- Timestamp:
- 04/21/2022 03:45:09 AM (2 years ago)
- Branches:
- multilib
- Children:
- 65ac2fd
- Parents:
- 20d3801 (diff), c919b34 (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the(diff)
links above to see all the changes relative to each parent. - File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
chapter03/packages.xml
r20d3801 r80d370b 11 11 <title>All Packages</title> 12 12 13 <note> 14 <para>Read the <ulink url='&secadv;'>security advisories</ulink> 15 before downloading packages to figure out if a newer version of any 16 package should be used to avoid security vulnerabilities.</para> 17 18 <para>The upstreams may remove old releases, especially when these 19 releases contain a security vulnerability. If one URL below is not 20 reachable, you should read the security advisories first to figure out 21 if a newer version (with the vulnerability fixed) should be used. If 22 not, try to download the removed package from a mirror. Although it's 23 possible to download an old release from a mirror even if this release 24 has been removed because of a vulnerability, it's not recommended to 25 use a release known to be vulnerable for building your system.</para> 26 </note> 27 13 28 <para>Download or otherwise obtain the following packages:</para> 14 29 … … 174 189 <para>Download: <ulink url="&expat-url;"/></para> 175 190 <para>MD5 sum: <literal>&expat-md5;</literal></para> 176 <note>177 <para>The upstream may remove tarballs of the specific releases of178 <application>Expat</application> when these releases contain a179 security vulnerability. You should refer to180 <ulink url='&lfs-root;lfs/advisories/'>LFS security advisories</ulink>181 to figure out which version (with the vulnerability fixed) should182 be used. You may download the vulnerable version from a mirror,183 but it's not recommended.</para>184 </note>185 191 </listitem> 186 192 </varlistentry>
Note:
See TracChangeset
for help on using the changeset viewer.