On Sep 10, 2005, at 4:37 PM, W.Kenworthy wrote:
use "glsa-check -f package" on each offender first. It will safely
remove the bad packages.
Due to its history of breaking systems, depclean should be left until
absolutely necessary.
BillK
On Sat, 2005-09-10 at 15:35 -0700, Ben Munat wrote:
Owen Ford wrote:
On Sat, 2005-09-10 at 11:49 -0700, Ben Munat wrote:
First, glsa-check claims that I'm vulnerable to 200412-02 and
200505-01. The first is
pdflib and the second is various horde packages. However, I have
the current versions of
these installed -- the versions that the glsa says I need to
solve the vulnerability. So,
why would glsa-check say I'm vulnerable when I'm not?
There are probably versions of those packages slotted. I use
emerge -Cp
package to see which are installed.
Very good... exactly the problem. Thanks.
As for dealing with all my orphaned packages, I'm figuring on
going through the output of
"emerge --depclean" and unmerging everything that comes up with no
dependencies under
"equery depends" and is something that I don't think I'll use.
Does that sound reasonable?
Oh, and I'm assuming that "equery depends" just checks for
installed packages that depend
on the given package... anyone know any way to check a package's
dependency against the
entire portage tree?
b
--
[email protected] mailing list
Absolutely agreed with BillK. As I said in my first mail, I have had
BAD experiences with --depclean. His solution is best. However, glsa-
check --fix is not the most trustworthy of solutions. On a production
system always check the ChangeLog and use your own best judgment.
--
[email protected] mailing list
