1 |
I am of the opinion it is irresponsible to leave vulnerable versions of Qt with |
2 |
known security bugs any longer in the tree. The Qt team therefore requests |
3 |
that arches that have not done so already move quickly on stabilizing Qt |
4 |
4.5.3, see bug 290922 and 283810. |
5 |
|
6 |
We plan on REMOVING or at the very least HARDMASKING pending removal |
7 |
all <=4.5.2 ebuilds by the end of this week. This means that arches that have |
8 |
not stabilized 4.5.3 would loose their stable Qt4 version. |
9 |
|
10 |
Please let us know if there is any way in which we can assist arches. We |
11 |
are aware that some arches are down to one active person. But if there is |
12 |
no other way, maybe the status of such arches should be reconsidered. |
13 |
|
14 |
We especially request ppc64 to be marked as an experimental arch, as it |
15 |
is the worst one lagging in stabilization. See bug 281821 for a poignant |
16 |
example, a 3 months open security bug. |
17 |
|
18 |
Regards, |
19 |
-- |
20 |
Ben de Groot |
21 |
Gentoo Linux developer (qt, media, lxde, desktop-misc) |
22 |
______________________________________________________ |