diff options
author | Juraj Kubelka <cesta> | 2005-01-21 22:10:28 +0000 |
---|---|---|
committer | Juraj Kubelka <cesta> | 2005-01-21 22:10:28 +0000 |
commit | ff54843ff0088e63b242342aefe3cbacc7dac27a (patch) | |
tree | e7bf3df80032e554782ba1ae81cfa6d69e87d4c0 /czech/security | |
parent | f8fc556236fcf7edab44cb981fa975db1c7fdd96 (diff) |
Translated by Juraj Kubelka <Juraj.Kubelka at email.cz>.
CVS version numbers
czech/security/2005/dsa-653.wml: INITIAL -> 1.1
czech/security/2005/dsa-654.wml: INITIAL -> 1.1
Diffstat (limited to 'czech/security')
-rw-r--r-- | czech/security/2005/dsa-653.wml | 20 | ||||
-rw-r--r-- | czech/security/2005/dsa-654.wml | 42 |
2 files changed, 62 insertions, 0 deletions
diff --git a/czech/security/2005/dsa-653.wml b/czech/security/2005/dsa-653.wml new file mode 100644 index 00000000000..2582b060b4a --- /dev/null +++ b/czech/security/2005/dsa-653.wml @@ -0,0 +1,20 @@ +#use wml::debian::translation-check translation="1.1" maintainer="Juraj Kubelka" +<define-tag description>přetečení bufferu</define-tag> +<define-tag moreinfo> +<p>A buffer overflow has been detected in the X11 dissector of ethereal, +a commonly used network traffic analyser. A remote attacker may be +able to overflow a buffer using a specially crafted IP packet. More +problems have been discovered which don't apply to the version in +woody but are fixed in sid as well.</p> + +<p>Pro stable distribuci (woody) byl tento problém opraven +ve verzi 0.9.4-1woody11.</p> + +<p>Pro unstable distribuci (sid) byl tento problém opraven +ve verzi 0.10.9-1.</p> + +<p>Doporučujeme vám aktualizovat váš balíček ethereal.</p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2005/dsa-653.data" diff --git a/czech/security/2005/dsa-654.wml b/czech/security/2005/dsa-654.wml new file mode 100644 index 00000000000..3c636dd01c9 --- /dev/null +++ b/czech/security/2005/dsa-654.wml @@ -0,0 +1,42 @@ +#use wml::debian::translation-check translation="1.1" maintainer="Juraj Kubelka" +<define-tag description>několik zranitelností</define-tag> +<define-tag moreinfo> +<p>Erik Sjölund has discovered several security relevant problems in +enscript, a program to convert ASCII text into Postscript and other +formats. The Common Vulnerabilities and Exposures project identifies +the following vulnerabilities:</p> + +<ul> + +<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1184">CAN-2004-1184</a> + + <p>Unsanitised input can cause the execution of arbitrary commands + via EPSF pipe support. This has been disabled, also upstream. + +<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1185">CAN-2004-1185</a></p> + + <p>Due to missing sanitising of filenames it is possible that a + specially crafted filename can cause arbitrary commands to be + executed.</p> + +<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1186">CAN-2004-1186</a> + + <p>Multiple buffer overflows can cause the program to crash.</p> + +</ul> + +<p>Usually, enscript is only run locally, but since it is executed inside +of viewcvs some of the problems mentioned above can easily be turned +into a remote vulnerability.</p> + +<p>Pro stable distribuci (woody) byly tyto problémy opraveny +ve verzi 1.6.3-1.3.</p> + +<p>Pro unstable distribuci (sid) byly tyto problémy opraveny +ve verzi 1.6.4-6.</p> + +<p>Doporučujeme vám aktualizovat váš balíček enscript.</p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2005/dsa-654.data" |