On Tue, Jan 06, 2015 at 05:47:10PM -0600, William Hubbs wrote:
> # Sergey Popov (04 Sep 2014)
> # Security mask, wrt bugs #488212, #498164, #500260,
> # #507802 and #518718
># Ulrich Müller (15 Jul 2014)
> # Permanently mask sys-libs/lib-compat and its reverse dependencies,
> # pending multip
On Tue, 6 Jan 2015 17:47:10 -0600
William Hubbs wrote:
> # Michael Weber (9 Jul 2013)
> # Masked for security bug 450746, CVE-2012-6095
>
signature.asc
Description: PGP signature
On Thu, Jan 08, 2015 at 04:26:02AM +0300, Andrew Savchenko wrote:
> On Tue, 6 Jan 2015 17:47:10 -0600 William Hubbs wrote:
> > All,
> >
> > these packages have been masked in the tree for months - years with no
> > signs of fixes.
>
> Some of them are binary packages or have no fixes upstream. If
On Tue, 6 Jan 2015 17:47:10 -0600 William Hubbs wrote:
> All,
>
> these packages have been masked in the tree for months - years with no
> signs of fixes.
Some of them are binary packages or have no fixes upstream. If
there are no alternatives in tree for a package, and it works fine
(despite som
On Wed, 7 Jan 2015 12:11:04 -0600 William Hubbs wrote:
> On Wed, Jan 07, 2015 at 12:24:12PM -0500, Mike Pagano wrote:
> > On Wed, Jan 07, 2015 at 12:14:23PM -0500, Mike Gilbert wrote:
> > > If you remove the mask, users will no longer be warned that they are
> > > using a flawed copy of the kernel
On Wed, Jan 07, 2015 at 04:33:19PM -0600, William Hubbs wrote:
> On Wed, Jan 07, 2015 at 02:48:01PM -0500, Mike Pagano wrote:
> > On Wed, Jan 07, 2015 at 01:08:21PM -0600, William Hubbs wrote:
> > > On Wed, Jan 07, 2015 at 01:29:15PM -0500, Mike Pagano wrote:
> > > > On Wed, Jan 07, 2015 at 11:11:3
On Wed, Jan 07, 2015 at 02:48:01PM -0500, Mike Pagano wrote:
> On Wed, Jan 07, 2015 at 01:08:21PM -0600, William Hubbs wrote:
> > On Wed, Jan 07, 2015 at 01:29:15PM -0500, Mike Pagano wrote:
> > > On Wed, Jan 07, 2015 at 11:11:32AM -0600, William Hubbs wrote:
> > > > On Wed, Jan 07, 2015 at 11:21:5
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 01/07/2015 07:48 PM, Kristian Fiskerstrand wrote:
> On 01/07/2015 07:22 PM, Mike Gilbert wrote:
>> On Wed, Jan 7, 2015 at 1:11 PM, William Hubbs
>> wrote:
...
>
>
> My two cents is that this is particularly true for kernel sources.
> For othe
On Wed, Jan 07, 2015 at 01:08:21PM -0600, William Hubbs wrote:
> On Wed, Jan 07, 2015 at 01:29:15PM -0500, Mike Pagano wrote:
> > On Wed, Jan 07, 2015 at 11:11:32AM -0600, William Hubbs wrote:
> > > On Wed, Jan 07, 2015 at 11:21:56AM -0500, Mike Pagano wrote:
> > > > On Tue, Jan 06, 2015 at 05:47:1
On Wed, Jan 07, 2015 at 01:29:15PM -0500, Mike Pagano wrote:
> On Wed, Jan 07, 2015 at 11:11:32AM -0600, William Hubbs wrote:
> > On Wed, Jan 07, 2015 at 11:21:56AM -0500, Mike Pagano wrote:
> > > On Tue, Jan 06, 2015 at 05:47:10PM -0600, William Hubbs wrote:
> > > > All,
> > > > #
> > > > # Pinkie
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 01/07/2015 07:22 PM, Mike Gilbert wrote:
> On Wed, Jan 7, 2015 at 1:11 PM, William Hubbs
> wrote:
>> On Wed, Jan 07, 2015 at 12:24:12PM -0500, Mike Pagano wrote:
>>> On Wed, Jan 07, 2015 at 12:14:23PM -0500, Mike Gilbert wrote:
On Wed, Jan 7
On Wed, Jan 07, 2015 at 11:11:32AM -0600, William Hubbs wrote:
> On Wed, Jan 07, 2015 at 11:21:56AM -0500, Mike Pagano wrote:
> > On Tue, Jan 06, 2015 at 05:47:10PM -0600, William Hubbs wrote:
> > > All,
> > > #
> > > # Pinkie Pie discovered an issue in the futex subsystem that allows a
> > > # loc
On Wed, Jan 7, 2015 at 10:52 AM, William Hubbs wrote:
> My understanding of p.mask is it is never permanent. Things go in
> there until they get fixed or eventually removed.
I disagree with this. In my opinion, it is fine to have permanently
masked packages in some cases. I don't really care what
On Wed, Jan 7, 2015 at 1:11 PM, William Hubbs wrote:
> On Wed, Jan 07, 2015 at 12:24:12PM -0500, Mike Pagano wrote:
>> On Wed, Jan 07, 2015 at 12:14:23PM -0500, Mike Gilbert wrote:
>> > On Wed, Jan 7, 2015 at 12:11 PM, William Hubbs wrote:
>> > > On Wed, Jan 07, 2015 at 11:21:56AM -0500, Mike Pag
On Wed, Jan 07, 2015 at 12:24:12PM -0500, Mike Pagano wrote:
> On Wed, Jan 07, 2015 at 12:14:23PM -0500, Mike Gilbert wrote:
> > On Wed, Jan 7, 2015 at 12:11 PM, William Hubbs wrote:
> > > On Wed, Jan 07, 2015 at 11:21:56AM -0500, Mike Pagano wrote:
> > >> On Tue, Jan 06, 2015 at 05:47:10PM -0600,
On Wed, Jan 07, 2015 at 12:14:23PM -0500, Mike Gilbert wrote:
> On Wed, Jan 7, 2015 at 12:11 PM, William Hubbs wrote:
> > On Wed, Jan 07, 2015 at 11:21:56AM -0500, Mike Pagano wrote:
> >> On Tue, Jan 06, 2015 at 05:47:10PM -0600, William Hubbs wrote:
> >> > All,
> >> >
>
> If you remove the mask,
On Wed, Jan 7, 2015 at 12:11 PM, William Hubbs wrote:
> On Wed, Jan 07, 2015 at 11:21:56AM -0500, Mike Pagano wrote:
>> On Tue, Jan 06, 2015 at 05:47:10PM -0600, William Hubbs wrote:
>> > All,
>> >
>> > these packages have been masked in the tree for months - years with no
>> > signs of fixes.
>>
On Wed, Jan 07, 2015 at 11:21:56AM -0500, Mike Pagano wrote:
> On Tue, Jan 06, 2015 at 05:47:10PM -0600, William Hubbs wrote:
> > All,
> >
> > these packages have been masked in the tree for months - years with no
> > signs of fixes.
> >
> > I am particularly concerned about packages with known s
On Tue, Jan 06, 2015 at 05:47:10PM -0600, William Hubbs wrote:
> All,
>
> these packages have been masked in the tree for months - years with no
> signs of fixes.
>
> I am particularly concerned about packages with known security
> vulnerabilities staying in the main tree masked. If people want t
On Wed, Jan 07, 2015 at 03:10:13PM +0200, Alan McKinnon wrote:
> On 07/01/2015 14:56, Rich Freeman wrote:
> > On Tue, Jan 6, 2015 at 6:47 PM, William Hubbs wrote:
> >>
> >> I am particularly concerned about packages with known security
> >> vulnerabilities staying in the main tree masked. If peopl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 1/6/2015 6:47 PM, William Hubbs wrote:
> All,
>
> these packages have been masked in the tree for months - years with
> no signs of fixes.
>
> I am particularly concerned about packages with known security
> vulnerabilities staying in the main tr
On 07/01/2015 14:56, Rich Freeman wrote:
> On Tue, Jan 6, 2015 at 6:47 PM, William Hubbs wrote:
>>
>> I am particularly concerned about packages with known security
>> vulnerabilities staying in the main tree masked. If people want to keep
>> using those packages, I don't want to stop them, but pa
On Tue, Jan 6, 2015 at 6:47 PM, William Hubbs wrote:
>
> I am particularly concerned about packages with known security
> vulnerabilities staying in the main tree masked. If people want to keep
> using those packages, I don't want to stop them, but packages like this
> should not be in the main tr
All,
these packages have been masked in the tree for months - years with no
signs of fixes.
I am particularly concerned about packages with known security
vulnerabilities staying in the main tree masked. If people want to keep
using those packages, I don't want to stop them, but packages like thi
24 matches
Mail list logo
