icu-63.1-r1 was marked stable, along with libreoffice 6.1.4 package, but current php stable packages depend on <icu-61.1. emerge -vpuDN world These are the packages that would be merged, in order: Calculating dependencies ... done! [ebuild N ] app-text/libnumbertext-1.0.5::gentoo 276 KiB [ebuild U ] app-office/libreoffice-l10n-6.1.4.2::gentoo [6.0.6.2::gentoo] USE="-offlinehelp" L10N="el en -af -am -ar -as -ast -be -bg -bn -bn-IN -bo -br -brx -bs -ca -ca-valencia -cs -cy -da -de -dgo -dz -en-GB -en-ZA -eo -es -et -eu -fa -fi -fr -ga -gd -gl -gu -gug -he -hi -hr -hu -id -is -it -ja -ka -kk -km -kmr-Latn -kn -ko -kok -ks -lb -lo -lt -lv -mai -mk -ml -mn -mni -mr -my -nb -ne -nl -nn -nr -nso -oc -om -or -pa -pl -pt -pt-BR -ro -ru -rw -sa -sat -sd -si -sid -sk -sl -sq -sr -sr-Latn -ss -st -sv -sw-TZ -ta -te -tg -th -tn -tr -ts -tt -ug -uk -uz -ve -vi -xh -zh-CN -zh-TW -zu" 2751 KiB [ebuild U ] app-text/libodfgen-0.1.7::gentoo [0.1.6::gentoo] USE="-doc" 376 KiB [ebuild r U ] dev-libs/icu-63.1-r1:0/63.1::gentoo [60.2:0/60.2::gentoo] USE="-debug -doc -examples -static-libs" ABI_X86="32 (64) (-x32)" 23191 KiB [ebuild r UD#] dev-libs/icu-58.2-r1:0/58.2::gentoo [60.2:0/60.2::gentoo] USE="-debug -doc -examples -static-libs" ABI_X86="32 (64) (-x32)" 22823 KiB [ebuild rR ] dev-db/sqlite-3.25.3:3::gentoo USE="icu readline secure-delete -debug -doc -static-libs -tcl -test -tools" ABI_X86="32 (64) (-x32)" 0 KiB [ebuild rR ] dev-lang/spidermonkey-52.9.1_pre1:52::gentoo USE="system-icu -custom-cflags -custom-optimization -debug -minimal -test" 6 KiB [ebuild rR ] dev-libs/libxml2-2.9.8:2::gentoo USE="icu ipv6 lzma python readline -debug -examples -static-libs -test" ABI_X86="32 (64) (-x32)" PYTHON_TARGETS="python2_7 python3_4 python3_5 python3_6 (-python3_7)" 0 KiB [ebuild rR ] dev-libs/boost-1.65.0:0/1.65.0::gentoo USE="icu nls python threads -context -debug -doc -mpi -static-libs -tools" ABI_X86="(64) -32 (-x32)" PYTHON_TARGETS="python2_7 python3_4 python3_5 python3_6" 80662 KiB [ebuild rR ] media-libs/libzmf-0.0.2::gentoo USE="-debug -doc -test -tools" 314 KiB [ebuild rR ] app-text/libqxp-0.0.1::gentoo USE="-debug -doc -test -tools" 0 KiB [ebuild rR ] app-text/libmspub-0.1.4::gentoo USE="-doc -static-libs" 0 KiB [ebuild rR ] app-text/libebook-0.1.2-r1::gentoo USE="-doc -test -tools" 456 KiB [ebuild rR ] media-libs/libvisio-0.1.6::gentoo USE="-doc -static-libs -test -tools" 661 KiB [ebuild N ] net-libs/nodejs-8.12.0::gentoo USE="icu npm snapshot ssl -debug -doc -inspector -systemtap -test" CPU_FLAGS_X86="sse2" PYTHON_TARGETS="python2_7" 0 KiB [ebuild rR ] media-libs/raptor-2.0.15-r1:2::gentoo USE="curl json unicode -debug -static-libs" 1843 KiB [ebuild rR ] media-libs/libfreehand-0.1.2::gentoo USE="-doc -static-libs -test" 505 KiB [ebuild rR ] media-libs/libcdr-0.1.4::gentoo USE="-doc -static-libs -test" 596 KiB [ebuild rR ] dev-qt/qtcore-5.11.1-r1:5/5.11::gentoo USE="icu systemd -debug -test" 45763 KiB [ebuild rR ] dev-libs/libical-2.0.0-r3:0/2::gentoo USE="-doc -examples -static-libs" 683 KiB [ebuild U ] net-misc/wget-1.20.1::gentoo [1.19.5-r1::gentoo] USE="ipv6 nls pcre ssl uuid zlib -debug -gnutls -idn -libressl -ntlm -static -test" 4290 KiB [ebuild rR ] media-libs/harfbuzz-2.0.2:0/0.9.18::gentoo USE="cairo fontconfig glib graphite icu introspection truetype -debug -static-libs -test" ABI_X86="32 (64) (-x32)" 0 KiB [ebuild rR ] dev-lang/php-7.1.22:7.1::gentoo USE="acl bcmath berkdb bzip2 calendar cli crypt ctype curl exif fileinfo filter fpm ftp gd gdbm gmp hash iconv imap intl ipv6 json ldap mysql mysqli nls opcache pcntl pdo phar posix postgres readline session sharedmem simplexml soap sockets spell sqlite ssl systemd sysvipc tokenizer truetype unicode wddx xml xmlreader xmlrpc xmlwriter xpm xslt zip zlib -apache2 -cdb -cgi -cjk -coverage -debug -embed -enchant (-firebird) -flatfile -inifile -iodbc -kerberos -ldap-sasl -libedit -libressl -mhash -mssql -oci8-instant-client -odbc -phpdbg -qdbm -recode (-selinux) -session-mm -snmp -test -threads -tidy -webp" 0 KiB [ebuild rR ] dev-lang/php-7.0.32:7.0::gentoo USE="acl bcmath berkdb bzip2 calendar cli crypt ctype curl exif fileinfo filter fpm ftp gd gdbm gmp hash iconv imap intl ipv6 json ldap mysql mysqli nls opcache pcntl pdo phar posix postgres readline session sharedmem simplexml soap sockets spell sqlite ssl systemd sysvipc tokenizer truetype unicode wddx xml xmlreader xmlrpc xmlwriter xpm xslt zip zlib -apache2 -cdb -cgi -cjk -coverage -debug -embed -enchant (-firebird) -flatfile -inifile -iodbc -kerberos -ldap-sasl -libedit -libressl -mhash -mssql -oci8-instant-client -odbc -phpdbg -qdbm -recode (-selinux) -snmp -threads -tidy -webp" 0 KiB [ebuild rR ] dev-lang/php-5.6.38:5.6::gentoo USE="acl bcmath berkdb bzip2 calendar cli crypt ctype curl exif fileinfo filter fpm ftp gd gdbm gmp hash iconv imap intl ipv6 json ldap mysql mysqli nls opcache pcntl pdo phar posix postgres readline session sharedmem simplexml soap sockets spell sqlite ssl systemd sysvipc tokenizer truetype unicode vpx wddx xml xmlreader xmlrpc xmlwriter xpm xslt zip zlib -apache2 -cdb -cgi -cjk -coverage -debug -embed -enchant (-firebird) -flatfile -inifile -iodbc -kerberos -ldap-sasl -libedit -libmysqlclient -libressl -mhash -mssql -oci8-instant-client -odbc -qdbm -recode (-selinux) -snmp -sybase-ct -threads -tidy" 0 KiB [ebuild rR ] dev-lang/php-7.2.10:7.2::gentoo USE="acl bcmath berkdb bzip2 calendar cli ctype curl exif fileinfo filter fpm ftp gd gdbm gmp hash iconv imap intl ipv6 json ldap mysql mysqli nls opcache pcntl pdo phar posix postgres readline session sharedmem simplexml soap sockets spell sqlite ssl systemd sysvipc tokenizer truetype unicode wddx xml xmlreader xmlrpc xmlwriter xpm xslt zip zlib -apache2 -argon2 -cdb -cgi -cjk -coverage -debug -embed -enchant (-firebird) -flatfile -inifile -iodbc -kerberos -ldap-sasl -libedit -libressl -lmdb -mhash -mssql -oci8-instant-client -odbc -phpdbg -qdbm -recode (-selinux) -session-mm -snmp -sodium -test -threads -tidy -tokyocabinet -webp -zip-encryption" 0 KiB [ebuild U ] app-office/libreoffice-6.1.4.2::gentoo [6.0.6.2::gentoo] USE="branding cups dbus gstreamer gtk java kde* pdfimport -accessibility% -bluetooth (-coinmp) -debug -eds (-firebird) -googledrive -gtk2 -mysql -odk -postgres -test -vlc (-jemalloc%*)" LIBREOFFICE_EXTENSIONS="nlpsolver -scripting-beanshell -scripting-javascript -wiki-publisher" PYTHON_SINGLE_TARGET="python2_7 -python3_4 -python3_5 -python3_6 (-python3_7)" PYTHON_TARGETS="python2_7 python3_4 python3_5 python3_6 (-python3_7)" 218231 KiB [ebuild U ] media-libs/sdl2-image-2.0.4::gentoo [2.0.3::gentoo] USE="gif jpeg png tiff -static-libs -webp" ABI_X86="(64) -32 (-x32)" 11409 KiB [ebuild rR ] dev-qt/qtwebkit-5.212.0_pre20180120:5/5.212::gentoo USE="X gstreamer hyphen jit nsplugin opengl printsupport qml -geolocation (-gles2) -multimedia -orientation -webp" 18389 KiB Total: 29 packages (6 upgrades, 1 downgrade, 2 new, 20 reinstalls), Size of downloads: 433215 KiB !!! Multiple package instances within a single package slot have been pulled !!! into the dependency graph, resulting in a slot conflict: dev-libs/icu:0 (dev-libs/icu-63.1-r1:0/63.1::gentoo, ebuild scheduled for merge) pulled in by >=dev-libs/icu-60.1:= required by (net-libs/nodejs-8.12.0:0/0::gentoo, ebuild scheduled for merge) ^^ ^^^^ (dev-libs/icu-58.2-r1:0/58.2::gentoo, ebuild scheduled for merge) pulled in by <dev-libs/icu-61.1:= required by (dev-lang/php-7.0.32:7.0/7.0::gentoo, ebuild scheduled for merge) ^ ^^^^ ^ (and 1 more with the same problem) NOTE: Use the '--verbose-conflicts' option to display parents omitted above
7.1.22 and 7.2.10 are stable and have no icu version limitation.
(In reply to Andreas Sturmlechner from comment #1) > 7.1.22 and 7.2.10 are stable and have no icu version limitation. Yeah, the same for 5.6.39 and 7.0.33. Are these getting stable anytime soon?
(In reply to Vasilis Lourdas from comment #2) > (In reply to Andreas Sturmlechner from comment #1) > > 7.1.22 and 7.2.10 are stable and have no icu version limitation. > > Yeah, the same for 5.6.39 and 7.0.33. Are these getting stable anytime soon? Next week more security releases will appear for 7.1 and 7.2 (upstream says about Jan 10). At that time, I'll call for stable. Be aware that 5.6.39 and 7.0.33 are the final releases of those branches and should be migrated away from ASAP. 7.0 will be masked and then dropped at the next security flaw. For 5.6, we will attempt to back-port security patches until it becomes unfeasible to do so.
Fair enough. At the moment, I've unmasked slots 5.6 and 7.0 and it's currently in the process of emerging. 5.6 has a fair amount of code out there, so, it's needed for the moment. Thanks!
This is blocking <dev-libs/icu-63 security cleanup now. Please consider cleanup or masking of outdated PHP versions.
(In reply to Andreas Sturmlechner from comment #5) > This is blocking <dev-libs/icu-63 security cleanup now. Please consider > cleanup or masking of outdated PHP versions. As soon as alpha and arm finish their security stable in bug 675182, this will be done.
Is this bug still valid? 7.0.33 has been marked as masked and 5.6.40 is already stable.
Not all arches, see above.
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=41637f49b3a345f3183737bee81550d1645f8fcf commit 41637f49b3a345f3183737bee81550d1645f8fcf Author: Brian Evans <grknight@gentoo.org> AuthorDate: 2019-02-01 17:26:32 +0000 Commit: Brian Evans <grknight@gentoo.org> CommitDate: 2019-02-01 17:26:32 +0000 dev-lang/php: Clean up security vulnerable versions Bug: https://bugs.gentoo.org/675182 Closes: https://bugs.gentoo.org/674372 Package-Manager: Portage-2.3.59, Repoman-2.3.12 Signed-off-by: Brian Evans <grknight@gentoo.org> dev-lang/php/Manifest | 3 - dev-lang/php/php-5.6.38.ebuild | 777 ----------------------------------------- dev-lang/php/php-7.1.22.ebuild | 729 -------------------------------------- dev-lang/php/php-7.2.10.ebuild | 741 --------------------------------------- 4 files changed, 2250 deletions(-)
