[Dragora-bug] Dragora updates #003

dragora-bug

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Dragora-bug] Dragora updates #003

From:	Lucas Sköldqvist
Subject:	[Dragora-bug] Dragora updates #003
Date:	Wed, 14 Aug 2013 20:44:06 +0200
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux)

The Dragora team is happy to announce security updates #003.  This
release fixes security issues in the following packages:
  curl
  pidgin
  poppler

Read the details of each update through the official ChangeLog[1].  The
ChangeLog contains a brief description of the problem(s) along with the
corresponding references.

We recommend that you upgrade your packages as soon as possible.

Here are the 32-bit packages:
  
http://mirror.fsf.org/dragora/dragora-2.2/upgrades/packages/32b/curl-7.31.0-i486-1.tlz
  
http://mirror.fsf.org/dragora/dragora-2.2/upgrades/packages/32b/pidgin-2.10.7-i486-1.tlz
  
http://mirror.fsf.org/dragora/dragora-2.2/upgrades/packages/32b/poppler-0.18.4-i486-1.tlz

Here are the 64-bit packages:
  
http://mirror.fsf.org/dragora/dragora-2.2/upgrades/packages/64b/curl-7.31.0-x86_64-1.tlz
  
http://mirror.fsf.org/dragora/dragora-2.2/upgrades/packages/64b/pidgin-2.10.7-x86_64-1.tlz
  
http://mirror.fsf.org/dragora/dragora-2.2/upgrades/packages/64b/poppler-0.18.4-x86_64-1.tlz

If you need the detached GPG signatures[2] just append .sig to the URLs above.

These are the SHA1 checksums:
  692e9646f853abfa071480fe80f61873fef77748  curl-7.31.0-i486-1.tlz
  af75f3ea0691d6849fa5aeb2c1779c851dbc0bf1  pidgin-2.10.7-i486-1.tlz
  e3391e1033aed84113973d30368bd4a43289c688  poppler-0.18.4-i486-1.tlz

  bd0e8468692f5ba5b8550601fbfd1a9fd09141c0  curl-7.31.0-x86_64-1.tlz
  b90c6874d91bf82297fbd04a0d844db04fcd8078  pidgin-2.10.7-x86_64-1.tlz
  7ba55bf5278d89aa2fac2c98adb37363c599749d  poppler-0.18.4-x86_64-1.tlz

To upgrade a package you issue the following command:
  pkg upgrade <tlz file>

So if you would like to upgrade pidgin 2.10.6 to pidgin 2.10.7 you would run the
following with root permissions:
  pkg upgrade pidgin-2.10.6-i486-1.tlz pidgin-2.10.7-i486-1.tlz

Or simply:
    pkg upgrade pidgin-2.10.7-i486-1.tlz

[1] http://mirror.fsf.org/dragora/dragora-2.2/ChangeLog.txt

[2] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact.  First, be sure to download both the .sig file
and the corresponding tarball.  Then, run a command like this:

  gpg --verify pidgin-2.10.7-i486-1.tlz.sig

If that command fails because you don't have the required public key,
then run these commands to import it:

  wget http://mirror.fsf.org/dragora/dragora-2.2/KEY
  gpg --import KEY

and rerun the 'gpg --verify' command.

-- 
Lucas Sköldqvist (frusen) [2BC57692]
85F7 C267 BC83 6603 66C9  927D AEFB 6AFC 2BC5 7692

[Prev in Thread]

Current Thread

[Next in Thread]

[Dragora-bug] Dragora updates #003, Lucas Sköldqvist <=

Prev by Date: Re: [Dragora-bug] several questions
Next by Date: [Dragora-bug] I'd like to promote Dragora
Previous by thread: [Dragora-bug] several questions
Next by thread: [Dragora-bug] I'd like to promote Dragora
Index(es):
- Date
- Thread