Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: freeze-exception
Please unblock package python-apt This release fixes a bad memory leak, a release-critical bug, helps in case of a strange bug, and fixes a few things in the test suite. For you reference, I provided a commented version of the changelog that provides a bit more detail. Please note that data/templates/*.mirrors are automatically generated from the utils/get_*_mirrors*.py scripts. You may want to exclude them when looking at the diff. unblock python-apt/0.7.100.1 -- Commented changelog: > [ Julian Andres Klode ] > * python/generic.h: Fix a memory leak (leaking on every unicode string). This is a somewhat bad bug as we previously did not free temporary objects when converting unicode objects to C strings. A service such as aptdaemon that uses python-apt and unicode strings might allow evil persons to claim all available memory (aptdaemon runs as root). This is also a problem in python3-apt, where every string is unicode. > * debian/control: add Replaces to python-apt-common, python3-apt; to > avoid file conflicts with files previously in python-apt (Closes: > #605136). A release-critical bug caused by splitting python-apt into python3-apt and python-apt-common. > [ Michael Vogt ] > * python/generic.h: > - set Object to NULL in CppDeallocPtr > * python/depcache.cc: > - don't run "actiongroup.release()" if the object was already > deallocated mvo experienced issues with action groups in aptdaemon and this seemed to help a bit, although it does not seem to fix it completely. It still seems to be a good idea to set Object=NULL security-wise, just in case the value pointed to is read after the object was destroyed. There might be a bug in Python as well, it needs further investigation. > * tests/test_apt_cache.py: > - fix tests to work if apt compressed indexes are enabled This is a test suite fix to support the new compressed indexes feature. Without it, the test suite fails on systems where compressed indexes are enabled. There's also another very small test suite fix for python 3.2 compatibility, which is not really needed for squeeze, but does not hurt either, as it's only run at build time and only when python >= 3.2 is used. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (350, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- Julian Andres Klode - Debian Developer, Ubuntu Member See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/.
pgpeJp41Q2S80.pgp
Description: PGP signature
