OpenPKG CVS Repository http://cvs.openpkg.org/ ____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall Root: /v/openpkg/cvs Email: [EMAIL PROTECTED] Module: openpkg-web Date: 15-Jun-2005 13:55:55 Branch: HEAD Handle: 2005061512555500 Modified files: openpkg-web/security OpenPKG-SA-0000.000-template.txt Log: update template for 2005 world order Summary: Revision Changes Path 1.25 +16 -16 openpkg-web/security/OpenPKG-SA-0000.000-template.txt ____________________________________________________________________________ patch -p0 <<'@@ .' Index: openpkg-web/security/OpenPKG-SA-0000.000-template.txt ============================================================================ $ cvs diff -u -r1.24 -r1.25 OpenPKG-SA-0000.000-template.txt --- openpkg-web/security/OpenPKG-SA-0000.000-template.txt 29 Oct 2004 13:59:34 -0000 1.24 +++ openpkg-web/security/OpenPKG-SA-0000.000-template.txt 15 Jun 2005 11:55:55 -0000 1.25 @@ -6,7 +6,7 @@ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org [EMAIL PROTECTED] [EMAIL PROTECTED] -OpenPKG-SA-2004.001 01-Jan-2004 +OpenPKG-SA-2005.001 01-Jan-2005 ________________________________________________________________________ Package: foo @@ -14,14 +14,14 @@ OpenPKG Specific: no Affected Releases: Affected Packages: Corrected Packages: -OpenPKG CURRENT <= foo-1.2.4-20040123 >= foo-1.2.4-20049124 -OpenPKG 2.2 <= foo-1.2.3-2.2.0 >= foo-1.2.3-2.2.1 -OpenPKG 2.1 <= foo-1.2.2-2.1.0 >= foo-1.2.2-2.1.1 +OpenPKG CURRENT <= foo-1.2.4-20050123 >= foo-1.2.4-20059124 +OpenPKG 2.3 <= foo-1.2.3-2.3.0 >= foo-1.2.3-2.3.1 +OpenPKG 2.2 <= foo-1.2.2-2.2.0 >= foo-1.2.2-2.2.1 Affected Releases: Dependent Packages: OpenPKG CURRENT bar quux -OpenPKG 2.2 bar quux -OpenPKG 2.1 bar +OpenPKG 2.3 bar quux +OpenPKG 2.2 bar Description: According to a ... security advisory based on hints from ... @@ -41,19 +41,19 @@ [5][6], fetch it from the OpenPKG FTP service [7][8] or a mirror location, verify its integrity [9], build a corresponding binary RPM from it [3] and update your OpenPKG installation by applying the - binary RPM [4]. For the most recent release OpenPKG 2.2, perform the + binary RPM [4]. For the most recent release OpenPKG 2.3, perform the following operations to permanently fix the security problem (for other releases adjust accordingly). $ ftp ftp.openpkg.org ftp> bin - ftp> cd release/2.2/UPD - ftp> get foo-1.2.3-2.2.1.src.rpm + ftp> cd release/2.3/UPD + ftp> get foo-1.2.3-2.3.1.src.rpm ftp> bye - $ <prefix>/bin/openpkg rpm -v --checksig foo-1.2.3-2.2.1.src.rpm - $ <prefix>/bin/openpkg rpm --rebuild foo-1.2.3-2.2.1.src.rpm + $ <prefix>/bin/openpkg rpm -v --checksig foo-1.2.3-2.3.1.src.rpm + $ <prefix>/bin/openpkg rpm --rebuild foo-1.2.3-2.3.1.src.rpm $ su - - # <prefix>/bin/openpkg rpm -Fvh <prefix>/RPM/PKG/foo-1.2.3-2.2.1.*.rpm + # <prefix>/bin/openpkg rpm -Fvh <prefix>/RPM/PKG/foo-1.2.3-2.3.1.*.rpm Additionally, we recommend that you rebuild and reinstall all dependent packages (see above), if any, too [3][4]. @@ -65,10 +65,10 @@ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-... [3] http://www.openpkg.org/tutorial.html#regular-source [4] http://www.openpkg.org/tutorial.html#regular-binary - [5] ftp://ftp.openpkg.org/release/2.2/UPD/foo-1.2.3-2.2.1.src.rpm - [6] ftp://ftp.openpkg.org/release/2.1/UPD/foo-1.2.2-2.1.1.src.rpm - [7] ftp://ftp.openpkg.org/release/2.2/UPD/ - [8] ftp://ftp.openpkg.org/release/2.1/UPD/ + [5] ftp://ftp.openpkg.org/release/2.3/UPD/foo-1.2.3-2.3.1.src.rpm + [6] ftp://ftp.openpkg.org/release/2.2/UPD/foo-1.2.2-2.2.1.src.rpm + [7] ftp://ftp.openpkg.org/release/2.3/UPD/ + [8] ftp://ftp.openpkg.org/release/2.2/UPD/ [9] http://www.openpkg.org/security.html#signature ________________________________________________________________________ @@ . ______________________________________________________________________ The OpenPKG Project www.openpkg.org CVS Repository Commit List openpkg-cvs@openpkg.org