Gentoo Archives: gentoo-dev

From: Ned Ludd <solar@g.o>
To: gentoo-dev@l.g.o
Cc: Brian Harring <ferringb@×××××.com>
Subject: [gentoo-dev] Security/QA Spring Cleaning
Date: Mon, 22 May 2006 03:08:10
Message-Id: 1148266942.19708.90.camel@localhost
1 ferringb took the time to write a parser and setup a cronjob
2 (every 4 hours at the half hour) to parse over our GLSA's and see what
3 pkgs remain in the tree and have nothing but newer versions stable. I
4 did a bit of re parsing on his logfile to obtain herds & maintainers.
5 The list is big (very big) and like if I filed the bug in it's current
6 state pretty much every single one of us would probably get dozens of
7 mails per comment. So.. To in order to try and be nice to our mail
8 system and bugzilla it would be really helpful if you all could grep
9 the affected: field and flush old vulnerable ebuilds from the tree for
10 any pkgs you or your herd maintain before the tracker bug is filed.
11
12 http://gentooexperimental.org/~ferringb/reports/tree-vulnerabilities.log
13
14 In the future if you are bumping pkgs for a security bug and you are
15 the last arch to push to stable. Clean up old foo up please.
16 It keeps everything running smoother and faster to have less
17 dead cruft in the tree.
18
19 You can use earch for this task.
20
21 wget -O /usr/local/bin/earch -q \
22 http://dev.gentoo.org/~robbat2/earch-0.9.1 \
23 && chmod +x /usr/local/bin/earch
24 It helps to make it a habit to run this before repoman --pretend scan
25 prior to committing to the tree.
26
27 thanks in advance.
28
29 --
30 Ned Ludd <solar@g.o>
31 All over the place
32 Gentoo Linux
33
34 --
35 gentoo-dev@g.o mailing list

Replies

Subject Author
Re: [gentoo-dev] Security/QA Spring Cleaning "Robin H. Johnson" <robbat2@g.o>
Re: [gentoo-dev] Security/QA Spring Cleaning Ned Ludd <solar@g.o>