Try etcat -v, query l and qpkg -l: each seems to work via a different aspect of portage and I have found, particularly on older systems that one or more, but not always all will show discrepancies. I found equery the least reliable when things are not right. Surprisingly, glsa-check seems to to always (that I can remember) pick up that the bad version does exist and is installed - believe it!
Billk On Wed, 2005-09-21 at 01:20 -0400, A. Khattri wrote: > On Sat, 10 Sep 2005, Owen Ford wrote: > > > On Sat, 2005-09-10 at 11:49 -0700, Ben Munat wrote: > > > First, glsa-check claims that I'm vulnerable to 200412-02 and 200505-01. > > > The first is > > > pdflib and the second is various horde packages. However, I have the > > > current versions of > > > these installed -- the versions that the glsa says I need to solve the > > > vulnerability. So, > > > why would glsa-check say I'm vulnerable when I'm not? > > > > There are probably versions of those packages slotted. I use emerge -Cp > > package to see which are installed. > > I have a similar problem - the recent changes in Apache coupled with some > updates meant rebuilding mod_php, mod_ssl and apache. glsa-check says Im > still vulnerable despite the updates. I dont have any slotting going on > either so Im still scratching my head. > > > -- > -- [email protected] mailing list
