1 |
Try etcat -v, query l and qpkg -l: each seems to work via a different |
2 |
aspect of portage and I have found, particularly on older systems that |
3 |
one or more, but not always all will show discrepancies. I found equery |
4 |
the least reliable when things are not right. Surprisingly, glsa-check |
5 |
seems to to always (that I can remember) pick up that the bad version |
6 |
does exist and is installed - believe it! |
7 |
|
8 |
Billk |
9 |
|
10 |
On Wed, 2005-09-21 at 01:20 -0400, A. Khattri wrote: |
11 |
> On Sat, 10 Sep 2005, Owen Ford wrote: |
12 |
> |
13 |
> > On Sat, 2005-09-10 at 11:49 -0700, Ben Munat wrote: |
14 |
> > > First, glsa-check claims that I'm vulnerable to 200412-02 and 200505-01. The first is |
15 |
> > > pdflib and the second is various horde packages. However, I have the current versions of |
16 |
> > > these installed -- the versions that the glsa says I need to solve the vulnerability. So, |
17 |
> > > why would glsa-check say I'm vulnerable when I'm not? |
18 |
> > |
19 |
> > There are probably versions of those packages slotted. I use emerge -Cp |
20 |
> > package to see which are installed. |
21 |
> |
22 |
> I have a similar problem - the recent changes in Apache coupled with some |
23 |
> updates meant rebuilding mod_php, mod_ssl and apache. glsa-check says Im |
24 |
> still vulnerable despite the updates. I dont have any slotting going on |
25 |
> either so Im still scratching my head. |
26 |
> |
27 |
> |
28 |
> -- |
29 |
> |
30 |
-- |
31 |
gentoo-server@g.o mailing list |