X-Git-Url: http://git.osdn.net/view?p=lfsbookja%2Flfsja-git.git;a=blobdiff_plain;f=src%2Fchapter03%2Fpackages.ch;h=1e58d2f8167434b3fcae3287e1a31632b4de18e4;hp=67393bf82716d82d33847d5d4bdea27edbd051e0;hb=0c82dc9a20c5c1e7850b02870fe80f7474c32830;hpb=24b87c58e64848af89045bbe05fdb65f9c6cac2c
diff --git a/src/chapter03/packages.ch b/src/chapter03/packages.ch
index 67393bf8..1e58d2f8 100644
--- a/src/chapter03/packages.ch
+++ b/src/chapter03/packages.ch
@@ -16,6 +16,38 @@
@z
@x
+ Read the security advisories
+ before downloading packages to figure out if a newer version of any
+ package should be used to avoid security vulnerabilities.
+@y
+
+ ããã±ã¼ã¸ããã¦ã³ãã¼ãããåã«ã¯ ã»ãã¥ãªãã£ã¢ããã¤ã¹ï¼security advisoriesï¼ãèªãã§ãã ããã
+ ã»ãã¥ãªãã£ããå¼±æ§ãåé¿ããããã«ããã±ã¼ã¸ã®ææ°ãã¼ã¸ã§ã³ããªããã©ããã確èªãã¦ãã ããã
+
+@z
+
+@x
+ The upstreams may remove old releases, especially when these
+ releases contain a security vulnerability. If one URL below is not
+ reachable, you should read the security advisories first to figure out
+ if a newer version (with the vulnerability fixed) should be used. If
+ not, try to download the removed package from a mirror. Although it's
+ possible to download an old release from a mirror even if this release
+ has been removed because of a vulnerability, it's not recommended to
+ use a release known to be vulnerable for building your system.
+@y
+
+ ã¢ããã¹ããªã¼ã ã§ã¯ãå¤ããªãªã¼ã¹ãåé¤ãã¦ãããã¨ãããã¾ãã
+ ç¹ã«ãã®ãªãªã¼ã¹ã«ã»ãã¥ãªãã£ããå¼±æ§ãå«ãã§ããå ´åã§ãã
+ 以ä¸ã«ç¤ºã URL ãç¡å¹ã«ãªã£ã¦ããããã¾ãåãã«ã»ãã¥ãªãã£ã¢ããã¤ã¹ãèªãã§ãã ããã
+ ããã¦æ°ããªãã¼ã¸ã§ã³ãï¼ããå¼±æ§ã解æ¶ãã¦ï¼å
¥æã§ãããã©ããã確èªãã¦ãã ããã
+ ããã§ãããã±ã¼ã¸ãåé¤ããã¦ãã¾ã£ã¦ããå ´åã¯ããã©ã¼ãµã¤ãããã®ãã¦ã³ãã¼ãã試ãã¦ã¿ã¦ãã ããã
+ ããå¼±æ§ãåå ã§åé¤ããã¦ããå¤ããã¼ã¸ã§ã³ã®ããã±ã¼ã¸ããã¦ã³ãã¼ãã§ããã¨ãã¦ããããå¼±æ§ã«åé¡ãããã®ã§ããã°ãã·ã¹ãã ãã«ãã«ç¨ãããã¨ã¯ãå§ããã¾ããã
+
+@z
+
+@x
Download or otherwise obtain the following packages:
@y
@@ -164,21 +196,6 @@
&Homepage;:
&Download;:
@z
-@x
- The upstream may remove tarballs of the specific releases of
- Expat when these releases contain a
- security vulnerability. You should refer to
- LFS security advisories
- to figure out which version (with the vulnerability fixed) should
- be used. You may download the vulnerable version from a mirror,
- but it's not recommended.
-@y
-
- Expat ã®ã¢ããã¹ããªã¼ã ã§ã¯ããªãªã¼ã¹ã«ããã£ã¦ã»ãã¥ãªãã£ããå¼±æ§ãå«ã¾ãã¦ããå ´åã«ã¯ããã®ãªãªã¼ã¹ tarball ãåé¤ãããã¨ãããã¾ãã
- ãããã£ã¦ LFS ã»ãã¥ãªãã£ã¢ããã¤ã¶ãªã¼ ãåç
§ãã¦ãã©ã®ãã¼ã¸ã§ã³ãï¼ããå¼±æ§ãä¿®æ£ãã¦ï¼å©ç¨ã§ãããã確èªãã¦ãã ããã
- ããå¼±æ§ãå«ããã®ã§ãã£ã¦ããã©ã¼ãµã¤ãããå
¥æã§ããããããã¾ããããããã¯ãã¾ããå§ããã¾ããã
-
-@z
@x expect
Home page: