[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

dsa-1285

From: Hideki Yamane <henrich@xxxxxxxxxxxxxx>
Subject: dsa-1285
Date: Wed, 23 May 2007 00:56:27 +0900
List-help: <mailto:debian-www-ctl@debian.or.jp?body=help>
List-id: debian-www.debian.or.jp
List-owner: <mailto:debian-www-admin@debian.or.jp>
List-post: <mailto:debian-www@debian.or.jp>
List-software: fml [fml 4.0.3 release (20011202/4.0.3)]
List-unsubscribe: <mailto:debian-www-ctl@debian.or.jp?body=unsubscribe>
X-ml-info: If you have a question, send e-mail with the body "help" (without quotes) to the address debian-www-ctl@debian.or.jp; help=<mailto:debian-www-ctl@debian.or.jp?body=help>
X-ml-name: debian-www
X-mlserver: fml [fml 4.0.3 release (20011202/4.0.3)]; post only (only members can post)
X-original-to: debian-www@debian.or.jp
Message-id: <20070523005602.300dbb75.henrich@xxxxxxxxxxxxxx>
X-mail-count: 11118
X-mailer: Sylpheed 2.4.1 (GTK+ 2.10.12; i486-pc-linux-gnu)

　やまねです。
　dsa-1285 を訳してみました。査読ください。

#use wml::debian::translation-check translation="1.1"
<define-tag description>ʣ�����ȼ���</define-tag>
<define-tag moreinfo>
<ul>

<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1622";>CVE-2007-1622</a>
    <p>WordPress 2.0.10 RC2 ������2.1 �ϤǤ� WordPress 2.1.3 RC2 ������ wp-admin/vars.php 
    �˥����������ȥ�����ץƥ��� (XSS) �ȼ��������ꡢ��⡼�Ȥ���ơ������긢�¤�ͭ���Ƥ���
    ǧ�ںѤߤΥ桼�����������̤ˤ� PATH_INFO �����Ѥ���Ǥ�դ� web ������ץȤ� HTML 
    ��������ǽ�ȤʤäƤ��ޤ�������� PHP_SELF ������ɽ���������ˤ�����Ǥ���</p></li>

<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1893";>CVE-2007-1893</a>
    <p>WordPress 2.1.2 ����Ӥ����餯��������ΥС������ǡ���⡼�Ȥ��� contributor 
    ���¤�ͭ����ǧ�ںѤߤΥ桼�����տޤ��������������¤�̵�뤷��<q>��������¸���줿��Ƥ��������
    (publish a previously saved post)</q>
    �Τ˻Ȥ��� publish_posts ��ǽ��ư���뤳�Ȥ���ǽ�Ȥʤ�ޤ���</p></li>

<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1894";>CVE-2007-1894</a>
    <p>WordPress 20070309 ������ wp-includes/general-template.php 
    �˥����������ȥ�����ץƥ��� (XSS) �ȼ���������ޤ�������ˤ�ꡢ
    ��⡼�Ȥ��鹶��Ԥ� wp_title �ؿ���� year �ѥ�᡼����ͳ��Ǥ�դ� 
    web ������ץȤ� HTML ��������ǽ�ȤʤäƤ��ޤ���</p></li>

<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1897";>CVE-2007-1897</a>
    <p>WordPress 2.1.2 ����Ӥ����餯��������ΥС������ˤ� xmlrpc.php ��� 
    SQL ���󥸥�������� �ȼ���������ޤ�������ˤ�ꡢ��⡼�Ȥ���ǧ�ںѤߤΥ桼����
    post_id �ѿ��˴�Ϣ���� XML RPC �� mt.setPostCategories �᥽�åɸƤӽФ�����
    ʸ����ѥ�᡼���ͷ�ͳ��Ǥ�դ� SQL ���ޥ�ɤ�¹Բ�ǽ�ȤʤäƤ��ޤ���</p></li>

</ul>

<p>�����ǥǥ����ȥ�ӥ塼����� (stable, �����ɥ͡��� etch) �Ǥϡ�
����������ϥС������ 2.0.10-1 �ǽ�������Ƥ��ޤ���</p>

<p>�ƥ����ǥǥ����ȥ�ӥ塼����� (testing�������ɥ͡��� lenny) 
������԰����ǥǥ����ȥ�ӥ塼����� (unstable�������ɥ͡��� sid) 
�Ǥϡ�����������ϥС������ 2.1.3-1 �ǽ�������Ƥ��ޤ���</p>

<p>wordpress �ѥå������Υ��åץ��졼�ɤ򤪴��ᤷ�ޤ���</p>
</define-tag>

# do not modify the following line
#include "$(ENGLISHDIR)/security/2007/dsa-1285.data"

Follow-Ups:
- Re: dsa-1285
  - From: Minoru Nagahama

Prev by Date: Re: [org] volatile/index.wml 1.5
Next by Date: Debian Web site Translation Update
Previous by thread: Re: dsa-1288
Next by thread: Re: dsa-1285
Index(es):
- Date
- Thread