Your message dated Fri, 16 Dec 2005 23:19:52 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#307689: fixed in python2.2 2.2.3dfsg-2sarge1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 4 May 2005 19:18:37 +0000
>From [EMAIL PROTECTED] Wed May 04 12:18:37 2005
Return-path: <[EMAIL PROTECTED]>
Received: from mail.athenium.com [66.150.203.184]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DTPOH-0002cv-00; Wed, 04 May 2005 12:18:37 -0700
Received: from c-65-96-209-153.hsd1.ma.comcast.net ([65.96.209.153]
helo=marvin.weston.athenium.com)
by mail.athenium.com with asmtp (Exim 3.35 #1 (Debian))
id 1DTPNm-0003AO-00; Wed, 04 May 2005 15:18:06 -0400
Received: from reliant.weston.athenium.com
([192.168.1.100] helo=localhost ident=mail)
by marvin.weston.athenium.com with esmtp (Exim 3.35 #1 (Debian))
id 1DTPNl-0007Yw-00; Wed, 04 May 2005 15:18:05 -0400
Received: from localhost
([127.0.0.1] helo=localhost.localdomain ident=kislo)
by localhost with esmtp (Exim 3.35 #1 (Debian))
id 1DTPKC-000789-00; Wed, 04 May 2005 15:14:25 -0400
Subject: python2.2: NMU 2.2.1-4.7 to fix CAN-2005-0089 Breaks XMLRPC for non
dotted names
From: Joe Kislo <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
X-Mailer: Ximian Evolution 1.0.5
Date: 04 May 2005 15:14:24 -0400
Message-Id: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: python2.2
Version: 2.2.1-4.7
Severity: important
Several of our applications use the XMLRPC for interapplication
communication. After upgrading to python2.2 (2.2.1-4.7), our
applications stopped working. XMLRPC calls receive this type of error:
[EMAIL PROTECTED]:[~/python2.2-bug] python2.2 XMLRPCClient.py
Traceback (most recent call last):
File "XMLRPCClient.py", line 9, in ?
print client.TestAPI("boo")
File "/usr/lib/python2.2/xmlrpclib.py", line 821, in __call__
return self.__send(self.__name, args)
File "/usr/lib/python2.2/xmlrpclib.py", line 975, in __request
verbose=self.__verbose
File "/usr/lib/python2.2/xmlrpclib.py", line 853, in request
return self.parse_response(h.getfile())
File "/usr/lib/python2.2/xmlrpclib.py", line 896, in parse_response
return u.close()
File "/usr/lib/python2.2/xmlrpclib.py", line 571, in close
raise apply(Fault, (), self._stack[0])
xmlrpclib.Fault: <Fault 1: 'exceptions.Exception:method "TestAPI" is not
supported'>
Running these applications on 2.2.1-4.6, they work fine.
I've looked at the published patch from python, and I'm not sure why
their patch would cause this problem. So perhaps it is an issue in the
debian patch, or perhaps, the python patch is broken too. Or.. perhaps
I am a moron, and I'm just blind as to why this isn't working. It was
certainly a surprise to us when all of our internal systems stopped
working, so I suspect it might surprise some other folks too. I have
even tried setting allow_dotted_names=True to bypass this problem
(which... supposedly should turn off the security patch), but it's still
broken.
I have attached some sample cases to make this easy for you to
reproduce:
If you run this on a 2.2.1-4.6
python2.2 XMLRPCServer.py 1 &
python2.2 XMLRPCClient.py
it will work fine and dandy
if you run this on a 2.2.1-4.7:
python2.2 XMLRPCServer.py 1 &
python2.2 XMLRPCClient.py
you'll get:
Traceback (most recent call last):
File "XMLRPCClient.py", line 9, in ?
print client.TestAPI("boo")
File "/usr/lib/python2.2/xmlrpclib.py", line 821, in __call__
return self.__send(self.__name, args)
File "/usr/lib/python2.2/xmlrpclib.py", line 975, in __request
verbose=self.__verbose
File "/usr/lib/python2.2/xmlrpclib.py", line 853, in request
return self.parse_response(h.getfile())
File "/usr/lib/python2.2/xmlrpclib.py", line 896, in parse_response
return u.close()
File "/usr/lib/python2.2/xmlrpclib.py", line 571, in close
raise apply(Fault, (), self._stack[0])
xmlrpclib.Fault: <Fault 1: 'exceptions.Exception:method "TestAPI" is not
supported'>
You can change the "1" to a "0" if you want to try the
allow_dotted_names=True flag.. which doesn't appear to do anything to
help.
If you modify the SampleAPI class and add:
def _dispatch(self, method, params):
return apply(getattr(self,method), params)
Everything will work fine... (which is what I did to bootstrap our
systems back into operation).. but obviously this is not supposed to be
necessary.
-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux cthulhu 2.4.25-athenium-686-smp #3 SMP Fri Mar 19 18:29:28
EST 2004 i686
Locale: LANG=C, LC_CTYPE=C
Versions of packages python2.2 depends on:
ii libc6 2.2.5-11.8 GNU C Library: Shared
libraries an
ii libdb3 3.2.9-16 Berkeley v3 Database
Libraries [ru
ii libncurses5 5.2.20020112a-7 Shared libraries for
terminal hand
ii libreadline4 4.2a-5 GNU readline and history
libraries
ii libssl0.9.6 0.9.6c-2.woody.7 SSL shared libraries
ii zlib1g 1:1.1.4-1.0woody0 compression library -
runtime
---------------------------------------
Received: (at 307689-close) by bugs.debian.org; 17 Dec 2005 07:22:25 +0000
>From [EMAIL PROTECTED] Fri Dec 16 23:22:25 2005
Return-path: <[EMAIL PROTECTED]>
Received: from katie by spohr.debian.org with local (Exim 4.50)
id 1EnWMC-0006z7-32; Fri, 16 Dec 2005 23:19:52 -0800
From: Matthias Klose <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.17 $
Subject: Bug#307689: fixed in python2.2 2.2.3dfsg-2sarge1
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Fri, 16 Dec 2005 23:19:52 -0800
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Source: python2.2
Source-Version: 2.2.3dfsg-2sarge1
We believe that the bug you reported is fixed in the latest version of
python2.2, which is due to be installed in the Debian FTP archive:
idle-python2.2_2.2.3dfsg-2sarge1_all.deb
to pool/main/p/python2.2/idle-python2.2_2.2.3dfsg-2sarge1_all.deb
python2.2-dev_2.2.3dfsg-2sarge1_i386.deb
to pool/main/p/python2.2/python2.2-dev_2.2.3dfsg-2sarge1_i386.deb
python2.2-doc_2.2.3dfsg-2sarge1_all.deb
to pool/main/p/python2.2/python2.2-doc_2.2.3dfsg-2sarge1_all.deb
python2.2-examples_2.2.3dfsg-2sarge1_all.deb
to pool/main/p/python2.2/python2.2-examples_2.2.3dfsg-2sarge1_all.deb
python2.2-gdbm_2.2.3dfsg-2sarge1_i386.deb
to pool/main/p/python2.2/python2.2-gdbm_2.2.3dfsg-2sarge1_i386.deb
python2.2-mpz_2.2.3dfsg-2sarge1_i386.deb
to pool/main/p/python2.2/python2.2-mpz_2.2.3dfsg-2sarge1_i386.deb
python2.2-tk_2.2.3dfsg-2sarge1_i386.deb
to pool/main/p/python2.2/python2.2-tk_2.2.3dfsg-2sarge1_i386.deb
python2.2-xmlbase_2.2.3dfsg-2sarge1_i386.deb
to pool/main/p/python2.2/python2.2-xmlbase_2.2.3dfsg-2sarge1_i386.deb
python2.2_2.2.3dfsg-2sarge1.diff.gz
to pool/main/p/python2.2/python2.2_2.2.3dfsg-2sarge1.diff.gz
python2.2_2.2.3dfsg-2sarge1.dsc
to pool/main/p/python2.2/python2.2_2.2.3dfsg-2sarge1.dsc
python2.2_2.2.3dfsg-2sarge1_i386.deb
to pool/main/p/python2.2/python2.2_2.2.3dfsg-2sarge1_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Matthias Klose <[EMAIL PROTECTED]> (supplier of updated python2.2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 4 Sep 2005 21:42:02 +0000
Source: python2.2
Binary: python2.2-doc python2.2-xmlbase python2.2-examples python2.2-dev
python2.2-tk python2.2 python2.2-gdbm python2.2-mpz idle-python2.2
Architecture: source i386 all
Version: 2.2.3dfsg-2sarge1
Distribution: stable-security
Urgency: low
Maintainer: Matthias Klose <[EMAIL PROTECTED]>
Changed-By: Matthias Klose <[EMAIL PROTECTED]>
Description:
idle-python2.2 - An IDE for Python (v2.2) using Tkinter
python2.2 - An interactive high-level object-oriented language (version 2.2)
python2.2-dev - Header files and a static library for Python (v2.2)
python2.2-doc - Documentation for the high-level object-oriented language
Python
python2.2-examples - Examples for the Python language (v2.2)
python2.2-gdbm - GNU dbm database support for Python (v2.2)
python2.2-mpz - Multiple-precision arithmetic support for Python (v2.2)
python2.2-tk - Tkinter - Writing Tk applications with Python (v2.2)
python2.2-xmlbase - XML support included in Python (v2.2)
Closes: 307689
Changes:
python2.2 (2.2.3dfsg-2sarge1) stable-security; urgency=low
.
* SECURITY UPDATE (prepared by Martin Pitt <[EMAIL PROTECTED]>).
* Add debian/patches/pcre-security_CAN-2005-2491.dpatch:
- Fix recent PCRE buffer overflow in local copy.
- CAN-2005-2491
.
* Fix bug in the original fix for CAN-2005-0089 (closes: #307689).
Files:
4f719b1e6ea09c001c878c82dd235aa2 1188 python optional
python2.2_2.2.3dfsg-2sarge1.dsc
bd95fcae22dcc43a1e9b9a9d0f261abf 1963578 python optional
python2.2_2.2.3dfsg-2sarge1.diff.gz
8ed6e66f125308f55115e7df8cc9f18a 6691331 python optional
python2.2_2.2.3dfsg.orig.tar.gz
d5787eb95dcf34957cdb6c9611fc43dd 483068 python optional
python2.2-examples_2.2.3dfsg-2sarge1_all.deb
62629861b83514a4c11dccf7373c25cb 118536 python optional
idle-python2.2_2.2.3dfsg-2sarge1_all.deb
3531fb12f5c9be109052b14b0a553f8f 2303758 doc optional
python2.2-doc_2.2.3dfsg-2sarge1_all.deb
5280fc41aa7de7c12f153ae8b6e771f3 2274472 python optional
python2.2_2.2.3dfsg-2sarge1_i386.deb
67739054bd2b94ef92be93ac475bc742 98106 python optional
python2.2-tk_2.2.3dfsg-2sarge1_i386.deb
e06bdfdfe07521ea2ca443b091398a24 57184 python optional
python2.2-xmlbase_2.2.3dfsg-2sarge1_i386.deb
4182ae276e81cbc373d5cbcfe76bb709 23868 python optional
python2.2-gdbm_2.2.3dfsg-2sarge1_i386.deb
10463e00b1771eb94e24df96636a9359 27770 python optional
python2.2-mpz_2.2.3dfsg-2sarge1_i386.deb
7d2e2283394218a34ac46eb3474e7861 1156394 python optional
python2.2-dev_2.2.3dfsg-2sarge1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDIfucW5ql+IAeqTIRAi2mAJ9p5eemznL+BIrWV2BbeHdHV5inBQCaA475
tC21mEtXjMS56wFeg64sZCE=
=F9VI
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]