GLSA «201110-01 / openssl» and acroread-9.4.2
On Tue, 17 Jan 2012 12:35:50 +0200
Alan McKinnon <email@example.com> wrote:
> On Mon, 16 Jan 2012 20:29:28 -0200
> Urs Schutz <firstname.lastname@example.org> wrote:
> > As far as I know acroread is not unmasked in this
> > installation, nor is openssl
> > > # grep -i acro /etc/portage/*
> > > # grep -i ssl /etc/portage/*
> > shows nothing, so acroread and ssl is «stable».
> > For now I just uninstalled acroread to prevent the
> > installation of a buggy openssl version, but this seems
> > wrong for a mostly stable installation...
> > Any hints how to proceed? Is there any danger to have an
> > old (and apparently buggy) openssl lib installed in
> > parallel with the recent one?
> That's always a tricky one.
> Users want Adobe's shiny stuff and Adobe is notorious for
> releasing crap software. For whatever reason, acroread on
> x86 profile requires openssl in the 0.9.8 series and that
> can't be worked around.
> The answer to your question is "are you prepared to live
> with it?"
> The GLSA indicates that this is quite a severe issue so
> maybe it should be hard masked. However, that will break
> acroread and there's only one version in the tree.
> Hardmask openssl:0.9.8 means hardmask acroread and that
> means thousands of whinging users.
> So the devs are between a rock and a hard place where all
> the issues are out of their control. The only middle path
> left is to inform all the users as much as possible and
> let them decide for themselves.
> Personally, I would deep-six acroread and use any one of
> the many PDF readers out there.
> The tax authority in my country uses new funky PDF
> features in Reader for on-line tax returns so I need
> access to Reader once a year. For that, there's wine,
> Windows in VirtualBox or the wife's computer.
Thanks for the reply. I switched to app-text/evince , this
seems fine for just reading pdf.