[Qgis-community-team] Security msg from github
Alexandre Neto
senhor.neto at gmail.com
Tue Nov 13 01:42:14 PST 2018
Hi richard,
Ah! you are right. The PDFs did came out fine anyway. I wasn't able to
build any translation, what do I need to set for pulling files from
transifex?
Thanks,
Alex
On Tue, Nov 13, 2018 at 7:37 AM Richard Duivenvoorde <rdmailings at duif.net>
wrote:
> Hi Alexandre,
>
> You are right, I have to update the docker images too... I think we can
> rework the script so it will always create a virtual env with the right
> dependencies though.
>
> Errors for building pdf are 'normal',
>
> https://github.com/qgis/QGIS-Documentation/blob/master/Makefile#L98
>
> but it SHOULD end in a pdf though :-)
> There are a lot of Tex packages needed though:
>
>
> https://github.com/qgis/QGIS-Sysadmin/blob/master/docker/sphinx/Dockerfile-pdf
> AND all fonts if you want to build non-western languages.
>
> Regards,
>
> Richard
>
>
>
> On 11/12/18 11:08 PM, Alexandre Neto wrote:
> > Richard,
> >
> > I changed the requests version to 2.20 in the requirements.txt file and
> > updated my virtualenv to reflect that.
> >
> > I was able to build html (english only).
> >
> > I also tried the docker image and everything built without issues, but I
> am
> > not sure if the requirements are taken in consideration in the docker
> build
> > (probably not)
> >
> > I was not able to build any PDF, not sure If I am missing some piece,
> but I
> > always get the following:
> >
> > usr/bin/texi2dvi: pdflatex exited with bad status, quitting.
> > /usr/bin/texi2dvi: pdflatex exited with bad status, quitting.
> > /usr/bin/texi2dvi: pdflatex exited with bad status, quitting.
> > Makefile:83: recipe for target 'pdf' failed
> > mv output/latex/en/QGISUserGuide.pdf
> > output/pdf/en/QGIS-testing-UserGuide.pdf
> > make: [pdf] Error 1 (ignored)
> > # pyqgis developer cookbook
> > /usr/bin/texi2dvi: pdflatex exited with bad status, quitting.
> > /usr/bin/texi2dvi: pdflatex exited with bad status, quitting.
> > /usr/bin/texi2dvi: pdflatex exited with bad status, quitting.
> > make: [pdf] Error 1 (ignored)
> > Makefile:83: recipe for target 'pdf' failed
> >
> >
> > On Mon, Nov 12, 2018 at 4:25 PM Alexandre Neto <senhor.neto at gmail.com>
> > wrote:
> >
> >>
> >> I have created a ticket for that:
> >>
> >> https://github.com/qgis/QGIS-Documentation/issues/3145
> >>
> >> So that we don't forget.
> >>
> >> Cheers,
> >>
> >> Alex Neto
> >>
> >> On Mon, Nov 12, 2018 at 6:58 AM Richard Duivenvoorde <
> rdmailings at duif.net>
> >> wrote:
> >>
> >>> Hi,
> >>>
> >>> On the QGIS-Documentation repository I got a message from github,
> >>> telling us we use a component with a security issue ("moderate
> >>> severity")in it, pointing to:
> >>>
> >>>
> >>>
> https://github.com/qgis/QGIS-Documentation/network/alert/REQUIREMENTS.txt/requests/open
> >>> Pointing to
> >>> https://nvd.nist.gov/vuln/detail/CVE-2018-18074
> >>>
> >>> It's about the used python requests-module, and tells us:
> >>> Upgrade requests to version 2.20.0 or later.
> >>> Apparently we use an older version-nr in our REQUIREMENTS.txt.
> >>>
> >>> Please remind me to do this, or can somebody else try/test.
> >>>
> >>> Regards,
> >>>
> >>> Richard Duivenvoorde
> >>> _______________________________________________
> >>> Qgis-community-team mailing list for organizing community resources
> such
> >>> as documentation, translation etc..
> >>> Qgis-community-team at lists.osgeo.org
> >>> https://lists.osgeo.org/mailman/listinfo/qgis-community-team
> >>
> >>
> >
> >
> > _______________________________________________
> > Qgis-community-team mailing list for organizing community resources such
> as documentation, translation etc..
> > Qgis-community-team at lists.osgeo.org
> > https://lists.osgeo.org/mailman/listinfo/qgis-community-team
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/qgis-community-team/attachments/20181113/e811e2f6/attachment.html>
More information about the Qgis-community-team
mailing list