VMware wrote: NOTE: Hosted products VMware Workstation 5.x, VMware Player 1.x, and VMware ACE 1.x will reach end of general support 2008-11-09. Customers should plan to upgrade to the latest version of their respective products. We should give people the opportunity to upgrade their installations before there are known security issues in the old vmware versions and upstream does not provide updates anymore. If we don't, we force people to rush 5->6 upgrade with that "security, update fast!" sword hanging over their heads.
Fine by me, what's the process? CC in arches?
(In reply to comment #1) > Fine by me, what's the process? CC in arches? Yep, just a regular stabling request. Except for the fact that these specific ebuilds are only in the tree for 3 weeks now instead of 4 weeks. But in general, their major versions are in the tree for a while already. I'll cc arches and let them decide whether they follow this argument or rather wait another week. =app-emulation/vmware-workstation-6.0.5.109488 =app-emulation/vmware-player-2.0.5.109488
just to be sure, on amd64 we need to test: app-emulation/vmware-modules-1.0.0.22 dev-cpp/libsexymm-0.1.9 x11-libs/libview-0.6.1 or 0.5.6? and of course player and workstation. right?
That's correct, although vmware just released a security issue about these versions, so this bug is probably no longer worthwhile. For versions 6.0.x/2.0.x they recommend updating to 6.5.x/2.5.x, which aren't in the tree yet (but are in the overlay). I'm just going about updating the overlay with the various versions, getting them tested and then added to the tree. I'm not sure whether you want to keep this on hold or simply close it now...
(In reply to comment #4) > That's correct, although vmware just released a security issue about these > versions, so this bug is probably no longer worthwhile. > > For versions 6.0.x/2.0.x they recommend updating to 6.5.x/2.5.x, which aren't > in the tree yet (but are in the overlay). I'm just going about updating the > overlay with the various versions, getting them tested and then added to the > tree. > > I'm not sure whether you want to keep this on hold or simply close it now... > Mike, Sorry that we couldn't get to it sooner. Our bug queue is pretty large at the moment. As such, we will defer this to later because we don't want stable users to get a security vuln package. Please open a new bug at a later date. (Or reopen this one is fine too). I am assuming that x86 team agrees with my position here. rbu: Your input is welcome here too. Thanks.
(In reply to comment #5) > rbu: Your input is welcome here too. Sure, let's handle stabilization on the relevant security bug, that is bug 245941.
I don't believe any of those packages are still in the tree... Am I mistaken ?
(In reply to comment #7) > I don't believe any of those packages are still in the tree... Am I mistaken > ? Vmware losed the stable keyword, so no need to stabilize them anymore