Summary: | GLSA 200504-07 marks gnome-vfs-1.* as affected | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sascha Silbe <sascha-gentoo-bugzilla> |
Component: | GLSA Errors | Assignee: | Gentoo Security <security> |
Status: | RESOLVED WORKSFORME | ||
Severity: | minor | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Sascha Silbe
2005-04-09 07:58:56 UTC
There are two things here: - GLSA 200504-07 marking gnome-vfs-1.* as affected - glsa-check doesn't include enough information to be able to understand the issue at hand (the "The following updates will be performed for this GLSA: gnome-base/gnome-vfs-2.8.4-r1 (2.8.4-r1)" is clearly misleading). For the first thing we must first make sure that gnome-vfs-1.* is not affected by this before correcting the GLSA (or patching that SLOT too). For the second we should file a separate bug in Portage tools. Will do. gnome-vfs-1.* is affected by this flaw, so the GLSA is correct, closing this bug as WORKSFORME. That said, maybe the GNOME team should have patched the gnome-vfs-1 line too, rather than forcing everyone to remove that package. Reopening original bug 84936 to ask them the question. |