[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DONE] wml://security/2016/dla-{398,394,404}.wml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- --- english/security/2016/dla-394.wml	2016-04-08 01:54:44.000000000 +0500
+++ russian/security/2016/dla-394.wml	2016-04-12 12:24:20.483623382 +0500
@@ -1,11 +1,12 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
 
- -<p>agent/Core/Controller/SendRequest.cpp in Phusion Passenger before 4.0.60 and
- -5.0.x before 5.0.22, when used in Apache integration mode or in standalone mode
- -without a filtering proxy, allows remote attackers to spoof headers passed to
- -applications by using an _ (underscore) character instead of a - (dash)
- -character in an HTTP header, as demonstrated by an X_User header.</p>
+<p>agent/Core/Controller/SendRequest.cpp в Phusion Passenger до веÑ?Ñ?ии 4.0.60 и
+в веÑ?ке 5.0.x до веÑ?Ñ?ии 5.0.22 пÑ?и иÑ?полÑ?зовании в Ñ?ежиме инÑ?егÑ?аÑ?ии Ñ? Apache или в Ñ?амоÑ?Ñ?оÑ?Ñ?елÑ?ном Ñ?ежиме
+без иÑ?полÑ?зованиÑ? Ñ?илÑ?Ñ?Ñ?Ñ?Ñ?Ñ?его пÑ?окÑ?и позволÑ?Ñ?Ñ? Ñ?далÑ?ннÑ?м злоÑ?мÑ?Ñ?ленникам подделÑ?ваÑ?Ñ? заголовки, пеÑ?едаваемÑ?е
+пÑ?иложениÑ?м Ñ? иÑ?полÑ?зованием Ñ?имвола _ (подÑ?Ñ?Ñ?кивание) вмеÑ?Ñ?о Ñ?имвола - (Ñ?иÑ?е)
+в заголовке HTTP, как Ñ?Ñ?о пÑ?одемонÑ?Ñ?иÑ?овано заголовком X_User.</p>
 </define-tag>
 
 # do not modify the following line
- --- english/security/2016/dla-398.wml	2016-04-08 01:54:44.000000000 +0500
+++ russian/security/2016/dla-398.wml	2016-04-12 12:20:57.402444623 +0500
@@ -1,15 +1,16 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
 
 <ul>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-1982";>CVE-2016-1982</a>
- -    <p>Prevent invalid reads in case of corrupt chunk-encoded content</p></li>
+    <p>Ð?Ñ?едоÑ?вÑ?аÑ?аеÑ? непÑ?авилÑ?ное Ñ?Ñ?ение в Ñ?лÑ?Ñ?ае повÑ?еждÑ?нного закодиÑ?ованного в виде поÑ?Ñ?ий Ñ?одеÑ?жимого</p></li>
 
 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-1983";>CVE-2016-1983</a>
 
- -    <p>Remove empty Host headers in client requests; resulting in
- -    invalid reads.</p></li>
+    <p>УдалÑ?еÑ? пÑ?Ñ?Ñ?Ñ?е заголовки Host в клиенÑ?Ñ?киÑ? запÑ?оÑ?аÑ?, коÑ?оÑ?Ñ?е пÑ?иводÑ?Ñ? к
+    некоÑ?Ñ?екÑ?номÑ? Ñ?Ñ?ениÑ?.</p></li>
 
 </ul>
 </define-tag>
- --- english/security/2016/dla-404.wml	2016-04-08 01:54:44.000000000 +0500
+++ russian/security/2016/dla-404.wml	2016-04-12 12:27:51.400033131 +0500
@@ -1,12 +1,13 @@
- -<define-tag description>LTS security update</define-tag>
+#use wml::debian::translation-check translation="1.2" maintainer="Lev Lamberov"
+<define-tag description>обновление безопаÑ?ноÑ?Ñ?и LTS</define-tag>
 <define-tag moreinfo>
- -<p>It was discovered that there was a invalid pointer deference in nginx, a
- -small, powerful, scalable web/proxy server.  An invalid pointer
- -dereference might occur during DNS server response processing, allowing
- -an attacker who is able to forge UDP packets from the DNS server to cause
- -worker process crash</p>
+<p>Ð?Ñ?ло обнаÑ?Ñ?жено некоÑ?Ñ?екÑ?ное Ñ?азÑ?менование Ñ?казаÑ?елÑ? в nginx,
+неболÑ?Ñ?ом моÑ?ном маÑ?Ñ?Ñ?абиÑ?Ñ?емом веб/пÑ?окÑ?и Ñ?еÑ?веÑ?е.  Ð?екоÑ?Ñ?екÑ?ное Ñ?азÑ?менование
+Ñ?казаÑ?елÑ? можеÑ? пÑ?оиÑ?Ñ?одиÑ?Ñ? во вÑ?емÑ? обÑ?абоÑ?ки оÑ?веÑ?а DNS-Ñ?еÑ?веÑ?а, Ñ?Ñ?о позволÑ?еÑ?
+злоÑ?мÑ?Ñ?ленникÑ?, Ñ?поÑ?обномÑ? подделаÑ?Ñ? UDP-пакеÑ?Ñ? оÑ? DNS-Ñ?еÑ?веÑ?е вÑ?зÑ?ваÑ?Ñ?
+аваÑ?ийнÑ?Ñ? оÑ?Ñ?ановкÑ? Ñ?абоÑ?его пÑ?оÑ?еÑ?Ñ?а</p>
 
- -<p>For Debian 6 Squeeze, this issue has been fixed in nginx version
+<p>Ð? Debian 6 Squeeze Ñ?Ñ?а пÑ?облема бÑ?ла иÑ?пÑ?авлена в nginx веÑ?Ñ?ии
 0.7.67-3+squeeze4+deb6u1.</p>
 </define-tag>
 
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXDKN6AAoJEF7nbuICFtKl1foP/RjMSteg66N21bGU9LOC0wIk
D+KtcaAMsST+t0gwIv+/IURZFAoE0JfPfv+IPzYH5kHnJFx7KOfaJJj3J2zTIqMj
KBn3QzDcwKYCZbLWVzE0dFWuQBdsWabVNKMrrzrr8aH/2dMgnA6asKUkwZUFBVAQ
2/iDJXIM48htLcbB0yxXsUdG9C9FDDStGlQmzNLy4L4FHjmKr/N5YN5Slw/1lqQt
bfCGy9W/86s/YbcZyQSrqYAoEx7YvHfhIxm5DkswHCPnRWWkn9OCwObGSSQ78EmM
iPs2i2Zt9EUCj4hDh5YVt8mWLoyU4yiIVgz2106It+WVSfG2MaZJV13ZWhgZYu/q
IROO4Bk4hTcpjsu5kp9NmEH/bHHgIOau5X6lNer9XNQrhHkLBQ3NKJ4ihp39DJ+Q
UphMsyk10b9xAxHje6KGjDKzOQAE3/Wn83/Ah6REhOXvdOh0+xO54v+sSg4CHD7o
yMAifLOkrQdctnvZz1C6HCAqvS7CEcBWFh49TbikeZ5XuzejR0BWDnBup05Neyev
6s8vkTa1YGXu/ywClUdlMHoP2xYA1OIuRl/+sPormM387ebRqL2G7m192fo6Gffg
iqUF5qX3eIWBkwWWN+lOiz4YSxMne3bHqyvFgXfQLoYZ0naGRUfIi1RqwuhtP7A4
3sBwHZLbaBr9pp57R4HN
=AWJM
-----END PGP SIGNATURE-----
Reply to: