On Tue, Jan 06, 2015 at 05:47:10PM -0600, William Hubbs wrote:
# Sergey Popov pinkb...@gentoo.org (04 Sep 2014)
# Security mask, wrt bugs #488212, #498164, #500260,
# #507802 and #518718
virtual/mysql-5.5
dev-db/mysql-5.5.39
The only upgrade path still supported is via MySQL 5.1; so we need
On Tue, 6 Jan 2015 17:47:10 -0600
William Hubbs willi...@gentoo.org wrote:
# Michael Weber x...@gentoo.org (9 Jul 2013)
# Masked for security bug 450746, CVE-2012-6095
net-ftp/proftpd-1.3.4c
Was removed in May 20140. I've removed mask itself today.
--
Sergei
signature.asc
Description:
On 07/01/2015 14:56, Rich Freeman wrote:
On Tue, Jan 6, 2015 at 6:47 PM, William Hubbs willi...@gentoo.org wrote:
I am particularly concerned about packages with known security
vulnerabilities staying in the main tree masked. If people want to keep
using those packages, I don't want to stop
On Thu, Jan 08, 2015 at 04:26:02AM +0300, Andrew Savchenko wrote:
On Tue, 6 Jan 2015 17:47:10 -0600 William Hubbs wrote:
All,
these packages have been masked in the tree for months - years with no
signs of fixes.
Some of them are binary packages or have no fixes upstream. If
there
On Wed, Jan 07, 2015 at 04:33:19PM -0600, William Hubbs wrote:
On Wed, Jan 07, 2015 at 02:48:01PM -0500, Mike Pagano wrote:
On Wed, Jan 07, 2015 at 01:08:21PM -0600, William Hubbs wrote:
On Wed, Jan 07, 2015 at 01:29:15PM -0500, Mike Pagano wrote:
On Wed, Jan 07, 2015 at 11:11:32AM
On Wed, 7 Jan 2015 12:11:04 -0600 William Hubbs wrote:
On Wed, Jan 07, 2015 at 12:24:12PM -0500, Mike Pagano wrote:
On Wed, Jan 07, 2015 at 12:14:23PM -0500, Mike Gilbert wrote:
If you remove the mask, users will no longer be warned that they are
using a flawed copy of the kernel sources.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 01/07/2015 07:48 PM, Kristian Fiskerstrand wrote:
On 01/07/2015 07:22 PM, Mike Gilbert wrote:
On Wed, Jan 7, 2015 at 1:11 PM, William Hubbs
willi...@gentoo.org wrote:
...
My two cents is that this is particularly true for kernel
On Wed, Jan 07, 2015 at 01:08:21PM -0600, William Hubbs wrote:
On Wed, Jan 07, 2015 at 01:29:15PM -0500, Mike Pagano wrote:
On Wed, Jan 07, 2015 at 11:11:32AM -0600, William Hubbs wrote:
On Wed, Jan 07, 2015 at 11:21:56AM -0500, Mike Pagano wrote:
On Tue, Jan 06, 2015 at 05:47:10PM
On Tue, Jan 6, 2015 at 6:47 PM, William Hubbs willi...@gentoo.org wrote:
I am particularly concerned about packages with known security
vulnerabilities staying in the main tree masked. If people want to keep
using those packages, I don't want to stop them, but packages like this
should not be
On Wed, Jan 07, 2015 at 03:10:13PM +0200, Alan McKinnon wrote:
On 07/01/2015 14:56, Rich Freeman wrote:
On Tue, Jan 6, 2015 at 6:47 PM, William Hubbs willi...@gentoo.org wrote:
I am particularly concerned about packages with known security
vulnerabilities staying in the main tree masked.
On Wed, Jan 07, 2015 at 02:48:01PM -0500, Mike Pagano wrote:
On Wed, Jan 07, 2015 at 01:08:21PM -0600, William Hubbs wrote:
On Wed, Jan 07, 2015 at 01:29:15PM -0500, Mike Pagano wrote:
On Wed, Jan 07, 2015 at 11:11:32AM -0600, William Hubbs wrote:
On Wed, Jan 07, 2015 at 11:21:56AM
On Tue, 6 Jan 2015 17:47:10 -0600 William Hubbs wrote:
All,
these packages have been masked in the tree for months - years with no
signs of fixes.
Some of them are binary packages or have no fixes upstream. If
there are no alternatives in tree for a package, and it works fine
(despite some
On Wed, Jan 07, 2015 at 11:21:56AM -0500, Mike Pagano wrote:
On Tue, Jan 06, 2015 at 05:47:10PM -0600, William Hubbs wrote:
All,
these packages have been masked in the tree for months - years with no
signs of fixes.
I am particularly concerned about packages with known security
On Wed, Jan 7, 2015 at 12:11 PM, William Hubbs willi...@gentoo.org wrote:
On Wed, Jan 07, 2015 at 11:21:56AM -0500, Mike Pagano wrote:
On Tue, Jan 06, 2015 at 05:47:10PM -0600, William Hubbs wrote:
All,
these packages have been masked in the tree for months - years with no
signs of
On Tue, Jan 06, 2015 at 05:47:10PM -0600, William Hubbs wrote:
All,
these packages have been masked in the tree for months - years with no
signs of fixes.
I am particularly concerned about packages with known security
vulnerabilities staying in the main tree masked. If people want to keep
On Wed, Jan 07, 2015 at 12:24:12PM -0500, Mike Pagano wrote:
On Wed, Jan 07, 2015 at 12:14:23PM -0500, Mike Gilbert wrote:
On Wed, Jan 7, 2015 at 12:11 PM, William Hubbs willi...@gentoo.org wrote:
On Wed, Jan 07, 2015 at 11:21:56AM -0500, Mike Pagano wrote:
On Tue, Jan 06, 2015 at
On Wed, Jan 7, 2015 at 1:11 PM, William Hubbs willi...@gentoo.org wrote:
On Wed, Jan 07, 2015 at 12:24:12PM -0500, Mike Pagano wrote:
On Wed, Jan 07, 2015 at 12:14:23PM -0500, Mike Gilbert wrote:
On Wed, Jan 7, 2015 at 12:11 PM, William Hubbs willi...@gentoo.org wrote:
On Wed, Jan 07, 2015
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 01/07/2015 07:22 PM, Mike Gilbert wrote:
On Wed, Jan 7, 2015 at 1:11 PM, William Hubbs willi...@gentoo.org
wrote:
On Wed, Jan 07, 2015 at 12:24:12PM -0500, Mike Pagano wrote:
On Wed, Jan 07, 2015 at 12:14:23PM -0500, Mike Gilbert wrote:
On
On Wed, Jan 07, 2015 at 01:29:15PM -0500, Mike Pagano wrote:
On Wed, Jan 07, 2015 at 11:11:32AM -0600, William Hubbs wrote:
On Wed, Jan 07, 2015 at 11:21:56AM -0500, Mike Pagano wrote:
On Tue, Jan 06, 2015 at 05:47:10PM -0600, William Hubbs wrote:
All,
#
# Pinkie Pie discovered
On Wed, Jan 7, 2015 at 10:52 AM, William Hubbs willi...@gentoo.org wrote:
My understanding of p.mask is it is never permanent. Things go in
there until they get fixed or eventually removed.
I disagree with this. In my opinion, it is fine to have permanently
masked packages in some cases. I
On Wed, Jan 07, 2015 at 11:11:32AM -0600, William Hubbs wrote:
On Wed, Jan 07, 2015 at 11:21:56AM -0500, Mike Pagano wrote:
On Tue, Jan 06, 2015 at 05:47:10PM -0600, William Hubbs wrote:
All,
#
# Pinkie Pie discovered an issue in the futex subsystem that allows a
# local user to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 1/6/2015 6:47 PM, William Hubbs wrote:
All,
these packages have been masked in the tree for months - years with
no signs of fixes.
I am particularly concerned about packages with known security
vulnerabilities staying in the main tree
On Wed, Jan 07, 2015 at 12:14:23PM -0500, Mike Gilbert wrote:
On Wed, Jan 7, 2015 at 12:11 PM, William Hubbs willi...@gentoo.org wrote:
On Wed, Jan 07, 2015 at 11:21:56AM -0500, Mike Pagano wrote:
On Tue, Jan 06, 2015 at 05:47:10PM -0600, William Hubbs wrote:
All,
If you remove the
All,
these packages have been masked in the tree for months - years with no
signs of fixes.
I am particularly concerned about packages with known security
vulnerabilities staying in the main tree masked. If people want to keep
using those packages, I don't want to stop them, but packages like
24 matches
Mail list logo