Sorry about the bad tarball, I forgot to clean my git directory before
generating it. Another point in favor of using the gh tarball, I can't
screw it up.
This is the first I have seen that CVE.
That PR is not included in 1.4.3 because it completely over-hauls how the
Agg rendering works (and generated a whole bunch of other bugs along the
way).
Mike: Is there a way to fix up the security issues reported on just the
1.4.x branch with out pulling that whole patch back?
Tom
On Sun Feb 08 2015 at 7:47:00 PM Benjamin Root <ben.r...@ou.edu> wrote:
> Please ignore my test failure report. I was accidentally running an older
> install of matplotlib from the same branch.
>
> Ben Root
>
> On Sat, Feb 7, 2015 at 9:08 PM, Benjamin Root <ben.r...@ou.edu> wrote:
>
>> I am getting some test failures here and on master in the collections
>> module.
>>
>> ======================================================================
>> FAIL: __main__.test_regularpolycollection_rotate.test
>> ----------------------------------------------------------------------
>> Traceback (most recent call last):
>> File "/home/ben/miniconda/lib/python2.7/site-packages/nose/case.py",
>> line 197, in runTest
>> self.test(*self.arg)
>> File
>> "/home/ben/.local/lib/python2.7/site-packages/matplotlib-1.4.x-py2.7-linux-x86_64.egg/matplotlib/testing/decorators.py",
>> line 51, in failer
>> result = f(*args, **kwargs)
>> File
>> "/home/ben/.local/lib/python2.7/site-packages/matplotlib-1.4.x-py2.7-linux-x86_64.egg/matplotlib/testing/decorators.py",
>> line 196, in do_test
>> '(RMS %(rms).3f)'%err)
>> ImageComparisonFailure: images not close:
>> /home/ben/Programs/matplotlib/result_images/test_collections/regularpolycollection_rotate.png
>> vs.
>> /home/ben/Programs/matplotlib/result_images/test_collections/regularpolycollection_rotate-expected.png
>> (RMS 54.618)
>>
>> ======================================================================
>> FAIL: __main__.test_regularpolycollection_scale.test
>> ----------------------------------------------------------------------
>> Traceback (most recent call last):
>> File "/home/ben/miniconda/lib/python2.7/site-packages/nose/case.py",
>> line 197, in runTest
>> self.test(*self.arg)
>> File
>> "/home/ben/.local/lib/python2.7/site-packages/matplotlib-1.4.x-py2.7-linux-x86_64.egg/matplotlib/testing/decorators.py",
>> line 51, in failer
>> result = f(*args, **kwargs)
>> File
>> "/home/ben/.local/lib/python2.7/site-packages/matplotlib-1.4.x-py2.7-linux-x86_64.egg/matplotlib/testing/decorators.py",
>> line 196, in do_test
>> '(RMS %(rms).3f)'%err)
>> ImageComparisonFailure: images not close:
>> /home/ben/Programs/matplotlib/result_images/test_collections/regularpolycollection_scale.png
>> vs.
>> /home/ben/Programs/matplotlib/result_images/test_collections/regularpolycollection_scale-expected.png
>> (RMS 120.828)
>>
>> ----------------------------------------------------------------------
>> Ran 54 tests in 15.149s
>>
>> FAILED (failures=2)
>>
>>
>>
>> The squares in the first test are larger than they should be. I have some
>> other errors, but they seem to other be floating point errors, or issues
>> with fonts.
>>
>> Ben Root
>>
>>
>> On Sat, Feb 7, 2015 at 4:46 PM, Thomas Caswell <tcasw...@gmail.com>
>> wrote:
>>
>>> Sandro,
>>>
>>> Well, creating the tarball on GH is a lot easier for us as it happens
>>> automatically! I don't want to unilaterally change policy so I will create
>>> the files on SF.
>>>
>>> If you want to tracking GH for debian instead of SF I don't think that
>>> would be a bad idea, but I don't know how much of a hassle that would be
>>> for you.
>>>
>>> Tom
>>>
>>> On Sat Feb 07 2015 at 4:14:36 PM Sandro Tosi <mo...@debian.org> wrote:
>>>
>>>> On Sat, Feb 7, 2015 at 9:05 PM, Thomas Caswell <tcasw...@gmail.com>
>>>> wrote:
>>>> > Sandro,
>>>> >
>>>> > Can you use the tarball from github
>>>> > (https://github.com/matplotlib/matplotlib/archive/v1.4.3rc1.tar.gz ?)
>>>>
>>>> Sure I can, but since all the previous release (even RC) were done one
>>>> SF, we have our tools to monitor and download new releases pointing to
>>>> SF: do you plan to switch to GH for releasing tarballs too?
>>>>
>>>> Cheers,
>>>> --
>>>> Sandro Tosi (aka morph, morpheus, matrixhasu)
>>>> My website: http://matrixhasu.altervista.org/
>>>> Me at Debian: http://wiki.debian.org/SandroTosi
>>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Dive into the World of Parallel Programming. The Go Parallel Website,
>>> sponsored by Intel and developed in partnership with Slashdot Media, is
>>> your
>>> hub for all things parallel software development, from weekly thought
>>> leadership blogs to news, videos, case studies, tutorials and more. Take
>>> a
>>> look and join the conversation now. http://goparallel.sourceforge.net/
>>> _______________________________________________
>>> Matplotlib-devel mailing list
>>> matplotlib-de...@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/matplotlib-devel
>>>
>>>
>>
>
------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Matplotlib-users mailing list
Matplotlib-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/matplotlib-users
