This upload includes a change to add a new configuration file for setting the site policy for whether to enforce signature signing.
I objected privately to the addition of this configuration file when Matthias proposed it. This adds complexity to the system both on upgrade and in 14.04 itself; the patch was proposed upstream and rejected; and the configuration file will cause the behavior of programs to be inconsistent across installations of Ubuntu. Furthermore, the claim in the changelog that this config file will be removed on upgrade to 15.04 is *false*; there is no code in the 15.04 version of python3.4 which implements this, and there is no python3.4 package in the SRU queue for vivid. Users who upgraded to 3.4.3 previously in trusty-updates are currently stuck on an upgrade island as a result of the previous SRU having been backed out due to regressions. We need to resolve this problem quickly. The SRU that has been uploaded is not appropriate as a quick fix, it has longer-term consequences that need to be thought through carefully. I am going to upload a new SRU that reverts the addition of this config file. The code patch can stay in place, it should implement the correct behavior with or without the config file actually being present (and I don't have an alternative implementation of this policy change to hand that we could quickly release). But if we're going to release this SRU with that code path, we should not be advising users to use a global config file to configure the site policy until this has been discussed more broadly. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to python3-defaults in Ubuntu. https://bugs.launchpad.net/bugs/1348954 Title: update Python3 for trusty Status in python3-defaults package in Ubuntu: New Status in python3-stdlib-extensions source package in Trusty: Fix Released Status in python3.4 source package in Trusty: Fix Committed Bug description: update Python3 for trusty. Rationale: the LTS was released with 3.4.0, the first 3.4 release which certainly had some issues. The idea is to update the python3.4 packages to the version found in 15.04 (vivid), which currently doesn't have any outstanding issues. A test rebuild of the trusty main component was done without showing any regressions during the package builds. http://people.ubuntuwire.org/~wgrant/rebuild-ftbfs-test/test-rebuild-20150317-trusty.html http://people.ubuntuwire.org/~wgrant/rebuild-ftbfs-test/test-rebuild-20150501-updates-trusty.html To validate this SRU, I'm proposing to use the results from the test rebuild, plus evaluating the testsuite results of the python3.4 package itself. To test the python3 behaviour for certificate verification, use urllib.request.urlopen. requests does it's own certificate verification. import urllib.request sites = [ 'https://expired.badssl.com/', 'https://wrong.host.badssl.com/', 'https://self-signed.badssl.com/' ] for site in sites: try: urllib.request.urlopen(site) print("OK", site) except: print("FAIL", site) Edit /etc/python3.4/cert-verification.conf to test both behaviours To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/python3-defaults/+bug/1348954/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
