# glsa-check -t all This system is affected by the following GLSAs: 200606-13 # glsa-check -d 200606-13 GLSA 200606-13: MySQL: SQL Injection ============================================================================ Synopsis: MySQL is vulnerable to an SQL Injection flaw in the multi-byte encoding process. Announced on: June 11, 2006 Last revised on: August 05, 2006: 03 Affected package: dev-db/mysql Affected archs: All Vulnerable: <5.0.22 Unaffected: >=5.0.22 >=~4.1.20 >=~4.1.21 <4.1 # emerge -pv dev-db/mysql [ebuild R ] dev-db/mysql-4.1.22 USE="berkdb -big-tables -cluster -debug -embedded -extraengine -latin1 -minimal perl -raid (-selinux) -srvdir ssl -static" 0 kB As you can see, the GLSA says mysql 4.1.22 is safe, yet glsa-check says my system is affected.
I updated the GLSA to include 4.1.22 as unaffected, thanks for notifying us. Unfortunately this can't be circumvented due to issues kinda discussed in bug 106677.
Understood.