GNU bug report logs -
#47941
guix lint -c cve stacktrace
Previous Next
Reported by: Jack Hill <jackhill <at> jackhill.us>
Date: Wed, 21 Apr 2021 20:31:01 UTC
Severity: normal
Done: Ludovic Courtès <ludo <at> gnu.org>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
Your message dated Thu, 22 Apr 2021 00:04:35 +0200
with message-id <87im4f2t1o.fsf <at> gnu.org>
and subject line Re: bug#47941: guix lint -c cve stacktrace
has caused the debbugs.gnu.org bug report #47941,
regarding guix lint -c cve stacktrace
to be marked as done.
(If you believe you have received this mail in error, please contact
help-debbugs <at> gnu.org.)
--
47941: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=47941
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems
[Message part 2 (message/rfc822, inline)]
[Message part 3 (text/plain, inline)]
Hi Guix,
Using guix ae5128e21eb7afa66bd7cfd7fd1bc5764d00663e, the cve lint check
fails when fetching the CVE database as follows:
$ guix lint -c cve hello
fetching CVE database for 2021...
Backtrace:
15 (primitive-load "/home/jackhill/.config/guix/current/bi…")
In guix/ui.scm:
2164:12 14 (run-guix-command _ . _)
In ice-9/boot-9.scm:
1736:10 13 (with-exception-handler _ _ #:unwind? _ # _)
1731:15 12 (with-exception-handler #<procedure 7f895ab7d000 at ic…> …)
In srfi/srfi-1.scm:
634:9 11 (for-each #<procedure 7f895ab84d80 at guix/scripts/lin…> …)
In guix/scripts/lint.scm:
65:4 10 (run-checkers _ _ #:store _)
In srfi/srfi-1.scm:
634:9 9 (for-each #<procedure 7f895420bc00 at guix/scripts/lin…> …)
In guix/scripts/lint.scm:
74:21 8 (_ _)
In guix/lint.scm:
1178:4 7 (check-vulnerabilities _ _)
1170:9 6 (_ _)
In unknown file:
5 (force #<promise #<procedure 7f895af13a88 at guix/lint.…>)
In guix/lint.scm:
1153:2 4 (_)
1112:2 3 (call-with-networking-fail-safe _ _ _)
In ice-9/boot-9.scm:
1736:10 2 (with-exception-handler _ _ #:unwind? _ # _)
1669:16 1 (raise-exception _ #:continuable? _)
1667:16 0 (raise-exception _ #:continuable? _)
ice-9/boot-9.scm:1667:16: In procedure raise-exception:
Wrong type (expecting array): #f
Best,
Jack
[Message part 4 (message/rfc822, inline)]
Hi,
Jack Hill <jackhill <at> jackhill.us> skribis:
> Using guix ae5128e21eb7afa66bd7cfd7fd1bc5764d00663e, the cve lint
> check fails when fetching the CVE database as follows:
>
> $ guix lint -c cve hello
> fetching CVE database for 2021...
> Backtrace:
> 15 (primitive-load "/home/jackhill/.config/guix/current/bi…")
> In guix/ui.scm:
> 2164:12 14 (run-guix-command _ . _)
> In ice-9/boot-9.scm:
> 1736:10 13 (with-exception-handler _ _ #:unwind? _ # _)
> 1731:15 12 (with-exception-handler #<procedure 7f895ab7d000 at ic…> …)
> In srfi/srfi-1.scm:
> 634:9 11 (for-each #<procedure 7f895ab84d80 at guix/scripts/lin…> …)
> In guix/scripts/lint.scm:
> 65:4 10 (run-checkers _ _ #:store _)
> In srfi/srfi-1.scm:
> 634:9 9 (for-each #<procedure 7f895420bc00 at guix/scripts/lin…> …)
> In guix/scripts/lint.scm:
> 74:21 8 (_ _)
> In guix/lint.scm:
> 1178:4 7 (check-vulnerabilities _ _)
> 1170:9 6 (_ _)
> In unknown file:
> 5 (force #<promise #<procedure 7f895af13a88 at guix/lint.…>)
> In guix/lint.scm:
> 1153:2 4 (_)
> 1112:2 3 (call-with-networking-fail-safe _ _ _)
> In ice-9/boot-9.scm:
> 1736:10 2 (with-exception-handler _ _ #:unwind? _ # _)
> 1669:16 1 (raise-exception _ #:continuable? _)
> 1667:16 0 (raise-exception _ #:continuable? _)
>
> ice-9/boot-9.scm:1667:16: In procedure raise-exception:
> Wrong type (expecting array): #f
Fixed:
https://git.savannah.gnu.org/cgit/guix.git/commit/?id=7dbc2fcb45fac4a0b64fef8efa8c858a047d0498
It looks like a couple of bogus CVE entries crept in. It’s surprising
because we never encountered such issues before, so I wonder if MITRE
changed something on their side.
Thanks,
Ludo’.
This bug report was last modified 4 years and 27 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.