Home | Docs | Forums | Lists | Bugs | Planet | Store | GMN | Get Gentoo!
Not eligible to see or edit group visibility for this bug.
View Bug Activity | Format For Printing | XML | Clone This Bug
Installation of SSL certificates in src_install might expose the secret keys when building binary packages (bug 174759). Please update the package mentioned in this bug's title to use the new "install_cert" function of ssl-cert.eclass, and use it only in your pkg_postinst or pkg_config. This bug is for keeping track of specific changes to your ebuilds and stabling, general questions about this should be discussed in bug 174759. Our aim is to have fixed ebuilds in the tree by Dec. 23rd, otherwise we will commit this minor change. Stabling should be done two weeks after the commit, at last around Jan, 6th.
> Our aim is to have fixed ebuilds in the tree by Dec. 23rd, otherwise > we will commit this minor change. Just a reminder; I would prefer if package maintainers fixed this for their packages. So I'll wait for another week before committing the change myself.
Fix in cvs
(In reply to comment #2) > Fix in cvs Not really... The final goal is that we remove docert() from ssl-cert.eclass. So I guess it should be something like the following: pkg_postinst() { install_cert /etc/nufw/{nufw,nuauth} } Reopening.
Fix again in cvs Thanks
> Fix again in cvs Thank you. @security: Package was never stable.
