-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2012/dsa-2388.wml 2017-11-01 10:11:10.315843693 +0500 +++ russian/security/2012/dsa-2388.wml 2018-03-17 11:13:54.840234737 +0500 @@ -1,57 +1,58 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи</define-tag> <define-tag moreinfo> - -<p>Several vulnerabilities were discovered in t1lib, a Postscript Type 1 - -font rasterizer library, some of which might lead to code execution - -through the opening of files embedding bad fonts.</p> +<p>Ð t1lib, библиоÑеке ÑаÑÑеÑизаÑии ÑÑиÑÑов Postscript Type 1, бÑло +обнаÑÑжено неÑколÑко ÑÑзвимоÑÑей, некоÑоÑÑе из коÑоÑÑÑ Ð¼Ð¾Ð³ÑÑ Ð¿ÑиводиÑÑ Ðº вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ +кода пÑи оÑкÑÑÑии Ñайлов, ÑодеÑжаÑÐ¸Ñ Ð¿Ð»Ð¾Ñ Ð¸Ðµ ÑÑиÑÑÑ.</p> <ul> <li><a href="https://security-tracker.debian.org/tracker/CVE-2010-2642">CVE-2010-2642</a> - - <p>A heap-based buffer overflow in the AFM font metrics parser - - potentially leads to the execution of arbitrary code.</p></li> + <p>ÐеÑеполнение динамиÑеÑкой памÑÑи в коде Ð´Ð»Ñ Ð³ÑаммаÑиÑеÑкого ÑазбоÑа меÑÑик + ÑÑиÑÑов AFM поÑенÑиалÑно пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-0433">CVE-2011-0433</a> - - <p>Another heap-based buffer overflow in the AFM font metrics - - parser potentially leads to the execution of arbitrary code.</p></li> + <p>ÐÑÑ Ð¾Ð´Ð½Ð¾ пеÑеполнение динамиÑеÑкой памÑÑи в коде Ð´Ð»Ñ Ð³ÑаммаÑиÑеÑкого ÑазбоÑа + меÑÑик ÑÑиÑÑов AFM поÑенÑиалÑно пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-0764">CVE-2011-0764</a> - - <p>An invalid pointer dereference allows execution of arbitrary - - code using crafted Type 1 fonts.</p></li> + <p>ÐепÑавилÑное ÑазÑменование ÑказаÑÐµÐ»Ñ Ð¿ÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного + кода пÑи иÑполÑзовании ÑпеÑиалÑно ÑÑоÑмиÑованнÑÑ ÑÑиÑÑов Type 1.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-1552">CVE-2011-1552</a> - - <p>Another invalid pointer dereference results in an application - - crash, triggered by crafted Type 1 fonts.</p></li> + <p>ÐÑÑ Ð¾Ð´Ð½Ð¾ непÑавилÑно ÑазÑменование ÑказаÑелей пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº аваÑийной оÑÑановке + пÑÐ¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Ð¿Ñи иÑполÑзовании ÑпеÑиалÑно ÑÑоÑмиÑованнÑÑ ÑÑиÑÑов Type 1.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-1553">CVE-2011-1553</a> - - <p>A use-after-free vulnerability results in an application - - crash, triggered by crafted Type 1 fonts.</p></li> + <p>ÐÑполÑзование ÑказаÑелей поÑле оÑÐ²Ð¾Ð±Ð¾Ð¶Ð´ÐµÐ½Ð¸Ñ Ð¿Ð°Ð¼ÑÑи пÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº аваÑийной оÑÑановке + пÑÐ¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Ð¿Ñи иÑполÑзовании ÑпеÑиалÑно ÑÑоÑмиÑованнÑÑ ÑÑиÑÑов Type 1.</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2011-1554">CVE-2011-1554</a> - - <p>An off-by-one error results in an invalid memory read and - - application crash, triggered by crafted Type 1 fonts.</p></li> + <p>ÐÑибка на единиÑÑ Ð¿ÑÐ¸Ð²Ð¾Ð´Ð¸Ñ Ðº ÑÑÐµÐ½Ð¸Ñ Ð½ÐµÐ¿ÑавилÑной облаÑÑи памÑÑи и аваÑийной + оÑÑановке пÑÐ¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Ð¿Ñи иÑполÑзовании ÑпеÑиалÑно ÑÑоÑмиÑованнÑÑ ÑÑиÑÑов Type 1.</p></li> </ul> - -<p>For the oldstable distribution (lenny), this problem has been fixed in - -version 5.1.2-3+lenny1.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (lenny) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 5.1.2-3+lenny1.</p> - -<p>For the stable distribution (squeeze), this problem has been fixed in - -version 5.1.2-3+squeeze1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (squeeze) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 5.1.2-3+squeeze1.</p> - -<p>For the testing distribution (wheezy), this problem has been fixed in - -version 5.1.2-3.4.</p> +<p>Ð ÑеÑÑиÑÑемом вÑпÑÑке (wheezy) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 5.1.2-3.4.</p> - -<p>For the unstable distribution (sid), this problem has been fixed in - -version 5.1.2-3.4.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑа пÑоблема бÑла иÑпÑавлена в +веÑÑии 5.1.2-3.4.</p> - -<p>We recommend that you upgrade your t1lib packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ t1lib.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlqssikACgkQXudu4gIW 0qXSxA/8CPyIveEAfIa06L18/KGJ6fuCyey9qHDV1XuQBoEAas1XDOqD+/6b+7xH n4+GXK61M3p0SThRYPBLZtPJRB07Von8ny2xcHXG+2iAme1kud+Von9fhLU1uhA/ 7wpLs4bz92uj1vxqcBl8xS1mAoW+g5uZAnffuROG0LZyVdilFocLxiL+oYfcNylq m8pjb5alM/V887f3ZKu53T1d9qpGmuV5WTIYlni3MeEW0YWsXiU2/2XmEv8DIvBY bAO6cTiE0R8RWt+9hjGL0v/HoZFDvuugBjs1xOawO0cxLbvLQgSasvmJOPCOpQkR K0tEt4m9v9+4nSfCnCKsw3VkRgQ8VRU93fmbgTwbVhIK0RUBhQLrN/kOBf53WaPi 9uqP6d6m4B23TjByYt/9+RRknty8rW5ti5vNytFJTV1hvkMzLwcx24Gx4Khui0p7 ZvAU1qZOwqvautlP9RFmf1mi+MZALxTyod23dXx1efs9J+uaSv6OKsEw0kJ/6zwF bg+kUI84u5NrxZ2oJqyAj7QFbjrRF3WQsbbw3fmBd6+DjluasSouQrv0T/LgCSrU 4CF1I5ZGxEDadUPK//AtfiTiiBQ8pw3KSmFg/avTOsrnF8kU1gNnF3OsV/jJ5WtU QyDMtYugmOwDhPI1kvu4aC73ikkH9HmNZ3e6CmVIuWtKzp8UFsc= =gnWU -----END PGP SIGNATURE-----