On Tuesday 11 October 2011 14:50:27 Francisco Blas Izquierdo Riera (klondike)
> This can be inconvenient since security issues fixed in those left over
> packages won't be applied properly.
`glsa-check -f affected`. i thought there was talk of an automatic @security
set at some point, but not s
On Tue, 2011-10-11 at 23:10 -0700, Zac Medico wrote:
> On 10/11/2011 10:59 PM, Graham Murray wrote:
> > Zac Medico writes:
> >
> >> On 10/11/2011 10:28 PM, Mike Gilbert wrote:
> >>> Francisco raised a possibly valid point in his original message: though
> >>> packages may not be currently used fo
On 10/11/2011 10:59 PM, Graham Murray wrote:
> Zac Medico writes:
>
>> On 10/11/2011 10:28 PM, Mike Gilbert wrote:
>>> Francisco raised a possibly valid point in his original message: though
>>> packages may not be currently used for anything, but they could contain
>>> un-patched security flaws.
Zac Medico writes:
> On 10/11/2011 10:28 PM, Mike Gilbert wrote:
>> Francisco raised a possibly valid point in his original message: though
>> packages may not be currently used for anything, but they could contain
>> un-patched security flaws.
>
> If they contain something that's accessed at run
On 10/11/2011 10:28 PM, Mike Gilbert wrote:
> On 10/12/2011 12:54 AM, Zac Medico wrote:
>> On 10/11/2011 12:56 PM, Michał Górny wrote:
>>> Or go with a saner defaults...
>>
>> So, are any of the following sane?
>>
>> 1) Pull in updates for packages even though those packages won't be used
>> for a
On 10/12/2011 12:54 AM, Zac Medico wrote:
> On 10/11/2011 12:56 PM, Michał Górny wrote:
>> Or go with a saner defaults...
>
> So, are any of the following sane?
>
> 1) Pull in updates for packages even though those packages won't be used
> for anything.
>
Francisco raised a possibly valid point
On 10/11/2011 12:56 PM, Michał Górny wrote:
> Or go with a saner defaults...
So, are any of the following sane?
1) Pull in updates for packages even though those packages won't be used
for anything.
2) Pull in build-time dependencies for packages that are already built,
even though no portage ve
On 10/11/2011 02:04 PM, Mike Gilbert wrote:
> On Tue, Oct 11, 2011 at 2:50 PM, Francisco Blas Izquierdo Riera
> (klondike) wrote:
>> So, is there any reason for this behaviour? Shouldn't build dependencies
>> either be cleaned with --depclean after building or be upgraded to avoid
>> possible issu
On 10/11/2011 11:50 AM, Francisco Blas Izquierdo Riera (klondike) wrote:
> Hi,
>
> Today I have found that build dependencies are left in the system but
> won't be upgraded when running emerge -vauD1 world.
> This can be inconvenient since security issues fixed in those left over
> packages won't
On Tue, Oct 11, 2011 at 2:50 PM, Francisco Blas Izquierdo Riera
(klondike) wrote:
> So, is there any reason for this behaviour? Shouldn't build dependencies
> either be cleaned with --depclean after building or be upgraded to avoid
> possible issues?
>
I agree: with-bdeps should either default to
El 11/10/11 21:36, Alec Warner escribió:
> On Tue, Oct 11, 2011 at 12:23 PM, Francisco Blas Izquierdo Riera
> (klondike) wrote:
>> El 11/10/11 20:55, Markos Chandras escribió:
>>> On 10/11/11 19:50, Francisco Blas Izquierdo Riera (klondike) wrote:
Hi,
Today I have found that build depend
On Tue, 11 Oct 2011 12:36:15 -0700
Alec Warner wrote:
> On Tue, Oct 11, 2011 at 12:23 PM, Francisco Blas Izquierdo Riera
> (klondike) wrote:
> > El 11/10/11 20:55, Markos Chandras escribió:
> >> On 10/11/11 19:50, Francisco Blas Izquierdo Riera (klondike) wrote:
> >> > Hi,
> >>
> >> > Today I ha
On Tue, Oct 11, 2011 at 12:23 PM, Francisco Blas Izquierdo Riera
(klondike) wrote:
> El 11/10/11 20:55, Markos Chandras escribió:
>> On 10/11/11 19:50, Francisco Blas Izquierdo Riera (klondike) wrote:
>> > Hi,
>>
>> > Today I have found that build dependencies are left in the system
>> > but won't
El 11/10/11 20:55, Markos Chandras escribió:
> On 10/11/11 19:50, Francisco Blas Izquierdo Riera (klondike) wrote:
> > Hi,
>
> > Today I have found that build dependencies are left in the system
> > but won't be upgraded when running emerge -vauD1 world. This can be
> > inconvenient since security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 10/11/11 19:50, Francisco Blas Izquierdo Riera (klondike) wrote:
> Hi,
>
> Today I have found that build dependencies are left in the system
> but won't be upgraded when running emerge -vauD1 world. This can be
> inconvenient since security issue
Hi,
Today I have found that build dependencies are left in the system but
won't be upgraded when running emerge -vauD1 world.
This can be inconvenient since security issues fixed in those left over
packages won't be applied properly.
So, is there any reason for this behaviour? Shouldn't build depe
16 matches
Mail list logo
