Re: python3.4 regression update

2019-06-26 Thread Matus UHLAR - fantomas 

On 26.06.19 08:45, Matus UHLAR - fantomas wrote:

yesterday's python3.4 regression update workd properly, however not with
unattended-upgrade.

is it possible (any idea how) to update that package automatically or do we
need to do that manually?


I just want to add that about half of my jessie machines updated today to
fixed python version correctly, I got mail from the other half:

/etc/cron.daily/apt:
Traceback (most recent call last):
 File "/usr/bin/unattended-upgrade", line 55, in 
   import apt
 File "/usr/lib/python3/dist-packages/apt/__init__.py", line 26, in 
   from apt.package import Package
 File "/usr/lib/python3/dist-packages/apt/package.py", line 32, in 
   from http.client import BadStatusLine
 File "/usr/lib/python3.4/http/client.py", line 1014
   raise InvalidURL(f"URL can't contain control characters. {url!r} "
^
SyntaxError: invalid syntax

manual upgrade fixed it
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Save the whales. Collect the whole set.

python3.4 regression update

2019-06-26 Thread Matus UHLAR - fantomas 

Hello,

yesterday's python3.4 regression update workd properly, however not with
unattended-upgrade.

is it possible (any idea how) to update that package automatically or do we
need to do that manually?

--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Fighting for peace is like fucking for virginity...

[SECURITY] [DLA 1835-2] python3.4 regression update

2019-06-25 Thread Roberto C . Sánchez 
Package: python3.4
Version: 3.4.2-1+deb8u4
CVE ID : CVE-2019-9740 CVE-2019-9947
Debian Bug : 931044


The update issued as DLA-1835-1 caused a regression in the http.client
library in Python 3.4 which was broken by the patch intended to fix
CVE-2019-9740 and CVE-2019-9947.

For Debian 8 "Jessie", this problem has been fixed in version
3.4.2-1+deb8u4.

We recommend that you upgrade your python3.4 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


signature.asc
Description: PGP signature