diff options
author | Juraj Kubelka <cesta> | 2005-01-21 22:42:00 +0000 |
---|---|---|
committer | Juraj Kubelka <cesta> | 2005-01-21 22:42:00 +0000 |
commit | 9546943b743e3ac092918404ca4aad022c60b327 (patch) | |
tree | b35ac3782a4be010a44e604cbd3559375de25100 /czech/security | |
parent | 1dd05f4e66c3ce28bc1660a4e271adf1aa7d63c4 (diff) |
Translated by Juraj Kubelka <Juraj.Kubelka at email.cz>.
CVS version numbers
czech/security/2005/dsa-652.wml: INITIAL -> 1.1
Diffstat (limited to 'czech/security')
-rw-r--r-- | czech/security/2005/dsa-652.wml | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/czech/security/2005/dsa-652.wml b/czech/security/2005/dsa-652.wml new file mode 100644 index 00000000000..f095d14958f --- /dev/null +++ b/czech/security/2005/dsa-652.wml @@ -0,0 +1,37 @@ +#use wml::debian::translation-check translation="1.1" maintainer="Juraj Kubelka" +<define-tag description>několik zranitelností</define-tag> +<define-tag moreinfo> +<p>Several vulnerabilities have been discovered in unarj, a non-free ARJ +unarchive utility. The Common Vulnerabilities and Exposures Project +identifies the following vulnerabilities:</p> + +<ul> + +<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0947">CAN-2004-0947</a> + + <p>A buffer overflow has been discovered when handling long file + names contained in an archive. An attacker could create a + specially crafted archive which could cause unarj to crash or + possibly execute arbitrary code when being extracted by a victim.</p> + +<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1027">CAN-2004-1027</a> + + <p>A directory traversal vulnerability has been found so that an + attacker could create a specially crafted archive which would + create files in the parent directory when being extracted by a + victim. When used recursively, this vulnerability could be used + to overwrite critical system files and programs.</p> + +</ul> + +<p>Pro stable distribuci (woody) byly tyto problémy opraveny +ve verzi 2.43-3woody1.</p> + +<p>For the unstable distribution (sid) these problems don't apply since +unstable/non-free does not contain the unarj package.</p> + +<p>Doporučujeme vám aktualizovat váš balíček unarj.</p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2005/dsa-652.data" |