Author: ken
Date: 2010-11-17 18:06:14 -0700 (Wed, 17 Nov 2010)
New Revision: 8697
Modified:
trunk/BOOK/basicnet/mailnews/mailx.xml
trunk/BOOK/basicnet/mailnews/mutt.xml
trunk/BOOK/general.ent
trunk/BOOK/general/prog/ruby.xml
trunk/BOOK/introduction/welcome/changelog.xml
trunk/BOOK/postlfs/security/heimdal.xml
trunk/BOOK/postlfs/security/openssl.xml
trunk/BOOK/server/databases/postgresql.xml
Log:
Bring forward the openssl-1.0.0 upgrade because of the security fix in 1.0.0b
(also in 0.9.8p). This will break the versions of mutt, heimdal, postgresql
(probably) and ruby currently in the book if used (it's optional for all of
them) - added temporary explanatory para to each of those packages. For
openssl itself, bc is no longer required by the testsuite, without it there is
a brief whinge hidden in the output, but it still reports that all tests
succeedded.
Modified: trunk/BOOK/basicnet/mailnews/mailx.xml
===================================================================
--- trunk/BOOK/basicnet/mailnews/mailx.xml 2010-11-17 00:10:06 UTC (rev
8696)
+++ trunk/BOOK/basicnet/mailnews/mailx.xml 2010-11-18 01:06:14 UTC (rev
8697)
@@ -8,7 +8,7 @@
<!ENTITY mailx-download-ftp " ">
<!ENTITY mailx-md5sum "0c93759e34200eb56a0e7c464680a54a">
<!ENTITY mailx-size "265 KB">
- <!ENTITY mailx-buildsize "3.0 MB">
+ <!ENTITY mailx-buildsize "3.6 MB">
<!ENTITY mailx-time "less than 0.1 SBU">
]>
@@ -38,7 +38,7 @@
scoring, and filtering. <application>Heirloom mailx</application> is
especially useful for writing scripts and batch processing.</para>
- <para>&lfssvn_checked;20100803&lfssvn_checked2;</para>
+ &lfs67_checked;
<bridgehead renderas="sect3">Package Information</bridgehead>
<itemizedlist spacing='compact'>
@@ -61,6 +61,16 @@
</listitem>
</itemizedlist>
+ <bridgehead renderas="sect3">Additional Downloads</bridgehead>
+ <itemizedlist spacing='compact'>
+ <listitem>
+ <para>Required patch: <ulink
+
url="&patch-root;/mailx-&mailx-version;-openssl_1.0.0_build_fix-1.patch"/>
+ (if you intend to link this package against
+ <application>openssl</application>)</para>
+ </listitem>
+ </itemizedlist>
+
<bridgehead renderas="sect3">Heirloom mailx Dependencies</bridgehead>
<bridgehead renderas="sect4">Optional</bridgehead>
@@ -81,7 +91,8 @@
<para>Install <application>Heirloom mailx</application> by running the
following commands.</para>
-<screen><userinput>make SENDMAIL=/usr/sbin/sendmail</userinput></screen>
+<screen><userinput>patch -Np1 -i
../mailx-&mailx-version;-openssl_1_0_0_build_fix-1.patch &&
+make SENDMAIL=/usr/sbin/sendmail</userinput></screen>
<para>This package does not come with a test suite.</para>
Modified: trunk/BOOK/basicnet/mailnews/mutt.xml
===================================================================
--- trunk/BOOK/basicnet/mailnews/mutt.xml 2010-11-17 00:10:06 UTC (rev
8696)
+++ trunk/BOOK/basicnet/mailnews/mutt.xml 2010-11-18 01:06:14 UTC (rev
8697)
@@ -29,6 +29,10 @@
Agent. This is useful for reading, writing, replying to, saving, and
deleting your email.</para>
+ <!-- FIXME -->
+ <para>If you intend to link this application to <xref linkend="openssl"/>
+ you will need to use mutt-1.5.21.</para>
+
<bridgehead renderas="sect3">Package Information</bridgehead>
<itemizedlist spacing='compact'>
<listitem>
Modified: trunk/BOOK/general/prog/ruby.xml
===================================================================
--- trunk/BOOK/general/prog/ruby.xml 2010-11-17 00:10:06 UTC (rev 8696)
+++ trunk/BOOK/general/prog/ruby.xml 2010-11-18 01:06:14 UTC (rev 8697)
@@ -35,6 +35,10 @@
<application>Ruby</application> development environment. This
is useful for object-oriented scripting.</para>
+ <!-- FIXME -->
+ <para>If you intend to link this application to <xref linkend="openssl"/>
+ you will need to use ruby-1.9.2-p0 or newer.</para>
+
<bridgehead renderas="sect3">Package Information</bridgehead>
<itemizedlist spacing="compact">
<listitem>
Modified: trunk/BOOK/general.ent
===================================================================
--- trunk/BOOK/general.ent 2010-11-17 00:10:06 UTC (rev 8696)
+++ trunk/BOOK/general.ent 2010-11-18 01:06:14 UTC (rev 8697)
@@ -3,7 +3,7 @@
$Date$
-->
-<!ENTITY day "17"> <!-- Always 2 digits -->
+<!ENTITY day "18"> <!-- Always 2 digits -->
<!ENTITY month "11"> <!-- Always 2 digits -->
<!ENTITY year "2010">
<!ENTITY copyrightdate "2001-&year;">
@@ -90,9 +90,9 @@
<!-- Chapter 4 -->
-<!ENTITY openssl-version "0.9.8n">
+<!ENTITY openssl-version "1.0.0b">
<!-- The ca-bundle-version should be updated to match nss version -->
-<!ENTITY ca-bundle-version "3.12.5">
+<!ENTITY ca-bundle-version "3.12.8.0">
<!ENTITY gnutls-version "2.8.6">
<!ENTITY cracklib-version "2.8.18">
<!ENTITY linux-pam-version "1.1.3">
Modified: trunk/BOOK/introduction/welcome/changelog.xml
===================================================================
--- trunk/BOOK/introduction/welcome/changelog.xml 2010-11-17 00:10:06 UTC
(rev 8696)
+++ trunk/BOOK/introduction/welcome/changelog.xml 2010-11-18 01:06:14 UTC
(rev 8697)
@@ -42,6 +42,16 @@
-->
<listitem>
+ <para>November 18th, 2010</para>
+ <itemizedlist>
+ <listitem>
+ <para>[ken] - Updated to openssl-1.0.0b to fix CVE-2010-3864 (fixes
ticket
+ <ulink url="&blfs-ticket-root;3146">#3146</ulink>)</para>
+ </listitem>
+ </itemizedlist>
+ </listitem>
+
+ <listitem>
<para>November 17th, 2010</para>
<itemizedlist>
<listitem>
Modified: trunk/BOOK/postlfs/security/heimdal.xml
===================================================================
--- trunk/BOOK/postlfs/security/heimdal.xml 2010-11-17 00:10:06 UTC (rev
8696)
+++ trunk/BOOK/postlfs/security/heimdal.xml 2010-11-18 01:06:14 UTC (rev
8697)
@@ -63,6 +63,10 @@
<ulink url="&files-anduin;/heimdal-overwrites"/> for a complete list of
all the files and commands to rename each of them.</para>
+ <!-- FIXME -->
+ <para>If you intend to link this application to <xref linkend="openssl"/>
+ you will need to use the heimdal-1.4 series.</para>
+
<bridgehead renderas="sect3">Package Information</bridgehead>
<itemizedlist spacing="compact">
<listitem>
Modified: trunk/BOOK/postlfs/security/openssl.xml
===================================================================
--- trunk/BOOK/postlfs/security/openssl.xml 2010-11-17 00:10:06 UTC (rev
8696)
+++ trunk/BOOK/postlfs/security/openssl.xml 2010-11-18 01:06:14 UTC (rev
8697)
@@ -6,13 +6,13 @@
<!ENTITY openssl-download-http
"http://www.openssl.org/source/openssl-&openssl-version;.tar.gz";>
<!ENTITY openssl-download-ftp
"ftp://ftp.openssl.org/source/openssl-&openssl-version;.tar.gz";>
- <!ENTITY openssl-md5sum "076d8efc3ed93646bd01f04e23c07066">
- <!ENTITY openssl-size "3.7 MB">
+ <!ENTITY openssl-md5sum "104deb3b7e6820cae6de3f49ba0ff2b0">
+ <!ENTITY openssl-size "3.9 MB">
<!ENTITY ca-bundle-download
"http://anduin.linuxfromscratch.org/files/BLFS/BLFS-ca-bundle-&ca-bundle-version;.tar.bz2";>
- <!ENTITY ca-bundle-size "224 KB">
- <!ENTITY ca-bundle-md5sum "84287d75a4137d00020b1b89a472f5e7">
- <!ENTITY openssl-buildsize "47 MB">
- <!ENTITY openssl-time "1.2 SBU (additional 0.3 SBU to run the test
suite)">
+ <!ENTITY ca-bundle-size "196 KB">
+ <!ENTITY ca-bundle-md5sum "da705ed29e5abcb42d498bcc86d1e62e">
+ <!ENTITY openssl-buildsize "54 MB">
+ <!ENTITY openssl-time "1.2 SBU (additional 0.4 SBU to run the test
suite)">
]>
<sect1 id="openssl" xreflabel="OpenSSL-&openssl-version;">
@@ -74,8 +74,9 @@
<bridgehead renderas="sect3">Additional Downloads</bridgehead>
<itemizedlist spacing='compact'>
<listitem>
- <para>Required patch: <ulink
-
url="&patch-root;/openssl-&openssl-version;-fix_manpages-1.patch"/></para>
+ <para>Required patches: <ulink
+ url="&patch-root;/openssl-&openssl-version;-fix_manpages-1.patch"/> and
+ <ulink
url="&patch-root;/openssl-&openssl-version;-fix_testsuite-1.patch"/></para>
</listitem>
</itemizedlist>
@@ -83,8 +84,8 @@
<bridgehead renderas="sect4">Optional</bridgehead>
<para role="optional"><xref linkend="mitkrb"/> or
- <xref linkend="heimdal"/>, and <xref linkend="bc"/> (required to run the
- test suite during the build)</para>
+ <xref linkend="heimdal"/>, and <xref linkend="bc"/> (required for full
+ coverage by the test suite during the build)</para>
<para condition="html" role="usernotes">User Notes:
<ulink url='&blfs-wiki;/OpenSSL'/></para>
@@ -98,6 +99,7 @@
the following commands:</para>
<screen><userinput>patch -Np1 -i
../openssl-&openssl-version;-fix_manpages-1.patch &&
+patch -Np1 -i ../openssl-&openssl-version;-fix_testsuite-1.patch &&
tar -vxf ../BLFS-ca-bundle-&ca-bundle-version;.tar.bz2 &&
./config --prefix=/usr \
@@ -227,9 +229,10 @@
<seg>c_rehash and openssl</seg>
<seg>libcrypto.{so,a}, libssl.{so,a}, and additional encryption
libraries in /usr/lib/engines/ (lib4758cca.so, libaep.so,
- libatalla.so, libcapi.so, libchil.so, libcswift.so, libgmp.so,
libnuron.so,
- libsureware.so, and libubsec.so)</seg>
- <seg>/etc/ssl, /usr/include/ssl, /usr/lib/engines
+ libatalla.so, libcapi.so, libchil.so, libcswift.so, libgmp.so,
+ libgost.so, libnuron.so, libpadlock.so, libsureware.so, and
+ libubsec.so)</seg>
+ <seg>/etc/ssl, /usr/include/openssl, /usr/lib/engines
and /usr/share/doc/openssl-&openssl-version;</seg>
</seglistitem>
</segmentedlist>
Modified: trunk/BOOK/server/databases/postgresql.xml
===================================================================
--- trunk/BOOK/server/databases/postgresql.xml 2010-11-17 00:10:06 UTC (rev
8696)
+++ trunk/BOOK/server/databases/postgresql.xml 2010-11-18 01:06:14 UTC (rev
8697)
@@ -41,6 +41,11 @@
existing BLFS instructions. Note that versions other than the one shown
in the download URLs have not been tested in a BLFS environment.</para>
+ <!-- FIXME -->
+ <para>If you intend to link this application to <xref linkend="openssl"/>
+ you will need to move to a newer version of
<application>PostgreSQL</application>,
+ 1.9.0.1 is known to build.</para>
+
<bridgehead renderas="sect3">Package Information</bridgehead>
<itemizedlist spacing="compact">
<listitem>
--
http://linuxfromscratch.org/mailman/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
