123084 – glsa-check -tv is broken

Bug 123084 - glsa-check -tv is broken

Summary: glsa-check -tv is broken

Status:	RESOLVED FIXED

Alias:	None

Product:	Portage Development
Classification:	Unclassified
Component:	Tools (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Portage Tools Team

URL:
Whiteboard:
Keywords:	InVCS

Depends on:
Blocks:

Reported:	2006-02-16 13:31 UTC by Simon Stelling (RETIRED)
Modified:	2006-06-19 20:53 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Simon Stelling (RETIRED) gentoo-dev

2006-02-16 13:31:37 UTC

# glsa-check -tv new
This system is affected by the following GLSAs:
200512-08 ( libtasn1, GNU TLS: Security flaw in DER decoding )
200601-11 ( libtasn1, GNU TLS: Security flaw in DER decoding )
200601-17 ( libtasn1, GNU TLS: Security flaw in DER decoding )
200602-01 ( libtasn1, GNU TLS: Security flaw in DER decoding )
200602-04 ( libtasn1, GNU TLS: Security flaw in DER decoding )
200602-08 ( libtasn1, GNU TLS: Security flaw in DER decoding )

The GLSA IDs are correct, but obviously the description is always taken from the last one.

both app-portage/gentoolkit-0.2.1 and 0.2.2_pre2 show this issue

Comment 1 Marius Mauch (RETIRED) gentoo-dev

2006-02-16 14:01:34 UTC

Actually the bug is even worse, the summary is taken from the last processed glsa, doesn't have to be the last in the list. Not a good idea to use a loop variable outside the loop.
Fixed in SVN.

Comment 2 Paul Varner (RETIRED) gentoo-dev

2006-06-19 20:53:43 UTC

Released in gentoolkit-0.2.2