| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA1 |
| 3 |
|
| 4 |
On 11/08/2013 04:18 PM, Diego Elio Pettenò wrote: |
| 5 |
> |
| 6 |
> On Fri, Nov 8, 2013 at 5:22 AM, "Paweł Hajdan, Jr." |
| 7 |
> <phajdan.jr@g.o <mailto:phajdan.jr@g.o>> wrote: |
| 8 |
> |
| 9 |
> Problem #1 is that sci-geosciences/osgearth-2.4 depends on |
| 10 |
> =dev-lang/v8-3.18.5.14 (see |
| 11 |
> <https://bugs.gentoo.org/show_bug.cgi?id=484786> for context). It |
| 12 |
> doesn't work with more recent v8, but it can be made to not depend |
| 13 |
> on v8. |
| 14 |
> |
| 15 |
> |
| 16 |
> If "made not to depend" means "bundle", is the bundled version any |
| 17 |
> safer than the ebuild there? If the answer is no, you're now |
| 18 |
> increasing the security issue. |
| 19 |
> |
| 20 |
> Diego Elio Pettenò — Flameeyes flameeyes@×××××××××.eu |
| 21 |
> <mailto:flameeyes@×××××××××.eu> — http://blog.flameeyes.eu/ |
| 22 |
|
| 23 |
|
| 24 |
https://github.com/gwaldron/osgearth/issues/333 |
| 25 |
|
| 26 |
in short: they kind of forked (I am not sure if there are any major |
| 27 |
modifications yet) it and do not plan to bundle it |
| 28 |
|
| 29 |
there is no release more current than osgearth-2.4, so I am fine with |
| 30 |
hardmasking/treecleaning osgearth |
| 31 |
|
| 32 |
I will not maintain a fork of v8. |
| 33 |
-----BEGIN PGP SIGNATURE----- |
| 34 |
Version: GnuPG v2.0.22 (GNU/Linux) |
| 35 |
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ |
| 36 |
|
| 37 |
iQEcBAEBAgAGBQJSfVxtAAoJEFpvPKfnPDWzZ7EH/ib4oZPMLUTYDU0gvkC2NL9o |
| 38 |
XVvaSdD2lWbAi6ZTwS7RCqygGWoUu5duM4qAOpb/i+KcBgvmXiyDuoOarVFea0PW |
| 39 |
Si1StRzYf2aVitbdjTqUYlmynX5yiNFvnx5J3knZegzVpm1A9n2Dq2dnIeG7C7zO |
| 40 |
waWurRsOAdL+XAU3tNot1TepyZwojB3xz3w9k0YtuTTwHRX2vGQ7XM1MOnr9jrOy |
| 41 |
Is4x5naeau7P4t7Doi5+y9zj5ydshmEHeRm5Upt3DB6JO1WmPdA+8Z4ZmcOLiWUu |
| 42 |
tBLSqpxSf6TGaUbOop7hNWDWl8ptfrzoSyQjTu6fLHLSo+SMH4qToSEdOlpkqyc= |
| 43 |
=0K7T |
| 44 |
-----END PGP SIGNATURE----- |
Archives