rge kde-base/kdelibs-3.5.10 (or something similar) needs to be added to unaffected for glsa 200804-30.
glsa-check is showing it as unaffected right now, but I believe that is an error with glsa-check's handling of rge. other checks show this as vulnerable (as it doesnt match <unaffected range="rge">3.5.9-r3</unaffected> or any other unaffected range)
Steps to Reproduce:
1. look at /usr/portage/metadata/glsa/glsa-200804-30.xml
1. paludis -r
* kde-base/kdelibs-3.5.10-r2:3.5::installed NOT OK
This package has following security issues:
GLSA-200804-30: "KDE start_kdeinit: Multiple vulnerabilities"
should show no vulnerable packages
It's because it's not a stable package for now, so maybe paludis is not handling this correctly. Anyway, I added 3.5.10 as unaffected in glsa-200804-30.xml for when it goes stable.
*** Bug 260182 has been marked as a duplicate of this bug. ***