| 1 |
On Thu, Jan 29, 2015 at 7:53 PM, Grant <emailgrant@×××××.com> wrote: |
| 2 |
> |
| 3 |
> glsa-check is working fine, it was a slotted issue. Still curious |
| 4 |
> about a way to check for statically linked packages. |
| 5 |
> |
| 6 |
|
| 7 |
False positives in glsa data aren't unheard of - log those as bugs - |
| 8 |
vulnerable versions should be masked, and non-vulnerable versions |
| 9 |
shouldn't be flagged. So, if an unmasked package is flagged, there is |
| 10 |
a bug of some kind that should be fixed. |
| 11 |
|
| 12 |
Glsa's aren't sent out right now until the last arch is stable. |
| 13 |
|
| 14 |
-- |
| 15 |
Rich |
Archives