1 |
On Dienstag, 15. Mai 2007, Caleb Tennis wrote: |
2 |
> I just read the bug, but I don't see any compelling reason against using |
3 |
> the preserve_old stuff. |
4 |
|
5 |
The big problem with it is that we do not store information about retained |
6 |
libraries and let portage throw warnings. When people miss such a post |
7 |
install message, the library potentially remains forever in the system, not |
8 |
unlikely with seldom updated stuff linking against it. As soon as a |
9 |
vulnerability is popping up, the system is vulnerable, remains vulnerable and |
10 |
its owner assumes everything is fine. |
11 |
|
12 |
|
13 |
Carsten |