From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org)
	by nuthatch.gentoo.org with esmtp (Exim 4.43)
	id 1EHx8B-0008Ea-U1
	for garchives@archives.gentoo.org; Wed, 21 Sep 2005 05:26:56 +0000
Received: from robin.gentoo.org (localhost [127.0.0.1])
	by robin.gentoo.org (8.13.5/8.13.5) with SMTP id j8L5JQuN015439;
	Wed, 21 Sep 2005 05:19:26 GMT
Received: from mail.bway.net (xena.bway.net [216.220.96.26])
	by robin.gentoo.org (8.13.5/8.13.5) with ESMTP id j8L5JPqU015702
	for <gentoo-server@lists.gentoo.org>; Wed, 21 Sep 2005 05:19:25 GMT
Received: (qmail 95891 invoked by uid 0); 21 Sep 2005 05:25:19 -0000
Received: from unknown (HELO ida.bway.net) (216.220.96.4)
  by smtp.bway.net with (EDH-RSA-DES-CBC3-SHA encrypted) SMTP; 21 Sep 2005 05:25:19 -0000
Date: Wed, 21 Sep 2005 01:20:23 -0400 (EDT)
From: "A. Khattri" <ajai@bway.net>
To: gentoo-server@lists.gentoo.org
Subject: Re: [gentoo-server] glsa-check and unused packages
In-Reply-To: <1126381452.17265.4.camel@spider.hotmonkeyporn.com>
Message-ID: <Pine.BSO.4.58.0509210117560.9471@ida.bway.net>
References: <43232AC3.9030706@munat.com> <1126381452.17265.4.camel@spider.hotmonkeyporn.com>
Precedence: bulk
List-Post: <mailto:gentoo-server@lists.gentoo.org>
List-Help: <mailto:gentoo-server+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-server+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-server+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-server.gentoo.org>
X-BeenThere: gentoo-server@gentoo.org
Reply-to: gentoo-server@lists.gentoo.org
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Archives-Salt: c9b63434-ebe8-4acf-8ac8-67e5a206140b
X-Archives-Hash: 14768bd81b6129de2ae868540db585a8

On Sat, 10 Sep 2005, Owen Ford wrote:

> On Sat, 2005-09-10 at 11:49 -0700, Ben Munat wrote:
> > First, glsa-check claims that I'm vulnerable to 200412-02 and 200505-01. The first is
> > pdflib and the second is various horde packages. However, I have the current versions of
> > these installed -- the versions that the glsa says I need to solve the vulnerability. So,
> > why would glsa-check say I'm vulnerable when I'm not?
>
> There are probably versions of those packages slotted.  I use emerge -Cp
> package to see which are installed.

I have a similar problem - the recent changes in Apache coupled with some
updates meant rebuilding mod_php, mod_ssl and apache. glsa-check says Im
still vulnerable despite the updates. I dont have any slotting going on
either so Im still scratching my head.


-- 

-- 
gentoo-server@gentoo.org mailing list