-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2017/dsa-4006.wml 2017-10-25 10:57:08.024762137 +0500 +++ russian/security/2017/dsa-4006.wml 2017-10-25 11:02:36.205756078 +0500 @@ -1,29 +1,30 @@ - -<define-tag description>security update</define-tag> +#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи</define-tag> <define-tag moreinfo> - -<p>Multiple vulnerabilities have been found in MuPDF, a PDF file viewer, which - -may result in denial of service or the execution of arbitrary code.</p> +<p>Ð MuPDF, пÑогÑамме Ð´Ð»Ñ Ð¿ÑоÑмоÑÑа Ñайлов в ÑоÑмаÑе PDF, бÑли обнаÑÑÐ¶ÐµÐ½Ñ Ð¼Ð½Ð¾Ð³Ð¾ÑиÑленнÑе +ÑÑзвимоÑÑи, коÑоÑÑе могÑÑ Ð¿ÑиводиÑÑ Ðº оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании или вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода.</p> <ul> - -<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-14685">CVE-2017-14685</a>, - -<a href="https://security-tracker.debian.org/tracker/CVE-2017-14686">CVE-2017-14686</a>, - -and <a href="https://security-tracker.debian.org/tracker/CVE-2017-14687">CVE-2017-14687</a> - - - - <p>WangLin discovered that a crafted .xps file can crash MuPDF and - - potentially execute arbitrary code in several ways, since the - - application makes unchecked assumptions on the entry format.</p></li> +<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-14685">CVE-2017-14685</a>, +<a href="https://security-tracker.debian.org/tracker/CVE-2017-14686">CVE-2017-14686</a> +и <a href="https://security-tracker.debian.org/tracker/CVE-2017-14687">CVE-2017-14687</a> + + <p>Ðан Ðин обнаÑÑжил, ÑÑо ÑпеÑиалÑно ÑÑоÑмиÑованнÑй Ñайл .xps Ð¼Ð¾Ð¶ÐµÑ Ð²ÑзÑваÑÑ Ð°Ð²Ð°ÑийнÑÑ Ð¾ÑÑÐ°Ð½Ð¾Ð²ÐºÑ + MuPDF и в ÑÑде ÑлÑÑае пÑиводиÑÑ Ðº поÑенÑиалÑÐ½Ð¾Ð¼Ñ Ð²ÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода, поÑколÑÐºÑ + пÑиложение без вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑовеÑки пÑÐµÐ´Ð¿Ð¾Ð»Ð°Ð³Ð°ÐµÑ Ð¸ÑполÑзование опÑеделÑнного ÑоÑмаÑа запиÑей.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-15587">CVE-2017-15587</a> - - <p>Terry Chia and Jeremy Heng discovered an integer overflow that can - - cause arbitrary code execution via a crafted .pdf file.</p></li> + <p>ТеÑÑи Чиа и ÐжеÑеми Хен обнаÑÑжили пеÑеполнение ÑелÑÑ ÑиÑел, коÑоÑое Ð¼Ð¾Ð¶ÐµÑ Ð²ÑзÑваÑÑ + вÑполнение пÑоизволÑного кода пÑи обÑабоÑке ÑпеÑиалÑно ÑÑоÑмиÑованного Ñайла .pdf.</p></li> </ul> - -<p>For the stable distribution (stretch), these problems have been fixed in - -version 1.9a+ds1-4+deb9u1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (stretch) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 1.9a+ds1-4+deb9u1.</p> - -<p>We recommend that you upgrade your mupdf packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ mupdf.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlnwKQQACgkQXudu4gIW 0qWTfA/9HVxRHGmkoMI129de7L/xXrAAV/xvkhANeub3V0an48gv25QeKA4A1Y9a VKuqyPe6eIWTfINTZfn68kf0ATu3su/NRNSPDV7TCikmxhS1tgsE47iHCOZY4az3 /2rfjUXLEPgYNhAQuV/f1CnE/EwWCJn018rsMHXiBkzM0qjHaObspEMxee/nUUGw F0DrFpkGs527QM87KuYctcT7EtynXmYuCjX2s5tKfyO41zXXF8adBWRThkoOrron Tc3qqWKQelgiT4nxkbpPauNb6hVw8mNHSzN32i6ojGpx7CnWJ9JA6yi1FedNgm9l aYsayyYLwv5Pix3vpxkji3tup/y8FPFaD4IrvHd++QZUliLHx3wuEA2sfFRvQ3ef hBUPHYg+KFcH4ls8zXaar9lebh0fvP8nbJ00FRQCmcUuzgbPJvnrTMQlWJQEYzcO +RnJ0P7IUsRqVz5j4zWk8XJNynlxMCf7rVgCfYxBa+ZRCHW/il6lseEpK6/5Ftwl V9iv4HdB5EnQtZ9K3T1movsbJi3wDob0aSIIHpds94P9Dlv7rhsdarPPwbkZKikL Go1gZqLynFPyGZbYA8pm6zIfAf+YnAwDj/0cTriRfx1tyEBpBUMTO4LJ45NMuDpx pAl1JyhTRkBPHSU+jcEPh9kqphyU5D/b+uY2ofuL4dwuPqavb34= =05hE -----END PGP SIGNATURE-----