[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Growing file lists after python2.7 rebuild

On Tue, Mar 11, 2014 at 07:26:55PM +0100, Jakub Wilk wrote:
> * Moritz Muehlenhoff <jmm@debian.org>, 2014-03-11, 18:30:
> >I prepared a security update for python2.7 in stable-security fixing
> >CVE-2013-4238 and CVE-2014-1912. But rebuilding the package caused changes
> >in the file list which are not obvious to me:
> >
> >In python2.7-minimal:
> >+/usr/lib/python2.7/lib-dynload/_hashlib.so
> >+/usr/lib/python2.7/lib-dynload/_ssl.so
> >
> >In python2.7:
> >+/usr/lib/python2.7/lib-dynload/_hashlib.so
> >+/usr/lib/python2.7/lib-dynload/_ssl.so
> 
> Unexpected migrations of these modules between python2.7 and
> python2.7-minimal have been observed in the past: #702005. Turns out that
> sweeping the problem under the carpet, instead of fixing it properly, wasn't
> the best strategy…
> 
> >Does anyone have an idea what's going wrong? debian/rules has some
> >commented entries for lib-dynload/_bsddb.so, so this seems to be a generic
> >problem?
> 
> No idea yet, but I will look into it.

Thanks!
 
> >This happened both for my local build and on the buildd. Source package
> >and build log are on http://people.debian.org/~jmm/
> 
> “You don't have permission to access
> /~jmm/python2.7_2.7.3-6+deb7u1_i386-20140305-1206.gz on this server.”

Doh, fixed.

Cheers,
        Moritz
Reply to: