do a
glsa-check -f 200412-02
glsa-check -f 200505-01
and the false errors will be gone.
Pierre
From: "W.Kenworthy" <[EMAIL PROTECTED]>
Reply-To: [email protected]
To: [email protected]
Subject: Re: [gentoo-server] glsa-check and unused packages
Date: Wed, 21 Sep 2005 14:26:01 +0800
Try etcat -v, query l and qpkg -l: each seems to work via a different
aspect of portage and I have found, particularly on older systems that
one or more, but not always all will show discrepancies. I found equery
the least reliable when things are not right. Surprisingly, glsa-check
seems to to always (that I can remember) pick up that the bad version
does exist and is installed - believe it!
Billk
On Wed, 2005-09-21 at 01:20 -0400, A. Khattri wrote:
> On Sat, 10 Sep 2005, Owen Ford wrote:
>
> > On Sat, 2005-09-10 at 11:49 -0700, Ben Munat wrote:
> > > First, glsa-check claims that I'm vulnerable to 200412-02 and
200505-01. The first is
> > > pdflib and the second is various horde packages. However, I have the
current versions of
> > > these installed -- the versions that the glsa says I need to solve
the vulnerability. So,
> > > why would glsa-check say I'm vulnerable when I'm not?
> >
> > There are probably versions of those packages slotted. I use emerge
-Cp
> > package to see which are installed.
>
> I have a similar problem - the recent changes in Apache coupled with
some
> updates meant rebuilding mod_php, mod_ssl and apache. glsa-check says Im
> still vulnerable despite the updates. I dont have any slotting going on
> either so Im still scratching my head.
>
>
> --
>
--
[email protected] mailing list
--
[email protected] mailing list
