[CVS] OpenPKG: openpkg-web/security/ OpenPKG-SA-2004.038-zlib.txt

Wed, 25 Aug 2004 12:53:35 -0700 

  OpenPKG CVS Repository
  http://cvs.openpkg.org/
  ____________________________________________________________________________

  Server: cvs.openpkg.org                  Name:   Ralf S. Engelschall
  Root:   /e/openpkg/cvs                   Email:  [EMAIL PROTECTED]
  Module: openpkg-web                      Date:   25-Aug-2004 21:53:39
  Branch: HEAD                             Handle: 2004082520533800

  Modified files:
    openpkg-web/security    OpenPKG-SA-2004.038-zlib.txt

  Log:
    release OpenPKG Security Advisory 2004.038 (zlib)

  Summary:
    Revision    Changes     Path
    1.3         +16 -3      openpkg-web/security/OpenPKG-SA-2004.038-zlib.txt
  ____________________________________________________________________________

  patch -p0 <<'@@ .'
  Index: openpkg-web/security/OpenPKG-SA-2004.038-zlib.txt
  ============================================================================
  $ cvs diff -u -r1.2 -r1.3 OpenPKG-SA-2004.038-zlib.txt
  --- openpkg-web/security/OpenPKG-SA-2004.038-zlib.txt 25 Aug 2004 16:13:28 -0000     
 1.2
  +++ openpkg-web/security/OpenPKG-SA-2004.038-zlib.txt 25 Aug 2004 19:53:38 -0000     
 1.3
  @@ -1,3 +1,6 @@
  +-----BEGIN PGP SIGNED MESSAGE-----
  +Hash: SHA1
  +
   ________________________________________________________________________
   
   OpenPKG Security Advisory                            The OpenPKG Project
  @@ -73,9 +76,12 @@
     "zlib" package is NOT sufficient because of the statically linked old
     "libz.a" code residing in the executables of other dependent packages.
   
  -  Due to transitive dependencies and because "zlib" is used by many
  -  other libraries and programs, the safest way to secure an OpenPKG
  -  instance is to rebuild all packages installed in it.
  +  Due to transitive dependencies and because "zlib" is used by such many
  +  other libraries and programs, the convenient way to upgrade "zlib" and
  +  all affected packages is to use the "openpkg-tools" package:
  +
  +  $ su -
  +  # <prefix>/bin/openpkg build -Ua | sh
   ________________________________________________________________________
   
   References:
  @@ -98,3 +104,10 @@
   for details on how to verify the integrity of this advisory.
   ________________________________________________________________________
   
  +-----BEGIN PGP SIGNATURE-----
  +Comment: OpenPKG <[EMAIL PROTECTED]>
  +
  +iD8DBQFBLO4cgHWT4GPEy58RAkjgAKC948i4v38A8FX513o85Zbqq3aBOACff8Ce
  +9M2/cv/zac1hHD2/oqzCgUY=
  +=sbmZ
  +-----END PGP SIGNATURE-----
  @@ .
______________________________________________________________________
The OpenPKG Project                                    www.openpkg.org
CVS Repository Commit List                     [EMAIL PROTECTED]

Reply via email to