Hello,
I just discovered the oh-so-cool `glsa-check` tool. When
I ran it, I noticed that some of my packages were listed
as [N], meaning that they are possibly vulnerable. Most
notably in this case is mpg123. I had 0.59s-r2 installed,
but the GLSA recommended 0.59s-r8, and MUCH to my surprise,
0.59s-r8 was already in my portage tree!
However, `emerge --update --deep world` only showed these
as upgradeable packages:
[20:[EMAIL PROTECTED]:[/etc]# emerge --update --deep --pretend world
These are the packages that I would merge, in order:
Calculating world dependencies ...done!
[ebuild U ] net-dialup/pptpclient-1.5.0-r1 [1.3.1]
[ebuild U ] app-admin/bacula-1.36.0 [1.34.6]
Here's my current portage:
* sys-apps/portage
Latest version available: 2.0.51-r3
Latest version installed: 2.0.51-r3
Size of downloaded files: 274 kB
Homepage: http://www.gentoo.org/
Description: The Portage Package Management System (Similar to BSD's
ports). The primary package management and distribution system for Gentoo.
License: GPL-2
glsa-check also complains about these packages:
kaffeine gxine kdelibs kdebase
kaffeine doesn't exist on my system, the available gxine
upgrade is masked, and kdelibs and kdebase are up-to-date.
I immediately performed an `emerge mpg123`, and now I'm
running -r8 and glsa-check no longer complains about mpg123.
But what gives? Why didn't `emerge --update` do it's job?
--
Jesse Guardiani, Systems Administrator
WingNET Internet Services,
P.O. Box 2605 // Cleveland, TN 37320-2605
423-559-LINK (v) 423-559-5145 (f)
http://www.wingnet.net
--
[email protected] mailing list
