--- a/src/eric7/i18n/eric7_es.ts Tue Jan 16 14:35:46 2024 +0100
+++ b/src/eric7/i18n/eric7_es.ts Tue Jan 16 18:24:06 2024 +0100
@@ -71953,270 +71953,273 @@
</message>
<message>
<location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="109" />
- <source>Use of HTTPSConnection on older versions of Python prior to 2.7.9 and 3.4.3 do not provide security, see https://wiki.openstack.org/wiki/OSSN/OSSN-0033</source>
- <translation>El uso de HTTPSConnection en versionesde Python más antiguas que 2.7.9 y 3.4.3 no proporciona seguridad, ver https://wiki.openstack.org/wiki/OSSN/OSSN-0033</translation>
- </message>
- <message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="115" />
<source>Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.</source>
<translation>Auditar url abierta a esquemas permitidos. PErmitir el uso de file:// o esquemas personalizados es a menudo inesperado.</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="120" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="114" />
<source>Standard pseudo-random generators are not suitable for security/cryptographic purposes.</source>
<translation>Los generadores pseudo-random estándar no son adecuados para propósitos de seguridad/criptografía.</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="125" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="119" />
<source>Telnet-related functions are being called. Telnet is considered insecure. Use SSH or some other encrypted protocol.</source>
<translation>Invocación de funciones relacionadas con Telner. Telnet se considera como inseguro. Utilizar SSH o algún otro protocolo encriptado.</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="166" />
<location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="160" />
<location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="154" />
<location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="148" />
<location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="142" />
<location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="136" />
<location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="130" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="124" />
<source>Using '{0}' to parse untrusted XML data is known to be vulnerable to XML attacks. Replace '{0}' with its defusedxml equivalent function or make sure defusedxml.defuse_stdlib() is called.</source>
<translation>El uso de '{0}' para interpretar datos XML no fiables es conocido como vector de ataques XML. Reemplazar '{0}' con su función equivalente defusedxml o asegurar que se está invocando defusedxml.defuse_stdlib().</translation>
</message>
<message>
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="166" />
+ <source>Using '{0}' to parse untrusted XML data is known to be vulnerable to XML attacks. Replace '{0}' with its defusedxml equivalent function.</source>
+ <translation>El uso de '{0}' para interpretar datos XML no fiables es conocido como vector de ataques XML. Reemplazar '{0}' con su función equivalente defusedxml.</translation>
+ </message>
+ <message>
<location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="172" />
- <source>Using '{0}' to parse untrusted XML data is known to be vulnerable to XML attacks. Replace '{0}' with its defusedxml equivalent function.</source>
- <translation>El uso de '{0}' para interpretar datos XML no fiables es conocido como vector de ataques XML. Reemplazar '{0}' con su función equivalente defusedxml.</translation>
- </message>
- <message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="178" />
<source>FTP-related functions are being called. FTP is considered insecure. Use SSH/SFTP/SCP or some other encrypted protocol.</source>
<translation>Invocación de funciones relacionadas con FTP. FTP se considera inseguro. Utilizar SSH/SFTP/SCP u otro protocolo encriptado.</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="183" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="177" />
<source>The input method in Python 2 will read from standard input, evaluate and run the resulting string as Python source code. This is similar, though in many ways worse, than using eval. On Python 2, use raw_input instead, input is safe in Python 3.</source>
<translation>El método input en Python 2 lee desde el input estándar, evaluando y ejecutando la cadena resultante como código fuente Python. Esto es similar, aunque peor, al uso de eval. Con Python 2, utilizar raw_input en su logar, input es seguro con Python 3.</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="190" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="184" />
<source>By default, Python will create a secure, verified SSL context for use in such classes as HTTPSConnection. However, it still allows using an insecure context via the _create_unverified_context that reverts to the previous behavior that does not validate certificates or perform hostname checks.</source>
<translation>Por defecto Python creará un contexto SSL seguro y verificado para utilizar en clases como HTTPSConnection. Sin embargo, aún así permite el uso de contextos inseguros a través de _create_unverified_context que revierte al comportamient anterior sin validación de certificados o comprobación de hostname.</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="198" />
- <source>Use of os.tempnam() and os.tmpnam() is vulnerable to symlink attacks. Consider using tmpfile() instead.</source>
- <translation>Uso de os.tempnam() y os.tmpnam() es vulnerable a ataques symlink. Considerar el uso de tmpfile() en su lugar.</translation>
- </message>
- <message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="204" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="193" />
<source>Use of insecure {0} hash function.</source>
<translation>Uso de función de hash {0} insegura.</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="207" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="196" />
<source>Use of insecure {0} hash for security. Consider 'usedforsecurity=False'.</source>
<translation>Uso de hash inseguro {0} para seguridad for security. Considerar 'usedforsecurity=False'.</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="212" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="201" />
<source>A telnet-related module is being imported. Telnet is considered insecure. Use SSH or some other encrypted protocol.</source>
<translation>Se está importando un módulo relacionado con telnet. Telnet se considera inseguro. Utilizar SSH u otro protocolo encriptado.</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="217" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="206" />
<source>A FTP-related module is being imported. FTP is considered insecure. Use SSH/SFTP/SCP or some other encrypted protocol.</source>
<translation>Se está importando un módulo relacionado con FTP. FTP se considera inseguro. Usar SSH/SFTP/SCP u otro protocolo encriptado.</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="226" />
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="222" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="215" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="211" />
<source>Consider possible security implications associated with the '{0}' module.</source>
<translation>Considerar las posibles implicaciones de seguridad asociadas con el módulo '{0}'.</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="254" />
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="248" />
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="242" />
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="236" />
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="230" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="243" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="237" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="231" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="225" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="219" />
<source>Using '{0}' to parse untrusted XML data is known to be vulnerable to XML attacks. Replace '{0}' with the equivalent defusedxml package, or make sure defusedxml.defuse_stdlib() is called.</source>
<translation>El uso de '{0}' para interpretar datos XML no fiables es conocido como vector de ataques XML. Reemplazar '{0}' con su package equivalente defusedxml o asegurar que se está invocando defusedxml.defuse_stdlib().</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="260" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="249" />
<source>Using '{0}' to parse untrusted XML data is known to be vulnerable to XML attacks. Replace '{0}' with the equivalent defusedxml package.</source>
<translation>El uso de '{0}' para interpretar datos XML no fiables es conocido como vector de ataques XML. Reemplazar '{0}' con package equivalente defusedxml.</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="266" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="255" />
<source>Using '{0}' to parse untrusted XML data is known to be vulnerable to XML attacks. Use defused.xmlrpc.monkey_patch() function to monkey-patch xmlrpclib and mitigate XML vulnerabilities.</source>
<translation>El uso de '{0}' para interpretar datos XML no fiables es conocido como vector de ataques XML. Utilizar la función defused.xmlrpc.monkey_patch() para hacer 'monkey patch' con xmlrpclib y mitigar las vulnerabilidades XML.</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="272" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="261" />
<source>Consider possible security implications associated with '{0}' module.</source>
<translation>Considerar las posibles implicaciones de seguridad asociadas con el módulo '{0}'.</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="276" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="265" />
<source>The pyCrypto library and its module '{0}' are no longer actively maintained and have been deprecated. Consider using pyca/cryptography library.</source>
<translation>La biblioteca pyCrypto y su módulo '{0}' ya no tienen mantenimiento y se han deprecado. Considerar el uso de la biblioteca pyca/cryptography.</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="282" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="271" />
<source>An IPMI-related module is being imported. IPMI is considered insecure. Use an encrypted protocol.</source>
<translation>Se va a importar un módulo relacionado con IPMI. Se considera IPMI inseguro. Usar un protocolo encriptado.</translation>
</message>
<message>
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="277" />
+ <source>'requests' call with verify=False disabling SSL certificate checks, security issue.</source>
+ <translation>Llamada 'requests' con verify=False deshabilitando comprobaciones de certificado SSL, problema de seguridad.</translation>
+ </message>
+ <message>
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="283" />
+ <source>'ssl.wrap_socket' call with insecure SSL/TLS protocol version identified, security issue.</source>
+ <translation>Llamada 'ssl.wrap_socket' con versión de protocolo SSL/TLS insegura identificada, problema de seguridad.</translation>
+ </message>
+ <message>
<location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="288" />
- <source>'requests' call with verify=False disabling SSL certificate checks, security issue.</source>
- <translation>Llamada 'requests' con verify=False deshabilitando comprobaciones de certificado SSL, problema de seguridad.</translation>
- </message>
- <message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="294" />
- <source>'ssl.wrap_socket' call with insecure SSL/TLS protocol version identified, security issue.</source>
- <translation>Llamada 'ssl.wrap_socket' con versión de protocolo SSL/TLS insegura identificada, problema de seguridad.</translation>
- </message>
- <message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="299" />
<source>'SSL.Context' call with insecure SSL/TLS protocol version identified, security issue.</source>
<translation>Llamada 'SSL.Context' con versión de protocolo SSL/TLS insegura identificada, problema de seguridad.</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="304" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="293" />
<source>Function call with insecure SSL/TLS protocol version identified, security issue.</source>
<translation>Llamada a Function con versión de protocolo SSL/TLS insegura identificada, problema de seguridad.</translation>
</message>
<message>
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="298" />
+ <source>Function definition identified with insecure SSL/TLS protocol version by default, possible security issue.</source>
+ <translation>Definición de función con versión de protocolo SSL/TLS insegura identificada, posible problema de seguridad.</translation>
+ </message>
+ <message>
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="303" />
+ <source>'ssl.wrap_socket' call with no SSL/TLS protocol version specified, the default 'SSLv23' could be insecure, possible security issue.</source>
+ <translation>Llamada 'ssl.wrap_socket' sin versión de protocolo SSL/TLS especificada, el valor por defecto 'SSLv23' puede ser inseguro, posible problema de seguridad.</translation>
+ </message>
+ <message>
<location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="309" />
- <source>Function definition identified with insecure SSL/TLS protocol version by default, possible security issue.</source>
- <translation>Definición de función con versión de protocolo SSL/TLS insegura identificada, posible problema de seguridad.</translation>
- </message>
- <message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="314" />
- <source>'ssl.wrap_socket' call with no SSL/TLS protocol version specified, the default 'SSLv23' could be insecure, possible security issue.</source>
- <translation>Llamada 'ssl.wrap_socket' sin versión de protocolo SSL/TLS especificada, el valor por defecto 'SSLv23' puede ser inseguro, posible problema de seguridad.</translation>
- </message>
- <message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="320" />
<source>{0} key sizes below {1:d} bits are considered breakable.</source>
<translation>Tamaños {0} de clave por debajo de {1:d} bits se consideran frágiles.</translation>
</message>
<message>
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="313" />
+ <source>Use of unsafe 'yaml.load()'. Allows instantiation of arbitrary objects. Consider 'yaml.safe_load()'.</source>
+ <translation>Uso de 'yaml.load()' no seguro. Permite la instanciación de objetos arbitrarios. Considerar 'yaml.safe_load()'.</translation>
+ </message>
+ <message>
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="319" />
+ <source>Paramiko call with policy set to automatically trust the unknown host key.</source>
+ <translation>Llamada Paramiko con política de asignar automáticamente relación de confianza a una clave de host desconocido.</translation>
+ </message>
+ <message>
<location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="324" />
- <source>Use of unsafe 'yaml.load()'. Allows instantiation of arbitrary objects. Consider 'yaml.safe_load()'.</source>
- <translation>Uso de 'yaml.load()' no seguro. Permite la instanciación de objetos arbitrarios. Considerar 'yaml.safe_load()'.</translation>
- </message>
- <message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="330" />
- <source>Paramiko call with policy set to automatically trust the unknown host key.</source>
- <translation>Llamada Paramiko con política de asignar automáticamente relación de confianza a una clave de host desconocido.</translation>
- </message>
- <message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="335" />
<source>The use of SNMPv1 and SNMPv2 is insecure. You should use SNMPv3 if possible.</source>
<translation>El uso de SNMPv1 y SNMPv2 es inseguro. Deberia utilizarse SNMPv3 si es posible.</translation>
</message>
<message>
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="328" />
+ <source>You should not use SNMPv3 without encryption. noAuthNoPriv & authNoPriv is insecure.</source>
+ <translation>No se deberia usar SNMPv3 sin encripción. noAuthNoPriv & authNoPriv es inseguro.</translation>
+ </message>
+ <message>
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="334" />
+ <source>Possible shell injection via 'Paramiko' call, check inputs are properly sanitized.</source>
+ <translation>Posible inyección de shell vía llamada 'Paramiko', comprobar que las entradas se han sanitizado adecuadamente.</translation>
+ </message>
+ <message>
<location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="339" />
- <source>You should not use SNMPv3 without encryption. noAuthNoPriv & authNoPriv is insecure.</source>
- <translation>No se deberia usar SNMPv3 sin encripción. noAuthNoPriv & authNoPriv es inseguro.</translation>
- </message>
- <message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="345" />
- <source>Possible shell injection via 'Paramiko' call, check inputs are properly sanitized.</source>
- <translation>Posible inyección de shell vía llamada 'Paramiko', comprobar que las entradas se han sanitizado adecuadamente.</translation>
+ <source>'subprocess' call with shell=True seems safe, but may be changed in the future, consider rewriting without shell</source>
+ <translation>La llamada 'subprocess' con shell=True parece segura, pero puede cambiar en el futuro, considerar reimplementación sin shell</translation>
+ </message>
+ <message>
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="344" />
+ <source>'subprocess' call with shell=True identified, security issue.</source>
+ <translation>Llamada 'subprocess' sin shell=True identificada, problema de seguridad.</translation>
+ </message>
+ <message>
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="347" />
+ <source>'subprocess' call - check for execution of untrusted input.</source>
+ <translation>Llamada 'subprocess' - comprobar la ejecución de inputs de no confianza.</translation>
</message>
<message>
<location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="350" />
- <source>'subprocess' call with shell=True seems safe, but may be changed in the future, consider rewriting without shell</source>
- <translation>La llamada 'subprocess' con shell=True parece segura, pero puede cambiar en el futuro, considerar reimplementación sin shell</translation>
+ <source>Function call with shell=True parameter identified, possible security issue.</source>
+ <translation>Llamada a función con parámetro shell=True identificada, posible problema de seguridad.</translation>
</message>
<message>
<location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="355" />
- <source>'subprocess' call with shell=True identified, security issue.</source>
- <translation>Llamada 'subprocess' sin shell=True identificada, problema de seguridad.</translation>
- </message>
- <message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="358" />
- <source>'subprocess' call - check for execution of untrusted input.</source>
- <translation>Llamada 'subprocess' - comprobar la ejecución de inputs de no confianza.</translation>
- </message>
- <message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="361" />
- <source>Function call with shell=True parameter identified, possible security issue.</source>
- <translation>Llamada a función con parámetro shell=True identificada, posible problema de seguridad.</translation>
- </message>
- <message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="366" />
<source>Starting a process with a shell: Seems safe, but may be changed in the future, consider rewriting without shell</source>
<translation>Inicio de un proceso con una shell: Aparentemente seguro, pero esto puede cambiar en el futuro, considerar reimplementación sin shell</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="371" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="360" />
<source>Starting a process with a shell, possible injection detected, security issue.</source>
<translation>Iniciar un proceso con una shell, posible inyeción detectada, problema de seguridad.</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="376" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="365" />
<source>Starting a process without a shell.</source>
<translation>Iniciar un proceso sin una shell.</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="379" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="368" />
<source>Starting a process with a partial executable path.</source>
<translation>Iniciar un proceso con una ruta parcialmente ejecutable.</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="383" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="372" />
<source>Possible SQL injection vector through string-based query construction.</source>
<translation>Posible vector de inyección de SQL a través de construcción de query basada en cadenas.</translation>
</message>
<message>
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="377" />
+ <source>Possible wildcard injection in call: {0}</source>
+ <translation>Posible inyección de wildcard en llamada: {0}</translation>
+ </message>
+ <message>
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="381" />
+ <source>Use of 'extra()' opens a potential SQL attack vector.</source>
+ <translation>Uso de'extra()' abre un vector potencial de ataque SQL.</translation>
+ </message>
+ <message>
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="384" />
+ <source>Use of 'RawSQL()' opens a potential SQL attack vector.</source>
+ <translation>El uso de 'RawSQL()' abre un vector potencial de ataque SQL.</translation>
+ </message>
+ <message>
<location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="388" />
- <source>Possible wildcard injection in call: {0}</source>
- <translation>Posible inyección de wildcard en llamada: {0}</translation>
- </message>
- <message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="392" />
- <source>Use of 'extra()' opens a potential SQL attack vector.</source>
- <translation>Uso de'extra()' abre un vector potencial de ataque SQL.</translation>
- </message>
- <message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="395" />
- <source>Use of 'RawSQL()' opens a potential SQL attack vector.</source>
- <translation>El uso de 'RawSQL()' abre un vector potencial de ataque SQL.</translation>
+ <source>Use of insecure logging.config.listen() detected.</source>
+ <translation type="unfinished" />
+ </message>
+ <message>
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="393" />
+ <source>Using jinja2 templates with 'autoescape=False' is dangerous and can lead to XSS. Use 'autoescape=True' or use the 'select_autoescape' function to mitigate XSS vulnerabilities.</source>
+ <translation>El uso de plantillas jinja2 con 'autoescape=False' es peligroso y puede conducir a XSS. Usar 'autoescape=True' o usar la función 'select_autoescape' para mitigar vulnerabilidades XSS.</translation>
</message>
<message>
<location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="399" />
- <source>Using jinja2 templates with 'autoescape=False' is dangerous and can lead to XSS. Use 'autoescape=True' or use the 'select_autoescape' function to mitigate XSS vulnerabilities.</source>
- <translation>El uso de plantillas jinja2 con 'autoescape=False' es peligroso y puede conducir a XSS. Usar 'autoescape=True' o usar la función 'select_autoescape' para mitigar vulnerabilidades XSS.</translation>
- </message>
- <message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="405" />
<source>By default, jinja2 sets 'autoescape' to False. Consider using 'autoescape=True' or use the 'select_autoescape' function to mitigate XSS vulnerabilities.</source>
<translation>Por defecto, jinja2 establece 'autoescape' a False. Considerar el uso de 'autoescape=True' o de la función 'select_autoescape' para mitigar vulnerabilidades XSS.</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="412" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="406" />
<source>Mako templates allow HTML/JS rendering by default and are inherently open to XSS attacks. Ensure variables in all templates are properly sanitized via the 'n', 'h' or 'x' flags (depending on context). For example, to HTML escape the variable 'data' do ${{ data |h }}.</source>
<translation>Las plantillas Mako permiten dibujado de HTML/JS por defecto y son inherentemente abiertas a ataques XSS. Asegurar que las variables en todas las plantillas se sanitizan apropiadamente con la flags 'n', 'h' o 'x' (dependiendo del contexto). Por ejemplo, para hacer un HTML escape de la avariable 'data', hacer ${{ data |h }}.</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="420" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="414" />
<source>Potential XSS on 'mark_safe()' function.</source>
<translation>Potencial XSS en la función 'mark_safe()'.</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="424" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="418" />
<source>Possible hardcoded AWS access key ID: {0}</source>
<translation>Posible clave de acceso a AWS con código duro: {0}</translation>
</message>
<message>
- <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="427" />
+ <location filename="../Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py" line="421" />
<source>Possible hardcoded AWS secret access key: {0}</source>
<translation>Posible clave secreta de acceso a AWS con código duro: {0}</translation>
</message>
+ <message>
+ <source>Use of HTTPSConnection on older versions of Python prior to 2.7.9 and 3.4.3 do not provide security, see https://wiki.openstack.org/wiki/OSSN/OSSN-0033</source>
+ <translation type="vanished">El uso de HTTPSConnection en versionesde Python más antiguas que 2.7.9 y 3.4.3 no proporciona seguridad, ver https://wiki.openstack.org/wiki/OSSN/OSSN-0033</translation>
+ </message>
+ <message>
+ <source>Use of os.tempnam() and os.tmpnam() is vulnerable to symlink attacks. Consider using tmpfile() instead.</source>
+ <translation type="vanished">Uso de os.tempnam() y os.tmpnam() es vulnerable a ataques symlink. Considerar el uso de tmpfile() en su lugar.</translation>
+ </message>
</context>
<context>
<name>SecurityPage</name>
