On Sunday 28 May 2006 21:20, Ned Ludd wrote:
> The following maintainers and maintaining herds are affected by this
> in one way or another. This list is still far to large for me want to
> file a bug for.. So please do what you can to help narrow this list
> down.
>
> Granted not all cases can be
On Sun, 2006-05-28 at 14:20 -0400, Ned Ludd wrote:
Package: games-fps/cube Herd: games Maintainer: games
This will likely be removed soon, as upstream has abandoned it.
Package: games-fps/doomsday Herd: games Maintainer: games
Waiting on a new upstream release. Upstream is active, so we expect
On Sun, 2006-05-28 at 13:18 -0700, Robin H. Johnson wrote:
> On Sun, May 28, 2006 at 02:20:55PM -0400, Ned Ludd wrote:
> > Package: net-nds/openldap Herd: ldap Maintainer: [EMAIL PROTECTED]
> We will be keeping the most recent version of each of the major
> releases, as there are still people using
On Sun, May 28, 2006 at 02:20:55PM -0400, Ned Ludd wrote:
> Package: net-nds/openldap Herd: ldap Maintainer: [EMAIL PROTECTED]
We will be keeping the most recent version of each of the major
releases, as there are still people using them for interoperability with
other systems.
> Package: sys-auth
The following maintainers and maintaining herds are affected by this
in one way or another. This list is still far to large for me want to
file a bug for.. So please do what you can to help narrow this list
down.
Granted not all cases can be solved easily especially when it's some
misc arch wh
On Wed, 2006-05-24 at 00:11 -0400, Doug Goldstein wrote:
> My opinion is "snap, crackle, and pop"... let the tree break. But better
> yet... figure out what depends on package X <=1.0 and p.mask it.
Umm... anything that depends on the package in question *should* be
getting masked. There's no opi
On Tue, 2006-05-23 at 15:36 -0700, Brian Harring wrote:
> On Tue, May 23, 2006 at 06:24:31PM -0400, Chris Gianelloni wrote:
> > On Tue, 2006-05-23 at 15:05 -0700, Brian Harring wrote:
> > > On Tue, May 23, 2006 at 05:46:09PM -0400, Chris Gianelloni wrote:
> > > > I completely understand this. Howe
Brian Harring wrote:
>
> Commented in #-security about it, but any reason that arches don't yank
> their keywords from insecure ebuilds after they've stabled a
> replacement?
>
Brian,
I asked about this VERY same thing a long while back and at best I
received "Because person X said no." So yo
On Tue, 23 May 2006 13:44:09 -0700
Brian Harring <[EMAIL PROTECTED]> wrote:
> Couple more reports generated (in the parent dir, dropped keywords,
> imlate, packages that have just ~arch, ebuild metadata verification,
> and "ebuild has been unstable for arch X for greater then N days).
Seems like
On Tue, May 23, 2006 at 06:24:31PM -0400, Chris Gianelloni wrote:
> On Tue, 2006-05-23 at 15:05 -0700, Brian Harring wrote:
> > On Tue, May 23, 2006 at 05:46:09PM -0400, Chris Gianelloni wrote:
> > > I completely understand this. However, in most cases the reason the
> > > older packages are still
On Tue, 2006-05-23 at 15:05 -0700, Brian Harring wrote:
> On Tue, May 23, 2006 at 05:46:09PM -0400, Chris Gianelloni wrote:
> > I completely understand this. However, in most cases the reason the
> > older packages are still in the tree is because *somebody* doesn't have
> > it stable yet.
>
> St
On Tue, 2006-05-23 at 17:50 -0400, Ned Ludd wrote:
> Feel free to fire off a request to ferringb.
> He is trying to be helpful here and I'm all for taking
> advantage of that.
Oh, absolutely. I didn't mean to come across sounding like I wasn't
grateful for the information he's providing. I was
On Tue, May 23, 2006 at 05:46:09PM -0400, Chris Gianelloni wrote:
> I completely understand this. However, in most cases the reason the
> older packages are still in the tree is because *somebody* doesn't have
> it stable yet.
Strictly stable, or unstable?
What about profiles, which to account
On Tue, 2006-05-23 at 16:51 -0400, Chris Gianelloni wrote:
> On Tue, 2006-05-23 at 16:22 -0400, Ned Ludd wrote:
> > And now per arch breakdowns.
> > http://gentooexperimental.org/~ferringb/reports/arch-vulnerabilities/
>
> No offense, but that isn't exactly useful in its current form.
heh.
> F
On Tue, 2006-05-23 at 14:06 -0700, Brian Harring wrote:
> On Tue, May 23, 2006 at 04:51:06PM -0400, Chris Gianelloni wrote:
> > On Tue, 2006-05-23 at 16:22 -0400, Ned Ludd wrote:
> > > And now per arch breakdowns.
> > > http://gentooexperimental.org/~ferringb/reports/arch-vulnerabilities/
> >
> >
On Tue, May 23, 2006 at 04:51:06PM -0400, Chris Gianelloni wrote:
> On Tue, 2006-05-23 at 16:22 -0400, Ned Ludd wrote:
> > And now per arch breakdowns.
> > http://gentooexperimental.org/~ferringb/reports/arch-vulnerabilities/
>
> No offense, but that isn't exactly useful in its current form. For
On Tue, 2006-05-23 at 16:22 -0400, Ned Ludd wrote:
> And now per arch breakdowns.
> http://gentooexperimental.org/~ferringb/reports/arch-vulnerabilities/
No offense, but that isn't exactly useful in its current form. For
example, x86 shows *all* of the packages, even ones where it has a
non-vulne
On Tue, May 23, 2006 at 04:22:30PM -0400, Ned Ludd wrote:
> And now per arch breakdowns.
> http://gentooexperimental.org/~ferringb/reports/arch-vulnerabilities/
Couple more reports generated (in the parent dir, dropped keywords,
imlate, packages that have just ~arch, ebuild metadata verification,
And now per arch breakdowns.
http://gentooexperimental.org/~ferringb/reports/arch-vulnerabilities/
On Sun, 2006-05-21 at 23:02 -0400, Ned Ludd wrote:
> ferringb took the time to write a parser and setup a cronjob
> (every 4 hours at the half hour) to parse over our GLSA's and see what
> pkgs re
No need to cc, I'm on the ml (realize the norm is to cc, but no point
in spamming me twice ;)
On Sun, May 21, 2006 at 10:25:12PM -0700, Robin H. Johnson wrote:
> On Sun, May 21, 2006 at 11:02:22PM -0400, Ned Ludd wrote:
> > ferringb took the time to write a parser and setup a cronjob
> > (every
On Sun, May 21, 2006 at 11:02:22PM -0400, Ned Ludd wrote:
> ferringb took the time to write a parser and setup a cronjob
> (every 4 hours at the half hour) to parse over our GLSA's and see what
> pkgs remain in the tree and have nothing but newer versions stable. I
[snip]
Just because old versio
ferringb took the time to write a parser and setup a cronjob
(every 4 hours at the half hour) to parse over our GLSA's and see what
pkgs remain in the tree and have nothing but newer versions stable. I
did a bit of re parsing on his logfile to obtain herds & maintainers.
The list is big (very big
22 matches
Mail list logo
