Your message dated Thu, 17 Dec 2009 00:38:48 +0000
with message-id <[email protected]>
and subject line Bug#523516: fixed in roundup 1.4.4-4+lenny1.1
has caused the Debian Bug report #523516,
regarding Upgrading to roundup 1.4.4-4+lenny1 breaks pagination entirely
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
523516: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=523516
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: roundup
Version: 1.4.4-4+lenny1
Severity: grave
Howdy!
I just upgraded to 1.4.4-4+lenny1 to fix the security issues.
However, it broke pagination entirely; when going to queries like
http://code.creativecommons.org/issues/issue?status=-1,1,2,3,4,5,6,7&@sort=-activity&@search_text=&@dispname=Show%20All&@filter=status&@group=priority&@columns=id,activity,title,creator,assignedto,status&@pagesize=50&@startwith=0&assignedto=5
, Roundup would only show me seven results.
I created a local 1.4.4-4+lenny1.1 that removes
19_bogus_pagination_request.dpatch from debian/patches/00list and rebuilt
the package, and now pagination works properly for me.
I have to run for now, but I think that some quick experimentation should
allow you to reproduce this. I have a hunch that the problem is that this
code is suspect:
- self.pagesize = int(self.form[name].value)
+ try:
+ self.pagesize = int(self.form.getfirst(name))
should it not be:
- self.pagesize = int(self.form[name].value)
+ try:
+ self.pagesize = int(self.form[name].value)
?
Anyway, upstream's bug tracker is down so I can't check. But this security
package introduced some pretty tragic breakage!
-- System Information:
Debian Release: 5.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages roundup depends on:
ii adduser 3.110 add and remove users and groups
ii python 2.5.2-3 An interactive high-level object-o
ii python-central 0.6.8 register and build utility for Pyt
roundup recommends no packages.
Versions of packages roundup suggests:
ii libapache2-mod-python 3.3.1-7 Python-embedding module for Apache
ii python-gdbm 2.5.2-1 GNU dbm database support for Pytho
ii python-mysqldb 1.2.2-7 A Python interface to MySQL
ii python-openssl 0.7-2 Python wrapper around the OpenSSL
ii python-psycopg2 2.0.7-4 Python module for PostgreSQL
ii python-pyme 0.8.1+clean-1 Python interface to the GPGME GnuP
ii python-sqlite 1.0.1-7 python interface to SQLite 2
ii python-tz 2008c-2 Python version of the Olson timezo
ii python-xapian 1.0.7-3.1 Xapian search engine interface for
ii runit 2.0.0-1 a UNIX init scheme with service su
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: roundup
Source-Version: 1.4.4-4+lenny1.1
We believe that the bug you reported is fixed in the latest version of
roundup, which is due to be installed in the Debian FTP archive:
roundup_1.4.4-4+lenny1.1.diff.gz
to main/r/roundup/roundup_1.4.4-4+lenny1.1.diff.gz
roundup_1.4.4-4+lenny1.1.dsc
to main/r/roundup/roundup_1.4.4-4+lenny1.1.dsc
roundup_1.4.4-4+lenny1.1_all.deb
to main/r/roundup/roundup_1.4.4-4+lenny1.1_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Maximilian Gass <[email protected]> (supplier of updated roundup package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 01 Dec 2009 13:29:55 +0100
Source: roundup
Binary: roundup
Architecture: source all
Version: 1.4.4-4+lenny1.1
Distribution: lenny
Urgency: high
Maintainer: Toni Mueller <[email protected]>
Changed-By: Maximilian Gass <[email protected]>
Description:
roundup - an issue-tracking system
Closes: 523516
Changes:
roundup (1.4.4-4+lenny1.1) stable; urgency=high
.
* Non-maintainer upload
* Fix pagination broken by security fix. Patch by Sebastian Harl (closes:
#523516)
Checksums-Sha1:
3334be6fa40ee5d744fb61d17c0d1cbf06d8368f 1069 roundup_1.4.4-4+lenny1.1.dsc
c4bf2791a9ef26d2bad20dd913865c9692565443 31339 roundup_1.4.4-4+lenny1.1.diff.gz
3e9a2b0f5b5f00d98bfa19772c4a43c3feaa6efb 1279524
roundup_1.4.4-4+lenny1.1_all.deb
Checksums-Sha256:
eb58f13a27c8e570cc4d88467ec71b8155991f0c8181dbe1b4f9116eb9657fe3 1069
roundup_1.4.4-4+lenny1.1.dsc
95a6fa8c333a02faef18836c4fe18eead8ab2e4a945eb1ae05c59ef4385b8199 31339
roundup_1.4.4-4+lenny1.1.diff.gz
36b7c545a70b4896ff7d1c0880a16037f1ada5924fb8236cb7e511e3901e6ba9 1279524
roundup_1.4.4-4+lenny1.1_all.deb
Files:
25b6597b0a0a05e429d64a67d03165c8 1069 web optional roundup_1.4.4-4+lenny1.1.dsc
7ece0873288564a7561318a0d45f88bd 31339 web optional
roundup_1.4.4-4+lenny1.1.diff.gz
2e2d61792ba68a7700621713d90a9235 1279524 web optional
roundup_1.4.4-4+lenny1.1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAksmSEwACgkQbdB4RPTVesokGwCcDqEw6MCP3VO31ygn9dp8s8tH
AKYAn2X/CMsmpFM53l4A0AJ5HEJ3Qgul
=/zhn
-----END PGP SIGNATURE-----
--- End Message ---
