| 1 |
On Dienstag, 15. Mai 2007, Caleb Tennis wrote: |
| 2 |
> I just read the bug, but I don't see any compelling reason against using |
| 3 |
> the preserve_old stuff. |
| 4 |
|
| 5 |
The big problem with it is that we do not store information about retained |
| 6 |
libraries and let portage throw warnings. When people miss such a post |
| 7 |
install message, the library potentially remains forever in the system, not |
| 8 |
unlikely with seldom updated stuff linking against it. As soon as a |
| 9 |
vulnerability is popping up, the system is vulnerable, remains vulnerable and |
| 10 |
its owner assumes everything is fine. |
| 11 |
|
| 12 |
|
| 13 |
Carsten |
Archives