Changeset 80d370b


Ignore:
Timestamp:
04/21/2022 03:45:09 AM (2 years ago)
Author:
Thomas Trepl (Moody) <thomas@…>
Branches:
multilib
Children:
65ac2fd
Parents:
20d3801 (diff), c919b34 (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent.
Message:

Automatic merge of trunk into multilib

Files:
2 edited

Legend:

Unmodified
Added
Removed

  • chapter03/packages.xml

    r20d3801 r80d370b  
    1111  <title>All Packages</title>
    1212
     13  <note>
     14    <para>Read the <ulink url='&secadv;'>security advisories</ulink>
     15    before downloading packages to figure out if a newer version of any
     16    package should be used to avoid security vulnerabilities.</para>
     17
     18    <para>The upstreams may remove old releases, especially when these
     19    releases contain a security vulnerability.  If one URL below is not
     20    reachable, you should read the security advisories first to figure out
     21    if a newer version (with the vulnerability fixed) should be used.  If
     22    not, try to download the removed package from a mirror.  Although it's
     23        possible to download an old release from a mirror even if this release
     24        has been removed because of a vulnerability, it's not recommended to
     25        use a release known to be vulnerable for building your system.</para>
     26  </note>
     27
    1328  <para>Download or otherwise obtain the following packages:</para>
    1429
     
    174189        <para>Download: <ulink url="&expat-url;"/></para>
    175190        <para>MD5 sum: <literal>&expat-md5;</literal></para>
    176         <note>
    177           <para>The upstream may remove tarballs of the specific releases of
    178           <application>Expat</application> when these releases contain a
    179           security vulnerability.  You should refer to
    180           <ulink url='&lfs-root;lfs/advisories/'>LFS security advisories</ulink>
    181           to figure out which version (with the vulnerability fixed) should
    182           be used.  You may download the vulnerable version from a mirror,
    183           but it's not recommended.</para>
    184         </note>
    185191      </listitem>
    186192    </varlistentry>

  • packages.ent

    r20d3801 r80d370b  
    518518<!ENTITY mpfr-version "4.1.0">
    519519<!ENTITY mpfr-size "1,490 KB">
    520 <!ENTITY mpfr-url "https://www.mpfr.org/mpfr-&mpfr-version;/mpfr-&mpfr-version;.tar.xz">
     520<!ENTITY mpfr-url "https://ftp.gnu.org/gnu/mpfr/mpfr-&mpfr-version;.tar.xz">
    521521<!ENTITY mpfr-md5 "bdd3d5efba9c17da8d83a35ec552baef">
    522522<!ENTITY mpfr-home "https://www.mpfr.org/">
Note: See TracChangeset for help on using the changeset viewer.