OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /e/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-web Date: 19-Mar-2003 16:02:22
Branch: HEAD Handle: 2003031915022200
Modified files:
openpkg-web/security OpenPKG-SA-2003.024-ircii.txt
Log:
final polishing and signing
Summary:
Revision Changes Path
1.3 +22 -12 openpkg-web/security/OpenPKG-SA-2003.024-ircii.txt
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-web/security/OpenPKG-SA-2003.024-ircii.txt
============================================================================
$ cvs diff -u -r1.2 -r1.3 OpenPKG-SA-2003.024-ircii.txt
--- openpkg-web/security/OpenPKG-SA-2003.024-ircii.txt 19 Mar 2003 14:31:37
-0000 1.2
+++ openpkg-web/security/OpenPKG-SA-2003.024-ircii.txt 19 Mar 2003 15:02:22
-0000 1.3
@@ -1,3 +1,6 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
________________________________________________________________________
OpenPKG Security Advisory The OpenPKG Project
@@ -20,23 +23,23 @@
Description:
Timo Sirainen audited ircII based clients [1] and found some buffer
overflow vulnerabilities in ircii-20020912 [2]. According to his
- report these problems were fixed by in ircii-20030313. We have
- backported the security relevant pieces of the more recent
- ircii-20030315 vendor changes into releases used by OpenPKG.
-
- Please check whether you are affected by running "<prefix>/bin/rpm
- -q ircii". If you have the "ircii" package installed and its version
- is affected (see above), we recommend that you immediately upgrade
- it (see Solution). [3][4]
+ report these problems were fixed in ircii-20030313. We have backported
+ the security relevant pieces of the more recent ircii-20030315 vendor
+ changes into releases used by OpenPKG.
+
+ Please check whether you are affected by running "<prefix>/bin/rpm -q
+ ircii". If you have the "ircii" package installed and its version is
+ affected (see above), we recommend that you immediately upgrade it
+ (see Solution). [3][4]
Solution:
Select the updated source RPM appropriate for your OpenPKG release
[5][6], fetch it from the OpenPKG FTP service [7][8] or a mirror
location, verify its integrity [9], build a corresponding binary RPM
- from it [3] and update your OpenPKG installation by applying the binary
- RPM [4]. For the current release OpenPKG 1.2, perform the following
- operations to permanently fix the security problem (for other releases
- adjust accordingly).
+ from it [3] and update your OpenPKG installation by applying the
+ binary RPM [4]. For the current release OpenPKG 1.2, perform the
+ following operations to permanently fix the security problem (for
+ other releases adjust accordingly).
$ ftp ftp.openpkg.org
ftp> bin
@@ -70,3 +73,10 @@
the command "gpg --verify --keyserver keyserver.pgp.com".
________________________________________________________________________
+-----BEGIN PGP SIGNATURE-----
+Comment: OpenPKG <[EMAIL PROTECTED]>
+
+iD8DBQE+eIZngHWT4GPEy58RAleYAJ4xmlL78sJFnmZ48XONR3NCTcxOTwCgrShv
+PO52bUXnK9qzPMon2U9TXvo=
+=Vnet
+-----END PGP SIGNATURE-----
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [EMAIL PROTECTED]
