-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jason Stubbs wrote:
>On Monday 19 September 2005 15:00, gentuxx wrote: > >>does updating a package for a security fix using the "--oneshot" option >>update the same package that is "housed" in the "world" tree? > > >There is no world "tree". There is only a "list". --oneshot has no affect on >this list. > >>If so, can I assume that the same package will be updated next time I >>update "world"? Meaning, if I run "--oneshot" for >>mozilla-firefox-1.0.6-r7 and mozilla-firefox-1.0.7-r1 comes out, will >>1.0.6-r7 be upgraded to 1.0.7-r1? > > >If it was in the world list prior to you running --oneshot, it'll still be >in the world list afterward. Hence, it will be updated with world. > >>If every security fix comes out with "--oneshot" being recommended, >>how do I know if it's a dependency of a package in world, or an entity >>in world? (This seems like an extension of the questioning above.) > > >What does it matter in the context of a security update? Well, I'm trying to see if I can get a better understanding of how it all fits together. But, I want to make sure that I don't have 2 packages running around on the system (1 patched, and 1 NOT patched). > >>Also, for the most recent firefox update, I would run the command as >>recommended with the "-p" flag, and it would see the package. If I >>run "emerge -Dupv mozilla-firefox" I only get a few of the (supposed) >>dependencies, and not the package itself, while the package installed >>(when I do "emerge search mozilla-firefox") is 1.0.6-r5. > > >If that is the case then 1.0.6-r5 is the latest version available for you >with respect to your current snapshot of the tree. Well, I did an "emerge sync" right before issuing the command above. I would think that if the updated package is available for "--oneshot", it would be available when I run "emerge -Du(p)v world". But that didn't seem to be the case. Again, I'm just trying to understand how this all fits together. Thanks. - -- gentux echo "hfouvyAdpy/ofu" | perl -pe 's/(.)/chr(ord($1)-1)/ge' gentux's gpg fingerprint ==> 34CE 2E97 40C7 EF6E EC40 9795 2D81 924A 6996 0993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDLuNtLYGSSmmWCZMRArF+AJ9gFfQRgSb2ciNNreJ0lNSUbmkZiwCg0m9i 6bkDqhDyVSr4fT/X7GvuRTI= =K2Vt -----END PGP SIGNATURE----- -- gentoo-user@gentoo.org mailing list
