-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2006/dsa-1073.wml 2014-04-30 13:16:09.000000000 +0600 +++ russian/security/2006/dsa-1073.wml 2016-12-20 11:11:34.220979508 +0500 @@ -1,35 +1,36 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.5" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities have been discovered in MySQL, a popular SQL - -database. The Common Vulnerabilities and Exposures Project identifies - -the following problems:</p> +<p>Ð MySQL, попÑлÑÑной базе даннÑÑ SQL, бÑло обнаÑÑжено неÑколÑко +ÑÑзвимоÑÑей. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and Exposures опÑеделÑÐµÑ +ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2006-0903">CVE-2006-0903</a> - - <p>Improper handling of SQL queries containing the NULL character - - allows local users to bypass logging mechanisms.</p></li> + <p>ÐекоÑÑекÑÐ½Ð°Ñ Ð¾Ð±ÑабоÑка SQL-запÑоÑов, ÑодеÑжаÑÐ¸Ñ NULL-Ñимвол, + позволÑÐµÑ Ð»Ð¾ÐºÐ°Ð»ÑнÑм полÑзоваÑелÑм Ð¾Ð±Ñ Ð¾Ð´Ð¸ÑÑ Ð¼ÐµÑ Ð°Ð½Ð¸Ð·Ð¼Ñ Ð²ÐµÐ´ÐµÐ½Ð¸Ñ Ð¶ÑÑнала.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2006-1516">CVE-2006-1516</a> - - <p>Usernames without a trailing null byte allow remote attackers to - - read portions of memory.</p></li> + <p>Ðмена полÑзоваÑелей без null-байÑа на конÑе позволÑÑÑ ÑдалÑннÑм злоÑмÑÑленникам + ÑÑиÑÑваÑÑ ÑаÑÑи памÑÑи.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2006-1517">CVE-2006-1517</a> - - <p>A request with an incorrect packet length allows remote attackers - - to obtain sensitive information.</p></li> + <p>ÐапÑÐ¾Ñ Ñ Ð½ÐµÐºÐ¾ÑÑекÑной длиной пакеÑа позволÑÐµÑ ÑдалÑннÑм злоÑмÑÑленникам + полÑÑаÑÑ ÑÑвÑÑвиÑелÑнÑÑ Ð¸Ð½ÑоÑмаÑиÑ.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2006-1518">CVE-2006-1518</a> - - <p>Specially crafted request packets with invalid length values allow - - the execution of arbitrary code.</p></li> + <p>СпеÑиалÑно ÑÑоÑмиÑованнÑе пакеÑÑ Ð·Ð°Ð¿ÑоÑов Ñ Ð½ÐµÐºÐ¾ÑÑекÑнÑми знаÑениÑм Ð´Ð»Ð¸Ð½Ñ Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÑÑ + вÑполнÑÑÑ Ð¿ÑоизволÑнÑй код.</p></li> </ul> - -<p>The following vulnerability matrix shows which version of MySQL in - -which distribution has this problem fixed:</p> +<p>СледÑÑÑÐ°Ñ ÑаблиÑа показÑваеÑ, в какой веÑÑии MySQL и в каком +вÑпÑÑке, бÑли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ ÑказаннÑе пÑоблемÑ:</p> <div class="centerdiv"><table cellspacing=0 cellpadding=2> <tr> @@ -41,29 +42,29 @@ <tr> <td>mysql</td> <td>3.23.49-8.15</td> - - <td>n/a</td> - - <td>n/a</td> + <td>недоÑÑÑпно</td> + <td>недоÑÑÑпно</td> </tr> <tr> <td>mysql-dfsg</td> - - <td>n/a</td> + <td>недоÑÑÑпно</td> <td>4.0.24-10sarge2</td> - - <td>n/a</td> + <td>недоÑÑÑпно</td> </tr> <tr> <td>mysql-dfsg-4.1</td> - - <td>n/a</td> + <td>недоÑÑÑпно</td> <td>4.1.11a-4sarge3</td> - - <td>n/a</td> + <td>недоÑÑÑпно</td> </tr> <tr> <td>mysql-dfsg-5.0</td> - - <td>n/a</td> - - <td>n/a</td> + <td>недоÑÑÑпно</td> + <td>недоÑÑÑпно</td> <td>5.0.21-3</td> </tr> </table></div> - -<p>We recommend that you upgrade your mysql packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ mysql.</p> </define-tag> # do not modify the following line - --- english/security/2006/dsa-1104.wml 2014-04-30 13:16:09.000000000 +0600 +++ russian/security/2006/dsa-1104.wml 2016-12-20 11:06:56.486960947 +0500 @@ -1,51 +1,52 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.7" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Loading malformed XML documents can cause buffer overflows in - -OpenOffice.org, a free office suite, and cause a denial of service or - -execute arbitrary code.  It turned out that the correction in DSA - -1104-1 was not sufficient, hence, another update. For completeness - -please find the original advisory text below:</p> +<p>ÐагÑÑзка ÑпеÑиалÑно ÑÑоÑмиÑованнÑÑ Ð´Ð¾ÐºÑменÑов в ÑоÑмаÑе XML Ð¼Ð¾Ð¶ÐµÑ Ð²ÑзваÑÑ Ð¿ÐµÑеполнение +бÑÑеÑа в OpenOffice.org, Ñвободном набоÑе оÑиÑнÑÑ Ð¿Ñиложений, и пÑиводиÑÑ Ðº оÑÐºÐ°Ð·Ñ Ð² +обÑлÑживании или вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода. ÐказалоÑÑ, ÑÑо иÑпÑавление, вÑпÑÑенное в DSA +1104-1, бÑло недоÑÑаÑоÑно, поÑÑÐ¾Ð¼Ñ ÑÑебÑеÑÑÑ ÐµÑÑ Ð¾Ð´Ð½Ð¾ обновление. ÐÐ»Ñ Ð¿Ð¾Ð»Ð½Ð¾ÑÑ +ниже пÑиводиÑÑÑ Ð¸Ð·Ð½Ð°ÑалÑнÑй ÑекÑÑ ÑекомендаÑии:</p> <blockquote> - -<p>Several vulnerabilities have been discovered in OpenOffice.org, a free - -office suite. The Common Vulnerabilities and Exposures Project - -identifies the following problems:</p> +<p>Ð OpenOffice.org, Ñвободном набоÑе оÑиÑнÑÑ Ð¿Ñиложений, бÑло обнаÑÑжено +неÑколÑко ÑÑзвимоÑÑей. ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and Exposures +опÑеделÑÐµÑ ÑледÑÑÑие пÑоблемÑ:</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2006-2198">CVE-2006-2198</a> - - <p>It turned out to be possible to embed arbitrary BASIC macros in - - documents in a way that OpenOffice.org does not see them but - - executes them anyway without any user interaction.</p></li> + <p>ÐказÑваеÑÑÑ Ð¼Ð¾Ð¶Ð½Ð¾ вÑÑÑоиÑÑ Ð¿ÑоизволÑнÑе макÑоÑÑ Ð½Ð° ÑзÑке BASIC в + докÑменÑÑ Ñак, ÑÑо OpenOffice.org не Ð²Ð¸Ð´Ð¸Ñ Ð¸Ñ , но + вÑполнÑÐµÑ Ð±ÐµÐ· какого-либо взаимодейÑÑÐ²Ð¸Ñ Ñ Ð¿Ð¾Ð»ÑзоваÑелем.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2006-2199">CVE-2006-2199</a> - - <p>It is possible to evade the Java sandbox with specially crafted - - Java applets.</p></li> + <p>Ðожно вÑйÑи из пеÑоÑниÑÑ Java пÑи помоÑи ÑпеÑиалÑно ÑÑоÑмиÑованнÑÑ + Java-апплеÑов.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2006-3117">CVE-2006-3117</a> - - <p>Loading malformed XML documents can cause buffer overflows and - - cause a denial of service or execute arbitrary code.</p> + <p>ÐагÑÑзка ÑпеÑиалÑно ÑÑоÑмиÑованнÑÑ Ð´Ð¾ÐºÑменÑов в ÑоÑмаÑе XML Ð¼Ð¾Ð¶ÐµÑ Ð²ÑзваÑÑ Ð¿ÐµÑеполнение + бÑÑеÑа, ÑÑо пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании или вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода.</p> </ul> - -<p>This update has the Mozilla component disabled, so that the - -Mozilla/LDAP addressbook feature won't work anymore. It didn't work on - -anything else than i386 on sarge either.</p> +<p>Рданном обновлении оÑклÑÑен ÐºÐ¾Ð¼Ð¿Ð¾Ð½ÐµÐ½Ñ Mozilla, поÑÑÐ¾Ð¼Ñ Ð°Ð´ÑеÑÐ½Ð°Ñ ÐºÐ½Ð¸Ð³Ð° +Mozilla/LDAP более не ÑабоÑаеÑ. УказаннÑй ÐºÐ¾Ð¼Ð¿Ð¾Ð½ÐµÐ½Ñ Ð² вÑпÑÑке sarge не +ÑабоÑал на на какой дÑÑгой аÑÑ Ð¸ÑекÑÑÑе помимо i386.</p> </blockquote> - -<p>The old stable distribution (woody) does not contain OpenOffice.org - -packages.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (woody) пакеÑÑ OpenOffice.org +оÑÑÑÑÑÑвÑÑÑ.</p> - -<p>For the stable distribution (sarge) this problem has been fixed in - -version 1.1.3-9sarge3.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (sarge) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 1.1.3-9sarge3.</p> - -<p>For the unstable distribution (sid) this problem has been fixed in - -version 2.0.3-1.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 2.0.3-1.</p> - -<p>We recommend that you upgrade your OpenOffice.org packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ OpenOffice.org.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlhYy5oACgkQXudu4gIW 0qWAfRAAlrRigj7XdX7hg3nVZAT2pqPzqxPIB6dhMuPOA5Y2iVa342FOQCItoAty EtGJtDZ2wWnjjLtBllFgIPgrkZRWqQZhTLmejkrmp4XEjaZZTljSduGgLhcb5CHX LC+Rx3XCFGkn5qa//IA5SVpvTiX+nxtzdin1JO2sjWLP4tg7yyxuMwqkUznrniTr SgPXMX6awvYWAy4Fm28V2UpdMQdWHqPR51eLRbdKyllMKd1Em5z/Rp1BKEoPvACb dZA6DfofVMAczLy9U9UvJOqh9Dq/JtcYsVhR4wwmAfbFTajws0NwwYdpuUkHsG4X HTVMkCS4931dqCKXJL13gJaOJnozRpPJEST6UIlFfDOUiE86uRIQw94bHL7luXSx DZFt/c+lZiDnv6UDfgzhMSXDcz7XklKVGLyWETilH8kqAXgsb9ejghxsgF6THcSE hf7E20OpklXUlJFqSTM2yMptd1n3O0L23B1WaRLKQXXZlB1spBD64dU+htg3+ZDO /fZD5MgxYo944gTd7AZZ+dnnvoPoMXT8BaCO+bTzFhbp4c5QLk5CGmiakFERc6hG VS++4aKj2dNgSdg7IfAs6+DsN9jOCkihRzYTfTnBjk3trXz5GD6m80A4fyZC1OGK 9+N3bGwO4ytXgfaQY6oZ13gc/q3xYwP3w83dARboUa6l429RZDY= =wHW+ -----END PGP SIGNATURE-----