze2</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2014/dla-121.wml 2016-04-09 01:32:21.000000000 +0500
+++ russian/security/2014/dla-121.wml   2016-06-22 16:12:13.112980481 +0500
@@ -1,12 +1,13 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ðµ Ð±ÐµÐ·Ð¾Ð¿Ð°ÑÐ½Ð¾ÑÑÐ¸ 
LTS</define-tag>
 <define-tag moreinfo>
- -<p>Jose Duart of the Google Security Team discovered a double free flaw
- -(<a 
href="https://security-tracker.debian.org/tracker/CVE-2014-8137";>CVE-2014-8137</a>)
 and a heap-based buffer overflow flaw (<a 
href="https://security-tracker.debian.org/tracker/CVE-2014-8138";>CVE-2014-8138</a>)
- -in JasPer, a library for manipulating JPEG-2000 files. A specially
- -crafted file could cause an application using JasPer to crash or,
- -possibly, execute arbitrary code.</p>
+<p>Ð¥Ð¾ÑÐµ ÐÑÐ°ÑÑ Ð¸Ð· ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ Ð±ÐµÐ·Ð¾Ð¿Ð°ÑÐ½Ð¾ÑÑÐ¸ Google 
Ð¾Ð±Ð½Ð°ÑÑÐ¶Ð¸Ð» Ð´Ð²Ð¾Ð¹Ð½Ð¾Ðµ Ð¾ÑÐ²Ð¾Ð±Ð¾Ð¶Ð´ÐµÐ½Ð¸Ðµ Ð¿Ð°Ð¼ÑÑÐ¸
+(<a 
href="https://security-tracker.debian.org/tracker/CVE-2014-8137";>CVE-2014-8137</a>)
 Ð¸ Ð¿ÐµÑÐµÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ðµ Ð´Ð¸Ð½Ð°Ð¼Ð¸ÑÐµÑÐºÐ¾Ð¹ Ð¿Ð°Ð¼ÑÑÐ¸ (<a 
href="https://security-tracker.debian.org/tracker/CVE-2014-8138";>CVE-2014-8138</a>)
+Ð² JasPer, Ð±Ð¸Ð±Ð»Ð¸Ð¾ÑÐµÐºÐµ Ð´Ð»Ñ ÑÐ°Ð±Ð¾ÑÑ Ñ ÑÐ°Ð¹Ð»Ð°Ð¼Ð¸ Ð² 
ÑÐ¾ÑÐ¼Ð°ÑÐµ JPEG-2000. Ð¡Ð¿ÐµÑÐ¸Ð°Ð»ÑÐ½Ð¾
+ÑÑÐ¾ÑÐ¼Ð¸ÑÐ¾Ð²Ð°Ð½Ð½ÑÐ¹ ÑÐ°Ð¹Ð» Ð¼Ð¾Ð¶ÐµÑ Ð²ÑÐ·Ð²Ð°ÑÑ 
Ð°Ð²Ð°ÑÐ¸Ð¹Ð½ÑÑ Ð¾ÑÑÐ°Ð½Ð¾Ð²ÐºÑ Ð¿ÑÐ¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ, 
Ð¸ÑÐ¿Ð¾Ð»ÑÐ·ÑÑÑÐµÐ³Ð¾ JasPer, Ð¸Ð»Ð¸
+Ð²Ð¾Ð·Ð¼Ð¾Ð¶Ð½Ð¾Ðµ Ð²ÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ðµ Ð¿ÑÐ¾Ð¸Ð·Ð²Ð¾Ð»ÑÐ½Ð¾Ð³Ð¾ 
ÐºÐ¾Ð´Ð°.</p>
 
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in jasper 
version 1.900.1-7+squeeze3</p>
+<p>Ð Debian 6 <q>Squeeze</q> ÑÑÐ¸ Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±ÑÐ»Ð¸ 
Ð¸ÑÐ¿ÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² Ð¿Ð°ÐºÐµÑÐµ jasper Ð²ÐµÑÑÐ¸Ð¸ 1.900.1-7+squeeze3</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2014/dla-124.wml 2016-04-09 01:32:21.000000000 +0500
+++ russian/security/2014/dla-124.wml   2016-06-22 16:18:27.750239293 +0500
@@ -1,13 +1,14 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ðµ Ð±ÐµÐ·Ð¾Ð¿Ð°ÑÐ½Ð¾ÑÑÐ¸ 
LTS</define-tag>
 <define-tag moreinfo>
- -<p>Michele Spagnuolo of the Google Security Team discovered that unzip, an
- -extraction utility for archives compressed in .zip format, is affected
- -by heap-based buffer overflows within the CRC32 verification function
- -(<a 
href="https://security-tracker.debian.org/tracker/CVE-2014-8139";>CVE-2014-8139</a>),
 the test_compr_eb() function (<a 
href="https://security-tracker.debian.org/tracker/CVE-2014-8140";>CVE-2014-8140</a>)
 and the
- -getZip64Data() function (<a 
href="https://security-tracker.debian.org/tracker/CVE-2014-8141";>CVE-2014-8141</a>),
 which may lead to the execution
- -of arbitrary code.</p>
+<p>ÐÐ¸ÑÐµÐ»Ñ Ð¡Ð¿Ð°Ð³Ð½ÑÐ¾Ð»Ð¾ Ð¸Ð· ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ 
Ð±ÐµÐ·Ð¾Ð¿Ð°ÑÐ½Ð¾ÑÑÐ¸ Google Ð¾Ð±Ð½Ð°ÑÑÐ¶Ð¸Ð», ÑÑÐ¾ unzip,
+ÑÑÐ¸Ð»Ð¸ÑÐ° Ð´Ð»Ñ ÑÐ°ÑÐ¿Ð°ÐºÐ¾Ð²ÐºÐ¸ Ð°ÑÑÐ¸Ð²Ð¾Ð² Ð² ÑÐ¾ÑÐ¼Ð°ÑÐµ 
.zip, ÑÐ¾Ð´ÐµÑÐ¶Ð¸Ñ
+Ð¿ÐµÑÐµÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð´Ð¸Ð½Ð°Ð¼Ð¸ÑÐµÑÐºÐ¾Ð¹ Ð¿Ð°Ð¼ÑÑÐ¸ Ð² 
ÑÑÐ½ÐºÑÐ¸Ð¸ Ð¿ÑÐ¾Ð²ÐµÑÐºÐ¸ CRC32
+(<a 
href="https://security-tracker.debian.org/tracker/CVE-2014-8139";>CVE-2014-8139</a>),
 ÑÑÐ½ÐºÑÐ¸Ð¸ test_compr_eb() (<a 
href="https://security-tracker.debian.org/tracker/CVE-2014-8140";>CVE-2014-8140</a>)
 Ð¸ ÑÑÐ½ÐºÑÐ¸Ð¸
+getZip64Data() (<a 
href="https://security-tracker.debian.org/tracker/CVE-2014-8141";>CVE-2014-8141</a>),
 ÑÑÐ¾ Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑÐ¸Ð²Ð¾Ð´Ð¸ÑÑ Ðº Ð²ÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ
+Ð¿ÑÐ¾Ð¸Ð·Ð²Ð¾Ð»ÑÐ½Ð¾Ð³Ð¾ ÐºÐ¾Ð´Ð°.</p>
 
- -<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in unzip 
version 6.0-4+deb6u1</p>
+<p>Ð Debian 6 <q>Squeeze</q> ÑÑÐ¸ Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±ÑÐ»Ð¸ 
Ð¸ÑÐ¿ÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² Ð¿Ð°ÐºÐµÑÐµ unzip Ð²ÐµÑÑÐ¸Ð¸ 6.0-4+deb6u1</p>
 </define-tag>
 
 # do not modify the following line
-----BEGIN PGP SIGNATURE-----


iQIcBAEBCgAGBQJXanUTAAoJEF7nbuICFtKlXTgP/RG7AZpVwvSVmZHGgNxR945j
qJh6ZslA527acmtLJ7XzXyXVIh2NCiHTPEdSd3ZqeJk9cPD5CwTt9SGUAcpuXbLj
ojqxrv3FR3EGSca6S3q7Gicl0L2fcvUCLL61drvdlAG8VSv6Ir//UT9A4SFKy/Fb
C4U9gfOlJrcMJEYOXD6Mn6Dfbr6qGj6XzFUMJvzZXxfAgqw2TWrLwdiXE+1ovwnG
3ChJhDWC52b4bOEJ6yPpdcjjSJPV2Jnal3rMoZe67AgeJ/ORjBKBo6Fi8nP0Q9uW
txWeq2or6ZjMrO83bTCqf6L9Y4mGGS9ISDLCGfUdVAEY0P8k+sX12YTKe6CwJxcQ
lQBLC0EcslPeYJLN3DJqXp/ww/NUdbHwaiopfETUygASWdAIgJSfZM9nh66fm5CQ
VlTsU6QK866bLiDe6LuQ82w+Np8pAquF1UvnVKwkRInl5UCNjEQEZeB9O9+LqzeJ
aNiCH4sPt03o7zvurn+DNZN5wgDjxZ4i9oaGnR3QVL0Jx5mvdNuagfNHYMwPM9T7
INajZ8dvgFbkvTIGHOUXX1ElGR1sRa5WJxkeMtJUE7TzO5awUhRVjdTjbG0FCTpZ
tO4tNhkz9c/5NrjQJUY9cq5OG9FI6+MVWQWDA95/3zgO2oc3TIhCADVtAnzf8zH1
T1HSjHuxQWcEzNRqtlZZ
=j4LM
-----END PGP SIGNATURE-----

[DONE] wml://security/2014/dla-1{21,12,24,17}.wml

Ответить