On Dienstag, 15. Mai 2007, Caleb Tennis wrote:
> I just read the bug, but I don't see any compelling reason against using
> the preserve_old stuff.

The big problem with it is that we do not store information about retained 
libraries and let portage throw warnings. When people miss such a post 
install message, the library potentially remains forever in the system, not 
unlikely with seldom updated stuff linking against it. As soon as a 
vulnerability is popping up, the system is vulnerable, remains vulnerable and 
its owner assumes everything is fine.


Carsten