Hi! I have installed sun-jdk 1.4, 1.5 and 1.6: dev-java/sun-jdk-1.4.2.19 dev-java/sun-jdk-1.5.0.17 dev-java/sun-jdk-1.6.0.11
paludis -r says:
* dev-java/sun-jdk-1.5.0.17::installed NOT OK
This package has following security issues:
GLSA-200804-20: "Sun JDK/JRE: Multiple vulnerabilities"
-> /usr/ports/funtoo/metadata/glsa/glsa-200804-20.xml
* dev-java/sun-jdk-1.4.2.19::installed NOT OK
This package has following security issues:
GLSA-200701-15: "Sun JDK/JRE: Multiple vulnerabilities"
-> /usr/ports/funtoo/metadata/glsa/glsa-200701-15.xml
GLSA-200702-07: "Sun JDK/JRE: Execution of arbitrary code"
-> /usr/ports/funtoo/metadata/glsa/glsa-200702-07.xml
GLSA-200705-23: "Sun JDK/JRE: Multiple vulnerabilities"
-> /usr/ports/funtoo/metadata/glsa/glsa-200705-23.xml
GLSA-200804-20: "Sun JDK/JRE: Multiple vulnerabilities"
-> /usr/ports/funtoo/metadata/glsa/glsa-200804-20.xml
but /usr/ports/funtoo/metadata/glsa/glsa-200804-20.xml says:
<package name="dev-java/sun-jdk" auto="yes" arch="*">
<unaffected range="ge">1.6.0.05</unaffected>
<unaffected range="rge">1.5.0.16</unaffected>
<unaffected range="rge">1.5.0.15</unaffected>
<unaffected range="rge">1.4.2.17</unaffected>
<vulnerable range="lt">1.6.0.05</vulnerable>
</package>
So the installed packages are not affected (also glsa-check does not list
them).
Anyone knows whats wrong here?
--
plain text within encrypted emails preferred
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ paludis-user mailing list [email protected] http://lists.pioto.org/mailman/listinfo/paludis-user
