Gentoo Archives: gentoo-project

From: Kristian Fiskerstrand <k_f@g.o>
To: gentoo-project <gentoo-project@l.g.o>, gentoo-announce@l.g.o
Subject: [gentoo-project] Security Project: Removal of HPPA from supported architectures
Date: Sun, 13 May 2018 19:49:51
Message-Id: ac222242-cc4d-99c7-ec9d-469caf167baa@gentoo.org
Gentoo Community,

According to the last events regarding HPPA architecture [1][2], the
Security Team has decided to drop HPPA from the Security Supported List
in the Vulnerability Treatment Policy[3].

This announce begins the official process of removal, we expect the
update from the website in the following days. We won't be releasing a
second announce once the website is updated, so we encourage developers
and users relying on the HPPA architecture to take the required
precautions as soon as possible.

The consequences of the removal of security supported architecture
include (i) GLSA will be released before a version of a package is
necessarily stable for the architecture (ii) architecture-specific
issues will not be investigated directly by the security team.

In addition to this announcement, glsa-check will be updated to present
necessary information for HPPA users. As most security issues are cross-
architecture, glsa-check will continue to be operational for HPPA based
on generic GLSAs for other architectures.

References:
[1] https://bugs.gentoo.org/629554
[2]
https://archives.gentoo.org/gentoo-dev/message/48d15ee5d1075a079685c11c81d261e8
[3]
https://www.gentoo.org/support/security/vulnerability-treatment-policy.html

for the Gentoo Security Project,

-- 
Kristian Fiskerstrand
OpenPGP keyblock reachable at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3

Attachments

File name MIME type
signature.asc application/pgp-signature