| 1 |
On 15/08/2022 09.31, Ionen Wolkens wrote: |
| 2 |
> On Mon, Aug 15, 2022 at 08:56:51AM +0200, Ulrich Mueller wrote: |
| 3 |
>>>>>>> On Mon, 15 Aug 2022, John Helmert wrote: |
| 4 |
>> |
| 5 |
>>> # John Helmert III <ajak@g.o> (2022-08-14) |
| 6 |
>>> # Many vulnerabilities (including code execution and root privilege |
| 7 |
>>> # escalation), effectively unmaintained. Removal in 30 days, bugs |
| 8 |
>>> # #631552, #790296, #842789 |
| 9 |
>>> sys-cluster/slurm |
| 10 |
>> |
| 11 |
>> This will leave acct-{user,group}/slurm without reverse dependencies. |
| 12 |
>> Last-rite them, too? |
| 13 |
> |
| 14 |
> Aren't we still stuck on what to do with [1]? |
| 15 |
> |
| 16 |
> [1] https://bugs.gentoo.org/781881 |
| 17 |
|
| 18 |
FWIW, I am not sure why we should keep the unused acct-{user,group} |
| 19 |
packages. At least I don't see how removing them would cause any issues |
| 20 |
or confusion? The bug appears to be light on arguments in favor of |
| 21 |
keeping them. Quite contrary, I think keeping them could cause some |
| 22 |
confusion, as users may start looking for the according actual package |
| 23 |
and hope to find it. |
| 24 |
|
| 25 |
But maybe I am missing something? |
| 26 |
|
| 27 |
Needless to say that I am only talking about the acct-{user,group} |
| 28 |
packages, the uid-gid.txt reservation should stay for obvious reasons. |
| 29 |
And this also rules out that the IDs are re-assigned. |
| 30 |
|
| 31 |
- Flow |
Archives