| 2011-07-17 00:02:36 |
Julian Taylor |
bug |
|
|
added bug |
| 2011-07-17 00:02:57 |
Julian Taylor |
summary |
update pycryptopp to version 0.5.29-1 |
update pycryptopp to version 0.5.29-1 in natty |
|
| 2011-07-17 00:03:47 |
Julian Taylor |
bug |
|
|
added subscriber Zooko O'Whielacronx |
| 2011-07-17 00:05:54 |
Julian Taylor |
description |
requesting acknowledgement for update pycryptopp 0.5.17 to 0.5.29-1 in ubuntu 11.04 natty to fix tahoe
tahoe-lafs in natty requires a newer version of pycryptopp than is available in the natty repository.
It needs >= 0.5.20 but natty only has 0.5.17. See bug bug 782461
The reason for this requirement is a security vulnerability in the embedded libcrypto++. This does *not* affect natty as the pycryptopp package uses the system libcrypto++ which is fixed.
But in order to fix tahoe either the pycryptopp package must be updated or the version dependency of tahoe loosened.
The later option could be dangerous for users which have an old local vurnable version of pycryptopp installed so updating the packaged pycryptopp is preferable.
according to upstream the update should be safe as the majority of changes where build system related and the api was not broken.
Changelog:
http://tahoe-lafs.org/trac/pycryptopp/log/trunk/?action=stop_on_copy&mode=follow_copy&rev=772&stop_rev=&limit=128
The package builds in a clean natty chroot passes its testsuite and only has tahoe and python-beaker as rdepends, tahoe works fine with the new version and for beaker there where no problems reported in oneiric and debian testing either.
Please decide if the solution of upgrading pycryptopp is acceptable or if the route of reducing the version dependency in tahoe should be preferred |
requesting acknowledgement for update pycryptopp 0.5.17 to 0.5.29-1 in ubuntu 11.04 natty to fix tahoe
tahoe-lafs in natty requires a newer version of pycryptopp than is available in the natty repository.
It needs >= 0.5.20 but natty only has 0.5.17. See bug bug 782461
The reason for this requirement is a security vulnerability in the embedded libcrypto++. This does *not* affect natty as the pycryptopp package uses the system libcrypto++ which is fixed.
But in order to fix tahoe either the pycryptopp package must be updated or the version dependency of tahoe loosened.
The later option could be dangerous for users which have an old local vurnable version of pycryptopp installed, as tahoe would then not check for the problem anymore, so updating the packaged pycryptopp is preferable.
according to upstream the update should be safe as the majority of changes where build system related and the api was not broken.
Changelog:
http://tahoe-lafs.org/trac/pycryptopp/log/trunk/?action=stop_on_copy&mode=follow_copy&rev=772&stop_rev=&limit=128
The package builds in a clean natty chroot passes its testsuite and only has tahoe and python-beaker as rdepends, tahoe works fine with the new version and for beaker there where no problems reported in oneiric and debian testing either.
Please decide if the solution of upgrading pycryptopp is acceptable or if the route of reducing the version dependency in tahoe should be preferred |
|
| 2011-07-17 02:07:39 |
Julian Taylor |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2011-07-21 17:18:21 |
Launchpad Janitor |
pycryptopp (Ubuntu): status |
New |
Confirmed |
|
| 2011-08-19 22:03:23 |
Zooko Wilcox-O'Hearn |
bug task added |
|
tahoe-lafs (Ubuntu) |
|
| 2011-08-19 22:09:11 |
Launchpad Janitor |
tahoe-lafs (Ubuntu): status |
New |
Confirmed |
|
| 2011-08-20 23:39:16 |
Daira Hopwood |
bug |
|
|
added subscriber David-Sarah Hopwood |
| 2011-09-16 22:18:38 |
thearthur |
bug |
|
|
added subscriber thearthur |
| 2011-09-16 23:11:41 |
Clint Byrum |
nominated for series |
|
Ubuntu Natty |
|
| 2011-09-16 23:11:41 |
Clint Byrum |
bug task added |
|
pycryptopp (Ubuntu Natty) |
|
| 2011-09-16 23:11:41 |
Clint Byrum |
bug task added |
|
tahoe-lafs (Ubuntu Natty) |
|
| 2011-09-16 23:11:49 |
Clint Byrum |
pycryptopp (Ubuntu): status |
Confirmed |
Fix Released |
|
| 2011-09-16 23:11:54 |
Clint Byrum |
tahoe-lafs (Ubuntu): status |
Confirmed |
Invalid |
|
| 2011-09-16 23:11:58 |
Clint Byrum |
pycryptopp (Ubuntu Natty): status |
New |
Invalid |
|
| 2011-09-16 23:12:02 |
Clint Byrum |
tahoe-lafs (Ubuntu Natty): status |
New |
Confirmed |
|
| 2011-09-16 23:14:10 |
Clint Byrum |
pycryptopp (Ubuntu Natty): status |
Invalid |
Confirmed |
|
| 2011-09-16 23:14:12 |
Clint Byrum |
tahoe-lafs (Ubuntu Natty): status |
Confirmed |
Invalid |
|
| 2011-09-16 23:14:21 |
Clint Byrum |
pycryptopp (Ubuntu Natty): importance |
Undecided |
Medium |
|
| 2011-09-17 10:37:22 |
Launchpad Janitor |
branch linked |
|
lp:~jtaylor/ubuntu/natty/pycryptopp/sru-811721 |
|
| 2011-10-20 06:38:38 |
Martin Pitt |
pycryptopp (Ubuntu Natty): status |
Confirmed |
Fix Committed |
|
| 2011-10-20 06:38:40 |
Martin Pitt |
bug |
|
|
added subscriber SRU Verification |
| 2011-10-20 06:38:42 |
Martin Pitt |
tags |
|
verification-needed |
|
| 2011-10-20 19:37:27 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/natty-proposed/pycryptopp |
|
| 2011-10-22 14:56:03 |
pataquets |
bug |
|
|
added subscriber Alfonso M. |
| 2011-10-22 15:30:57 |
Martin Pitt |
tags |
verification-needed |
verification-done |
|
| 2011-10-26 04:29:26 |
Launchpad Janitor |
pycryptopp (Ubuntu Natty): status |
Fix Committed |
Fix Released |
|
| 2011-11-02 14:06:59 |
pataquets |
attachment added |
|
tahoe.tests.tar.gz https://bugs.launchpad.net/ubuntu/+source/pycryptopp/+bug/811721/+attachment/2583104/+files/tahoe.tests.tar.gz |
|
| 2011-11-02 19:58:45 |
pataquets |
attachment added |
|
tahoe-tests.tar.gz https://bugs.launchpad.net/ubuntu/+source/pycryptopp/+bug/811721/+attachment/2583426/+files/tahoe-tests.tar.gz |
|
| 2011-11-02 20:19:00 |
Julian Taylor |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
| 2011-11-29 06:26:18 |
Evan Broder |
nominated for series |
|
Ubuntu Lucid |
|
| 2011-11-29 06:26:18 |
Evan Broder |
bug task added |
|
pycryptopp (Ubuntu Lucid) |
|
| 2011-11-29 06:26:18 |
Evan Broder |
bug task added |
|
tahoe-lafs (Ubuntu Lucid) |
|
| 2011-11-29 06:26:18 |
Evan Broder |
nominated for series |
|
Ubuntu Maverick |
|
| 2011-11-29 06:26:18 |
Evan Broder |
bug task added |
|
pycryptopp (Ubuntu Maverick) |
|
| 2011-11-29 06:26:18 |
Evan Broder |
bug task added |
|
tahoe-lafs (Ubuntu Maverick) |
|
| 2011-11-29 06:26:39 |
Evan Broder |
bug task deleted |
tahoe-lafs (Ubuntu Lucid) |
|
|
| 2011-11-29 06:26:42 |
Evan Broder |
bug task deleted |
tahoe-lafs (Ubuntu Maverick) |
|
|
| 2011-11-29 06:28:34 |
Evan Broder |
bug |
|
|
added subscriber Evan Broder |
| 2011-11-29 06:28:47 |
Evan Broder |
summary |
update pycryptopp to version 0.5.29-1 in natty |
update pycryptopp to version 0.5.29-1 in lucid, maverick, natty |
|
| 2011-11-29 19:16:30 |
Evan Broder |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2011-12-30 16:35:10 |
Julian Taylor |
bug task deleted |
pycryptopp (Ubuntu Lucid) |
|
|
| 2011-12-30 16:35:20 |
Julian Taylor |
bug task deleted |
pycryptopp (Ubuntu Maverick) |
|
|
