Daniel Iliev wrote: > > Hi, > > Since I'm not familiar with Gentoo's practice in dealing with > security problems I got curious about the following case. > Yesterday a Secunia advisory [1] about pidgin was brought to my > attention. The solution offered by the up-streams is upgrading to > version 2.5.6, while the latest version in portage is "~2.5.5-r1". > > As I see it, there are three possibilities: > 1) even older, the version in Gentoo is not affected, because the > maintainers had taken care of it (too optimistic?) > 2) Gentoo installations are still vulnerable to the bugs described in > the advisory and nobody knows about it (quite disturbing) > 3) Gentoo maintainers are working on it, but still not ready > > Which one is it? > > > [1] [SA35194] http://secunia.com/advisories/35194/ > >
https://bugs.gentoo.org/show_bug.cgi?id=270811
signature.asc
Description: OpenPGP digital signature
