OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /e/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-web Date: 25-Nov-2003 14:54:18
Branch: HEAD Handle: 2003112513541800
Modified files:
openpkg-web/security 00README OpenPKG-SA-2003.049-zebra.txt
Log:
final polishing and signing
Summary:
Revision Changes Path
1.14 +1 -1 openpkg-web/security/00README
1.2 +30 -20 openpkg-web/security/OpenPKG-SA-2003.049-zebra.txt
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-web/security/00README
============================================================================
$ cvs diff -u -r1.13 -r1.14 00README
--- openpkg-web/security/00README 25 Sep 2003 07:50:55 -0000 1.13
+++ openpkg-web/security/00README 25 Nov 2003 13:54:18 -0000 1.14
@@ -5,5 +5,5 @@
$ mutt [EMAIL PROTECTED]
mutt [EMAIL PROTECTED]
mutt [EMAIL PROTECTED]
- Subject: [OpenPKG-SA-2003.043] OpenPKG Security Advisory (proftpd)
+ Subject: [OpenPKG-SA-2003.048] OpenPKG Security Advisory (postgresql)
@@ .
patch -p0 <<'@@ .'
Index: openpkg-web/security/OpenPKG-SA-2003.049-zebra.txt
============================================================================
$ cvs diff -u -r1.1 -r1.2 OpenPKG-SA-2003.049-zebra.txt
--- openpkg-web/security/OpenPKG-SA-2003.049-zebra.txt 25 Nov 2003 13:38:00
-0000 1.1
+++ openpkg-web/security/OpenPKG-SA-2003.049-zebra.txt 25 Nov 2003 13:54:18
-0000 1.2
@@ -1,3 +1,6 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
________________________________________________________________________
OpenPKG Security Advisory The OpenPKG Project
@@ -11,21 +14,21 @@
OpenPKG Specific: no
Affected Releases: Affected Packages: Corrected Packages:
-OpenPKG CURRENT <= zebra-0.93b-20031001 >= zebra-0.93b-20031113
-OpenPKG 1.3 <= zebra-0.93b-1.3.0 >= zebra-0.93b-1.3.1
-OpenPKG 1.2 <= zebra-0.93b-1.2.0 >= zebra-0.93b-1.2.1
+OpenPKG CURRENT <= zebra-0.93b-20031001 >= zebra-0.93b-20031113
+OpenPKG 1.3 <= zebra-0.93b-1.3.0 >= zebra-0.93b-1.3.1
+OpenPKG 1.2 <= zebra-0.93b-1.2.0 >= zebra-0.93b-1.2.1
Dependent Packages: none
Description:
- Jonny Robertson reported that Zebra can be remotely crashed if a
- remote attacker can connect to the Zebra telnet management port [0].
- The Common Vulnerabilities and Exposures (CVE) project assigned the id
+ Jonny Robertson reported [0] that Zebra can be remotely crashed if a
+ remote attacker can connect to the Zebra telnet management ports. The
+ Common Vulnerabilities and Exposures (CVE) project assigned the id
CAN-2003-0795 [1] to the problem.
- Herbert Xu reported that Zebra can accept spoofed messages sent on the
- kernel netlink interface by other users on the local machine [2]. The
- Common Vulnerabilities and Exposures (CVE) project assigned the id
+ Herbert Xu reported [2] that Zebra can accept spoofed messages sent
+ on the kernel netlink interface by other users on the local machine.
+ The Common Vulnerabilities and Exposures (CVE) project assigned the id
CAN-2003-0858 [3] to the problem.
Please check whether you are affected by running "<prefix>/bin/rpm -q
@@ -54,17 +57,17 @@
________________________________________________________________________
References:
- [0] http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=107140
- [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0795
- [2] http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=108571
- [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0858
- [4] http://www.openpkg.org/tutorial.html#regular-source
- [5] http://www.openpkg.org/tutorial.html#regular-binary
- [6] ftp://ftp.openpkg.org/release/1.2/UPD/zebra-0.93b-1.3.1.src.rpm
- [7] ftp://ftp.openpkg.org/release/1.3/UPD/zebra-0.93b-1.2.1.src.rpm
- [8] ftp://ftp.openpkg.org/release/1.2/UPD/
- [9] ftp://ftp.openpkg.org/release/1.3/UPD/
- [10] http://www.openpkg.org/security.html#signature
+ [0] http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=107140
+ [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0795
+ [2] http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=108571
+ [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0858
+ [4] http://www.openpkg.org/tutorial.html#regular-source
+ [5] http://www.openpkg.org/tutorial.html#regular-binary
+ [6] ftp://ftp.openpkg.org/release/1.2/UPD/zebra-0.93b-1.2.1.src.rpm
+ [7] ftp://ftp.openpkg.org/release/1.3/UPD/zebra-0.93b-1.3.1.src.rpm
+ [8] ftp://ftp.openpkg.org/release/1.2/UPD/
+ [9] ftp://ftp.openpkg.org/release/1.3/UPD/
+ [10] http://www.openpkg.org/security.html#signature
________________________________________________________________________
For security reasons, this advisory was digitally signed with the
@@ -74,3 +77,10 @@
for details on how to verify the integrity of this advisory.
________________________________________________________________________
+-----BEGIN PGP SIGNATURE-----
+Comment: OpenPKG <[EMAIL PROTECTED]>
+
+iD8DBQE/w17bgHWT4GPEy58RArU6AKC9fZylkM+kJnqfANvAjE8xdmUv8QCg7P7C
+gNbfNm/Qb8T/EAoGPLzpGUo=
+=D/VD
+-----END PGP SIGNATURE-----
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [EMAIL PROTECTED]
