| Summary: | GLSA 201611-05: bad format of the XML, warning in glsa-check? | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Kalin KOZHUHAROV <kalin> |
| Component: | GLSA Errors | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | alexanderyt, goetzger, randalla |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Attachments: | patch to GLSA 201611-05 | ||
(In reply to Kalin KOZHUHAROV from comment #0) > Created attachment 453420 [details, diff] [details, diff] > patch to GLSA 201611-05 > > I started to get warnings in several scripts that monitor GLSAs... > > Here is the simplest reproducible command (ran after `emaint sync --all`): > > $ /usr/bin/glsa-check -q --verbose -l affected > invalid GLSA: 201611-05 (error message was: (u'Invalid Tag found: ', > u'table')) > > (note: no errors showed when ran without "--verbose") > > $ equery b /usr/bin/glsa-check > * Searching for /usr/bin/glsa-check ... > app-portage/gentoolkit-0.3.0.9-r2 (/usr/bin/glsa-check -> > ../lib/python-exec/python-exec2) > > (that is currently stable) > > After some investigation, that GLSA contains <table> element which is not > supposed to be there I guess. And its badly formatted anyway (did someone > use WYSIWYG editor??) > > Here is a quick patch (included). > > Also, a good QA practice will be to run a check with `glsa-check --verbose` > before commit :-) No, no one used a WYSIWYG editor. These are generated from internal tools used by the security team. I am not sure why this happened, but we will have infra take a look at GLSAMaker if it continues. |
Created attachment 453420 [details, diff] patch to GLSA 201611-05 I started to get warnings in several scripts that monitor GLSAs... Here is the simplest reproducible command (ran after `emaint sync --all`): $ /usr/bin/glsa-check -q --verbose -l affected invalid GLSA: 201611-05 (error message was: (u'Invalid Tag found: ', u'table')) (note: no errors showed when ran without "--verbose") $ equery b /usr/bin/glsa-check * Searching for /usr/bin/glsa-check ... app-portage/gentoolkit-0.3.0.9-r2 (/usr/bin/glsa-check -> ../lib/python-exec/python-exec2) (that is currently stable) After some investigation, that GLSA contains <table> element which is not supposed to be there I guess. And its badly formatted anyway (did someone use WYSIWYG editor??) Here is a quick patch (included). Also, a good QA practice will be to run a check with `glsa-check --verbose` before commit :-)