Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 712704

Summary: net-p2p/fms should not depend on <net-libs/mbedtls-2.19.0 for security
Product: Gentoo Linux Reporter: Anthony Basile <blueness>
Component: StabilizationAssignee: Thomas Sachau <tommy>
Status: RESOLVED FIXED    
Severity: normal    
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 711180    

Description Anthony Basile gentoo-dev 2020-03-15 14:35:16 UTC 
We need to remove all versions <net-libs/mbedtls-2.19.0 for security, see bug #711180.  This means =net-p2p/fms-0.3.81.ebuild.

Reproducible: Always
Comment 1 Thomas Sachau gentoo-dev 2020-03-18 18:06:44 UTC 
net-p2p/fms-0.3.81 does not compile with the newer slot, so nothing i can do about that dependency. But i notified upstream about the issue and they released a new version, which works with the current version. I just added the new version and will remove the old version in a few days, if no major bugs are comming in.
Comment 2 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-03-25 19:25:03 UTC 
(In reply to Thomas Sachau from comment #1)
> net-p2p/fms-0.3.81 does not compile with the newer slot, so nothing i can do
> about that dependency. But i notified upstream about the issue and they
> released a new version, which works with the current version. I just added
> the new version and will remove the old version in a few days, if no major
> bugs are comming in.

How're we doing on this front?
Comment 3 Thomas Sachau gentoo-dev 2020-03-27 17:38:06 UTC 
Old version dropped.
Comment 4 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-03-27 18:00:40 UTC 
(In reply to Thomas Sachau from comment #3)
> Old version dropped.

Thanks!