glsa-check -f new or -f all fails with the following error: Fixing GLSA 200406-07 >>> no vulnerable packages installed Traceback (most recent call last): File "/usr/bin/glsa-check", line 290, in <module> if len(mergelist): NameError: name 'mergelist' is not defined python-updater doesn't pick up any problems and revdep-rebuild doesn't either. Reproducible: Always Steps to Reproduce: 1.glsa-check -f new 2. The error message appears Actual Results: glsa-check crashes. Expected Results: glsa-check succeeds. Portage 2.1.6.13 (default/linux/amd64/2008.0, gcc-4.3.3, glibc-2.10.1-r0, 2.6.28-gentoo-r5 x86_64) ================================================================= System uname: Linux-2.6.28-gentoo-r5-x86_64-Intel-R-_Core-TM-2_Duo_CPU_P8400_@_2.26GHz-with-gentoo-2.0.1 Timestamp of tree: Mon, 22 Jun 2009 07:00:01 +0000 ccache version 2.4 [disabled] app-shells/bash: 4.0_p24 dev-java/java-config: 2.1.8-r1 dev-lang/python: 2.5.4-r2, 2.6.2-r1 dev-python/pycrypto: 2.0.1-r8 dev-util/ccache: 2.4-r8 dev-util/cmake: 2.6.4 sys-apps/baselayout: 2.0.1 sys-apps/openrc: 0.4.3-r3 sys-apps/sandbox: 2.0 sys-devel/autoconf: 2.13, 2.63-r1 sys-devel/automake: 1.5, 1.9.6-r2, 1.10.2, 1.11 sys-devel/binutils: 2.19.1-r1 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6a virtual/os-headers: 2.6.29 ACCEPT_KEYWORDS="amd64 ~amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=core2 -O2 -pipe -msse4.1" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /var/lib/hsqldb" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/udev/rules.d" CXXFLAGS="-march=core2 -O2 -pipe -msse4.1" DISTDIR="/usr/portage/distfiles" FEATURES="distlocks fixpackages parallel-fetch protect-owned sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="ftp://gentoo.arcticnetwork.ca/pub/gentoo/ http://gentoo.arcticnetwork.ca/source/ ftp://mirrors.tera-byte.com/pub/gentoo http://gentoo.mirrors.tera-byte.com/ http://mirror.csclub.uwaterloo.ca/gentoo-distfiles/ ftp://mirror.csclub.uwaterloo.ca/gentoo-distfiles/ ftp://distro.ibiblio.org/pub/linux/distributions/gentoo/ http://distro.ibiblio.org/pub/linux/distributions/gentoo/ ftp://ftp.gtlib.gatech.edu/pub/gentoo http://www.gtlib.gatech.edu/pub/gentoo http://gentoo.cites.uiuc.edu/pub/gentoo/ ftp://gentoo.cites.uiuc.edu/pub/gentoo/ " LDFLAGS="-Wl,-O1" LINGUAS="en en_US ca en_CA bg" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/overlays/crossdev" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="X a52 aac acl acpi alsa amd64 avahi bash-completion berkdb bluetooth bonjour branding bzip2 cairo cdr cli consolekit cracklib crypt css cups dbus dri dvb dvd dvdr encode exif faac faad ffmpeg flac fortran gdbm gnome gnome-keyring gphoto2 gpm gstreamer gtk hal iconv ipod ipv6 irda isdnlog java java6 jpeg lame laptop libnotify mad midi mmap mmx mmxext mp3 mpeg mplayer mudflap multilib nautilus ncurses networkmanager nls nptl nptlonly nsplugin ogg opengl openmp pam pcre perl png policykit pppd pulseaudio python readline reflection samba session spl sse sse2 sse3 ssl ssse3 sysfs syslog tcpd theora threads tiff truetype unicode usb v4l v4l2 vorbis wifi x264 xcomposite xinerama xorg xulrunner xvid xvmc zeroconf zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CAMERAS="ptp2" ELIBC="glibc" INPUT_DEVICES="evdev keyboard mouse synaptics" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en en_US ca en_CA bg" USERLAND="GNU" VIDEO_CARDS="vesa radeon radeonhd fglrx" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
$ svn commit -m "Fix traceback with glsa-check -f (Bug 275105)" Sending gentoolkit/ChangeLog Sending gentoolkit/bin/glsa-check Transmitting file data .. Committed revision 665.
Created attachment 195509 [details, diff] glsa-check.275105.patch patch for gentoolkit-0.3.0_rc7
The patch worked fine. Thanks.
(In reply to comment #3) > The patch worked fine. Thanks. > If this patch is working (and it does), when is a new _RC going to be released? It is an RC after all. Isn't testing a wider rage of machines what the RC are for? It would be nice to be able to clear out the glsa "db" on my machines. I can't be alone in wishing a "app-portage/gentoolkit-0.3.0_rc8" be released that has this patch in it. M.
The patch fixes one problem, failing, but there is still another problem with me. This version of glsa-check does not seem to be able to record or recall the list of applied glsa's. As such a call of "glsa-check -l" returns all glsa's in existence.
(In reply to comment #5) > The patch fixes one problem, failing, but there is still another problem with > me. This version of glsa-check does not seem to be able to record or recall the > list of applied glsa's. As such a call of "glsa-check -l" returns all glsa's in > existence. > I confirm this problem. Do you need my emerge --info or anything else?
Jakub, Paul: Please open a new bug report if you consider this to be a regression. The behavior of glsa-check has changed in gentoolkit 0.3 (rc8): - there is only two listing modes: "affected" and "all", "new" is gone (i just made "affected" the new default) - fixed GLSAs are no longer stored in a checkfile (injected) It is still possible to inject GLSAs to make them invisible to glsa-check, but it seemed most reasonable to me to check the system for all GLSAs that admins do not manually add to the file instead of caching that "--fix" has been run once and then never bother about that GLSA again. That behavior did not account for: - changes in glsas - re-emerging/downgrading packages And also, /var/cache was not a good place to store the GLSAs admins injected manually. Please let me know if this breaks some workflow you had been using before and we can discuss options to fix this.
Thanks for the explanation. Bug #281960 opened by Paul.
The change in behavior will be addressed with Bug #281960. The initial issue was fixed a long time ago.
