Bug#501244: marked as done (python2.5 breaks desecan, apt-listchanges etc.)

To: julian.klode@gmail.com
Subject: Bug#501244: marked as done (python2.5 breaks desecan, apt-listchanges etc.)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Sat, 06 Jun 2009 18:51:06 +0000
Message-id: <[🔎] handler.501244.D501244.124431408532236.ackdone@bugs.debian.org>
References: <000e0cd25846e72cb2046bb272f8@google.com> <AnGlct3bgjB@zocki.toppoint.de>

Your message dated Sat, 06 Jun 2009 18:48:02 +0000
with message-id <000e0cd25846e72cb2046bb272f8@google.com>
and subject line Closing: python2.5 breaks desecan, apt-listchanges etc. -- no bug in  python-apt
has caused the Debian Bug report #501244,
regarding python2.5 breaks desecan, apt-listchanges etc.
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
501244: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501244
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: submit@bugs.debian.org
Subject: python2.5 breaks desecan, apt-listchanges etc.
From: UseNet-Posting-Nospam-74308-@zocki.toppoint.de (Rainer Zocholl)
Date: 05 Oct 2008 23:38:00 +0200
Message-id: <AnGlct3bgjB@zocki.toppoint.de>

Package: python2.5
Version: 2.5-5+etch1
Package: debsecan
Version: 0.4.7
Package: python-apt
Version: 0.6.19


Since the 14th Sept i found these emails in root mail folder:
(The box is not running 7*24h)

From: Cron Daemon <root@box>
To: daemon@box
Subject: Cron <daemon@box> test -x /usr/bin/debsecan && /usr/bin/debsecan --cron
X-Cron-Env: <SHELL=/bin/sh>
X-Cron-Env: <HOME=/usr/sbin>
X-Cron-Env: <PATH=/usr/bin:/bin>
X-Cron-Env: <LOGNAME=daemon>

Traceback (most recent call last):
  File "/usr/bin/debsecan", line 1356, in <module>
    rate_system(target, options, fetch_data(options, config), history)
  File "/usr/bin/debsecan", line 1333, in rate_system
    if v.is_vulnerable (bp, sp):
  File "/usr/bin/debsecan", line 483, in is_vulnerable
    self._parse()
  File "/usr/bin/debsecan", line 518, in _parse
    self.other_versions = map(Version, self.other_versions)
  File "/usr/bin/debsecan", line 93, in __init__
    self.__parsed = self.__parse(version)
  File "/usr/bin/debsecan", line 112, in __parse
    raise ValueError, "invalid Debian version string"
ValueError: invalid Debian version string


I only find an "aptitude upgrade" near that time the problem arose!
python2.5 was installed back in march without not causing the error
of debsecan, which was installed earlier.



Aptitude 0.4.4: log report
Fri, Aug  8 2008 22:46:48 +0200

IMPORTANT: this log only lists intended actions; actions which fail due to
dpkg problems may not be completed.

Will install 27 packages, and remove 0 packages.
479kB of disk space will be freed
===============================================================================
[UPGRADE] apache2 2.2.3-4+etch4 -> 2.2.3-4+etch5
[UPGRADE] apache2-doc 2.2.3-4+etch4 -> 2.2.3-4+etch5
[UPGRADE] apache2-mpm-worker 2.2.3-4+etch4 -> 2.2.3-4+etch5
[UPGRADE] apache2-utils 2.2.3-4+etch4 -> 2.2.3-4+etch5
[UPGRADE] apache2.2-common 2.2.3-4+etch4 -> 2.2.3-4+etch5
[UPGRADE] chkrootkit 0.47-1.1 -> 0.47-2
[UPGRADE] debconf 1.5.11etch1 -> 1.5.11etch2
[UPGRADE] debconf-i18n 1.5.11etch1 -> 1.5.11etch2
[UPGRADE] debconf-utils 1.5.11etch1 -> 1.5.11etch2
[UPGRADE] idle-python2.5 2.5-5 -> 2.5-5+etch1
[UPGRADE] initscripts 2.86.ds1-38 -> 2.86.ds1-38+etchnhalf.1
[UPGRADE] libc6 2.3.6.ds1-13etch5 -> 2.3.6.ds1-13etch7
[UPGRADE] libc6-dev 2.3.6.ds1-13etch5 -> 2.3.6.ds1-13etch7
[UPGRADE] libhal1 0.5.8.1-9 -> 0.5.8.1-9etch1
[UPGRADE] libkrb53 1.4.4-7etch5 -> 1.4.4-7etch6
[UPGRADE] libqt3-mt 3:3.3.7-4etch1 -> 3:3.3.7-4etch2
[UPGRADE] libxslt1.1 1.1.19-2 -> 1.1.19-3
[UPGRADE] locales 2.3.6.ds1-13etch5 -> 2.3.6.ds1-13etch7
[UPGRADE] python2.5 2.5-5 -> 2.5-5+etch1
[UPGRADE] python2.5-dev 2.5-5 -> 2.5-5+etch1
[UPGRADE] python2.5-examples 2.5-5 -> 2.5-5+etch1
[UPGRADE] python2.5-minimal 2.5-5 -> 2.5-5+etch1
[UPGRADE] sysv-rc 2.86.ds1-38 -> 2.86.ds1-38+etchnhalf.1
[UPGRADE] sysvinit 2.86.ds1-38 -> 2.86.ds1-38+etchnhalf.1
[UPGRADE] sysvinit-utils 2.86.ds1-38 -> 2.86.ds1-38+etchnhalf.1
[UPGRADE] tzdata 2007j-1etch1 -> 2007k-1etch1
[UPGRADE] wine 1.0.0~winehq0~debian~4.0-1 -> 1.1.1~winehq0~debian~4.0-1
===============================================================================

At the day when the box was turned on and the first error mail came
only this was done:



Aptitude 0.4.4: log report
Sun, Sep 14 2008 19:44:15 +0200

IMPORTANT: this log only lists intended actions; actions which fail due to
dpkg problems may not be completed.

Will install 4 packages, and remove 0 packages.
36.9kB of disk space will be freed
===============================================================================
[UPGRADE] libfreetype6 2.2.1-5+etch2 -> 2.2.1-5+etch3
[UPGRADE] libtiff4 3.8.2-7 -> 3.8.2-7+etch1
[UPGRADE] libxml2 2.6.27.dfsg-2 -> 2.6.27.dfsg-4
[UPGRADE] postfix 2.3.8-2+b1 -> 2.3.8-2+etch1
===============================================================================

Log complete.
Aptitude 0.4.4: log report
Sun, Sep 14 2008 19:48:08 +0200

IMPORTANT: this log only lists intended actions; actions which fail due to
dpkg problems may not be completed.

Will install 0 packages, and remove 0 packages.
===============================================================================
===============================================================================




Long time before:

Aptitude 0.4.4: log report
Sat, Mar  1 2008 21:05:12 +0100

IMPORTANT: this log only lists intended actions; actions which fail due to
dpkg problems may not be completed.

Will install 3 packages, and remove 0 packages.
18.6MB of disk space will be used
===============================================================================
[INSTALL, DEPENDENCIES] python2.5
[INSTALL, DEPENDENCIES] python2.5-minimal
[INSTALL] python2.5-examples
===============================================================================

Log complete.


the installation of debsecan is not logged in the available logs.




That seems to be a very old old error, meanwhile tagged as "graved"...
The workarround Chris posted today worked here too.


http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=368695
Reported by: bdepardon <benjamin.depardon@ens-lyon.fr>
Date: Wed, 24 May 2006 08:18:45 UTC
Severity: normal

Thanks to Christian Kujau who posted a workarround:

Edit /usr/bin/debsecan
#!/usr/bin/python
to
#!/usr/bin/python2.4

...

Fingering with the editor in security relevant files seems not to
be a god solution, or?

Why can't that be fixed over 2 years or at least been documented i an 
obviously way?
I found other threads complaining about this problem since years
(i assume: after python 2.5 becam a deabin paket) but no answers!
(The reason why i repeated all stuff here is to make it "findable" 
by google&Co.)



From: Christian Kujau <lists@nerdbynature.de>
To: 368695@bugs.debian.org
Subject: possible reason
Date: Sun, 5 Oct 2008 19:49:55 +0200 (CEST)

>FWIW and for the sake of the archives: 
>I just came across the same issue 
>on a current Debian/Etch system. 
>When installing python2.5 and symlink 
>/usr/bin/python to the new 2.5 version of Python, 
>apt-listchanges will call this new version. 
>Unfortunately, 
>python-apt does not provide modules for apt for this nw version 
>like it does for 2.3 and 2.4 (/usr/lib/python2.[3,4]/site-packages/apt_*.so) 
>and thus fails with the error message.
>
>Workaround: adjust /usr/bin/apt-listchanges to call python2.4, 
>not just python and the error goes away.






# /usr/bin/debsecan
CVE-2008-3196 byacc (low urgency)
CVE-2008-3529 libxml2
CVE-2006-5052 ssh (low urgency)
CVE-2007-6388 apache2-doc (low urgency)
CVE-2007-6420 apache2-doc (low urgency)
Traceback (most recent call last):
  File "/usr/bin/debsecan", line 1356, in <module>
    rate_system(target, options, fetch_data(options, config), history)
  File "/usr/bin/debsecan", line 1333, in rate_system
    if v.is_vulnerable (bp, sp):
  File "/usr/bin/debsecan", line 483, in is_vulnerable
    self._parse()
  File "/usr/bin/debsecan", line 518, in _parse
    self.other_versions = map(Version, self.other_versions)
  File "/usr/bin/debsecan", line 93, in __init__
    self.__parsed = self.__parse(version)
  File "/usr/bin/debsecan", line 112, in __parse
    raise ValueError, "invalid Debian version string"
ValueError: invalid Debian version string

--- End Message ---

--- Begin Message ---

To: 501244-done@bugs.debian.org

Subject: Closing: python2.5 breaks desecan, apt-listchanges etc. -- no bug in python-apt

From: julian.klode@gmail.com

Date: Sat, 06 Jun 2009 18:48:02 +0000

Message-id: <000e0cd25846e72cb2046bb272f8@google.com>

This bug is the same as http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=435795
--- End Message ---

Reply to:

Prev by Date: Bug#160931: marked as done (apt_pkg.InitConfig() segfaults on hppa)
Next by Date: Bug#361282: marked as done (wajig: crashes immediately)
Previous by thread: Bug#160931: marked as done (apt_pkg.InitConfig() segfaults on hppa)
Next by thread: Bug#361282: marked as done (wajig: crashes immediately)
Index(es):
- Date
- Thread