Ubuntu
python-django package

[SRU] Include upstream fix for bug 15496

Bug #1081392 reported by Julian Edwards
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
python-django (Ubuntu)
Fix Released
Undecided
Andres Rodriguez
Precise
Fix Released
High
Unassigned

Bug Description

Upstream bug 15496 fixes a critical problem where multipart messages were not getting base64 decoded. It is required as a pre-requisite to backporting maas to precise.

[Impact]
This is functionality required as part of the MAAS Next Steps blueprint [1], in order to be able to SRU various new fixes to MAAS in precise. This functionality fixes a critical problem, of not enconding multipart messages to base64. This has been fixed in upstream django 1.3, and the fix is included in 1.4.

[Test Case]
This has been tested against MAAS. To test this we simply need to branch the MAAS branch which is being prepared for the SRU, and make sure all tests pass. Tests will fail when this SRU has not being installed. Test will pass when this feature is backported.

1. bzr branch lp:~maas-maintainers/maas/1.2 maas-sru
2. cd maas-sru
3. make test

[Regression Potential]
Minimal. This is functionality that produces minimal impact to django. On the other hand, the maas-maintainers team has committed to address any related issues and maintain it from this point forward.

See original description
Andres Rodriguez (andreserl)
Changed in python-django (Ubuntu):
assignee: nobody → Andres Rodriguez (andreserl)
Julian Edwards (julian-edwards)
summary: - Include upstream bug 15496
+ Include upstream fix for bug 15496
Andres Rodriguez (andreserl)
Changed in python-django (Ubuntu):
status: New → Fix Released
Andres Rodriguez (andreserl)
summary: - Include upstream fix for bug 15496
+ [SRU] Include upstream fix for bug 15496
Andres Rodriguez (andreserl)
description: updated
Andres Rodriguez (andreserl)
Changed in python-django (Ubuntu Precise):
importance: Undecided → High
Revision history for this message
Dave Walker (davewalker) wrote : Please test proposed package

Hello Julian, or anyone else affected,

Accepted into quantal-proposed. The package will build now and be available in a few hours in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please change the bug tag from verification-needed to verification-done. If it does not, change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

tags: added: verification-needed
Changed in python-django (Ubuntu Precise):
status: New → Fix Committed
Julian Edwards (julian-edwards)
tags: added: verification-done
removed: verification-needed
Revision history for this message
Scott Kitterman (kitterman) wrote : Update Released

The verification of this Stable Release Update has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package python-django - 1.3.1-4ubuntu1.5

---------------
python-django (1.3.1-4ubuntu1.5) precise-proposed; urgency=low

  [ Julian Edwards ]
  * debian/patches:
    - genericipaddressfield.diff: Backport GenericIPAddressField
      from 1.4 (LP: #1081391)
    - prefetch_related.diff: Backport prefetch_related from 1.4 (LP: #1081388)
    - bug15496-base64-multipart-fix.diff: Include fix for upstream bug #15496
      which makes 'Content-Transfer-Encoding: base64: work for multipart
      messages. (LP: #1081392)
 -- Andres Rodriguez <email address hidden> Tue, 20 Nov 2012 16:00:41 -0500

Changed in python-django (Ubuntu Precise):
status: Fix Committed → Fix Released
Revision history for this message
Scott Kitterman (kitterman) wrote :

I've just removed this update from precise-updates. Unfortunately it wasn't until after I copied it over that I noticed that this is not an appropriate change for an SRU and it's not been reviewed by the SRU team.

Revision history for this message
Scott Kitterman (kitterman) wrote :

Since this was not reviewed by the SRU team, I've removed the SRU. Additionally, since feature additions are not permitted in SRUs by the normal policy, a change like this should be discussed in advance, probably with the tech board, before it is resubmitted.

Changed in python-django (Ubuntu Precise):
status: Fix Released → Invalid
Revision history for this message
Julian Edwards (julian-edwards) wrote :

Scott, if you read the bug title and description carefully, you'll see that this is not a feature, it is a bug fix.

Revision history for this message
Scott Kitterman (kitterman) wrote :

OK. Agreed.

Changed in python-django (Ubuntu Precise):
status: Invalid → New
Revision history for this message
Julian Edwards (julian-edwards) wrote :

Thanks - when can we expect it to hit -updates>

Revision history for this message
Scott Kitterman (kitterman) wrote : Re: [Bug 1081392] Re: [SRU] Include upstream fix for bug 15496

There were (IIRC) three bugs included in the upload. This was only one. The
others were clear feature backports that aren't suitable for an SRU. First
then someone needs to do an upload that fixes just the bug to proposed.

Revision history for this message
Julian Edwards (julian-edwards) wrote :

On 11/12/12 13:32, Scott Kitterman wrote:
> There were (IIRC) three bugs included in the upload. This was only one. The
> others were clear feature backports that aren't suitable for an SRU. First
> then someone needs to do an upload that fixes just the bug to proposed.
>

The other bugs are critical SRU uploads too as they allow a new maas
upload which fixes a whole raft of problems and security issues. I
think the security team needs to get involved.

Revision history for this message
Scott Kitterman (kitterman) wrote :

I think it would be better not to write security fixes that depend on features not present in the release.

Revision history for this message
Scott Kitterman (kitterman) wrote :

It's possibly worth mentioning that if it turns out these are approved, I'll go ahead and approve all the backports needed to update owncloud due to it having security issues. If that's enough to waive SRU policy, then stand by for the flood.

Revision history for this message
Julian Edwards (julian-edwards) wrote :

On 11/12/12 16:03, Scott Kitterman wrote:
> I think it would be better not to write security fixes that depend on
> features not present in the release.
>

I'd love to have that choice.

Revision history for this message
Scott Kitterman (kitterman) wrote : Please test proposed package

Hello Julian, or anyone else affected,

Accepted into quantal-proposed. The package will build now and be available in a few hours in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

tags: removed: verification-done
tags: added: verification-needed
Revision history for this message
Chris Halse Rogers (raof) wrote :

As far as I can tell, the new package in precise-proposed hasn't been tested yet. Although a previous upload was tested, we need to test the package that is actually going to be copied into -updates. Please do so, and we can release it to -updates.

Julian Edwards (julian-edwards)
tags: added: verification-done
removed: verification-needed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package python-django - 1.3.1-4ubuntu1.7

---------------
python-django (1.3.1-4ubuntu1.7) precise-proposed; urgency=low

  [ Julian Edwards ]
  * debian/patches:
    - prefetch_related.diff: Backport prefetch_related from 1.4 (LP: #1081388)
    - bug15496-base64-multipart-fix.diff: Include fix for upstream bug #15496
      which makes 'Content-Transfer-Encoding: base64: work for multipart
      messages. (LP: #1081392)
 -- Andres Rodriguez <email address hidden> Thu, 07 Mar 2013 17:27:06 -0500

Changed in python-django (Ubuntu Precise):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.