Home | Docs | Forums | Lists | Bugs | Planet | Store | GMN | Get Gentoo!
Not eligible to see or edit group visibility for this bug.
View Bug Activity | Format For Printing | XML | Clone This Bug
app-admin/gtkdiskfree-1.9.3: vulnerable via glsa(200510-01) ( ver-rev < 1.9.3-r1 ), affects ('amd64', 'ppc', 'ppc64', 'x86') app-doc/chmlib-0.31: vulnerable via glsa(200511-23) ( ver < 0.37.4 ), affects ('amd64', 'ppc', 'x86') app-doc/chmlib-0.32: vulnerable via glsa(200511-23) ( ver < 0.37.4 ), affects ('amd64', 'ppc', 'x86') app-doc/chmlib-0.33: vulnerable via glsa(200511-23) ( ver < 0.37.4 ), affects ('amd64', 'ppc', 'x86') app-doc/chmlib-0.35: vulnerable via glsa(200511-23) ( ver < 0.37.4 ), affects ('amd64', 'ppc', 'x86') app-misc/lcdproc-0.4.4-r1: vulnerable via glsa(200404-19) ( ver-rev <= 0.4.4-r1 && ver not => 0.4.5 ), affects ('amd64', 'x86') media-gfx/xzgv-0.8-r1: vulnerable via glsa(200604-10) ( ver-rev < 0.8-r2 ), affects ('alpha', 'amd64', 'hppa', 'ia64', 'ppc', 'ppc64', 'sparc', 'x86') media-gfx/zgv-5.7-r1: vulnerable via glsa(200604-10) ( ver < 5.9 ), affects ('x86',) media-gfx/zgv-5.7-r1: vulnerable via glsa(200411-12) ( ver < 5.8 ), affects ('x86',) media-gfx/zgv-5.8: vulnerable via glsa(200604-10) ( ver < 5.9 ), affects ('x86',) media-gfx/xli-1.17.0: vulnerable via glsa(200510-26) ( ver-rev < 1.17.0-r2 ), affects ('alpha', 'amd64', 'arm', 'hppa', 'ia64', 'ppc', 'ppc-macos', 'ppc64', 'sparc', 'x86') media-gfx/xli-1.17.0: vulnerable via glsa(200503-05) ( ver-rev < 1.17.0-r1 ), affects ('alpha', 'amd64', 'arm', 'hppa', 'ia64', 'ppc', 'ppc-macos', 'ppc64', 'sparc', 'x86') media-gfx/xli-1.17.0-r1: vulnerable via glsa(200510-26) ( ver-rev < 1.17.0-r2 ), affects ('alpha', 'amd64', 'arm', 'hppa', 'ia64', 'mips', 'ppc', 'ppc-macos', 'ppc64', 'sparc', 'x86') net-www/netscape-flash-6.0.79: vulnerable via glsa(200603-20) ( ver < 7.0.63 ), affects ('x86',) net-www/netscape-flash-6.0.79: vulnerable via glsa(200511-21) ( ver < 7.0.61 ), affects ('x86',) net-www/netscape-flash-6.0.81: vulnerable via glsa(200603-20) ( ver < 7.0.63 ), affects ('amd64', 'x86') net-www/netscape-flash-6.0.81: vulnerable via glsa(200511-21) ( ver < 7.0.61 ), affects ('amd64', 'x86') net-www/netscape-flash-7.0.25: vulnerable via glsa(200603-20) ( ver < 7.0.63 ), affects ('amd64', 'x86') net-www/netscape-flash-7.0.25: vulnerable via glsa(200511-21) ( ver < 7.0.61 ), affects ('amd64', 'x86') net-www/netscape-flash-7.0.61: vulnerable via glsa(200603-20) ( ver < 7.0.63 ), affects ('amd64', 'x86') Please, clean up the above. Thanks! ;)
Also: media-gfx/pngcrush-1.5.10: vulnerable via glsa(200603-18) ( ver < 1.6.2 ), affects ('amd64', 'ppc', 'ppc-macos', 'x86') media-libs/libcdaudio-0.99.9: vulnerable via glsa(200504-07) ( ver-rev < 0.99.10-r1 ), affects ('alpha', 'amd64', 'hppa', 'ia64', 'mips', 'ppc', 'ppc64', 'sparc', 'x86') net-ftp/gproftpd-8.1.4: vulnerable via glsa(200502-26) ( ver < 8.1.9 ), affects ('sparc', 'x86') net-ftp/gproftpd-8.1.6: vulnerable via glsa(200502-26) ( ver < 8.1.9 ), affects ('ppc', 'sparc', 'x86')
Treecleaners doesn't really do this at present, although we may expand it in the future. Co-ordinate between qa and security.
Also: net-ftp/ftpd-0.17: vulnerable via glsa(200511-11) ( ver-rev < 0.17-r3 ), affects ('amd64', 'sparc', 'x86') net-ftp/ftpd-0.17-r1: vulnerable via glsa(200511-11) ( ver-rev < 0.17-r3 ), affects ('alpha', 'amd64', 'ppc', 'sparc', 'x86') net-ftp/ftpd-0.17-r2: vulnerable via glsa(200511-11) ( ver-rev < 0.17-r3 ), affects ('alpha', 'amd64', 'ppc', 'sparc', 'x86') and finally (needs zebedee-2.5.3 stabilized on s390) net-misc/zebedee-2.5.2: vulnerable via glsa(200509-14) ( ver < 2.5.3 && not ( ver = 2.4.1 && ver-rev => 2.4.1-r1 ) ), affects ('alpha', 'amd64', 'hppa', 'ia64', 'mips', 'ppc', 'ppc64', 's390', 'sparc', 'x86')
media-gfx/xzg <-- smithj was seen about 3 days ago, so I want to wait for him on this one.
net-misc/zebedee waiting on s390 media-gfx/xzg waiting on smithj everything else is done, cheers.
Smithj said he's going to mask xzg so I'm going to skip that one and let him mask/remove action on it.
media-gfx/xzgv masked pending removal; there are much better image viewing utilities out there which are maintained.
xzgv is in the fluxbox desktop guide, which is why I have it installed. what would be a good replacement?
I too need a replacement.
"media-gfx/xzgv masked pending removal; there are much better image viewing utilities out there which are maintained" please, could you advise some goog image viewer? I have already tried many viewers, but none have met my expectations but xzgv. I start using zgv on console and I was happy it is for X. It's simple (two pannels) and it can change image very fast using "space" and "b" keys. Is the any image viewer with this features? - like ACDSee - using simple interface - possible to use only with keys (no mouse) - only two pannel (directory navigation and file list on one, and the image on the other) - when I used ACDSee, I have switched all useless pannels and let only directory structure and file list - is really fast - can do simple image manipulation (zoom, fit to screen-enlarge,shrink), rotate - can do simple file management (mkdir, rmdir, delete, copy, move) the other very good image viewer I found is links2 html broswer (but it cannot do file management and more image manipulation) Is there any other simple image viewer like xzgv which could be fine for me? Thank you for answer.
> please, could you advise some goog image viewer? I have already tried many > viewers, but none have met my expectations but xzgv. I start using zgv on > console and I was happy it is for X. It's simple (two pannels) and it can > change image very fast using "space" and "b" keys. Is the any image viewer with > this features? i will now use try to use gqview... but i like xzgv a lot and i would like to keep it... but i'm not allowed (yet?) to maintain gentoo packages... :(
(In reply to comment #11) > > please, could you advise some goog image viewer? I have already tried many > > viewers, but none have met my expectations but xzgv. I start using zgv on > > console and I was happy it is for X. It's simple (two pannels) and it can > > change image very fast using "space" and "b" keys. Is the any image viewer with > > this features? > > i will now use try to use gqview... > > but i like xzgv a lot and i would like to keep it... but i'm not allowed (yet?) > to maintain gentoo packages... :( > http://bugs.gentoo.org/show_bug.cgi?id=135271 Do your second quiz and get it approved.
> > Do your second quiz and get it approved. yes, yes, as soon as i have time to learn all that stuff ! :)
(In reply to comment #7) > media-gfx/xzgv masked pending removal; there are much better image viewing > utilities out there which are maintained. > please, don't remove xzgv from portage. I have tried all other image viewers I could find in portage and none were as fast (to load, to use) and as fitting to my needs. Of course, if you can list some "better image viewing utilities", I am eager to hear it. On the other hand... xzgv seems unmaintained upstream, so the old users will have to keep one ebuild in an overlay or will have to install it manually and new users won't be presented to security issues it presents... And anyway, Raphael Marichez, how is your progress becoming a maintainer? :)
Folks really, moaning here about a tool that's been dead upstream for 3+ years doesn't do any good unless you are willing to take it over upstream and maintain the code. Also, bugzilla is not exactly a place to chat about good image viewers.
Hi xzgv lovers:) I've found a few days ago new project, new image viewer ACDSee like, called Goby. I've tried it and I've created ebuild for it. It's in development, but it this stage it looks great to me. Can anyone manage ebuild for this project? http://goby.sf.net. Sorry for chating here about image viewers. Wolf.
Created an attachment (id=97268) [edit] Ebuild for Goby Here is my ebuild for Goby.
Uh, stop! This bug is about *cleaning* up vulnerable cruft. Go file a new one for Goby or whatever else. No ebuilds attached here, please. Thanks.
Please don't remove xzgv, it is a nice simple yet useful application. I love it.
Only media-gfx/xzgv left, all the rest done.
Do not remove xzgv !!! i'll deal w/ xmms, but not xzgv...
mega bugs suck; file individual ones in the future
What is the current problem of xzgv? Thanks a lot for information :-)
Why will xzgv-0.8-r2 be removed? In main post says: media-gfx/xzgv-0.8-r1: vulnerable via glsa(200604-10) ( ver-rev < 0.8-r2 ), affects ('alpha', 'amd64', 'hppa', 'ia64', 'ppc', 'ppc64', 'sparc', 'x86') But 0.8-r2 is not affected by this bug http://bugs.gentoo.org/show_bug.cgi?id=127008 Then, 0.8-r2 doesn't need to be removed
xzgv-0.8-r2 is not affected by security bug, please, unmask it
Um is it possible to unmask this then? (I don't see the point in filing a new bug.)
Still in tree and using GTK+-1.2. Entry in package.mask is getting stale. Please remove.
Jonathan, can we get rid of this? GTK+-1.2 needs to die.
kill it. kill it with fire
killed
(In reply to comment #18) > Uh, stop! This bug is about *cleaning* up vulnerable cruft. This is *not* _vulnerable_ any more. *plop* ;P
It seems that xzgv has a new maintainer so I have opened bug 196597, requesting a new ebuild for xzgv-0.9 (which now uses gtk2 and imlib2). Sorry I didn't know if it was better to add the ebuild here or if it was better to fill a new bug report for it...
