[website] r1453 - in html/trunk/blfs/errata: 8.3 8.3-systemd

Tue, 09 Oct 2018 14:56:46 -0700 

Author: ken
Date: Tue Oct  9 14:56:35 2018
New Revision: 1453

Log:
more errata, not sure if this is the correct repo.

Modified:
   html/trunk/blfs/errata/8.3-systemd/index.html
   html/trunk/blfs/errata/8.3/index.html

Modified: html/trunk/blfs/errata/8.3-systemd/index.html
==============================================================================
--- html/trunk/blfs/errata/8.3-systemd/index.html       Mon Sep 24 11:40:50 
2018        (r1452)
+++ html/trunk/blfs/errata/8.3-systemd/index.html       Tue Oct  9 14:56:35 
2018        (r1453)
@@ -38,4 +38,13 @@
      <a href="../../view/systemd/">development version of the book.</a>
      </p>
 
+     <p>A vulnerability in texlive's handling of postscript files, applicable
+     to all versions from the past several years, has been fixed with a patch
+     to the 2018 source in the development book, tested with BLFS-8.1 and
+     later. For users of the binary texlive who have not updated since 
2018-09-20,
+     please do so.</p>
+
+     <p>A vulnerability with available exploits in all recent versions of
+     ghostscript has been fixed in the development book by patching 
gs-9.25.</p>
+
 <!--#include virtual="/common/footer.html" -->

Modified: html/trunk/blfs/errata/8.3/index.html
==============================================================================
--- html/trunk/blfs/errata/8.3/index.html       Mon Sep 24 11:40:50 2018        
(r1452)
+++ html/trunk/blfs/errata/8.3/index.html       Tue Oct  9 14:56:35 2018        
(r1453)
@@ -26,19 +26,13 @@
      <a href="../../view/svn/">development version of the book.</a>
      </p>
 
-     <!--
-     <p>For texlive, see the "Now, or if returning here because you were 
advised,
-     fix a new vulnerability." command at the end of the texlive source page. 
This
-     also applies to the binary if you have installed it before early December 
2016
-     and not run tlupdate.</p>
-     -->
-     <!--
-     <ul>
-       <li>firefox-41.0.2 fixes what is apparently CVE-2015-7184: the fetch() 
API
-       did not correctly implement the Cross-Origin Resource Sharing (CORS)
-       specification, allowing a malicious page to access private data from 
other
-        origins.</li>
-     </ul>
-     -->
+     <p>A vulnerability in texlive's handling of postscript files, applicable
+     to all versions from the past several years, has been fixed with a patch
+     to the 2018 source in the development book, tested with BLFS-8.1 and
+     later. For users of the binary texlive who have not updated since 
2018-09-20,
+     please do so.</p>
+
+     <p>A vulnerability with available exploits in all recent versions of
+     ghostscript has been fixed in the development book by patching 
gs-9.25.</p>
      
 <!--#include virtual="/common/footer.html" -->
-- 
http://lists.linuxfromscratch.org/listinfo/website
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Reply via email to