My machines have cron jobs running "glsa-check --quiet --list affected". These used to not say anything if there were no GLSAs available. Since upgrading to sys-apps/portage-2.3.73, they have started sending me e-mail saying: [A] means this GLSA was marked as applied (injected), [U] means the system is not affected and [N] indicates that the system might be affected. (removing --quiet from parameter list as it isn't a valid GLSA specification) But "man glsa-check" still says: -q, --quiet be less verbose and do not send empty mail (option) Reproducible: Always Steps to Reproduce: Run "glsa-check --quiet --list affected" Actual Results: Prints: (removing --quiet from parameter list as it isn't a valid GLSA specification) [A] means this GLSA was marked as applied (injected), [U] means the system is not affected and [N] indicates that the system might be affected. Expected Results: Nothing should be printed if there are no GLSAs affecting the system. Portage 2.3.73 (python 3.6.9-final-0, default/linux/amd64/17.1/hardened, gcc-9.1.0, glibc-2.29-r4, 5.2.9-gentoo x86_64) ================================================================= System Settings ================================================================= System uname: Linux-5.2.9-gentoo-x86_64-Intel-R-_Core-TM-_i7-2640M_CPU_@_2.80GHz-with-gentoo-2.6 KiB Mem: 16358792 total, 3813444 free KiB Swap: 16777212 total, 15463948 free Timestamp of repository gentoo: Mon, 26 Aug 2019 03:15:01 +0000 Head commit of repository gentoo: 0cbc3eff02fe2fd49c010318a354a018023ec505 Head commit of repository creideiki: dacc5be53344573849256a10e547c04251d3941d sh bash 5.0_p9 ld GNU ld (Gentoo 2.32 p2) 2.32.0 app-shells/bash: 5.0_p9::gentoo dev-java/java-config: 2.2.0-r4::gentoo dev-lang/perl: 5.30.0::gentoo dev-lang/python: 2.7.16::gentoo, 3.5.7::gentoo, 3.6.9::gentoo dev-util/cmake: 3.15.2::gentoo dev-util/pkgconfig: 0.29.2::gentoo sys-apps/baselayout: 2.6-r1::gentoo sys-apps/openrc: 0.42.1::gentoo sys-apps/sandbox: 2.18::gentoo sys-devel/autoconf: 2.13-r1::gentoo, 2.69-r4::gentoo sys-devel/automake: 1.13.4-r2::gentoo, 1.16.1-r1::gentoo sys-devel/binutils: 2.32-r1::gentoo sys-devel/gcc: 9.1.0-r1::gentoo, 9.2.0::gentoo sys-devel/gcc-config: 2.0::gentoo sys-devel/libtool: 2.4.6-r5::gentoo sys-devel/make: 4.2.1-r4::gentoo sys-kernel/linux-headers: 5.2::gentoo (virtual/os-headers) sys-libs/glibc: 2.29-r4::gentoo Repositories: gentoo location: /usr/portage sync-type: rsync sync-uri: rsync://rsync.europe.gentoo.org/gentoo-portage priority: -1000 sync-rsync-verify-metamanifest: yes sync-rsync-extra-opts: --timeout=10 sync-rsync-verify-jobs: 1 sync-rsync-verify-max-age: 24 creideiki location: /usr/local/portage sync-type: git sync-uri: https://github.com/creideiki/portage masters: gentoo rion location: /var/lib/layman/rion masters: gentoo priority: 50 seden location: /var/lib/layman/seden masters: gentoo priority: 50 steam-overlay location: /var/lib/layman/steam-overlay masters: gentoo priority: 50 torbrowser location: /var/lib/layman/torbrowser masters: gentoo priority: 50 ACCEPT_KEYWORDS="amd64 ~amd64" ACCEPT_LICENSE="@FREE" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=native -O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/lib64/libreoffice/program/sofficerc /usr/share/config /usr/share/gnupg/qualified.txt" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c" CXXFLAGS="-march=native -O2 -pipe" DISTDIR="/usr/portage/distfiles" EMERGE_DEFAULT_OPTS="--alphabetical --keep-going --quiet-build=n --verbose-conflicts" ENV_UNSET="DBUS_SESSION_BUS_ADDRESS DISPLAY GOBIN PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR" FCFLAGS="-O2 -pipe" FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs buildpkg config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync multilib-strict network-sandbox news parallel-fetch parallel-install pid-sandbox preserve-libs protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr" FFLAGS="-O2 -pipe" GENTOO_MIRRORS="http://mirror.mdfnet.se/gentoo http://gentoo.oregonstate.edu http://www.ibiblio.org/pub/Linux/distributions/gentoo http://distfiles.gentoo.org" LDFLAGS="-Wl,-O1 -Wl,--as-needed -Wl,-O1 -Wl,--hash-style=gnu -Wl,--enable-new-dtags" MAKEOPTS="-j4" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_EXTRA_OPTS="--timeout=10" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git" PORTAGE_TMPDIR="/var/tmp" USE="X acl alsa amd64 bzip2 cairo consolekit crypt cups cxx dbus dri dri3 egl flac fontconfig gif hardened iconv ipv6 jpeg kde libtirpc mp3 multilib ncurses nls nptl ogg opengl openmp pam pcre pie png policykit qt3support qt5 readline seccomp split-usr ssl ssp tiff truetype udisks unicode upower vaapi vorbis xattr xcb xkb xtpax zlib" ABI_X86="64" ALSA_CARDS="hda-intel" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="karbon sheets words" CAMERAS="canon" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="aes avx mmx mmxext popcnt sse sse2 sse3 sse4_1 sse4_2 ssse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" GRUB_PLATFORMS="pc" INPUT_DEVICES="evdev wacom" KERNEL="linux" L10N="en en-US en-GB sv sv-SE" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" NETBEANS_MODULES="apisupport cnd groovy gsf harness ide identity j2ee java mobility nb php profiler soa visualweb webcommon websvccommon xml" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php7-2" POSTGRES_TARGETS="postgres10 postgres11" PYTHON_SINGLE_TARGET="python3_6" PYTHON_TARGETS="python2_7 python3_5 python3_6" QEMU_SOFTMMU_TARGETS="i386 x86_64" RUBY_TARGETS="ruby25" SANE_BACKENDS="hp" USERLAND="GNU" VIDEO_CARDS="intel" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CC, CPPFLAGS, CTARGET, CXX, INSTALL_MASK, LANG, LC_ALL, LINGUAS, PORTAGE_BINHOST, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS ================================================================= Package Settings ================================================================= sys-apps/portage-2.3.73::gentoo was built with the following: USE="-build -doc -epydoc -gentoo-dev (ipc) native-extensions rsync-verify (-selinux) (xattr)" ABI_X86="(64)" PYTHON_TARGETS="-pypy python2_7 python3_5 python3_6 -python3_7" app-portage/gentoolkit-0.4.6::gentoo was built with the following: USE="" ABI_X86="(64)" PYTHON_TARGETS="-pypy python2_7 python3_5 python3_6 -python3_7" $ glsa-check --version glsa-check, version 1.0 Author: Marius Mauch <genone@gentoo.org> This program is licensed under the GPL, version 2
Yes, I see we're missing this patch from bug 170784: https://gitweb.gentoo.org/proj/gentoolkit.git/commit/?id=cd5a8e80f949f649b6d2b174bc899f1f092684fd
I'll have to check the history here to see if anything else got missed: https://gitweb.gentoo.org/proj/gentoolkit.git/log/bin/glsa-check I see there was a change here for --quiet behavior: https://gitweb.gentoo.org/proj/gentoolkit.git/commit/bin/glsa-check?id=d3e4aad5a03efbd5089f96558d2ddd1e9bf158a8
Patches posted for review: https://archives.gentoo.org/gentoo-portage-dev/message/735ab8c58a336f2737a6888de9b8e6df https://github.com/gentoo/portage/pull/451
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/proj/portage.git/commit/?id=af9574c902d4844d2d85fa954f5b1cf1ef7adda8 commit af9574c902d4844d2d85fa954f5b1cf1ef7adda8 Author: Zac Medico <zmedico@gentoo.org> AuthorDate: 2019-08-29 18:30:58 +0000 Commit: Zac Medico <zmedico@gentoo.org> CommitDate: 2019-08-29 19:27:19 +0000 glsa-check: Hide non-vuln glsas in quiet mode This patch is a forward port of the following commit: https://gitweb.gentoo.org/proj/gentoolkit.git/commit/?id=d3e4aad5a03efbd5089f96558d2ddd1e9bf158a8 commit d3e4aad5a03efbd5089f96558d2ddd1e9bf158a8 Author: vapier <vapier@gentoo.org> AuthorDate: 2010-03-07 01:37:57 +0000 Commit: vapier <vapier@gentoo.org> CommitDate: 2010-03-07 01:37:57 +0000 glsa-check: hide non-vuln glsas in quiet mode svn path=/trunk/gentoolkit/; revision=750 Bug: https://bugs.gentoo.org/692872 Signed-off-by: Zac Medico <zmedico@gentoo.org> bin/glsa-check | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) https://gitweb.gentoo.org/proj/portage.git/commit/?id=57e5ea479030de69e43252bd8dc6c93e6a87369a commit 57e5ea479030de69e43252bd8dc6c93e6a87369a Author: Zac Medico <zmedico@gentoo.org> AuthorDate: 2019-08-29 17:49:54 +0000 Commit: Zac Medico <zmedico@gentoo.org> CommitDate: 2019-08-29 19:27:19 +0000 glsa-check: Add --quiet option This patch is a forward port of the following commit: https://gitweb.gentoo.org/proj/gentoolkit.git/commit/?id=cd5a8e80f949f649b6d2b174bc899f1f092684fd commit cd5a8e80f949f649b6d2b174bc899f1f092684fd Author: fuzzyray <fuzzyray@gentoo.org> AuthorDate: 2009-05-07 22:15:50 +0000 Commit: fuzzyray <fuzzyray@gentoo.org> CommitDate: 2009-05-07 22:15:50 +0000 Add patch from Robert Buchholz: Add quiet option Incorporate option to quiet down glsa-check, based on a patch by Thilo Bangert <bangert@gentoo.org> in bug #170784. This option will also suppress sending of empty mail, based on a patch by Christian Gut <cycloon@is-root.org> in bug #182990. svn path=/trunk/gentoolkit/; revision=633 Bug: https://bugs.gentoo.org/692872 Signed-off-by: Zac Medico <zmedico@gentoo.org> bin/glsa-check | 17 +++++++++++------ man/glsa-check.1 | 3 +++ 2 files changed, 14 insertions(+), 6 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=05d4de36535c74df5e27784886a7de8d0d8afddb commit 05d4de36535c74df5e27784886a7de8d0d8afddb Author: Zac Medico <zmedico@gentoo.org> AuthorDate: 2019-08-31 06:13:47 +0000 Commit: Zac Medico <zmedico@gentoo.org> CommitDate: 2019-08-31 06:21:36 +0000 sys-apps/portage: Bump to version 2.3.74 #587930 glsa-check: add exit code for affected GLSAs #688902 Add FEATURES=pkgdir-index-trusted #690758 Use RTNETLINK to configure the loopback interface #692872 glsa-check: forward port --quiet option from gentoolkit #693026 rsync: proxychains compatibility #693088 glsa-check: forward port remaining changes from gentoolkit #693096 emerge: deprecate --changelog option Bug: https://bugs.gentoo.org/691278 Bug: https://bugs.gentoo.org/587930 Bug: https://bugs.gentoo.org/688902 Bug: https://bugs.gentoo.org/690758 Bug: https://bugs.gentoo.org/692872 Bug: https://bugs.gentoo.org/693026 Bug: https://bugs.gentoo.org/693088 Bug: https://bugs.gentoo.org/693096 Package-Manager: Portage-2.3.74, Repoman-2.3.17 Signed-off-by: Zac Medico <zmedico@gentoo.org> sys-apps/portage/Manifest | 1 + sys-apps/portage/portage-2.3.74.ebuild | 261 +++++++++++++++++++++++++++++++++ 2 files changed, 262 insertions(+)