ferringb took the time to write a parser and setup a cronjob (every 4 hours at the half hour) to parse over our GLSA's and see what pkgs remain in the tree and have nothing but newer versions stable. I did a bit of re parsing on his logfile to obtain herds & maintainers. The list is big (very big) and like if I filed the bug in it's current state pretty much every single one of us would probably get dozens of mails per comment. So.. To in order to try and be nice to our mail system and bugzilla it would be really helpful if you all could grep the affected: field and flush old vulnerable ebuilds from the tree for any pkgs you or your herd maintain before the tracker bug is filed.
http://gentooexperimental.org/~ferringb/reports/tree-vulnerabilities.log In the future if you are bumping pkgs for a security bug and you are the last arch to push to stable. Clean up old foo up please. It keeps everything running smoother and faster to have less dead cruft in the tree. You can use earch for this task. wget -O /usr/local/bin/earch -q \ http://dev.gentoo.org/~robbat2/earch-0.9.1 \ && chmod +x /usr/local/bin/earch It helps to make it a habit to run this before repoman --pretend scan prior to committing to the tree. thanks in advance. -- Ned Ludd <[EMAIL PROTECTED]> All over the place Gentoo Linux -- [email protected] mailing list
