Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#71365 - [arch-audit] Error: failed to get AVG json
Attached to Project:
Community Packages
Opened by Batou (Batou) - Saturday, 26 June 2021, 03:10 GMT
Last edited by Toolybird (Toolybird) - Tuesday, 09 May 2023, 05:32 GMT
Opened by Batou (Batou) - Saturday, 26 June 2021, 03:10 GMT
Last edited by Toolybird (Toolybird) - Tuesday, 09 May 2023, 05:32 GMT
|
DetailsDescription:
Additional info: * package version(s) * config and/or log files etc. * link to upstream bug report, if any Steps to reproduce: |
This task depends upon
Closed by Toolybird (Toolybird)
Tuesday, 09 May 2023, 05:32 GMT
Reason for closing: Works for me
Additional comments about closing: Seems to be working fine now. Must have been a transient problem.
Tuesday, 09 May 2023, 05:32 GMT
Reason for closing: Works for me
Additional comments about closing: Seems to be working fine now. Must have been a transient problem.
$ arch-audit
Error: failed to get AVG json
Because: failed to fetch AVGs from URL
Because: Failed to send request
Because: error sending request for url (https://security.archlinux.org/all.json): error trying to connect: invalid certificate: UnknownIssuer
Because: error trying to connect: invalid certificate: UnknownIssuer
Because: invalid certificate: UnknownIssuer
But, both curl and wget have no issues:
$ curl -IL https://security.archlinux.org/all.json
HTTP/2 200
server: nginx
date: Sat, 26 Jun 2021 03:14:56 GMT
content-type: application/json; charset=utf-8
content-length: 720867
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'self'; style-src 'self'; font-src 'self'; form-action 'self'
x-content-security-policy: default-src 'self'; style-src 'self'; font-src 'self'; form-action 'self'
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubdomains; preload
and:
curl -vvI https://security.archlinux.org/all.json
* Trying 95.217.239.55:443...
* Connected to security.archlinux.org (95.217.239.55) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /usr/share/curl/ca-bundle.crt
* CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=security.archlinux.org
* start date: Jun 17 20:20:19 2021 GMT
* expire date: Sep 15 20:20:18 2021 GMT
* subjectAltName: host "security.archlinux.org" matched cert's "security.archlinux.org"
* issuer: C=US; O=Let's Encrypt; CN=R3
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x5648a824c970)
> HEAD /all.json HTTP/2
> Host: security.archlinux.org
> user-agent: curl/7.77.0
> accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 128)!
< HTTP/2 200
HTTP/2 200
< server: nginx
server: nginx
< date: Sat, 26 Jun 2021 03:20:34 GMT
date: Sat, 26 Jun 2021 03:20:34 GMT
< content-type: application/json; charset=utf-8
content-type: application/json; charset=utf-8
< content-length: 720867
content-length: 720867
< x-frame-options: SAMEORIGIN
x-frame-options: SAMEORIGIN
< x-xss-protection: 1; mode=block
x-xss-protection: 1; mode=block
< x-content-type-options: nosniff
x-content-type-options: nosniff
< content-security-policy: default-src 'self'; style-src 'self'; font-src 'self'; form-action 'self'
content-security-policy: default-src 'self'; style-src 'self'; font-src 'self'; form-action 'self'
< x-content-security-policy: default-src 'self'; style-src 'self'; font-src 'self'; form-action 'self'
x-content-security-policy: default-src 'self'; style-src 'self'; font-src 'self'; form-action 'self'
< referrer-policy: no-referrer
referrer-policy: no-referrer
< strict-transport-security: max-age=31536000; includeSubdomains; preload
strict-transport-security: max-age=31536000; includeSubdomains; preload
<
* Connection #0 to host security.archlinux.org left intact
I am up to date and everything else is running smoothly:
$ uname -a
Linux batou 5.12.12-arch1-1 #1 SMP PREEMPT Fri, 18 Jun 2021 21:59:22 +0000 x86_64 GNU/Linux
$ pacman -Qi arch-audit
Name : arch-audit
Version : 0.1.19-2
$ dig security.archlinux.org
; <<>> DiG 9.16.18 <<>> security.archlinux.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45421
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;security.archlinux.org. IN A
;; ANSWER SECTION:
security.archlinux.org. 24248 IN A 95.217.239.55
There are no errors in the journal.