-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2011/dsa-2190.wml 2014-04-30 13:16:24.000000000 +0600 +++ russian/security/2011/dsa-2190.wml 2016-09-05 23:07:48.865226457 +0500 @@ -1,38 +1,39 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Two XSS bugs and one potential information disclosure issue were discovered - -in WordPress, a weblog manager. - -The Common Vulnerabilities and Exposures project identifies the - -following problems:</p> +<p>Ðве XSS-оÑибки и одна поÑенÑиалÑÐ½Ð°Ñ Ð¿Ñоблема Ñ ÑаÑкÑÑÑием инÑоÑмаÑии бÑли обнаÑÑÐ¶ÐµÐ½Ñ +в WordPress, менеджеÑе блога. +ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and Exposures опÑеделÑÐµÑ +ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-0700">CVE-2011-0700</a> - - <p>Input passed via the post title when performing a <q>Quick Edit</q> or - - <q>Bulk Edit</q> action and via the <q>post_status</q>, <q>comment_status</q>, - - and <q>ping_status</q> parameters is not properly sanitised before being used. - - Certain input passed via tags in the tags meta-box is not properly sanitised - - before being returned to the user.</p></li> + <p>ÐÑ Ð¾Ð´Ð½Ñе даннÑе, пеÑеданнÑе ÑеÑез заголовок ÑообÑÐµÐ½Ð¸Ñ Ð² Ð¼Ð¾Ð¼ÐµÐ½Ñ Ð²ÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð´ÐµÐ¹ÑÑвий <q>Quick Edit</q> или + <q>Bulk Edit</q>, а Ñакже ÑеÑез паÑамеÑÑÑ <q>post_status</q>, <q>comment_status</q> + и <q>ping_status</q>, непÑавилÑно оÑиÑаÑÑÑÑ Ð´Ð¾ моменÑа Ð¸Ñ Ð¸ÑполÑзованиÑ. + ÐпÑеделÑннÑе Ð²Ñ Ð¾Ð´Ð½Ñе даннÑе, пеÑеданнÑе ÑеÑез Ñеги в меÑаполе Ñегов, оÑиÑаÑÑÑÑ Ð½ÐµÐ¿ÑавилÑно + до Ð¸Ñ Ð²Ð¾Ð·Ð²ÑаÑа полÑзоваÑелÑ.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-0701">CVE-2011-0701</a> - - <p>WordPress incorrectly enforces user access restrictions when accessing posts - - via the media uploader and can be exploited to disclose the contents - - of e.g. private or draft posts.</p></li> + <p>WordPress некоÑÑекÑно ÑÑÑÐ°Ð½Ð°Ð²Ð»Ð¸Ð²Ð°ÐµÑ Ð¿Ð¾Ð»ÑзоваÑелÑÑкие огÑаниÑÐµÐ½Ð¸Ñ Ð´Ð¾ÑÑÑпа пÑи обÑаÑении к + ÑообÑениÑм ÑеÑез загÑÑзÑик медиа, ÑÑо Ð¼Ð¾Ð¶ÐµÑ Ð¸ÑполÑзоваÑÑÑÑ Ð´Ð»Ñ ÑаÑкÑÑÑÐ¸Ñ ÑодеÑжимого, + напÑимеÑ, закÑÑÑÑÑ Ð¸Ð»Ð¸ ÑеÑновÑÑ ÑообÑений.</p></li> </ul> - -<p>The oldstable distribution (lenny) is not affected by these problems.</p> +<p>ÐÑедÑдÑÑий ÑÑабилÑнÑй вÑпÑÑк (lenny) не подвеÑжен ÑÑим пÑоблемам.</p> - -<p>For the stable distribution (squeeze), these problems have been fixed in - -version 3.0.5+dfsg-0+squeeze1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 3.0.5+dfsg-0+squeeze1.</p> - -<p>For the testing distribution (wheezy), and the unstable distribution (sid), - -these problems have been fixed in version 3.0.5+dfsg-1.</p> +<p>Ð ÑеÑÑиÑÑемом (wheezy) и неÑÑабилÑном (sid) вÑпÑÑÐºÐ°Ñ +ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² веÑÑии 3.0.5+dfsg-1.</p> - -<p>We recommend that you upgrade your wordpress packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ wordpress.</p> </define-tag> # do not modify the following line - --- english/security/2011/dsa-2337.wml 2014-04-30 13:16:25.000000000 +0600 +++ russian/security/2011/dsa-2337.wml 2016-09-05 23:00:34.293608103 +0500 @@ -1,37 +1,38 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.4" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities were discovered in the Xen virtual machine - -hypervisor.</p> +<p>Ð Xen, гипеÑвизоÑе виÑÑÑалÑнÑÑ Ð¼Ð°Ñин, бÑло обнаÑÑжено неÑколÑко +ÑÑзвимоÑÑей.</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-1166">CVE-2011-1166</a> - - <p>A 64-bit guest can get one of its vCPUs into non-kernel - - mode without first providing a valid non-kernel pagetable, - - thereby locking up the host system.</p></li> + <p>64-биÑнÑе гоÑÑевÑе ÑиÑÑÐµÐ¼Ñ Ð¼Ð¾Ð³ÑÑ Ð¿ÐµÑевеÑÑи один из ÑÐ²Ð¾Ð¸Ñ Ð²Ð¸ÑÑÑалÑнÑÑ Ð¦Ð Ð² не-ÑдеÑнÑй + Ñежим без пÑедоÑÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ ÐºÐ¾ÑÑекÑной не-ÑдеÑной ÑаблиÑÑ ÑÑÑаниÑ, + ÑÑо пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº завиÑÐ°Ð½Ð¸Ñ Ð¾Ñновной ÑиÑÑемÑ.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-1583">CVE-2011-1583</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2011-3262">CVE-2011-3262</a> - - <p>Local users can cause a denial of service and possibly execute - - arbitrary code via a crafted paravirtualised guest kernel image.</p></li> + <p>ÐокалÑнÑе полÑзоваÑели могÑÑ Ð²ÑзÑваÑÑ Ð¾Ñказ в обÑлÑживании и возможное вÑполнение + пÑоизволÑного кода Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ ÑпеÑиалÑно ÑÑоÑмиÑованного обÑаза ÑдÑа паÑавиÑÑÑализиÑованной гоÑÑевой ÑиÑÑемÑ.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-1898">CVE-2011-1898</a> - - <p>When using PCI passthrough on Intel VT-d chipsets that do not - - have interrupt remapping, guest OS users can gain host OS - - privileges by writing to the interrupt injection registers.</p></li> + <p>ÐÑи иÑполÑзовании пÑобÑоÑа PCI на набоÑÐ°Ñ Ð¼Ð¸ÐºÑоÑÑ ÐµÐ¼ Intel VT-d, не имеÑÑÐ¸Ñ + пеÑеÑаÑпÑÐµÐ´ÐµÐ»ÐµÐ½Ð¸Ñ Ð¿ÑеÑÑваний, полÑзоваÑели гоÑÑевой ÐС могÑÑ Ð¿Ð¾Ð»ÑÑиÑÑ Ð¿Ñава + оÑновной ÐС пÑÑÑм запиÑи в ÑегиÑÑÑÑ Ð²Ð²Ð¾Ð´Ð° пÑеÑÑваний.</p></li> </ul> - -<p>The oldstable distribution (lenny) contains a different version of Xen - -not affected by these problems.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (lenny) имееÑÑÑ Ð´ÑÑÐ³Ð°Ñ Ð²ÐµÑÑÐ¸Ñ Xen, +коÑоÑÐ°Ñ Ð½Ðµ подвеÑжена ÑÑим пÑоблемам.</p> - -<p>For the stable distribution (squeeze), this problem has been fixed in - -version 4.0.1-4.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 4.0.1-4.</p> - -<p>For the testing (wheezy) and unstable distribution (sid), this problem - -has been fixed in version 4.1.1-1.</p> +<p>Ð ÑеÑÑиÑÑемом (wheezy) и неÑÑабилÑном (sid) вÑпÑÑÐºÐ°Ñ ÑÑа пÑоблема +бÑла иÑпÑавлена в веÑÑии 4.1.1-1.</p> <p>We recommend that you upgrade your xen packages.</p> </define-tag> -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXzbR4AAoJEF7nbuICFtKlcOIP+wdryX62/NrTDG7iVYVyLMou mxSPzdk2QtY4roPz1kFGcFRhCeu92bZViIs2OaDNbd2qqBeMVvzqIT3+lR7qQO0C nfmZx7fqjyuQX/Emg6cKj3AIqiRJAP7XQh6prwH6DCGuXtYxDHSahB8NQ83isvb6 9tqTBUr9a/3f2NqFOtdGiyFF30JlnVTJX+KSHx0N9BLlmXbkxPi245RMQT/nd1dT vWsWmBkjEWOx9SaVg/Pmd9J0lYa8Zj/K4c9836wJEdfRqpg5ttJDwHKFNo7viUv9 o0C1wvDs4d+aJpWhmJXCfC8xpCEaBdjXJCzGXWIiSDbDfHtmE2UF/gAa/Mwc3gDW w++eumOYFb65FmgQS2/AKfkTCcfD7F4fjpVQyPZcGR+BVVCUBxAn13KTgfI9/TvX SvNBmbPHJofBAVPVqVS6mZ6jxknQvDg8wgtBgLE7+seOaeIcMMf1VK8B0pNU4xo0 dr8IFRn01Z1aCQ6SoID7cBpi17UO8pj7oqv8U3mTdkN3zChqOkqQxkyAaW89G8yq jNAXT6pqY0EJGu/JQlJbZqbjR4IQa1kpgTGdoi+u5Jzw6PngsFb8yWvDeU6Dr6F2 ZYFPfIDVtP5+7PThSEtxHxvu/9/1Y87ZoFu/U9EgxeaEjIgVGdlGx87Bw3X2AxMh GK2UBMR2ub9Rz1qplv0A =2tMa -----END PGP SIGNATURE-----