[PLDSA 40-1] New docbook-utils packages fix default wrong options
Krzysiek Taraszka
dzimi at pld.org.pl
Sat May 3 15:43:50 CEST 2003
- --------------------------------------------------------------------------
PLD Security Advisory PLDSA 40-1 security at pld.org.pl
http://www.pld.org.pl/security/ PLD Security Team
10 March 2003 http://www.pld.org.pl/security/faq
- --------------------------------------------------------------------------
Package : prior to docbook-utils-0.6.12-1
Vulnerability : wrong options
Problem-Type : local
PLD-specific : yes
docbook-utils is a group of little scripts allow to convert easily DocBook
files to other formats (HTML, RTF, PostScript...), and to compare SGML files.
Default configuration used use-id-as-filename in default stylesheet.
It is potentially dangerous and shouldn't be set.
If needed, one must use alternative stylesheet or enable it from command line
(e.g. by -V'%use-id-as-filename%').
The above problems have been fixed in version 0.6.12-2 for the
current stable distribution (ra).
We recommend that you upgrade your docbook-utils packages.
wget -c url
will fetch the file for you
rpm -Uhv file(s)*.rpm
will upgrade the referenced file.
If you are using "poldek" - the package manager, use the line as given below
for upgrade packages
poldek --update
will update the internal database
poldek --upgrade 'docbook-utils*'
will install corrected packages
If you are using "apt" - the package manager, use the line as given below
for upgrade packages
apt-get update
will update the internal database
apt-get upgrade 'docbook-utils*'
will install corrected packages
PLD Linux 1.0 alias ra
- --------------------
Source archives:
ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/docbook-utils-0.6.12-2.src.rpm
MD5 checksum: 1023d3c596a2cebfe5eb68fa633d84a7
I386 Architecture components:
ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/docbook-utils-0.6.12-2.noarch.rpm
MD5 checksum: 3755554aba0c6b3a507382c00f7b7cd0
I586 Architecture components:
ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/docbook-utils-0.6.12-2.noarch.rpm
MD5 checksum: ab85e16be6ed68fb4b6eedf68a44cf00
I686 Architecture components:
ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/docbook-utils-0.6.12-2.noarch.rpm
MD5 checksum: 462173e1d5eb482c3f4e9ae580e26fea
PowerPC Architecture components:
ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/docbook-utils-0.6.12-2.noarch.rpm
MD5 checksum: a733ada5822962e2676d42f5581fef41
-
--------------------------------------------------------------------------------
-
If you are using poldek add this line to poldek.conf.
If you are using apt-get add this line to sources.list.
For i386 architecture
poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/
apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security
For i586 architecture
poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/
apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security
For i686 architecture
poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/
apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security
For ppc architecture
poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/
apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security
More information about the pld-security-announce
mailing list