...files jtosburn # revdep-rebuild --help Usage: /usr/bin/revdep-rebuild [OPTIONS] [--] [EMERGE_OPTIONS]
Broken reverse dependency rebuilder.
If the developers think it's broken, then I wouldn't trust it, and I'm not sure that it does what I'm looking for, anyway.
heheh, it's not broken... it is a [database] rebuilder for broken reverse dependencies.
So the question remains: how the heck do you know what needs to be recompiled after any given (particularly security-realted) update? How many people are still running a mod_ssl that was compiled with a vulnerable openssl; sure they read the GLSA's and knew to update openssl, but nothing was said about anything that is statically linked to it. I don't expect that the devels would ever list every program possibly affected by a GLSA, but there ought o be a way for admins and users to figure out what's what on their systems.
Quite simply, if you're running a system that is that security conscious, (webserver, etc), you should know what is on your system and be prepared for things like this. Personally I did a qpkg -I -q openssl, then checked those programs out by hand, (tho there was nothing there I didn't expect... mail server, openssh, mod_ssl, wget, mod_php, etc.), all of which needed restarting in some fashion anyway.
Security updates aren't a fire and forget thing, irrelevant of how hand-holding the package system is. Just be happy that qpkg -q exists at all, and stay vigilant :)
MAL
-- [EMAIL PROTECTED] mailing list
