Translated by Juraj Kubelka <Juraj.Kubelka at email.cz>.

CVS version numbers

czech/security/2005/dsa-652.wml: INITIAL -> 1.1

1 files changed, 37 insertions, 0 deletions

diff --git a/czech/security/2005/dsa-652.wml b/czech/security/2005/dsa-652.wml
new file mode 100644
index 00000000000..f095d14958f
--- /dev/null
+++ b/czech/security/2005/dsa-652.wml
@@ -0,0 +1,37 @@
+#use wml::debian::translation-check translation="1.1" maintainer="Juraj Kubelka"
+<define-tag description>několik zranitelností</define-tag>
+<define-tag moreinfo>
+<p>Several vulnerabilities have been discovered in unarj, a non-free ARJ
+unarchive utility.  The Common Vulnerabilities and Exposures Project
+identifies the following vulnerabilities:</p>
+
+<ul>
+
+<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0947">CAN-2004-0947</a>
+
+    <p>A buffer overflow has been discovered when handling long file
+    names contained in an archive.  An attacker could create a
+    specially crafted archive which could cause unarj to crash or
+    possibly execute arbitrary code when being extracted by a victim.</p>
+
+<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1027">CAN-2004-1027</a>
+
+    <p>A directory traversal vulnerability has been found so that an
+    attacker could create a specially crafted archive which would
+    create files in the parent directory when being extracted by a
+    victim.  When used recursively, this vulnerability could be used
+    to overwrite critical system files and programs.</p>
+
+</ul>
+
+<p>Pro stable distribuci (woody) byly tyto problémy opraveny
+ve verzi 2.43-3woody1.</p>
+
+<p>For the unstable distribution (sid) these problems don't apply since
+unstable/non-free does not contain the unarj package.</p>
+
+<p>Doporučujeme vám aktualizovat váš balíček unarj.</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2005/dsa-652.data"