Author: orcmid
Date: Tue Aug 16 01:40:48 2016
New Revision: 14832
Log:
0.2.0 BETA README for the 4.1.2-patch1 Hotfix for Windows (also included in the
.zip file)
Modified:
dev/openoffice/4.1.2-patch1/binaries/Windows/README-4.1.2-patch1-Windows.txt
Modified:
dev/openoffice/4.1.2-patch1/binaries/Windows/README-4.1.2-patch1-Windows.txt
==============================================================================
---
dev/openoffice/4.1.2-patch1/binaries/Windows/README-4.1.2-patch1-Windows.txt
[UTF-8] (original)
+++
dev/openoffice/4.1.2-patch1/binaries/Windows/README-4.1.2-patch1-Windows.txt
[UTF-8] Tue Aug 16 01:40:48 2016
@@ -3,12 +3,12 @@ Hash: SHA256
-README-4.1.2-patch1-apply-Windows.txt 0.1.0 UTF-8 2016-08-11
+README-4.1.2-patch1-Windows.txt 0.1.0 UTF-8 2016-08-15
- APPLYING MANUAL HOTFIX FOR APACHE OPENOFFICE ON WINDOWS
- =======================================================
+ APPLYING THE HOTFIX FOR APACHE OPENOFFICE ON WINDOWS
+ ====================================================
- 0.1.0 BETA TEST INSTRUCTIONS. NOT FOR GENERAL DISTRIBUTION
+ 0.2.0 BETA TEST INSTRUCTIONS. NOT FOR GENERAL DISTRIBUTION
This material is for developer and quality-assurance review,
testing, and revision. When completed, general-distribution
@@ -16,7 +16,7 @@ README-4.1.2-patch1-apply-Windows.txt 0.
<https://archive.apache.org/dist/openoffice/4.1.2-patch1/>
- The archive file apache-openoffice-4.1.2-patch1-apply-Win_x86.zip
+ The archive file apache-openoffice-4.1.2-patch1-Win_x86.zip
contains files for applying a fix to Apache OpenOffice 4.1.2
on Microsoft Windows. The fix eliminates a security vulnerability
identified as CVE-2016-1513. The latest details about that
@@ -29,15 +29,32 @@ README-4.1.2-patch1-apply-Windows.txt 0.
who is expert in maintaining PCs can be of assistance.
CONTENT
+ Notice
A. Prerequisites
B. Preliminaries
C. Procedure
D. Confirmation
- E. Removing the Patch
+ E. Trouble-Shooting and Removing the Patch
Acknowledgment
Appendix: Manual Patch Application
-
+ NOTICE
+
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. The ASF licenses
+ this file to you under the Apache License, Version 2.0 (the
+ "License"). You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+
+
A. PREREQUISITES
* Ability to access and navigate the file system of your computer.
@@ -48,12 +65,12 @@ A. PREREQUISITES
* Extracting the contents of a Zip package into a folder from which
the Zipped contents can be reviewed and used.
- * Downloading apache-openoffice-4.1.2-patch1-apply-Win_x86.zip to a
+ * Downloading apache-openoffice-4.1.2-patch1-Win_x86.zip to a
location on your Windows PC where it can be used and its content
extracted.
* OPTIONAL: Confirming correctness of downloads by verifying the
- hash-check (.md5 and .sha256) files.
+ hash-check (.md5, .sha1, and .sha256) files.
* OPTIONAL: Confirming correctness and authenticity of the downloads
by verifying the digital-signature (.asc) files using PGP software
@@ -77,7 +94,7 @@ B. PRELIMINARIES
Important to you open correctly without having made any changes to
the software yet. For any problem documents, close them without
saving. Those problems exist without the patch and should be
- reported separately.
+ reported separately to public list [email protected].
* When you have completed that work, verify that the Apache OpenOffice
Quickstarter is not operating. Click on the OpenOffice Tools menu
@@ -96,16 +113,25 @@ B. PRELIMINARIES
C. PROCEDURE
1. If you have not already done so, download the Zip archive
- apache-openoffice-4.1.2-patch1-apply-Win_x86.zip from the internet,
+ apache-openoffice-4.1.2-patch1-Win_x86.zip from the internet,
using the web browser of your choice. The Downloads folder of your
- user account on Windows is fine to use. Whatever folder you download
- to should be empty first.
+ user account on Windows is fine to use. As a security precaution,
+ whatever folder you download to should be empty first. NOTE: Though
+ not necessary, it is good practice to use a dedicated folder to
+ avoid confusion with and possible contamination by other content.
+
+ NOTE: Some Antivirus products may object to the the .zip as unsafe
+ either because it is unknown or because it contains executable code.
+ In that case it is necessary to disable the Antivirus long enough
+ to complete the download. Alternatively, see if there is an Anti-
+ virus setting that asks your permission to allow the download and
+ not automatically delete/quarantine it on an individual basis.
2. If the download succeeds without problems, the .zip file is available
To use. For additional authentication, verify the digital signature
and/or the hash checks if you have the software needed for that.
- 3. As an additional precaution you can now disconnect your computer
+ 3. As a security precaution you can now disconnect your computer
from the Internet and any other networks. If you do so, remember to
re-establish your connection when the following steps are completed
or suspended.
@@ -120,12 +146,12 @@ C. PROCEDURE
7. Use the folder name that is proposed by the extraction dialog and
complete the extraction.
- 8. If there is no damage to the .zip file, you will have a folder
- named apache-openoffice-4.1.2-patch1-apply-Win_x86 in the
+ 8. If no damage to the .zip file is reported, you will have a folder
+ named apache-openoffice-4.1.2-patch1-Win_x86 in the
same place as the downloaded .zip file. It will have these
contents:
- README-4.1.2-patch1-apply-Windows.txt
+ README-4.1.2-patch1-Windows.txt
The version of this procedure that applies for that
package.
@@ -136,12 +162,12 @@ C. PROCEDURE
NOTICE.txt
A notice about the origin of the content.
- APPLY-4.1.2-patch1-Windows.bat
+ APPLY-4.1.2-patch1.bat
The Windows batch-file script to run for installing
the patch.
- REVERT-4.1.2-patch1-Windows.bat
- The Windows batch-file script to run to back out
+ REVERT-4.1.2-patch1.bat
+ The Windows batch-file script for backing out
the patch if necessary.
tl.dll.new
@@ -180,7 +206,7 @@ C. PROCEDURE
content as described above.]
9. APPLYING THE PATCH AUTOMATICALLY.
- Double-click the file APPLY-4.1.2-patch1-Windows.bat. The automated
+ Double-click the file APPLY-4.1.2-patch1.bat. The automated
procedure will open a window in which progress is reported.
[Note: If using the automatic procedure is ineffective for some
@@ -198,7 +224,7 @@ C. PROCEDURE
b. If, instead, there is an "Open As ..." option, click that and
choose the administrator account for which you know the
- password.
+ password. Then provide it when prompted.
c. On Windows XP, there are no such options by default. The
best solution is to perform this entire procedure within an
@@ -221,33 +247,35 @@ D. CONFIRMATION
operation.
* If any document that succeeded before now opens incorrectly or fails
- to open, please report that case to the project via the
- [email protected] public mailing list. DO NOT save any
- incorrectly-opened/failed documents. Close them if necessary and
- leave them alone. Please report the situation on the public
- mailing list [email protected] and await further
- instructions.
-
+ to open, close them without saving. Leave them alone. Please report
+ the situation to the [email protected] public mailing list
+ and await further instructions.
+
NOTE: If you reinstall Apache OpenOffice 4.1.2, the patch will not
be preserved and you will need to re-apply it. If you install a
later version of Apache OpenOffice, the patch will be unnecessary.
-E. REMOVING THE PATCH
+E. TROUBLE-SHOOTING AND REMOVING THE PATCH
If there are any problems with known-good documents, you can restore
the original "tl.dll". The patch can be removed any time that you
are concerned that some problem is related to having installed the
patch or to verify that the problem does not depend on the patch
- being included or not.
+ being included or not.
To remove the patch automatically, close OpenOffice and, in the folder
where the APPLY file is found. Double-click on the file
- REVERT-4.1.2-patch1-Windows.bat.
+ REVERT-4.1.2-patch1.bat.
The automated REVERT procedure operates much the same as the APPLY
procedure in steps (9-10) in section C, above.
+ If an identified problem persists following the REVERT procedure, the
+ patch is not the source of the problem. It is safe to APPLY the
+ patch again. The problem should be reported and discussed on the
+ public [email protected] list.
+
ACKNOWLEDGMENT
@@ -301,6 +329,9 @@ A2. MANUAL PROCEDURE
that. Remember to restore your user account to its previous non-
administrator function when you complete or need to suspend
this procedure.
+ * If you are unable to accomplish this by any means, you will need
+ the assistance of someone who was able to provide administrator
+ rights when Apache OpenOffice was installed.
10. Find the folder on your operating-system drive where OpenOffice
is installed, usually on the (C:) drive. OpenOffice will be in the
@@ -321,9 +352,9 @@ A2. MANUAL PROCEDURE
15. Now arrange to have the "OpenOffice 4" folder and the folder
"apache-openoffice-4.1.2-patch1-apply-Win_x86" both open, so that
- the title bar of the first is not covered by the second. If the
- folders overlap, the folder the Zip was extracted into should be on
- top.
+ the title bar of the first is not covered by the second. If there
+ is any folder overlap, the folder the Zip was extracted into should
+ be on top.
16. With the mouse hovering over tl.dll.new in the patch1 folder
and the keyboard Ctrl key held down, click and hold the mouse
@@ -345,16 +376,16 @@ A2. MANUAL PROCEDURE
* Rename the tl.dll.old file back to tl.dll.
- *** end of README-4.1.2-patch1-apply-Windows.txt ***
+ *** end of README-4.1.2-patch1-Windows.txt ***
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
-iQEcBAEBCAAGBQJXrUECAAoJEPluif/UVmKKtWwIAKybxUb1E4/jIMrawTj3oJ28
-6EFV4NfQdWF6NeQzCpInyDPPtxabXMr7Y2v/JjxWAmX5jGHJY7tk2XX0JU0rVebJ
-3gmWT32h26BKS1ems2HMggFN7tf4B8siM7lSgvcTfLqploQZRwDuxzLkQAveXsnj
-4z94YTzM+goCw8uYYH4lx34q375fPCVB6CV/yszKymJRcFxMU6DfUCp9Ck0EiQAd
-8BMqqNnGbcmIBaxmFO9OaIyLeQGKAMA3ePx12hly4bQFkgRLhsI2sgFtR9Z2+aaV
-/XQ+AiGHiLIvmw+ET01y72rnvQDBhVe/44Fe6u5EnQLAcibs9B/4H8QahkmOVEU=
-=xD1X
+iQEcBAEBCAAGBQJXsmxlAAoJEPluif/UVmKKhoYH/0zksebt5loDUjzZZJYabLRj
+Lty+EnVTB/lGa8MeI0Kgkh7CslREYAWR225ZlnxLnizrYP5RCpRDkJsh90gHRmD8
+IjutplX+jbgu+9F5O0Dcgfb9bH6ixsx6sirK1wJ3ne0tJFyqgUYEf1firLUPv9lg
+pGlKZfYHOOFjNNOiu+VHkpwsxHQaPnrnogmri9YlTkNy5gKGDp/pIGZcaULwjvAD
+gT4DQcmokf+AW2NzYPGUA+jtkvYtz/OxbHb0cUqNE7+UO1TEUmOQTu36oj5r6j3X
+2hYr5IbJ56eiFFNo0PNHh0QXxDBznx7zI1Hyh2p12nmNQkLurDC3Uh60+DnrfQU=
+=dFS3
-----END PGP SIGNATURE-----
