| 1 |
On Wed, Jan 07, 2015 at 06:49:56AM -0500, Philip Webb wrote: |
| 2 |
> 150106 William Hubbs wrote: |
| 3 |
> > Many packages have been masked in the tree for months - years |
| 4 |
> > with no signs of fixes. I am particularly concerned |
| 5 |
> > about packages with known security vulnerabilities |
| 6 |
> > staying in the main tree masked. If people want to keep those packages, |
| 7 |
> > I don't want to stop them, but packages like this should be in an overlay, |
| 8 |
> > not the main tree. |
| 9 |
> |
| 10 |
> -- snip -- |
| 11 |
> |
| 12 |
> > # Tavis Ormandy <taviso@g.o> (21 Mar 2006) |
| 13 |
> > # masked pending unresolved security issues #125902 |
| 14 |
> > games-roguelike/nethack |
| 15 |
> |
| 16 |
> -- snip -- |
| 17 |
> |
| 18 |
> This one is perfectly safe on a single-user system : please leave it there. |
| 19 |
|
| 20 |
I'm not opposed to it staying in the tree under one of these conditions: |
| 21 |
|
| 22 |
1) fix it and remove the mask |
| 23 |
|
| 24 |
or |
| 25 |
|
| 26 |
2) remove the mask and add ewarns to the ebuild |
| 27 |
|
| 28 |
William |
Archives