| 1 |
On 01:13 Thu 29 May , Marius Mauch wrote: |
| 2 |
> One concern raised by some people is that it might cause old libraries |
| 3 |
> with security issues to stay on the system for eternity even though |
| 4 |
> the package was upgraded, and eventually be preferred by new builds. |
| 5 |
> I can't rule this out completely but thinks it's very unlikely, as |
| 6 |
> preserved libraries are specially tracked and the user is notified |
| 7 |
> about their existance after every emerge operation (similar to glep42 |
| 8 |
> news). |
| 9 |
|
| 10 |
Part of this should be addressable by keeping track of the version that |
| 11 |
installed them and checking it against the distributed GLSAs... |
| 12 |
|
| 13 |
Thanks, |
| 14 |
Donnie |
| 15 |
-- |
| 16 |
gentoo-dev@l.g.o mailing list |
Archives