Ubuntu
python-tx-tftp package

[MIR] python-tx-tftp

  1. Precise (12.04)
  2. Bug #1024086
Bug #1024086 reported by Andres Rodriguez
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
python-tx-tftp (Ubuntu)
Fix Released
High
Unassigned
Precise
Fix Released
Undecided
Unassigned

Bug Description

1. Availability: all
2. Rationale
This package is a dependency for MAAS. This is part of the cobbler (maas-provision) replacement targeted for 12.04.1
3. Security
No CVEs
4. QA
Upstream active (https://github.com/shylant/python-tx-tftp). 0 bug in Ubuntu. Package is not yet in Debian.
5. UI standards: none
6. Dependencies: All in main.
7. Standards: Lintian warnings: None
Package is packaged with debhelper, and source format 3.0 (quilt)
8. Maintenance: easy
9. Background information
This package is a dependency for MAAS and it is part of the replacement for cobbler. python-tx-tftp is a twisted tftp server.

Andres Rodriguez (andreserl)
Changed in python-tx-tftp (Ubuntu):
importance: Undecided → High
Revision history for this message
Michael Terry (mterry) wrote :

Mostly fine. Could use a bug subscriber. It should have its test suite run during build (this is a blocker, since it should be a simple matter of running nosetests). Doing so shows one test failure that should be attended to.

Meanwhile, I'll pass this to Jamie for a security review, since this implements a network protocol.

Changed in python-tx-tftp (Ubuntu):
assignee: nobody → Jamie Strandboge (jdstrand)
status: New → Incomplete
Revision history for this message
Andres Rodriguez (andreserl) wrote :

@mterry,

I've enabled the tests. Thanks for the review!

Dave Walker (davewalker)
Changed in python-tx-tftp (Ubuntu):
status: Incomplete → New
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

= MIR review =
 * Builds fine with only main enabled
 * Has a test suite. It is enabled in the build. 93 tests, 1 skipped.
   test_malformed_datagram ... [SKIPPED]
 * If it's a Python package, does it use dh_python3/dh_python2? (look in debian/rules)
 * Not a desktop package
 * Ubuntu-only package right now
 * ubuntu-server is subscribed
 * No watch file, but has 'get-orig-source'
 * Not a lot of commits from upstream git. The LP project of the same name just does a git import of the code from upstream. Commits as recent as last month.
 * Package is lintian clean
 * debian/rules is fine
 * No errors/warnings during the build
 * Package is not in Debian, and has no bugs others than this MIR (but the package is new)

= Security review =
No initscripts or upstart jobs. No dbus services. No setuid applications or use of fscaps. No use of sudo or sudo fragments. No cron jobs. No security history. The code looks fine and supportable with <6000 of source (4000+ from the test suite). It is a python library and doesn't actually do anything on its own. Did see some bugs:
./tftp/session.py: log.msg("Got error: " % datagram)
./tftp/session.py: log.msg("Got error: " % datagram)
./tftp/bootstrap.py: log.msg("Got error: " % datagram)

All these will result in "TypeError: not all arguments converted during string
formatting" instead of a log message.

ACK-- but please fix the bugs I found and push upstream.

Changed in python-tx-tftp (Ubuntu):
assignee: Jamie Strandboge (jdstrand) → nobody
status: New → Fix Committed
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Override component to main
python-tx-tftp 0.1~bzr31-0ubuntu3 in quantal: universe/python -> main
python-txtftp 0.1~bzr31-0ubuntu3 in quantal amd64: universe/python/optional -> main
python-txtftp 0.1~bzr31-0ubuntu3 in quantal armel: universe/python/optional -> main
python-txtftp 0.1~bzr31-0ubuntu3 in quantal armhf: universe/python/optional -> main
python-txtftp 0.1~bzr31-0ubuntu3 in quantal i386: universe/python/optional -> main
python-txtftp 0.1~bzr31-0ubuntu3 in quantal powerpc: universe/python/optional -> main
Override [y|N]? y

Changed in python-tx-tftp (Ubuntu):
status: Fix Committed → Fix Released
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

I noticed that the package is using Architecture: any. This should be fixed. See bug #1028645.

Jeremy Bícha (jbicha)
Changed in python-tx-tftp (Ubuntu Precise):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.