I am of the opinion it is irresponsible to leave vulnerable versions of Qt with known security bugs any longer in the tree. The Qt team therefore requests that arches that have not done so already move quickly on stabilizing Qt 4.5.3, see bug 290922 and 283810.
We plan on REMOVING or at the very least HARDMASKING pending removal all <=4.5.2 ebuilds by the end of this week. This means that arches that have not stabilized 4.5.3 would loose their stable Qt4 version. Please let us know if there is any way in which we can assist arches. We are aware that some arches are down to one active person. But if there is no other way, maybe the status of such arches should be reconsidered. We especially request ppc64 to be marked as an experimental arch, as it is the worst one lagging in stabilization. See bug 281821 for a poignant example, a 3 months open security bug. Regards, -- Ben de Groot Gentoo Linux developer (qt, media, lxde, desktop-misc) ______________________________________________________
