Purchased the Gentoo CD 2004.2 x86 set to do a non-network upgrade. Removed xfree-4.3.0-r5 and installed xorg-x11-6.7.0-r1. Ran startx and received message that it requires glibc-2.3.4 to operate. Do not have high speed Internet access so it is not practical to download the +15MB tarball. Please include on the next Gentoo CD the proper version of glibc that works with xorg-x11.
I believe you were under the impression you could use the GRP packages to upgrade your install. These packages are only meant to work with a stage3 install + portage-snapshot tarball from these CDs, not as a means of upgrading an existing installation. I did a stage3+snapshot+GRP installation using the files from the cds, this will work since they were built for each other. You were under a wrong impression these CDs were a binary-upgrade package. Closing
Moving these so we can remove the "Install CD" component from "Gentoo Linux". I apologize to everyone for this spam, but according to the bugzilla developers, this is the only reasonable way to do this.
CVE-2004-0063 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2004-0063): The SPP_VerifyPVV function in nCipher payShield SPP library 1.3.12, 1.5.18 and 1.6.18 returns a Status_OK value even if the HSM returns a different status code, which could cause applications to make incorrect security-critical decisions, e.g. by accepting an invalid PIN number. CVE-2004-0064 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2004-0064): The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows local users to overwrite arbitrary files via a symlink attack on files within the tmp.SuSEconfig.gnome-filesystem.$RANDOM temporary directory. CVE-2004-0065 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2004-0065): Multiple SQL injection vulnerabilities in phpGedView before 2.65 allow remote attackers to execute arbitrary SQL via (1) timeline.php and (2) placelist.php. CVE-2004-0067 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2004-0067): Multiple cross-site scripting (XSS) vulnerabilities in phpGedView before 2.65 allow remote attackers to inject arbitrary HTML or web script via (1) descendancy.php, (2) index.php, (3) individual.php, (4) login.php, (5) relationship.php, (6) source.php, (7) imageview.php, (8) calendar.php, (9) gedrecord.php, (10) login.php, and (11) gdbi_interface.php. NOTE: some aspects of vector 10 were later reported to affect 4.1.
Sorry, that was a tool failure. Please ignore the previous comment *cough*