From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-server+bounces-3495-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1QPNBF-0003sE-Hn
	for garchives@archives.gentoo.org; Wed, 25 May 2011 23:07:57 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id ABDA71C42D
	for <garchives@archives.gentoo.org>; Wed, 25 May 2011 23:07:56 +0000 (UTC)
Received: from bombastor.soundbomb.net (sdbnet01.soundbomb.net [213.41.185.190])
	by pigeon.gentoo.org (Postfix) with ESMTP id B7EA11C020
	for <gentoo-server@lists.gentoo.org>; Wed, 25 May 2011 22:24:58 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by bombastor.soundbomb.net (Postfix) with ESMTP id DF953D4069
	for <gentoo-server@lists.gentoo.org>; Thu, 26 May 2011 00:24:57 +0200 (CEST)
X-Virus-Scanned: amavisd-new at soundbomb.net
Received: from bombastor.soundbomb.net ([127.0.0.1])
	by localhost (bombastor.soundbomb.net [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id JlnXqsUQxJal for <gentoo-server@lists.gentoo.org>;
	Thu, 26 May 2011 00:24:53 +0200 (CEST)
Received: from [10.1.100.46] (sdblt002.soundbomb.local [10.1.100.46])
	(using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits))
	(No client certificate requested)
	by bombastor.soundbomb.net (Postfix) with ESMTPSA id A55A9D403F
	for <gentoo-server@lists.gentoo.org>; Thu, 26 May 2011 00:24:53 +0200 (CEST)
Message-ID: <4DDD81B5.5090505@soundbomb.net>
Date: Thu, 26 May 2011 00:24:53 +0200
From: mRyOuNg <mryoung@soundbomb.net>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.17) Gecko/20110501 Lightning/1.0b3pre Thunderbird/3.1.10
Precedence: bulk
List-Post: <mailto:gentoo-server@lists.gentoo.org>
List-Help: <mailto:gentoo-server+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-server+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-server+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-server.gentoo.org>
X-BeenThere: gentoo-server@lists.gentoo.org
Reply-to: gentoo-server@lists.gentoo.org
MIME-Version: 1.0
To: gentoo-server@lists.gentoo.org
Subject: Re: [gentoo-server] Managing multiple servers.
References: <BAY153-w1354DEAA9272266123023B9E720@phx.gbl> <BANLkTin2TNuGfK0X_WZd5zRwo50+YCA+QQ@mail.gmail.com> <BANLkTinzxUJ1oLapSG1b4Z2BTnVSPrpH1g@mail.gmail.com> <4DDD53CE.6000504@gmail.com> <7D2D0680-9CB9-45BA-8FE1-50702E86FBAD@soundbomb.net> <4DDD6293.3060202@gmail.com>
In-Reply-To: <4DDD6293.3060202@gmail.com>
X-Enigmail-Version: 1.1.2
OpenPGP: id=B48D940D
Content-Type: multipart/alternative;
 boundary="------------080000000400030506040901"
X-Archives-Salt: 
X-Archives-Hash: fe74342ae01832976996030e4d484d3b

This is a multi-part message in MIME format.
--------------080000000400030506040901
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit

On 05/25/2011 10:12 PM, Kristjan Kalder wrote:
> Is the glsa-check database (or from where it gets its information)
> updated on a regular basis or how does it work?
> If I run the 'glsa-check -t affected' it newer shows me anything.
>

Il I remember well, glsa infos are stored in /usr/portage (metadata or
something)...
glsa-check -t affected should list all unsecure packages...
glsa are updated directly into portage repository, by GLSA team ...

So If GLSA team have infos about an unsecure package, you should be
informed with glsa-check... and a regular emerge --sync...

However, GLSA team seems really busy as there's no new GLSA since
sometimes now ...

To me, I know I love the way Gentoo is working, and the portage
customization (use flags and such) ... but I don't upgrade my packages
so oftenly ... mainly because of time issue.
Something like, every month for my desktops, and every 3/6 months for my
servers ... and due to this, I'm a bit worried about the fact that GLSA
team doesn't give recent updates about security issues...

Anyway, I still sync everyday, and run glsa-check -m affected just to be
sure :)

Cya


--------------080000000400030506040901
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 7bit

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
  </head>
  <body bgcolor="#ffffff" text="#000000">
    On 05/25/2011 10:12 PM, Kristjan Kalder wrote:
    <blockquote cite="mid:4DDD6293.3060202@gmail.com" type="cite">
      <meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
      Is the glsa-check database (or from where it gets its information)
      updated on a regular basis or how does it work?<br>
      If I run the 'glsa-check -t affected' it newer shows me anything.<br>
      <br>
    </blockquote>
    <br>
    Il I remember well, glsa infos are stored in /usr/portage (metadata
    or something)...<br>
    glsa-check -t affected should list all unsecure packages...<br>
    glsa are updated directly into portage repository, by GLSA team ...<br>
    <br>
    So If GLSA team have infos about an unsecure package, you should be
    informed with glsa-check... and a regular emerge --sync...<br>
    <br>
    However, GLSA team seems really busy as there's no new GLSA since
    sometimes now ...<br>
    <br>
    To me, I know I love the way Gentoo is working, and the portage
    customization (use flags and such) ... but I don't upgrade my
    packages so oftenly ... mainly because of time issue.<br>
    Something like, every month for my desktops, and every 3/6 months
    for my servers ... and due to this, I'm a bit worried about the fact
    that GLSA team doesn't give recent updates about security issues...<br>
    <br>
    Anyway, I still sync everyday, and run glsa-check -m affected just
    to be sure :)<br>
    <br>
    Cya<br>
    <br>
  </body>
</html>

--------------080000000400030506040901--