Re: Interested in volunteering with Apache

2016-08-01 Thread Patricia Shanahan 

Welcome.

The current writing project is constructing instruction files for
applying a patch. The process is fairly complicated, and needs to be
explained clearly for end users with limited technical skills. Perhaps
you could review the drafts and see if you can suggest any improvements?

Can you use subversion to check out files?

Thanks,

Patricia

On 8/1/2016 3:48 PM, Woody Arnold wrote:

To Whom It May Concern,

Hello. My goal is to get into the technical writing field. I have a BS degree in civil 
engineering that I completed at California State University, Long Beach and did some 
graduate coursework in environmental engineering from San Diego State University. I also 
studied and intern abroad in Austria and Germany respectively. I'm interested in 
volunteering because I want to gain some experience related to technical writing to build 
up my portfolio and felt compelled to introduce myself to you all. Attached is my resume 
and also just started a blog related to technical writing, life, innovations, and book 
reviews, but its a project in the making for now and will soon get its own domain name to 
replace the ".wordpress.com".

Here's the link to my personal blog:

https://theoutlawthinker.wordpress.com/

When you click on the "Portfolio" tab on my blog, it will link you to my 
LinkedIn account that some samples of my
writing. Hope to hear from you soon. Thank you very much.

Sincerely,

Woody Arnold, EIT
(619)817-1043
woodyarnol...@yahoo.com




-
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org

RE: Officially releasing a patch for CVE-2016-1513

2016-08-01 Thread Dennis E. Hamilton 


> -Original Message-
> From: Kay Schenk [mailto:kay.sch...@gmail.com]
> Sent: Monday, August 1, 2016 15:43
> To: dev@openoffice.apache.org
> Subject: Re: Officially releasing a patch for CVE-2016-1513
> 
> 
> On 07/31/2016 05:17 PM, Dennis E. Hamilton wrote:
> >
> >
> >> -Original Message-
> >> From: Kay sch...@apache.org [mailto:ksch...@apache.org]
> >> Sent: Sunday, July 31, 2016 14:42
> >> To: dev@openoffice.apache.org
> >> Subject: Re: Officially releasing a patch for CVE-2016-1513
> >>
> >> OK, I think I'm done with the LInux64 bit area as well.
> >>
> >> And see below 
> >>
> >>
> >> On 07/31/2016 01:10 PM, Marcus wrote:
> > [ ... ]
> >>> I'm preparing the hotfix webpage. For this I've some questions:
> >>>
> >>> 1. Do we want to provide zip files for every platform or just single
> >>> files for the library and other files?
> >>
> >> H... I assumed we would just be point people directly at
> >> /dist/release/openoffice/patches.
> >> (Right now, these are in /dist/dev/openoffice/patches.)
> >>
> >> It would be easiest to just setup the hotfix page with three links
> per
> >> distro.
> >>
> >> Linux32
> >> * link to Linux32.README
> >> * link to linux32 libtl.so
> >> * link to linux32 libtl.so.asc (sig)
> >>
> >> etc.
> >>
> >> If not, the READMEs I wrote will need to change.
> > [orcmid]
> >
> > I recommend there should be single-file (e.g., Zip) distributions,
> just like all other binaries.  That gives just one thing to download.
> The MD5, SHA512, and ASC signatures should be on the whole package and
> stay in the dev/ and release/ folders, just as they are on download
> pages.  (The ASC signatures on the individual library-file binaries
> should be inside the package.)  I suspect, on the dev/ side, we might
> need copies of the READMEs alongside the archives, and revised more
> regularly,
> 
> I was Ok up to this statement. Are you saying INCLUDE the readmes in the
> zip package but leave them outside of where they now are? If we want
> signed zip files, can't we just leave the files we have now in:
> 
> https://dist.apache.org/repos/dist/dev/openoffice/4.1.2-patch1/binaries/
> 
> but zip them up as well, inlcuding the READMEs?
> Or, are you saying at distribution time, remove the libraries and their
> sigs Btu leave the README files?
> We have these in their own labeled area -- 4.1.2-patch1 -- so I don't
> see a problem with just leaving everything there.
> 
[orcmid] 

I'll do what I mean by example when I upload the Windows case by tomorrow 
morning, at the latest.

Then it will be easier to talk about it.

 - Dennis

> > so they can be reviewed and revised easily as we get QA and trial use.
> When we move over to release/ we might want to do the same, even though
> the README is in the archive, so that people can read it without
> downloading the package.
> >
> > Finally, please use README.txt, etc., so that line-ending adjustments
> will happen properly when folks move these in and out of SVN and also
> out of archive files.  This will also help browsers when folks retrieve
> these directly from the repository.
> >
> > PS: If we are concerned about the README.txt outside of the archive
> being authenticated, it can have an embedded PGP signature.  (Then the
> final archive-internal one would be a copy of the signed README.txt --
> no biggie, nice chain of custody).
> >
> > [ ... ]
> >
> >
> > -
> > To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
> > For additional commands, e-mail: dev-h...@openoffice.apache.org
> >
> 
> --
> 
> MzK
> 
> "Time spent with cats is never wasted."
>-- Sigmund Freud
> 
> -
> To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
> For additional commands, e-mail: dev-h...@openoffice.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org

Re: Officially releasing a patch for CVE-2016-1513

2016-08-01 Thread Andrea Pescetti 

Patricia Shanahan wrote:

For the end user, this is incredibly, painfully more complicated than
downloading and installing a new version.


It is. We must make clear that this is a "convenience" update made 
available to power users, but at the same time state clearly that this 
(non-critical) vulnerability will be fixed in the next release. Now the 
patch is applied to all active branches, so whatever we release will 
surely contain the fix.


Regards,
  Andrea.

-
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org

Re: [Forum] Upgrade signature string

2016-08-01 Thread FR web forum 
Signature is checked in includes/ucp/ucp_register.php


- Mail original -
De: "Andrea Pescetti" 
À: dev@openoffice.apache.org
Envoyé: Samedi 30 Juillet 2016 10:56:02
Objet: Re: [Forum] Upgrade signature string

FR web forum wrote:
> Some specific scripts to modified. Easy to hack.
> If I can help, give me an SSH access.

I have access to the server but I have no idea where the signature 
string is checked. I can surely debug it and find it out, but if you are 
available I can send you in private a copy of the current codebase, then 
you tell me what file(s) should be changed and I'll change it/them 
accordingly.

Regards,
   Andrea.

-
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org