On Mon, 16 Jan 2012 20:29:28 -0200 Urs Schutz <u.sch...@bluewin.ch> wrote:
> As far as I know acroread is not unmasked in this > installation, nor is openssl > > # grep -i acro /etc/portage/* > > # grep -i ssl /etc/portage/* > shows nothing, so acroread and ssl is «stable». > > For now I just uninstalled acroread to prevent the > installation of a buggy openssl version, but this seems > wrong for a mostly stable installation... > > Any hints how to proceed? Is there any danger to have an > old (and apparently buggy) openssl lib installed in parallel > with the recent one? That's always a tricky one. Users want Adobe's shiny stuff and Adobe is notorious for releasing crap software. For whatever reason, acroread on x86 profile requires openssl in the 0.9.8 series and that can't be worked around. The answer to your question is "are you prepared to live with it?" The GLSA indicates that this is quite a severe issue so maybe it should be hard masked. However, that will break acroread and there's only one version in the tree. Hardmask openssl:0.9.8 means hardmask acroread and that means thousands of whinging users. So the devs are between a rock and a hard place where all the issues are out of their control. The only middle path left is to inform all the users as much as possible and let them decide for themselves. Personally, I would deep-six acroread and use any one of the many PDF readers out there. The tax authority in my country uses new funky PDF features in Reader for on-line tax returns so I need access to Reader once a year. For that, there's wine, Windows in VirtualBox or the wife's computer. -- Alan McKinnnon alan.mckin...@gmail.com