1 |
On 01:13 Thu 29 May , Marius Mauch wrote: |
2 |
> One concern raised by some people is that it might cause old libraries |
3 |
> with security issues to stay on the system for eternity even though |
4 |
> the package was upgraded, and eventually be preferred by new builds. |
5 |
> I can't rule this out completely but thinks it's very unlikely, as |
6 |
> preserved libraries are specially tracked and the user is notified |
7 |
> about their existance after every emerge operation (similar to glep42 |
8 |
> news). |
9 |
|
10 |
Part of this should be addressable by keeping track of the version that |
11 |
installed them and checking it against the distributed GLSAs... |
12 |
|
13 |
Thanks, |
14 |
Donnie |
15 |
-- |
16 |
gentoo-dev@l.g.o mailing list |