I'm sure I'm just being stupid, but I don't understand the lists of
affected and unaffected version numbers in Gentoo security advisories.
For example:
Package dev-libs/openssl on all architectures
Affected versions < 1.0.2f
Unaffected versions >= 1.0.2f, revision >= 1.0.1r, revision >= 1.0.1s,
revision >= 1.0.1t, revision >= 0.9.8z_p8,
revision >= 0.9.8z_p9, revision >= 0.9.8z_p10,
revision >= 0.9.8z_p11, revision >= 0.9.8z_p12,
revision >= 0.9.8z_p13, revision >= 0.9.8z_p14,
revision >= 0.9.8z_p15
If it's true that versions >= 0.9.8z_p8 are unaffected,
why is there a need to list that versions >= 0.9.8z_p[9-15] are
unaffected? Are <> relationships betwen version numbers within the
0.9.8z_pNNN seriels not transitive?
--
Grant Edwards grant.b.edwards Yow! MMM-MM!! So THIS is
at BIO-NEBULATION!
gmail.com
