1 |
On Mon, 16 Jan 2012 20:29:28 -0200 |
2 |
Urs Schutz <u.schutz@×××××××.ch> wrote: |
3 |
|
4 |
> As far as I know acroread is not unmasked in this |
5 |
> installation, nor is openssl |
6 |
> > # grep -i acro /etc/portage/* |
7 |
> > # grep -i ssl /etc/portage/* |
8 |
> shows nothing, so acroread and ssl is «stable». |
9 |
> |
10 |
> For now I just uninstalled acroread to prevent the |
11 |
> installation of a buggy openssl version, but this seems |
12 |
> wrong for a mostly stable installation... |
13 |
> |
14 |
> Any hints how to proceed? Is there any danger to have an |
15 |
> old (and apparently buggy) openssl lib installed in parallel |
16 |
> with the recent one? |
17 |
|
18 |
That's always a tricky one. |
19 |
|
20 |
Users want Adobe's shiny stuff and Adobe is notorious for releasing |
21 |
crap software. For whatever reason, acroread on x86 profile requires |
22 |
openssl in the 0.9.8 series and that can't be worked around. |
23 |
|
24 |
The answer to your question is "are you prepared to live with it?" |
25 |
|
26 |
The GLSA indicates that this is quite a severe issue so maybe it should |
27 |
be hard masked. However, that will break acroread and there's only one |
28 |
version in the tree. Hardmask openssl:0.9.8 means hardmask acroread and |
29 |
that means thousands of whinging users. |
30 |
|
31 |
So the devs are between a rock and a hard place where all the issues |
32 |
are out of their control. The only middle path left is to inform all |
33 |
the users as much as possible and let them decide for themselves. |
34 |
|
35 |
Personally, I would deep-six acroread and use any one of the many PDF |
36 |
readers out there. |
37 |
|
38 |
The tax authority in my country uses new funky PDF features in Reader |
39 |
for on-line tax returns so I need access to Reader once a year. For |
40 |
that, there's wine, Windows in VirtualBox or the wife's computer. |
41 |
|
42 |
|
43 |
-- |
44 |
Alan McKinnnon |
45 |
alan.mckinnon@×××××.com |