| 1 |
Hi, |
| 2 |
|
| 3 |
Ciaran McCreesh <ciaran.mccreesh@×××××××××××××.uk>: |
| 4 |
> > Who knows how long that request would have languished if not for |
| 5 |
> > the security bug? |
| 6 |
> Who knows indeed... Wouldn't the Council be better served with |
| 7 |
> examples where we do know? |
| 8 |
|
| 9 |
<URL:http://tinyurl.com/ypoxyg> is a list of closed security bugs where |
| 10 |
mips is still cced. 163 is the total number, where surely some |
| 11 |
duplicates can be found (PHP, Mozilla products), but we can assume that |
| 12 |
quite an extensive number of packages which are vulnerable stay still |
| 13 |
in the tree. |
| 14 |
Normal policy is to remove all vulnerable ebuilds which is not |
| 15 |
possible if a vulnerable version is the only one keyworded mips. This |
| 16 |
would break an even bigger rule. |
| 17 |
We are not here to accuse anyone but to find a solution to this |
| 18 |
problem...and no, I am not in the (financial) position to buy MIPS |
| 19 |
hardware nor am I really interested in having it. |
| 20 |
|
| 21 |
V-Li |
| 22 |
|
| 23 |
-- |
| 24 |
Christian Faulhammer, Gentoo Lisp project |
| 25 |
<URL:http://www.gentoo.org/proj/en/lisp/>, #gentoo-lisp on FreeNode |
| 26 |
|
| 27 |
<URL:http://www.faulhammer.org/> |
Archives