2018-07-04 09:06:45 +00:00
|
|
|
|
# Copyright (C) 2001-2018, Python Software Foundation
|
2018-07-04 09:08:42 +00:00
|
|
|
|
# For licence information, see README file.
|
2016-10-30 09:46:26 +00:00
|
|
|
|
#
|
|
|
|
|
|
msgid ""
|
|
|
|
|
|
msgstr ""
|
2019-12-05 22:15:54 +00:00
|
|
|
|
"Project-Id-Version: Python 3\n"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
"Report-Msgid-Bugs-To: \n"
|
2023-07-23 12:39:39 +00:00
|
|
|
|
"POT-Creation-Date: 2023-07-23 14:38+0200\n"
|
2024-03-23 13:25:51 +00:00
|
|
|
|
"PO-Revision-Date: 2023-09-02 17:24+0200\n"
|
|
|
|
|
|
"Last-Translator: Christophe Nanteuil <christophe.nanteuil@gmail.com>\n"
|
2018-07-04 09:14:25 +00:00
|
|
|
|
"Language-Team: FRENCH <traductions@lists.afpy.org>\n"
|
2017-05-23 22:40:56 +00:00
|
|
|
|
"Language: fr\n"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
"MIME-Version: 1.0\n"
|
|
|
|
|
|
"Content-Type: text/plain; charset=UTF-8\n"
|
|
|
|
|
|
"Content-Transfer-Encoding: 8bit\n"
|
2024-03-23 13:25:51 +00:00
|
|
|
|
"X-Generator: Poedit 3.2.2\n"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:4
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid "XML Processing Modules"
|
2017-09-21 11:22:04 +00:00
|
|
|
|
msgstr "Modules de traitement XML"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:12
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid "**Source code:** :source:`Lib/xml/`"
|
2017-09-21 11:22:04 +00:00
|
|
|
|
msgstr "**Code source:** :source:`Lib/xml/`"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:16
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid ""
|
|
|
|
|
|
"Python's interfaces for processing XML are grouped in the ``xml`` package."
|
2017-09-21 12:41:50 +00:00
|
|
|
|
msgstr ""
|
2018-09-29 17:45:33 +00:00
|
|
|
|
"Les interfaces de Python de traitement de XML sont regroupées dans le paquet "
|
2017-09-21 12:41:50 +00:00
|
|
|
|
"``xml``."
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2024-03-23 13:25:51 +00:00
|
|
|
|
# suit un :
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:20
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid ""
|
|
|
|
|
|
"The XML modules are not secure against erroneous or maliciously constructed "
|
|
|
|
|
|
"data. If you need to parse untrusted or unauthenticated data see the :ref:"
|
2020-10-02 08:55:01 +00:00
|
|
|
|
"`xml-vulnerabilities` and :ref:`defusedxml-package` sections."
|
2017-09-21 12:41:50 +00:00
|
|
|
|
msgstr ""
|
2024-03-23 13:25:51 +00:00
|
|
|
|
"les modules XML ne sont pas protégés contre les données mal construites ou "
|
|
|
|
|
|
"malveillantes. Si vous devez parcourir des données douteuses non "
|
|
|
|
|
|
"authentifiées, lisez les sections :ref:`xml-vulnerabilities` et :ref:"
|
|
|
|
|
|
"`defusedxml-package`."
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:25
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid ""
|
|
|
|
|
|
"It is important to note that modules in the :mod:`xml` package require that "
|
|
|
|
|
|
"there be at least one SAX-compliant XML parser available. The Expat parser "
|
|
|
|
|
|
"is included with Python, so the :mod:`xml.parsers.expat` module will always "
|
|
|
|
|
|
"be available."
|
2017-09-21 12:41:50 +00:00
|
|
|
|
msgstr ""
|
|
|
|
|
|
"Il est important de noter que les modules dans le paquet :mod:`xml` "
|
2024-03-23 13:25:51 +00:00
|
|
|
|
"nécessitent qu'au moins un analyseur compatible *SAX* soit disponible. "
|
|
|
|
|
|
"L'analyseur *Expat* est inclus dans Python, ainsi le module :mod:`xml."
|
|
|
|
|
|
"parsers.expat` est toujours disponible."
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:30
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid ""
|
|
|
|
|
|
"The documentation for the :mod:`xml.dom` and :mod:`xml.sax` packages are the "
|
|
|
|
|
|
"definition of the Python bindings for the DOM and SAX interfaces."
|
2017-09-21 12:41:50 +00:00
|
|
|
|
msgstr ""
|
2024-03-23 13:25:51 +00:00
|
|
|
|
"La documentation des interfaces vers *DOM* et *SAX* se trouve dans :mod:`xml."
|
|
|
|
|
|
"dom` et :mod:`xml.sax`."
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:33
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid "The XML handling submodules are:"
|
2017-09-21 11:22:04 +00:00
|
|
|
|
msgstr "Les sous-modules de traitement XML sont :"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:35
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid ""
|
|
|
|
|
|
":mod:`xml.etree.ElementTree`: the ElementTree API, a simple and lightweight "
|
|
|
|
|
|
"XML processor"
|
2017-09-21 12:41:50 +00:00
|
|
|
|
msgstr ""
|
2024-03-23 13:25:51 +00:00
|
|
|
|
":mod:`xml.etree.ElementTree` : l'API *ElementTree*, un processeur simple et "
|
2018-09-29 17:45:33 +00:00
|
|
|
|
"léger"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:40
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid ":mod:`xml.dom`: the DOM API definition"
|
2024-03-23 13:25:51 +00:00
|
|
|
|
msgstr ":mod:`xml.dom` : la définition de l'API DOM"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:41
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid ":mod:`xml.dom.minidom`: a minimal DOM implementation"
|
2024-03-23 13:25:51 +00:00
|
|
|
|
msgstr ":mod:`xml.dom.minidom` : une implémentation minimale de DOM"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:42
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid ":mod:`xml.dom.pulldom`: support for building partial DOM trees"
|
2017-09-21 12:41:50 +00:00
|
|
|
|
msgstr ""
|
2024-03-23 13:25:51 +00:00
|
|
|
|
":mod:`xml.dom.pulldom` : gestion de la construction partielle des arbres DOM"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:46
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid ":mod:`xml.sax`: SAX2 base classes and convenience functions"
|
2024-03-23 13:25:51 +00:00
|
|
|
|
msgstr ":mod:`xml.sax` : classes mères *SAX2* et fonctions utilitaires"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:47
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid ":mod:`xml.parsers.expat`: the Expat parser binding"
|
2024-03-23 13:25:51 +00:00
|
|
|
|
msgstr ":mod:`xml.parsers.expat` : l'interface de l'analyseur *Expat*"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:53
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid "XML vulnerabilities"
|
2017-09-21 11:22:04 +00:00
|
|
|
|
msgstr "Vulnérabilités XML"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:55
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid ""
|
|
|
|
|
|
"The XML processing modules are not secure against maliciously constructed "
|
|
|
|
|
|
"data. An attacker can abuse XML features to carry out denial of service "
|
|
|
|
|
|
"attacks, access local files, generate network connections to other machines, "
|
|
|
|
|
|
"or circumvent firewalls."
|
2017-09-21 12:41:50 +00:00
|
|
|
|
msgstr ""
|
|
|
|
|
|
"Les modules de traitement XML ne sont pas sécurisés contre les données "
|
2024-03-23 13:25:51 +00:00
|
|
|
|
"construites malicieusement. Un attaquant peut abuser des fonctionnalités XML "
|
|
|
|
|
|
"pour exécuter des attaques par déni de service, accéder à des fichiers "
|
|
|
|
|
|
"locaux, générer des connexions réseaux à d'autres machines ou contourner des "
|
|
|
|
|
|
"pare-feux."
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:60
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid ""
|
|
|
|
|
|
"The following table gives an overview of the known attacks and whether the "
|
|
|
|
|
|
"various modules are vulnerable to them."
|
2017-09-21 12:41:50 +00:00
|
|
|
|
msgstr ""
|
|
|
|
|
|
"Le tableau suivant donne une vue d'ensemble des attaques connues et indique "
|
2018-03-20 23:16:43 +00:00
|
|
|
|
"si les différents modules y sont vulnérables."
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:64
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid "kind"
|
2017-09-21 11:22:04 +00:00
|
|
|
|
msgstr "type"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:64
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid "sax"
|
2024-03-23 13:25:51 +00:00
|
|
|
|
msgstr "*sax*"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:64
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid "etree"
|
2024-03-23 13:25:51 +00:00
|
|
|
|
msgstr "*etree*"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:64
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid "minidom"
|
2024-03-23 13:25:51 +00:00
|
|
|
|
msgstr "*minidom*"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:64
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid "pulldom"
|
2024-03-23 13:25:51 +00:00
|
|
|
|
msgstr "*pulldom*"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:64
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid "xmlrpc"
|
2024-03-23 13:25:51 +00:00
|
|
|
|
msgstr "*xmlrpc*"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:66
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid "billion laughs"
|
2017-09-21 11:22:04 +00:00
|
|
|
|
msgstr "*billion laughs*"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2021-09-24 08:20:01 +00:00
|
|
|
|
#: library/xml.rst:67
|
|
|
|
|
|
msgid "**Vulnerable** (1)"
|
2024-03-23 13:25:51 +00:00
|
|
|
|
msgstr "**Vulnérable** (1)"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:67
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid "quadratic blowup"
|
2017-09-21 11:22:04 +00:00
|
|
|
|
msgstr "*quadratic blowup*"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2021-09-24 08:20:01 +00:00
|
|
|
|
#: library/xml.rst:103
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid "external entity expansion"
|
2017-09-21 11:22:04 +00:00
|
|
|
|
msgstr "*external entity expansion*"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-10-02 08:55:01 +00:00
|
|
|
|
#: library/xml.rst:69
|
2021-09-24 08:20:01 +00:00
|
|
|
|
msgid "Safe (5)"
|
2024-03-23 13:25:51 +00:00
|
|
|
|
msgstr "Sûr (5)"
|
2018-10-13 15:54:03 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:68
|
2021-09-24 08:20:01 +00:00
|
|
|
|
msgid "Safe (2)"
|
2024-03-23 13:25:51 +00:00
|
|
|
|
msgstr "Sûr (2)"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:68
|
2021-09-24 08:20:01 +00:00
|
|
|
|
msgid "Safe (3)"
|
2024-03-23 13:25:51 +00:00
|
|
|
|
msgstr "Sûr (3)"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:68
|
2021-09-24 08:20:01 +00:00
|
|
|
|
msgid "Safe (4)"
|
|
|
|
|
|
msgstr "Sûr (4)"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2021-09-24 08:20:01 +00:00
|
|
|
|
#: library/xml.rst:108
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid "`DTD`_ retrieval"
|
2018-03-20 23:16:43 +00:00
|
|
|
|
msgstr "Récupération de `DTD`_"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2020-10-02 08:55:01 +00:00
|
|
|
|
#: library/xml.rst:70
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid "Safe"
|
2017-09-21 11:22:04 +00:00
|
|
|
|
msgstr "Sûr"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2021-09-24 08:20:01 +00:00
|
|
|
|
#: library/xml.rst:115
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid "decompression bomb"
|
2017-09-21 11:22:04 +00:00
|
|
|
|
msgstr "*decompression bomb*"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2021-09-24 08:20:01 +00:00
|
|
|
|
#: library/xml.rst:70
|
|
|
|
|
|
msgid "**Vulnerable**"
|
|
|
|
|
|
msgstr "**Vulnérable**"
|
|
|
|
|
|
|
2020-07-20 08:45:25 +00:00
|
|
|
|
#: library/xml.rst:73
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid ""
|
2021-09-24 08:20:01 +00:00
|
|
|
|
"Expat 2.4.1 and newer is not vulnerable to the \"billion laughs\" and "
|
|
|
|
|
|
"\"quadratic blowup\" vulnerabilities. Items still listed as vulnerable due "
|
2023-07-23 12:39:39 +00:00
|
|
|
|
"to potential reliance on system-provided libraries. Check :const:`pyexpat."
|
2021-09-24 08:20:01 +00:00
|
|
|
|
"EXPAT_VERSION`."
|
|
|
|
|
|
msgstr ""
|
2024-03-23 13:25:51 +00:00
|
|
|
|
"*Expat* 2.4.1 et les versions ultérieures ne sont pas vulnérables aux "
|
|
|
|
|
|
"vulnérabilités *billlion laughs* et *quadratic blowup*. Les éléments sont "
|
|
|
|
|
|
"toujours répertoriés comme vulnérables en raison de leur dépendance "
|
|
|
|
|
|
"potentielle à l'égard des bibliothèques fournies par le système. Vérifiez :"
|
|
|
|
|
|
"const:`pyexpat.EXPAT_VERSION`."
|
2021-09-24 08:20:01 +00:00
|
|
|
|
|
|
|
|
|
|
#: library/xml.rst:77
|
|
|
|
|
|
msgid ""
|
2016-10-30 09:46:26 +00:00
|
|
|
|
":mod:`xml.etree.ElementTree` doesn't expand external entities and raises a :"
|
|
|
|
|
|
"exc:`ParserError` when an entity occurs."
|
2017-09-21 12:41:50 +00:00
|
|
|
|
msgstr ""
|
|
|
|
|
|
":mod:`xml.etree.ElementTree` n'étend pas les entités externes et lève une "
|
|
|
|
|
|
"exception :exc:`ParserError` quand une telle entité est rencontrée."
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2021-09-24 08:20:01 +00:00
|
|
|
|
#: library/xml.rst:79
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid ""
|
|
|
|
|
|
":mod:`xml.dom.minidom` doesn't expand external entities and simply returns "
|
|
|
|
|
|
"the unexpanded entity verbatim."
|
2017-09-21 12:41:50 +00:00
|
|
|
|
msgstr ""
|
2024-03-23 13:25:51 +00:00
|
|
|
|
":mod:`xml.dom.minidom` n'étend pas les entités externes et renvoie "
|
|
|
|
|
|
"simplement l'entité mot pour mot (non étendue)."
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2021-09-24 08:20:01 +00:00
|
|
|
|
#: library/xml.rst:81
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid ":mod:`xmlrpclib` doesn't expand external entities and omits them."
|
2017-09-21 12:41:50 +00:00
|
|
|
|
msgstr ":mod:`xmlrpclib` n'étend pas les entités externes et les omet."
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2021-09-24 08:20:01 +00:00
|
|
|
|
#: library/xml.rst:82
|
2018-10-13 15:54:03 +00:00
|
|
|
|
msgid ""
|
2019-01-02 13:22:41 +00:00
|
|
|
|
"Since Python 3.7.1, external general entities are no longer processed by "
|
|
|
|
|
|
"default."
|
2018-10-13 15:54:03 +00:00
|
|
|
|
msgstr ""
|
2024-03-23 13:25:51 +00:00
|
|
|
|
"Depuis Python 3.7.1, par défaut les entités générales externes ne sont plus "
|
|
|
|
|
|
"traitées."
|
2018-10-13 15:54:03 +00:00
|
|
|
|
|
2021-09-24 08:20:01 +00:00
|
|
|
|
#: library/xml.rst:91
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid "billion laughs / exponential entity expansion"
|
2017-09-21 11:22:04 +00:00
|
|
|
|
msgstr "*billion laughs* / *exponential entity expansion*"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2021-09-24 08:20:01 +00:00
|
|
|
|
#: library/xml.rst:87
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid ""
|
|
|
|
|
|
"The `Billion Laughs`_ attack -- also known as exponential entity expansion "
|
|
|
|
|
|
"-- uses multiple levels of nested entities. Each entity refers to another "
|
|
|
|
|
|
"entity several times, and the final entity definition contains a small "
|
|
|
|
|
|
"string. The exponential expansion results in several gigabytes of text and "
|
|
|
|
|
|
"consumes lots of memory and CPU time."
|
2017-09-21 12:41:50 +00:00
|
|
|
|
msgstr ""
|
2024-03-23 13:25:51 +00:00
|
|
|
|
"L'attaque `Billion Laughs`_ – aussi connue comme *exponential entity "
|
|
|
|
|
|
"expansion* – utilise de multiples niveaux d'entités imbriquées. Chaque "
|
2017-09-21 12:41:50 +00:00
|
|
|
|
"entité se réfère à une autre entité de multiple fois. L'entité finale "
|
2024-03-23 13:25:51 +00:00
|
|
|
|
"contient une chaîne courte. Le résultat de l'expansion exponentielle génère "
|
|
|
|
|
|
"plusieurs gigaoctets de texte et consomme beaucoup de mémoire et de temps "
|
2017-09-21 12:41:50 +00:00
|
|
|
|
"processeur."
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2021-09-24 08:20:01 +00:00
|
|
|
|
#: library/xml.rst:98
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid "quadratic blowup entity expansion"
|
2017-09-21 11:22:04 +00:00
|
|
|
|
msgstr "*quadratic blowup entity expansion*"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2021-09-24 08:20:01 +00:00
|
|
|
|
#: library/xml.rst:94
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid ""
|
|
|
|
|
|
"A quadratic blowup attack is similar to a `Billion Laughs`_ attack; it "
|
|
|
|
|
|
"abuses entity expansion, too. Instead of nested entities it repeats one "
|
|
|
|
|
|
"large entity with a couple of thousand chars over and over again. The attack "
|
|
|
|
|
|
"isn't as efficient as the exponential case but it avoids triggering parser "
|
2023-01-15 21:42:07 +00:00
|
|
|
|
"countermeasures that forbid deeply nested entities."
|
2017-09-21 12:41:50 +00:00
|
|
|
|
msgstr ""
|
|
|
|
|
|
"Une attaque *quadratic blowup* est similaire à l'attaque `Billion Laughs`_ ; "
|
|
|
|
|
|
"il s'agit également d'un abus d'extension d'entités. Au lieu d'utiliser des "
|
|
|
|
|
|
"entités imbriquées, cette attaque répète encore et encore une seule entité "
|
|
|
|
|
|
"de plusieurs milliers de caractères. Cette attaque n'est pas aussi efficace "
|
2020-03-21 10:39:49 +00:00
|
|
|
|
"que la version exponentielle mais contourne les contre-mesures de "
|
|
|
|
|
|
"l'analyseur qui interdit les entités imbriquées de multiples fois."
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2021-09-24 08:20:01 +00:00
|
|
|
|
#: library/xml.rst:101
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid ""
|
|
|
|
|
|
"Entity declarations can contain more than just text for replacement. They "
|
|
|
|
|
|
"can also point to external resources or local files. The XML parser accesses "
|
|
|
|
|
|
"the resource and embeds the content into the XML document."
|
2017-09-21 12:41:50 +00:00
|
|
|
|
msgstr ""
|
|
|
|
|
|
"Les déclarations d'entités peuvent contenir plus que du texte de "
|
|
|
|
|
|
"substitution. Elles peuvent également référencer des ressources externes ou "
|
2018-09-29 17:45:33 +00:00
|
|
|
|
"des fichiers locaux. L'analyseur XML accède à ces fichiers et inclut les "
|
2017-09-21 12:41:50 +00:00
|
|
|
|
"contenus dans le document XML."
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2021-09-24 08:20:01 +00:00
|
|
|
|
#: library/xml.rst:106
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid ""
|
|
|
|
|
|
"Some XML libraries like Python's :mod:`xml.dom.pulldom` retrieve document "
|
|
|
|
|
|
"type definitions from remote or local locations. The feature has similar "
|
|
|
|
|
|
"implications as the external entity expansion issue."
|
2017-09-21 12:41:50 +00:00
|
|
|
|
msgstr ""
|
|
|
|
|
|
"Certaines bibliothèques XML comme :mod:`xml.dom.pulldom` de Python récupère "
|
2024-03-23 13:25:51 +00:00
|
|
|
|
"les documents de définitions de types (*DTD*) depuis des emplacements "
|
|
|
|
|
|
"distants ou locaux. La fonctionnalité a des implications similaires au "
|
|
|
|
|
|
"problème d'extension d'entités externes."
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2021-09-24 08:20:01 +00:00
|
|
|
|
#: library/xml.rst:111
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid ""
|
|
|
|
|
|
"Decompression bombs (aka `ZIP bomb`_) apply to all XML libraries that can "
|
|
|
|
|
|
"parse compressed XML streams such as gzipped HTTP streams or LZMA-compressed "
|
|
|
|
|
|
"files. For an attacker it can reduce the amount of transmitted data by three "
|
|
|
|
|
|
"magnitudes or more."
|
2017-09-21 12:41:50 +00:00
|
|
|
|
msgstr ""
|
|
|
|
|
|
"Des bombes de décompression (ou `ZIP bomb`_) sont valables pour toutes les "
|
2018-09-29 17:45:33 +00:00
|
|
|
|
"bibliothèques XML qui peuvent analyser des flux XML compressés comme des "
|
|
|
|
|
|
"flux HTTP *gzip* ou des fichiers compressés *LZMA*. Pour L'attaquant, cela "
|
|
|
|
|
|
"permet de réduire d'une magnitude d'ordre 3 ou plus la quantité de données "
|
2017-09-21 12:41:50 +00:00
|
|
|
|
"transmises."
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2021-09-24 08:20:01 +00:00
|
|
|
|
#: library/xml.rst:117
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid ""
|
|
|
|
|
|
"The documentation for `defusedxml`_ on PyPI has further information about "
|
|
|
|
|
|
"all known attack vectors with examples and references."
|
2017-09-21 12:41:50 +00:00
|
|
|
|
msgstr ""
|
2024-03-23 13:25:51 +00:00
|
|
|
|
"La documentation de `defusedxml`_ sur *PyPI* contient plus d'informations "
|
|
|
|
|
|
"sur tous les vecteurs d'attaques connus ainsi que des exemples et des "
|
|
|
|
|
|
"références."
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2021-09-24 08:20:01 +00:00
|
|
|
|
#: library/xml.rst:123
|
2020-10-02 08:55:01 +00:00
|
|
|
|
msgid "The :mod:`defusedxml` Package"
|
2021-04-28 09:50:08 +00:00
|
|
|
|
msgstr "Le paquet :mod:`defusedxml`"
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2021-09-24 08:20:01 +00:00
|
|
|
|
#: library/xml.rst:125
|
2016-10-30 09:46:26 +00:00
|
|
|
|
msgid ""
|
|
|
|
|
|
"`defusedxml`_ is a pure Python package with modified subclasses of all "
|
|
|
|
|
|
"stdlib XML parsers that prevent any potentially malicious operation. Use of "
|
|
|
|
|
|
"this package is recommended for any server code that parses untrusted XML "
|
|
|
|
|
|
"data. The package also ships with example exploits and extended "
|
|
|
|
|
|
"documentation on more XML exploits such as XPath injection."
|
2017-09-21 12:41:50 +00:00
|
|
|
|
msgstr ""
|
|
|
|
|
|
"`defusedxml`_ est un paquet écrit exclusivement en Python avec des sous-"
|
2024-03-23 13:25:51 +00:00
|
|
|
|
"classes modifiées de tous les analyseurs de la bibliothèque standard XML qui "
|
|
|
|
|
|
"empêchent toutes les opérations potentiellement malicieuses. L'utilisation "
|
|
|
|
|
|
"de ce paquet est recommandée pour tout serveur qui analyse des données XML "
|
|
|
|
|
|
"non fiables. Le paquet inclut également des exemples d'attaques et une "
|
|
|
|
|
|
"documentation plus fournie sur davantage d'attaques XML comme *XPath "
|
|
|
|
|
|
"injection*."
|
2016-10-30 09:46:26 +00:00
|
|
|
|
|
2021-09-24 08:20:01 +00:00
|
|
|
|
#~ msgid "Safe (1)"
|
|
|
|
|
|
#~ msgstr "Sûr (1)"
|
|
|
|
|
|
|
|
|
|
|
|
#~ msgid "Safe (2)"
|
|
|
|
|
|
#~ msgstr "Sûr (2)"
|
|
|
|
|
|
|
|
|
|
|
|
#~ msgid "Safe (3)"
|
|
|
|
|
|
#~ msgstr "Sûr (3)"
|
|
|
|
|
|
|
2020-10-02 08:55:01 +00:00
|
|
|
|
#~ msgid ""
|
|
|
|
|
|
#~ "`defusedexpat`_ provides a modified libexpat and a patched :mod:`pyexpat` "
|
|
|
|
|
|
#~ "module that have countermeasures against entity expansion DoS attacks. "
|
|
|
|
|
|
#~ "The :mod:`defusedexpat` module still allows a sane and configurable "
|
|
|
|
|
|
#~ "amount of entity expansions. The modifications may be included in some "
|
|
|
|
|
|
#~ "future release of Python, but will not be included in any bugfix releases "
|
|
|
|
|
|
#~ "of Python because they break backward compatibility."
|
|
|
|
|
|
#~ msgstr ""
|
|
|
|
|
|
#~ "`defusedexpat`_ fournit une version modifiée de *libexpat* et le module :"
|
|
|
|
|
|
#~ "mod:`pyexpat` modifiée embarquant des contre-mesures contre les attaques "
|
|
|
|
|
|
#~ "*DoS* par *entity expansion*. Le module :mod:`defusedexpat` autorise un "
|
|
|
|
|
|
#~ "nombre configurable et raisonnable d'extension d'entités. Ces "
|
|
|
|
|
|
#~ "modifications pourraient être incluses dans des futures version de Python "
|
|
|
|
|
|
#~ "mais ne seront incluses dans aucune version corrective de Python pour "
|
|
|
|
|
|
#~ "éviter de casser la compatibilité rétrograde."
|
