You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openoffice.apache.org by bu...@apache.org on 2013/08/01 19:16:02 UTC

svn commit: r872330 - in /websites/staging/ooo-site/trunk: cgi-bin/ content/ content/security/cves/CVE-2012-0037.html content/security/cves/CVE-2013-1571.html

Author: buildbot
Date: Thu Aug  1 17:16:02 2013
New Revision: 872330

Log:
Staging update by buildbot for ooo-site

Modified:
    websites/staging/ooo-site/trunk/cgi-bin/   (props changed)
    websites/staging/ooo-site/trunk/content/   (props changed)
    websites/staging/ooo-site/trunk/content/security/cves/CVE-2012-0037.html
    websites/staging/ooo-site/trunk/content/security/cves/CVE-2013-1571.html

Propchange: websites/staging/ooo-site/trunk/cgi-bin/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Thu Aug  1 17:16:02 2013
@@ -1 +1 @@
-1509171
+1509335

Propchange: websites/staging/ooo-site/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Thu Aug  1 17:16:02 2013
@@ -1 +1 @@
-1509171
+1509335

Modified: websites/staging/ooo-site/trunk/content/security/cves/CVE-2012-0037.html
==============================================================================
--- websites/staging/ooo-site/trunk/content/security/cves/CVE-2012-0037.html (original)
+++ websites/staging/ooo-site/trunk/content/security/cves/CVE-2012-0037.html Thu Aug  1 17:16:02 2013
@@ -50,13 +50,13 @@ resources, an attacker would be able to 
         <p>OpenOffice.org 3.3.0 and 3.4 beta users can patch their installation with the following patches. Download, unzip and follow the instructions in the enclosed readme.pdf file.</p>
 
         <ul>
-            <li><a href="http://www.apache.org/dyn/closer.cgi/incubator/ooo/3.3/patches/cve-2012-0037/CVE-2012-0037-win.zip">For Windows installs</a> 
-(<a href="http://www.apache.org/dist/incubator/ooo/3.3/patches/cve-2012-0037/CVE-2012-0037-win.zip.md5">MD5</a>) 
-(<a href="http://www.apache.org/dist/incubator/ooo/3.3/patches/cve-2012-0037/CVE-2012-0037-win.zip.sha1">SHA1</a>)</li>
-
-            <li><a href="http://www.apache.org/dyn/closer.cgi/incubator/ooo/3.3/patches/cve-2012-0037/CVE-2012-0037-mac.zip">For MacOS installs</a> 
-(<a href="http://www.apache.org/dist/incubator/ooo/3.3/patches/cve-2012-0037/CVE-2012-0037-mac.zip.md5">MD5</a>) 
-(<a href="http://www.apache.org/dist/incubator/ooo/3.3/patches/cve-2012-0037/CVE-2012-0037-mac.zip.sha1">SHA1</a>)</li></li>
+            <li><a href="http://archive.apache.org/dist/incubator/ooo/3.3/patches/cve-2012-0037/CVE-2012-0037-win.zip">For Windows installs</a> 
+(<a href="http://archive.apache.org/dist/incubator/ooo/3.3/patches/cve-2012-0037/CVE-2012-0037-win.zip.md5">MD5</a>) 
+(<a href="http://archive.apache.org/dist/incubator/ooo/3.3/patches/cve-2012-0037/CVE-2012-0037-win.zip.sha1">SHA1</a>)</li>
+
+            <li><a href="http://archive.apache.org/dist/incubator/ooo/3.3/patches/cve-2012-0037/CVE-2012-0037-mac.zip">For MacOS installs</a> 
+(<a href="http://archive.apache.org/dist/incubator/ooo/3.3/patches/cve-2012-0037/CVE-2012-0037-mac.zip.md5">MD5</a>) 
+(<a href="http://archive.apache.org/dist/incubator/ooo/3.3/patches/cve-2012-0037/CVE-2012-0037-mac.zip.sha1">SHA1</a>)</li></li>
             <li>Linux and other platforms should consult their distro or OS vendor for patch instructions.</li>
         </ul>
 
@@ -70,7 +70,7 @@ We have provided MD5 and SHA1 hashes of 
 <p>
 The MD5 and SHA1 hashes can be verified using Unix tools like sha1, sha1sum or md5sum.  
 <p>
-The PGP signatures can be verified using PGP or GPG. First download the <a href="http://www.apache.org/dist/incubator/ooo/KEYS">KEYS</a> file, as well as the asc signature file for the particular patch from above. Make sure you get these files from the main distribution directory, rather than from a mirror. Then verify the signatures as follows:
+The PGP signatures can be verified using PGP or GPG. First download the <a href="http://www.apache.org/dist/openoffice/KEYS">KEYS</a> file, as well as the asc signature file for the particular patch from above. Make sure you get these files from the main distribution directory, rather than from a mirror. Then verify the signatures as follows:
 <p>
 <code>
 % pgpk -a KEYS <br>

Modified: websites/staging/ooo-site/trunk/content/security/cves/CVE-2013-1571.html
==============================================================================
--- websites/staging/ooo-site/trunk/content/security/cves/CVE-2013-1571.html (original)
+++ websites/staging/ooo-site/trunk/content/security/cves/CVE-2013-1571.html Thu Aug  1 17:16:02 2013
@@ -51,7 +51,7 @@ As reported on June 18th there is a <a h
 
         <h4>Mitigation</h4>
         <p>SDK users should update their installations by replacing /docs/java/ref/index.html with this 
-        <a href="http://www.apache.org/dyn/aoo-closer.cgi/incubator/ooo/3.4.1/source/cve-2013-1571.zip">patched version</a>.  
+        <a href="http://archive.apache.org/dist/incubator/ooo/3.4.1/source/cve-2013-1571.zip">patched version</a>.  
         Download, unzip and follow the  instructions in the enclosed README file.</p>
 
         <p>Users with earlier versions of the SDK (pre 3.4.1) should <a href="http://www.download.openoffice.org/download/other.html#tested-sdk">upgrade to the current version</a> and then apply the patch.  Alternative, they can download and run
@@ -62,13 +62,13 @@ As reported on June 18th there is a <a h
 <h4>Verifying the Integrity of Downloaded Files</h4>
 
 <p>
-We have provided <a href="http://www.apache.org/dist/incubator/ooo/3.4.1/source/cve-2013-1571.zip.md5">MD5</a> and <a href="http://www.apache.org/dist/incubator/ooo/3.4.1/source/cve-2013-1571.zip.sha256">SHA256</a> hashes of these patches, 
-        as well as a <a href="http://www.apache.org/dist/incubator/ooo/3.4.1/source/cve-2013-1571.zip.asc">GPG/PGP detached digital signature</a>, for those who wish to verify the 
+We have provided <a href="http://archive.apache.org/dist/incubator/ooo/3.4.1/source/cve-2013-1571.zip.md5">MD5</a> and <a href="http://archive.apache.org/dist/incubator/ooo/3.4.1/source/cve-2013-1571.zip.sha256">SHA256</a> hashes of these patches, 
+        as well as a <a href="http://archive.apache.org/dist/incubator/ooo/3.4.1/source/cve-2013-1571.zip.asc">GPG/PGP detached digital signature</a>, for those who wish to verify the 
         integrity of this file.
 <p>
 The MD5 and SHA256 hashes can be verified using Unix tools like md5sum or sha256sum.
 <p>
-The PGP signatures can be verified using PGP or GPG. First download the <a href="http://www.apache.org/dist/incubator/ooo/KEYS">KEYS</a> file, as well as the asc signature file for the particular patch from above. Make sure you get these files from the main distribution directory, rather than from a mirror. Then verify the signatures as follows:
+The PGP signatures can be verified using PGP or GPG. First download the <a href="http://www.apache.org/dist/openoffice/KEYS">KEYS</a> file, as well as the asc signature file for the particular patch from above. Make sure you get these files from the main distribution directory, rather than from a mirror. Then verify the signatures as follows:
 <p>
 <code>
 % pgpk -a KEYS <br>