I am of the opinion it is irresponsible to leave vulnerable versions of Qt with
known security bugs any longer in the tree. The Qt team therefore requests
that arches that have not done so already move quickly on stabilizing Qt
4.5.3, see bug 290922 and 283810.

We plan on REMOVING or at the very least HARDMASKING pending removal
all <=4.5.2 ebuilds by the end of this week. This means that arches that have
not stabilized 4.5.3 would loose their stable Qt4 version.

Please let us know if there is any way in which we can assist arches. We
are aware that some arches are down to one active person. But if there is
no other way, maybe the status of such arches should be reconsidered.

We especially request ppc64 to be marked as an experimental arch, as it
is the worst one lagging in stabilization. See bug 281821 for a poignant
example, a 3 months open security bug.

Ben de Groot
Gentoo Linux developer (qt, media, lxde, desktop-misc)

Reply via email to