On Tue, 6 Mar 2012 10:32:35 -0800
Grant wrote:
> I've been checking this daily for a while:
>
> http://www.gentoo.org/security/en/glsa/index.xml
>
> but every time there's a vulnerability in a package I
> know I have installed, my installed version is
> unaffected. If I emerge world daily, do
>> I've been checking this daily for a while:
>>
>> http://www.gentoo.org/security/en/glsa/index.xml
>>
>> but every time there's a vulnerability in a package I know I have
>> installed, my installed version is unaffected. If I emerge world
>> daily, do I need to check on GLSA's?
>
> If you run te
>> I've been checking this daily for a while:
>>
>> http://www.gentoo.org/security/en/glsa/index.xml
>>
>> but every time there's a vulnerability in a package I know I have
>> installed, my installed version is unaffected. If I emerge world
>> daily, do I need to check on GLSA's?
>>
>> - Grant
>>
Am 06.03.2012 19:32, schrieb Grant:
> I've been checking this daily for a while:
>
> http://www.gentoo.org/security/en/glsa/index.xml
>
> but every time there's a vulnerability in a package I know I have
> installed, my installed version is unaffected. If I emerge world
> daily, do I need to che
On Tue, 6 Mar 2012 10:32:35 -0800, Grant wrote:
> I've been checking this daily for a while:
>
> http://www.gentoo.org/security/en/glsa/index.xml
>
> but every time there's a vulnerability in a package I know I have
> installed, my installed version is unaffected. If I emerge world
> daily, do
On 03/06/12 13:32, Grant wrote:
> I've been checking this daily for a while:
>
> http://www.gentoo.org/security/en/glsa/index.xml
>
> but every time there's a vulnerability in a package I know I have
> installed, my installed version is unaffected. If I emerge world
> daily, do I need to check o
I've been checking this daily for a while:
http://www.gentoo.org/security/en/glsa/index.xml
but every time there's a vulnerability in a package I know I have
installed, my installed version is unaffected. If I emerge world
daily, do I need to check on GLSA's?
- Grant
On Tue, 17 Jan 2012 12:35:50 +0200
Alan McKinnon wrote:
> On Mon, 16 Jan 2012 20:29:28 -0200
> Urs Schutz wrote:
>
> > As far as I know acroread is not unmasked in this
> > installation, nor is openssl
> > > # grep -i acro /etc/portage/*
> > > # grep -i ssl /etc/portage/*
> > shows nothing,
On Mon, 16 Jan 2012 20:29:28 -0200
Urs Schutz wrote:
> As far as I know acroread is not unmasked in this
> installation, nor is openssl
> > # grep -i acro /etc/portage/*
> > # grep -i ssl /etc/portage/*
> shows nothing, so acroread and ssl is «stable».
>
> For now I just uninstalled acroread
Today I see the following:
I uninstalled dev-libs/openssl-0.9.8s-r1 because there is
a GLSA (201110-01 / openssl) against it.
But acroread-9.4.2 wants the installation of
openssl-0.9.8s-r1:
> # emerge -uDpvtN world
These are the packages that would be merged, in reverse
order:
Calculating depe
Marco Simeone schrieb:
Hello.
Do you know why glsa-check tells me to update sun-jdk, even if it's
alredy updated ?
# glsa-check -p $(glsa-check -t all)
This system is affected by the following GLSAs:
Checking GLSA 200705-23
The following updates will be performed for this GLSA:
dev-java/s
Marco Simeone wrote:
Hello.
Do you know why glsa-check tells me to update sun-jdk, even if it's alredy
updated ?
# glsa-check -p $(glsa-check -t all)
This system is affected by the following GLSAs:
Checking GLSA 200705-23
The following updates will be performed for this GLSA:
dev-java/sun-j
Hello.
Do you know why glsa-check tells me to update sun-jdk, even if it's alredy
updated ?
# glsa-check -p $(glsa-check -t all)
This system is affected by the following GLSAs:
Checking GLSA 200705-23
The following updates will be performed for this GLSA:
dev-java/sun-jdk-1.5.0.15 (1.6.0.06)
On Monday 19 February 2007 02:43:31 Daniel Iliev wrote:
> > Does glsa-check depend on portage tree syncing? If I haven't synced the
> > portage tree for let's say a couple of months would glsa-check show any
> > security updates that appeared after the last syncing?
>
> I found the answer at the li
Daniel Iliev wrote:
> Hi, everyone
>
> Does glsa-check depend on portage tree syncing? If I haven't synced the
> portage tree for let's say a couple of months would glsa-check show any
> security updates that appeared after the last syncing?
>
>
I found the answer at the link below and it is "y
Hi, everyone
Does glsa-check depend on portage tree syncing? If I haven't synced the
portage tree for let's say a couple of months would glsa-check show any
security updates that appeared after the last syncing?
--
Best regards,
Daniel
--
gentoo-user@gentoo.org mailing list
On Thu, 2006-05-11 at 17:41 -0400, John J. Foster wrote:
> Use at your own risk. I wouln't think of applying anything without
> seeing what it is first. YMMV
I have a cron job that fires off hourly.
#!/bin/sh
glsa-check -f new 2>/dev/null
[[ $? -eq 0 ]] || echo "glsa-che
On Thu, May 11, 2006 at 05:09:41PM -0400, Nick Smith wrote:
> On 5/11/06, Rasmus Andersen <[EMAIL PROTECTED]> wrote:
> >On Thu, May 11, 2006 at 04:35:46PM -0400, Nick Smith wrote:
> >> has anyone written a script that checks for glsa security updates and
> >> then has it auto emerge the packages it
On 5/11/06, Rasmus Andersen <[EMAIL PROTECTED]> wrote:
On Thu, May 11, 2006 at 04:35:46PM -0400, Nick Smith wrote:
> has anyone written a script that checks for glsa security updates and
> then has it auto emerge the packages it needs to get rid of the
> security risk? if so i would be very inte
On Thu, 11 May 2006 16:35:46 -0400, Nick Smith wrote:
> has anyone written a script that checks for glsa security updates and
> then has it auto emerge the packages it needs to get rid of the
> security risk? if so i would be very interested in looking at that
> script. Keeping 5 gentoo machines
On Thu, May 11, 2006 at 04:35:46PM -0400, Nick Smith wrote:
> has anyone written a script that checks for glsa security updates and
> then has it auto emerge the packages it needs to get rid of the
> security risk? if so i would be very interested in looking at that
> script. Keeping 5 gentoo mac
has anyone written a script that checks for glsa security updates and
then has it auto emerge the packages it needs to get rid of the
security risk? if so i would be very interested in looking at that
script. Keeping 5 gentoo machines up to date security wise is
becoming very time consuming.
th
On 12/5/05, Kurt V. Hindenburg <[EMAIL PROTECTED]> wrote:
> On Monday 05 December 2005 09:39, Andres Becerra Sandoval wrote:
> | 45 6 * * * /usr/bin/glsa-check -l new > /tmp/`date +%F`.glsa
> |
> | The problem is that this is not working, it works in the shell, but it
> | doesn't works from cron. I
On Monday 05 December 2005 09:39, Andres Becerra Sandoval wrote:
| 45 6 * * * /usr/bin/glsa-check -l new > /tmp/`date +%F`.glsa
|
| The problem is that this is not working, it works in the shell, but it
| doesn't works from cron. If anybody can enlight me, I would appreciate
| it.
Most of the time,
On 12/5/05, Neil Bothwick <[EMAIL PROTECTED]> wrote:
> On Mon, 5 Dec 2005 15:39:00 +0100, Andres Becerra Sandoval wrote:
>
> > What I want to do is to generate this file everyday with a crontab
> > entry like this:
> >
> > 45 6 * * * /usr/bin/glsa-check -l new > /tmp/`date +%F`.glsa
> >
> > The pro
On Mon, 5 Dec 2005 15:39:00 +0100, Andres Becerra Sandoval wrote:
> What I want to do is to generate this file everyday with a crontab
> entry like this:
>
> 45 6 * * * /usr/bin/glsa-check -l new > /tmp/`date +%F`.glsa
>
> The problem is that this is not working, it works in the shell, but it
>
Hi,
I use often the great tool glsa-check in this way:
/usr/bin/glsa-check -l new > /tmp/`date +%F`.glsa
To produce a file which I could read or mail, to check for
vulnerabilities in a machine.
What I want to do is to generate this file everyday with a crontab
entry like this:
45 6 * * * /usr
On Fri, 15 Jul 2005, Noah Roberts wrote:
> How long between when a GLSA is distributed and glsa-check will pick it
> up? I just got a message from announce that has a GLSA I believe my
> server will be vulnerable to but glsa-check isn't picking it up. In
> fact I just did a 'glsa-check -l | grep
On Saturday 16 July 2005 00:56, Noah Roberts wrote:
> How long between when a GLSA is distributed and glsa-check will pick it
> up? I just got a message from announce that has a GLSA I believe my
> server will be vulnerable to but glsa-check isn't picking it up. In
> fact I just did a 'glsa-check
How long between when a GLSA is distributed and glsa-check will pick it
up? I just got a message from announce that has a GLSA I believe my
server will be vulnerable to but glsa-check isn't picking it up. In
fact I just did a 'glsa-check -l | grep 200507' and nothing showed up.
Does the portage
On Tue, 14 Jun 2005, Holly Bostick wrote:
> I've been running a little scriptlet to test whether I could get mail
> sent to my ISP inbox. The full script runs esync and glsa-check, but
> naturally I didn't want to sync 700 times, so I just ran the glsa-check
> section.
Is this script "glcu" ? ;-)
Holly Bostick wrote:
>$ useflag multislot
>/usr/portage/profiles/use.local.desc:sys-devel/binutils:multislot -
>Allow for multiple versions of binutils to be emerged at once for same
>CTARGET
>/usr/portage/profiles/use.local.desc:sys-devel/gcc:multislot - Allow for
>SLOTs to include minor version
Hi,
Richard Fish wrote:
>Holly Bostick wrote:
>
>
>
>>OK, I'm following both of you so far. Yes, I do have 'multislot' for
>>binutils. I admit it was just guesswork on my part; I read the USE flag
>>description, thought about automake and autoconf, thought that binutils
>>sounded like the kind o
Richard Fish schreef:
> Holly Bostick wrote:
>
>
>>OK, I'm following both of you so far. Yes, I do have 'multislot' for
>>binutils. I admit it was just guesswork on my part; I read the USE flag
>>description, thought about automake and autoconf, thought that binutils
>>sounded like the kind of sy
Neil Bothwick schreef:
> On Wed, 15 Jun 2005 01:52:37 +0200, Holly Bostick wrote:
>
>
>>Checking GLSA 200506-01
>>The following updates will be performed for this GLSA:
>> sys-devel/binutils-2.16-r1 (2.16.1)
>>
>>which it has already re-emerged twice, and yet still reports the same
>>vulnerab
Holly Bostick wrote:
>OK, I'm following both of you so far. Yes, I do have 'multislot' for
>binutils. I admit it was just guesswork on my part; I read the USE flag
>description, thought about automake and autoconf, thought that binutils
>sounded like the kind of system utility that might need simi
On Wed, 15 Jun 2005 01:52:37 +0200, Holly Bostick wrote:
> Checking GLSA 200506-01
> The following updates will be performed for this GLSA:
> sys-devel/binutils-2.16-r1 (2.16.1)
>
> which it has already re-emerged twice, and yet still reports the same
> vulnerability-- and more importantly,
Neil Bothwick schreef:
> On Wed, 15 Jun 2005 00:16:20 +0200, Holly Bostick wrote:
>
>
>>1) trim out a bunch of binutils slots that I may or may not need (and
>>therefore whose loss may break unknown applications), so that glsa-check
>>(which is apparently broken with respect to binutils compiled
On Wed, 15 Jun 2005 00:16:20 +0200, Holly Bostick wrote:
> 1) trim out a bunch of binutils slots that I may or may not need (and
> therefore whose loss may break unknown applications), so that glsa-check
> (which is apparently broken with respect to binutils compiled with the
> multislot USE flag)
Richard Fish schreef:
>> Holly Bostick wrote:
>>
>>
>>So my questions are:
>>
>>1) Am I supposed to have 4 versions of binutils in the first place?
>>
>>
>>
>>
> Do you have USE 'multislot' or 'multitarget' for binutils? If so, then
> looking at /usr/portage/eclass/toolchain-binutils.eclass
>
> 2) How do I get this GLSA to actually apply, or know that it's applied,
> or whatever?
IIRC, glsa-check has an 'inject' option for just this purpose. If you
run glsa-check without command-line parameters, it should print out a
usage message.
Matt
--
gentoo-user@gentoo.org mailing list
Holly Bostick wrote:
>Hi,
>
>So my questions are:
>
>1) Am I supposed to have 4 versions of binutils in the first place?
>
>
Do you have USE 'multislot' or 'multitarget' for binutils? If so, then
looking at /usr/portage/eclass/toolchain-binutils.eclass it seems that
binutils becomes a slotted
Hi,
I've been running a little scriptlet to test whether I could get mail
sent to my ISP inbox. The full script runs esync and glsa-check, but
naturally I didn't want to sync 700 times, so I just ran the glsa-check
section.
To my surprise, I had an open GLSA (I just fixed everything a couple of
d
I find glsa rarely lies, which is more than can be said about the other
three: often one will pick something up but not the others.
This also brings up one of the disadvantages of gentoo's slotting system
- without running something like glsa, its quite possible (probable on
an older system in fac
On Mon, 2005-04-25 at 11:56 +0800, William Kenworthy wrote:
> Are
> etcat -v evolution
[ I] 1.4.6 (0)
[ I] 2.0.3-r2 (2.0)
Hmm.. seems like that may be the case.. Thanks.
--
Ow Mun Heng
Gentoo/Linux on DELL D600 1.4Ghz
98% Microsoft(tm) Free!!
Neuromancer 15:41:02 up 18:47,
Are
etcat -v evolution
equery l evolution
qpkg -i evolution
consistent? This sometimes happens on older systems with upgrades that
slot, and/or clean properly.
glsa-check is a good way to pick this up
BillK
On Mon, 2005-04-25 at 11:10 +0800, Ow Mun Heng wrote:
> 200501-35
--
William Kenwort
On Sat, 2005-04-23 at 15:56 +0800, William Kenworthy wrote:
> In my experience, you may get away with this regime for a short time on
> an almost new system, but it will almost invariably break an older
> system (due to "emerge depclean")
>
> The safest/most reasonable order is
> emerge sync
> gls
47 matches
Mail list logo
