I just found that the coreutils version I have already installed has been masked I went to gentoo CVS to see if there was a comment to determine whether I needed to downgrade this package. I found: >>Make sure $WORKDIR is go-w before giving everyone read >>access #122951 by Joshua Pettett. Looks harmless enough so I thought I'd have a look at the bug and see what merited it being masked, it's presumably important. I entered the bug number and got a lockout !! >>You are not authorized to access bug #122951. Why should any bugs be hidden? This seems most odd. thanks.
Some security bugs are not public. http://www.gentoo.org/security/en/vulnerability-policy.xml#doc_chap2