Hi,
This is an automatically created email message.
http://gentoo.tamperd.net/stable has just been updated with 15388 ebuilds.
The page shows results from a number of tests that are run against the ebuilds.
The tests are:
* if a version has been masked for 30 days or more.
* if an arch was in KE
Kevin F. Quinn (Gentoo) wrote:
> # Xorg server is unaviodably suid with lazy bindings
> RESTRICT="stricter"
>
> to the xorg-server ebuild to stop it dying for people with
> FEATURES=stricter (the comment helps people who have enabled STRICTER
> to see why it's disabled, in case anything else crop
On Sun, 14 May 2006 12:46:23 +0200
Harald van Dijk <[EMAIL PROTECTED]> wrote:
> The idea of filter-ldflags is a bad one, IMO. There are an infinite
> number of ways to enable a flag (for -z now: -Wl,-z,now;
> -Wl,-z -Wl,now; -Xlinker -z -Xlinker -now; -Wl,-O1,-z,now; ...). Even
> if you restrict y
Ikelos pointed out (thanks!), that only vnc 4.1.X is affected. Since we
don't ship such a version, the security bug is invalid, but the
maintainer problem remains.
Sorry for any inconvenience,
DerCorny
--
gentoo-dev@gentoo.org mailing list
On Sunday 14 May 2006 09:14, Stefan Cornelius wrote:
> net-misc/vnc is vulnerable to an information leak that might lead to
> password disclosure (bug #133219). Unfortunately, the original
> maintainer aliz is at least semi-retired, thus we're looking for a new
> maintainer.
too bad they havent pr
Hi Folks,
net-misc/vnc is vulnerable to an information leak that might lead to
password disclosure (bug #133219). Unfortunately, the original
maintainer aliz is at least semi-retired, thus we're looking for a new
maintainer.
So, if you've some love left for a lonely, homeless package like vnc,
th
On Sun, May 14, 2006 at 11:32:13AM +0200, Kevin F. Quinn (Gentoo) wrote:
[...]
> In summary, for Duncan's issue I suggest adding:
>
> # Xorg server is unaviodably suid with lazy bindings
> RESTRICT="stricter"
>
> to the xorg-server ebuild to stop it dying for people with
> FEATURES=stricter (the
On Sat, 13 May 2006 23:04:10 -0700
Donnie Berkholz <[EMAIL PROTECTED]> wrote:
> Kevin F. Quinn (Gentoo) wrote:
>
> Oh, OK, let's argue semantics. It's suggested by a hardened user on a
> bug the hardened team is CC'd on, but the team didn't say anything was
> wrong with the change.
That's because
Donnie Berkholz <[EMAIL PROTECTED]> posted [EMAIL PROTECTED],
excerpted below, on Sat, 13 May 2006 23:04:10 -0700:
>> With regards to Duncan's (non-hardened) problem, adding:
>>
>> filter-ldflags -Wl,-z,now
>>
>> to x-modular.eclass as he suggests should be fine; his issue is
>> different to th
