386553 – dev-libs/openssl-0.9.8r is not masked but is the subject of GLSA 201110-01

Bug 386553 - dev-libs/openssl-0.9.8r is not masked but is the subject of GLSA 201110-01

Summary: dev-libs/openssl-0.9.8r is not masked but is the subject of GLSA 201110-01

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	GLSA Errors (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2011-10-09 17:16 UTC by Richard Freeman
Modified:	2011-10-09 17:31 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Richard Freeman gentoo-dev

2011-10-09 17:16:46 UTC

From GLSA 201110-01:

   -------------------------------------------------------------------
    Package              /     Vulnerable     /            Unaffected
   -------------------------------------------------------------------
 1  dev-libs/openssl             < 1.0.0e                  >= 1.0.0e

Perhaps you meant to indicate that the GLSA only applies to the 1.0 slot, or perhaps we should be masking 0.9.

It appears the same issue exists with the xml file, which means glsa-check will return false positives.

Reproducible: Always

Comment 1 Alex Legler (RETIRED) archtester

2011-10-09 17:31:53 UTC

Fixed in CVS.