| 1 |
>> >> GLSA 201512-07 requires that I remove gstreamer-0.10 but I'm |
| 2 |
>> >> finding it rather inextricable due to dependencies. Has anyone |
| 3 |
>> >> else run into this problem? |
| 4 |
>> > |
| 5 |
>> > I think this is another case of glsa-check not handling slots |
| 6 |
>> > correctly. |
| 7 |
>> |
| 8 |
>> I believe it handles ranges fine, but it seems that we occasionally |
| 9 |
>> have GLSAs that don't correctly specify ranges. You can log a bug |
| 10 |
>> against it. |
| 11 |
> |
| 12 |
> AFAICT, details of the gstreamer bug itself haven't been made public |
| 13 |
> yet, and nobody is sure whether the unmaintained 0.10 branch needs a |
| 14 |
> patch. See <https://bugs.gentoo.org/show_bug.cgi?id=553742#c11> and |
| 15 |
> the following comment. |
| 16 |
|
| 17 |
|
| 18 |
So everyone is just living with the supposed security vulnerability on |
| 19 |
their system? |
| 20 |
|
| 21 |
- Grant |
Archives