cves: CVE-2012-0037.html CVE-2013-1571.html

pescetti Thu, 01 Aug 2013 10:16:36 -0700

Author: pescetti
Date: Thu Aug  1 17:15:07 2013
New Revision: 1509335

URL: http://svn.apache.org/r1509335
Log:
Do not depend on w.a.o/dist/incubator URLs any longer, use the archives instead.


Modified:
    openoffice/ooo-site/trunk/content/security/cves/CVE-2012-0037.html
    openoffice/ooo-site/trunk/content/security/cves/CVE-2013-1571.html

Modified: openoffice/ooo-site/trunk/content/security/cves/CVE-2012-0037.html
URL: 
http://svn.apache.org/viewvc/openoffice/ooo-site/trunk/content/security/cves/CVE-2012-0037.html?rev=1509335&r1=1509334&r2=1509335&view=diff
==============================================================================
--- openoffice/ooo-site/trunk/content/security/cves/CVE-2012-0037.html 
(original)
+++ openoffice/ooo-site/trunk/content/security/cves/CVE-2012-0037.html Thu Aug  
1 17:15:07 2013
@@ -36,13 +36,13 @@ resources, an attacker would be able to 
         <p>OpenOffice.org 3.3.0 and 3.4 beta users can patch their 
installation with the following patches. Download, unzip and follow the 
instructions in the enclosed readme.pdf file.</p>
 
         <ul>
-            <li><a 
href="http://www.apache.org/dyn/closer.cgi/incubator/ooo/3.3/patches/cve-2012-0037/CVE-2012-0037-win.zip";>For
 Windows installs</a> 
-(<a 
href="http://www.apache.org/dist/incubator/ooo/3.3/patches/cve-2012-0037/CVE-2012-0037-win.zip.md5";>MD5</a>)
 
-(<a 
href="http://www.apache.org/dist/incubator/ooo/3.3/patches/cve-2012-0037/CVE-2012-0037-win.zip.sha1";>SHA1</a>)</li>
-
-            <li><a 
href="http://www.apache.org/dyn/closer.cgi/incubator/ooo/3.3/patches/cve-2012-0037/CVE-2012-0037-mac.zip";>For
 MacOS installs</a> 
-(<a 
href="http://www.apache.org/dist/incubator/ooo/3.3/patches/cve-2012-0037/CVE-2012-0037-mac.zip.md5";>MD5</a>)
 
-(<a 
href="http://www.apache.org/dist/incubator/ooo/3.3/patches/cve-2012-0037/CVE-2012-0037-mac.zip.sha1";>SHA1</a>)</li></li>
+            <li><a 
href="http://archive.apache.org/dist/incubator/ooo/3.3/patches/cve-2012-0037/CVE-2012-0037-win.zip";>For
 Windows installs</a> 
+(<a 
href="http://archive.apache.org/dist/incubator/ooo/3.3/patches/cve-2012-0037/CVE-2012-0037-win.zip.md5";>MD5</a>)
 
+(<a 
href="http://archive.apache.org/dist/incubator/ooo/3.3/patches/cve-2012-0037/CVE-2012-0037-win.zip.sha1";>SHA1</a>)</li>
+
+            <li><a 
href="http://archive.apache.org/dist/incubator/ooo/3.3/patches/cve-2012-0037/CVE-2012-0037-mac.zip";>For
 MacOS installs</a> 
+(<a 
href="http://archive.apache.org/dist/incubator/ooo/3.3/patches/cve-2012-0037/CVE-2012-0037-mac.zip.md5";>MD5</a>)
 
+(<a 
href="http://archive.apache.org/dist/incubator/ooo/3.3/patches/cve-2012-0037/CVE-2012-0037-mac.zip.sha1";>SHA1</a>)</li></li>
             <li>Linux and other platforms should consult their distro or OS 
vendor for patch instructions.</li>
         </ul>
 
@@ -56,7 +56,7 @@ We have provided MD5 and SHA1 hashes of 
 <p>
 The MD5 and SHA1 hashes can be verified using Unix tools like sha1, sha1sum or 
md5sum.  
 <p>
-The PGP signatures can be verified using PGP or GPG. First download the <a 
href="http://www.apache.org/dist/incubator/ooo/KEYS";>KEYS</a> file, as well as 
the asc signature file for the particular patch from above. Make sure you get 
these files from the main distribution directory, rather than from a mirror. 
Then verify the signatures as follows:
+The PGP signatures can be verified using PGP or GPG. First download the <a 
href="http://www.apache.org/dist/openoffice/KEYS";>KEYS</a> file, as well as the 
asc signature file for the particular patch from above. Make sure you get these 
files from the main distribution directory, rather than from a mirror. Then 
verify the signatures as follows:
 <p>
 <code>
 % pgpk -a KEYS <br>

Modified: openoffice/ooo-site/trunk/content/security/cves/CVE-2013-1571.html
URL: 
http://svn.apache.org/viewvc/openoffice/ooo-site/trunk/content/security/cves/CVE-2013-1571.html?rev=1509335&r1=1509334&r2=1509335&view=diff
==============================================================================
--- openoffice/ooo-site/trunk/content/security/cves/CVE-2013-1571.html 
(original)
+++ openoffice/ooo-site/trunk/content/security/cves/CVE-2013-1571.html Thu Aug  
1 17:15:07 2013
@@ -37,7 +37,7 @@ As reported on June 18th there is a <a h
 
         <h4>Mitigation</h4>
         <p>SDK users should update their installations by replacing 
/docs/java/ref/index.html with this 
-        <a 
href="http://www.apache.org/dyn/aoo-closer.cgi/incubator/ooo/3.4.1/source/cve-2013-1571.zip";>patched
 version</a>.  
+        <a 
href="http://archive.apache.org/dist/incubator/ooo/3.4.1/source/cve-2013-1571.zip";>patched
 version</a>.  
         Download, unzip and follow the  instructions in the enclosed README 
file.</p>
 
         <p>Users with earlier versions of the SDK (pre 3.4.1) should <a 
href="http://www.download.openoffice.org/download/other.html#tested-sdk";>upgrade
 to the current version</a> and then apply the patch.  Alternative, they can 
download and run
@@ -48,13 +48,13 @@ As reported on June 18th there is a <a h
 <h4>Verifying the Integrity of Downloaded Files</h4>
 
 <p>
-We have provided <a 
href="http://www.apache.org/dist/incubator/ooo/3.4.1/source/cve-2013-1571.zip.md5";>MD5</a>
 and <a 
href="http://www.apache.org/dist/incubator/ooo/3.4.1/source/cve-2013-1571.zip.sha256";>SHA256</a>
 hashes of these patches, 
-        as well as a <a 
href="http://www.apache.org/dist/incubator/ooo/3.4.1/source/cve-2013-1571.zip.asc";>GPG/PGP
 detached digital signature</a>, for those who wish to verify the 
+We have provided <a 
href="http://archive.apache.org/dist/incubator/ooo/3.4.1/source/cve-2013-1571.zip.md5";>MD5</a>
 and <a 
href="http://archive.apache.org/dist/incubator/ooo/3.4.1/source/cve-2013-1571.zip.sha256";>SHA256</a>
 hashes of these patches, 
+        as well as a <a 
href="http://archive.apache.org/dist/incubator/ooo/3.4.1/source/cve-2013-1571.zip.asc";>GPG/PGP
 detached digital signature</a>, for those who wish to verify the 
         integrity of this file.
 <p>
 The MD5 and SHA256 hashes can be verified using Unix tools like md5sum or 
sha256sum.
 <p>
-The PGP signatures can be verified using PGP or GPG. First download the <a 
href="http://www.apache.org/dist/incubator/ooo/KEYS";>KEYS</a> file, as well as 
the asc signature file for the particular patch from above. Make sure you get 
these files from the main distribution directory, rather than from a mirror. 
Then verify the signatures as follows:
+The PGP signatures can be verified using PGP or GPG. First download the <a 
href="http://www.apache.org/dist/openoffice/KEYS";>KEYS</a> file, as well as the 
asc signature file for the particular patch from above. Make sure you get these 
files from the main distribution directory, rather than from a mirror. Then 
verify the signatures as follows:
 <p>
 <code>
 % pgpk -a KEYS <br>

svn commit: r1509335 - in /openoffice/ooo-site/trunk/content/security/cves: CVE-2012-0037.html CVE-2013-1571.html

Reply via email to