[gentoo-user] dev-lang/python vulnerability

[Paweł Madej]

I've done glsa-check -t new and i got that my python is vulnerable

i got in world only dev-lang/python-2.4.1-r1 but it says that vulnerable 
is 2.3.5-r2 so i've searched for any vulnerable version on my system 
and i've found python-2.3.5


My question is: Could I unmerge 2.3.5 version which is not in my world 
tree and use only 2.4.1 or is it some dependency which have to be on 
system and i should only update that port to unvulnerable version?


Thanks in advance for answers

Paul

--
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] dev-lang/python vulnerability

[Jason Stubbs]

On Monday 19 September 2005 18:35, Paweł Madej wrote:
 I've done glsa-check -t new and i got that my python is vulnerable

 i got in world only dev-lang/python-2.4.1-r1 but it says that vulnerable
 is 2.3.5-r2 so i've searched for any vulnerable version on my system
 and i've found python-2.3.5

 My question is: Could I unmerge 2.3.5 version which is not in my world
 tree and use only 2.4.1 or is it some dependency which have to be on
 system and i should only update that port to unvulnerable version?

If you've run python-updater, it should be safe to unmerge python-2.3.x.

-- 
Jason Stubbs


pgpa36Z4aVCrM.pgp
Description: PGP signature