Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 01 Feb 2014 12:41:07 +0400
From: Alexander Cherepanov <cherepan@...me.ru>
To: oss-security@...ts.openwall.com
Subject: Re: linux-distros membership

On 2014-02-01 03:27, Solar Designer wrote:
> On Fri, Jan 31, 2014 at 08:28:11PM +0100, rf@...eap.de wrote:
>>>>>>> "SD" == Solar Designer <solar@...nwall.com> writes:
>>     SD> On Wed, Jan 22, 2014 at 11:51:39AM +0100, rf@...eap.de wrote:
>>     >> >>>>> "SD" == Solar Designer <solar@...nwall.com> writes:
>>     SD> Are Qlustar's security updates (not just security advisories)
>>     SD> publicly available?
>>     >>
>>     >> Yes, all our packages are publicly available from our website.
>>
>>     SD> Where do I find them?  Somehow I only found "Qlustar Installer
>>     SD> 8.1.0-3/precise Size: 705MB".
>>
>> http://repo.qlustar.com/repo/ubuntu
> 
> For example, how do I find your most recent security updates in that
> tree, for these two advisories? -
> 
> https://qlustar.com/news/qsa-0131141-linux-kernel-vulnerabilities
> https://qlustar.com/news/qsa-0131142-security-bundle

The advisories don't mention the release of Qlustar which they apply to
but it seems to be Qlustar 8.1. Then, I think, you look into

http://repo.qlustar.com/repo/ubuntu/dists/8.1-precise/main/binary-amd64/Packages.gz
http://repo.qlustar.com/repo/ubuntu/dists/8.1-precise-proposed-updates/main/binary-amd64/Packages.gz

and locate the interesting files. Here they are:

$ curl -I
http://repo.qlustar.com/repo/ubuntu/pool/main/q/qlustar-kernel/linux-image-ql-generic_3.12.9-ql-generic-18_amd64.deb
HTTP/1.1 200 OK
Date: Sat, 01 Feb 2014 08:31:14 GMT
Server: Apache/2.2.22 (Ubuntu)
Last-Modified: Fri, 31 Jan 2014 14:41:32 GMT
ETag: "5c090b-418-4f1452b84bf00"
Accept-Ranges: bytes
Content-Length: 1048
Content-Type: application/x-debian-package

$ curl -I
http://repo.qlustar.com/repo/ubuntu/pool/main/i/image-generator/qlustar-module-core-precise-amd64-8.1.0_8.1.0.7-b431f855_all.deb
HTTP/1.1 200 OK
Date: Sat, 01 Feb 2014 08:31:27 GMT
Server: Apache/2.2.22 (Ubuntu)
Last-Modified: Fri, 31 Jan 2014 16:54:21 GMT
ETag: "5e0aa8-426d9ba-4f14706820940"
Accept-Ranges: bytes
Content-Length: 69654970
Content-Type: application/x-debian-package

-- 
Alexander Cherepanov

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ