diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2009-08-26 10:00:38 -0500 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2018-05-31 22:41:17 +0200 |
| commit | 5a12e7c134274dba706667107d10d231517d3e05 (patch) | |
| tree | 55718d5acb710fde798d9f38d0bbaf594ed4b296 /slackbook/html/security-current.html | |
| download | current-5a12e7c134274dba706667107d10d231517d3e05.tar.gz current-5a12e7c134274dba706667107d10d231517d3e05.tar.xz | |
Slackware 13.0slackware-13.0
Wed Aug 26 10:00:38 CDT 2009
Slackware 13.0 x86_64 is released as stable! Thanks to everyone who
helped make this release possible -- see the RELEASE_NOTES for the
credits. The ISOs are off to the replicator. This time it will be a
6 CD-ROM 32-bit set and a dual-sided 32-bit/64-bit x86/x86_64 DVD.
We're taking pre-orders now at store.slackware.com. Please consider
picking up a copy to help support the project. Once again, thanks to
the entire Slackware community for all the help testing and fixing
things and offering suggestions during this development cycle.
As always, have fun and enjoy! -P.
Diffstat (limited to 'slackbook/html/security-current.html')
| -rw-r--r-- | slackbook/html/security-current.html | 138 |
1 files changed, 138 insertions, 0 deletions
diff --git a/slackbook/html/security-current.html b/slackbook/html/security-current.html new file mode 100644 index 000000000..12e207167 --- /dev/null +++ b/slackbook/html/security-current.html @@ -0,0 +1,138 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head> +<meta name="generator" content="HTML Tidy, see www.w3.org" /> +<title>Keeping Current</title> +<meta name="GENERATOR" content="Modular DocBook HTML Stylesheet Version 1.7" /> +<link rel="HOME" title="Slackware Linux Essentials" href="index.html" /> +<link rel="UP" title="Security" href="security.html" /> +<link rel="PREVIOUS" title="Host Access Control" href="security-host.html" /> +<link rel="NEXT" title="Archive Files" href="archive-files.html" /> +<link rel="STYLESHEET" type="text/css" href="docbook.css" /> +<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> +</head> +<body class="SECT1" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#840084" +alink="#0000FF"> +<div class="NAVHEADER"> +<table summary="Header navigation table" width="100%" border="0" cellpadding="0" +cellspacing="0"> +<tr> +<th colspan="3" align="center">Slackware Linux Essentials</th> +</tr> + +<tr> +<td width="10%" align="left" valign="bottom"><a href="security-host.html" +accesskey="P">Prev</a></td> +<td width="80%" align="center" valign="bottom">Chapter 14 Security</td> +<td width="10%" align="right" valign="bottom"><a href="archive-files.html" +accesskey="N">Next</a></td> +</tr> +</table> + +<hr align="LEFT" width="100%" /> +</div> + +<div class="SECT1"> +<h1 class="SECT1"><a id="SECURITY-CURRENT" name="SECURITY-CURRENT">14.3 Keeping +Current</a></h1> + +<div class="SECT2"> +<h2 class="SECT2"><a id="SECURITY-CURRENT-LIST" name="SECURITY-CURRENT-LIST">14.3.1 <var +class="LITERAL">slackware-security</var> mailing list</a></h2> + +<p>Whenever a security problem affects Slackware, an email is sent to all subscribers to +the <var class="LITERAL">slackware-security@slackware.com</var> mailing list. Reports are +sent out for vulnerabilities of any part of Slackware, apart from the software in <tt +class="FILENAME">/extra</tt> or <tt class="FILENAME">/pasture</tt>. These security +announcement emails include details on obtaining updated versions of Slackware packages +or work-arounds, if any.</p> + +<p>Subscribing to Slackware mailing lists is covered in <a +href="help-online.html#HELP-ONLINE-EMAIL">Section 2.2.2</a>.</p> +</div> + +<div class="SECT2"> +<h2 class="SECT2"><a id="SECURITY-CURRENT-PATCHES" name="SECURITY-CURRENT-PATCHES">14.3.2 +The <tt class="FILENAME">/patches</tt> directory</a></h2> + +<p>Whenever updated packages are released for a version of Slackware (usually only to fix +a security problem, in the case of already released Slackware versions), they are placed +in the <tt class="FILENAME">/patches</tt> directory. The full path to these patches will +depend on the mirror you are using, but will take the form <tt +class="FILENAME">/path/to/slackware-x.x/patches/</tt>.</p> + +<p>Before installing these packages, it is a good idea to verify the <tt +class="COMMAND">md5sum</tt> of the package. <tt class="COMMAND">md5sum</tt>(1) is a +commandline utility that creates a “unique” mathematical hash of the file. If +a single bit of the file has been changed, it will generate a different md5sum value.</p> + +<table border="0" bgcolor="#E0E0E0" width="100%"> +<tr> +<td> +<pre class="SCREEN"> +<samp class="PROMPT">%</samp> <kbd +class="USERINPUT">md5sum package-<ver>-<arch>-<rev>.tgz</kbd> +6341417aa1c025448b53073a1f1d287d package-<ver>-<arch>-<rev>.tgz +</pre> +</td> +</tr> +</table> + +<p>You should then check this against the line for the new package in the <tt +class="FILENAME">CHECKSUMS.md5</tt> file in the root of the <tt +class="FILENAME">slackware-<var class="REPLACEABLE">$VERSION</var></tt> directory (also +in the <tt class="FILENAME">/patches</tt> directory for patches) or in the email to the +<var class="LITERAL">slackware-security</var> mailing list.</p> + +<p>If you have a file with the md5sum values in it, you can source it instead with the +<var class="OPTION">-c</var> option to <tt class="COMMAND">md5sum</tt>.</p> + +<table border="0" bgcolor="#E0E0E0" width="100%"> +<tr> +<td> +<pre class="SCREEN"> +<samp class="PROMPT">#</samp> <kbd class="USERINPUT">md5sum -c CHECKSUMS.md5</kbd> +./ANNOUNCE.10_0: OK +./BOOTING.TXT: OK +./COPYING: OK +./COPYRIGHT.TXT: OK +./CRYPTO_NOTICE.TXT: OK +./ChangeLog.txt: OK +./FAQ.TXT: FAILED +</pre> +</td> +</tr> +</table> + +<p>As you can see, any files that <tt class="COMMAND">md5sum</tt> evaluates as correct +are listed “<var class="LITERAL">OK</var>” while files that fail are labelled +“<var class="LITERAL">FAILED</var>”. (Yes, this was an insult to your +intelligence. Why do you put up with me?)</p> +</div> +</div> + +<div class="NAVFOOTER"> +<hr align="LEFT" width="100%" /> +<table summary="Footer navigation table" width="100%" border="0" cellpadding="0" +cellspacing="0"> +<tr> +<td width="33%" align="left" valign="top"><a href="security-host.html" +accesskey="P">Prev</a></td> +<td width="34%" align="center" valign="top"><a href="index.html" +accesskey="H">Home</a></td> +<td width="33%" align="right" valign="top"><a href="archive-files.html" +accesskey="N">Next</a></td> +</tr> + +<tr> +<td width="33%" align="left" valign="top">Host Access Control</td> +<td width="34%" align="center" valign="top"><a href="security.html" +accesskey="U">Up</a></td> +<td width="33%" align="right" valign="top">Archive Files</td> +</tr> +</table> +</div> +</body> +</html> + |