media-libs/lcms:0 is unmaintained, has seen no releases since 2009, and (according to upstream) is affected by unspecified serious security issues. Please * either drop all old versions that depend on media-libs/lcms:0, * or hard-disable an optional dependency on media-libs/lcms:0. Thank you!
Hi! my understanding is that only 2.8.6 is using lcms:0 # fgrep -R media-libs/lcms . | fgrep :0 ./gimp-2.8.6.ebuild: lcms? ( >=media-libs/lcms-1.16:0 ) and that for all the arches that 2.8.6 is stabilized, 2.8.10-r1 is marked stable too. So the fix would be to remove the 2.8.6 ebuilds. Is that correct?
Yes, there is only media-gfx/gimp-2.8.6 in the tree depending on media-libs/lcms:0 - So dropping the old version will resolve this issue. The version information in the summary is precise, but confusing :-)
(In reply to Matthias Maier from comment #2) > Yes, there is only media-gfx/gimp-2.8.6 in the tree depending on > media-libs/lcms:0 - So dropping the old version will resolve this issue. Okay, cool. + 26 Oct 2014; Sebastian Pipping <sping@gentoo.org> -gimp-2.8.6.ebuild, + -gimp-2.8.8-r1.ebuild: + Remove old versions, latest stable 2.8.10-r1 remains (bug #526854) + Closing.