strip: x86_64-pc-linux-gnu-strip --strip-unneeded -R .comment usr/bin/qtoctave scanelf: rpath_security_checks(): Security problem NULL DT_RPATH in /var/tmp/portage/sci-mathematics/qtoctave-0.8.2/image/usr/bin/qtoctave scanelf: rpath_security_checks(): Maybe? sec problem with DT_RPATH='usr/lib:/usr/lib64/qt4' in /var/tmp/portage/sci-mathematics/qtoctave-0.8.2/image/usr/bin/qtoctave scanelf: rpath_security_checks(): Security problem NULL DT_RUNPATH in /var/tmp/portage/sci-mathematics/qtoctave-0.8.2/image/usr/bin/qtoctave scanelf: rpath_security_checks(): Maybe? sec problem with DT_RUNPATH='usr/lib:/usr/lib64/qt4' in /var/tmp/portage/sci-mathematics/qtoctave-0.8.2/image/usr/bin/qtoctave * QA Notice: The following files contain insecure RUNPATH's * Please file a bug about this at http://bugs.gentoo.org/ * with the maintaining herd of the package. * :usr/lib:/usr/lib64/qt4 usr/bin/qtoctave Auto fixing rpaths for :usr/lib:/usr/lib64/qt4 usr/bin/qtoctave scanelf: rpath_security_checks(): Maybe? sec problem with DT_RPATH='usr/lib:/usr/lib64/qt4' in /var/tmp/portage/sci-mathematics/qtoctave-0.8.2/image/usr/bin/qtoctave scanelf: rpath_security_checks(): Maybe? sec problem with DT_RUNPATH='usr/lib:/usr/lib64/qt4' in /var/tmp/portage/sci-mathematics/qtoctave-0.8.2/image/usr/bin/qtoctave
emerge --info please.
emerge --info Portage 2.1.6.13 (default/linux/amd64/10.0/desktop, gcc-4.4.2, glibc-2.9_p20081201-r2, 2.6.31-gentoo-r4 x86_64) ================================================================= System uname: Linux-2.6.31-gentoo-r4-x86_64-Intel-R-_Core-TM-2_CPU_4300_@_1.80GHz-with-gentoo-2.0.0 Timestamp of tree: Mon, 02 Nov 2009 08:45:02 +0000 ccache version 2.4 [enabled] app-shells/bash: 4.0_p28 dev-java/java-config: 2.1.9-r1 dev-lang/python: 2.6.2-r1 dev-python/pycrypto: 2.0.1-r8 dev-util/ccache: 2.4-r7 dev-util/cmake: 2.6.4 sys-apps/baselayout: 2.0.0 sys-apps/openrc: 0.5.2-r1 sys-apps/sandbox: 1.6-r2 sys-devel/autoconf: 2.13, 2.63-r1 sys-devel/automake: 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.2 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6a virtual/os-headers: 2.6.27-r2 ACCEPT_KEYWORDS="amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=native -O2 -fgcse-after-reload -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/config" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c /etc/udev/rules.d" CXXFLAGS="-march=native -O2 -fgcse-after-reload -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="ccache collision-protect distlocks fixpackages metadata-transfer parallel-fetch protect-owned sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="http://ftp.snt.utwente.nl/pub/os/linux/gentoo http://mirror.switch.ch/ftp/mirror/gentoo/ http://mirror.jamit.de/gentoo/ http://mirror.cambrium.nl/pub/os/linux/gentoo/ http://mirror.netcologne.de/gentoo/ http://mirror.ovh.net/gentoo-distfiles/" LANG="de_DE.utf8" LC_ALL="de_DE.utf8" LDFLAGS="-Wl,-O1" LINGUAS="de" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage/layman/java-overlay /usr/local/portage/layman/x11 /usr/local/portage" SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage" USE="X Xaw3d a52 aac aalib accessibility acl acpi agg akode alsa amarok amd64 apache2 bash-completion berkdb blender-game branding bzip2 cairo captury cdaudio cdr cdrom cjk cli clucene consolekit cracklib crypt cups curl cviewer daap dbus designer-plugin dga dirac djvu dri dts dvd dvdnav dvdr dxr3 eds emacs embedded emboss encode evo fam fbcon ffmpeg fftw firefox fits flac fltk fortran gallium gcj gdbm ggi git glibc-omitfp glitz gopher gpg gpm gstreamer hal hdri htmlhandbook iceweasel iconv icu imagemagick insecure-savers ipv6 jabber jack java java5 java6 javascript jingle jpeg kde kde4 kdebuild kdecards kdeenablefinal kdehiddenvisibility kdepim kdm kontact ktts latex lcms ldap libcaca libnotify libwww lm_sensors logitech-mouse lua lzma matroska mdnsresponder-compat mikmod mmx mng modules mp3 mp4 mpeg mpeg2 mpi mudflap mule multilib musepack mysql ncurses neon nepomuk nio2 nls noamazon nova nptl nptlonly nsplugin offensive ogg ogg123 openal openexr opengl openmp oscar oss otr pam pcre pdf perl phonon plasma player png posix povray ppds pppd python qt3support qt4 readline redland reflection reiser4 reiserfs rss schroedinger sdl sdl-image semantic-desktop sensord session sndfile solver songs sound speex spell spl sse sse2 ssl startup-notification svg sysfs systemtap tcpd tetex theora threads thunar tidy tiff tk tools truetype type1 unicode usb vhook videos visualization vorbis wav wavpack wxwindows x264 xcomposite xemacs xine xml xorg xosd xprint xscreensaver xulrunner xv xvid zip zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif so speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="evdev mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="de" USERLAND="GNU" VIDEO_CARDS="intel vesa" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
+ 24 Jun 2010; Justin Lecher <jlec@gentoo.org> qtoctave-0.8.2.ebuild, + +files/qtoctave-0.8.2-rpath.patch: + Added fix for insecure runpaths, #291595, some QA +
