Bug#802776: matplotlib: ttf-bitstream-vera missing in "Depends:" of python-matplotlib-data
Source: matplotlib Severity: grave Justification: renders package unusable Dear Maintainer, in `debian/rules` for python-matplotlib-data, Bitstream Vera ttf fonts are deliberately removed from the package (same is done for some fonts of package `fonts-lyx`) but the package hosting those fonts (`ttf-bitstream-vera`) is not added to "Depends:". These fonts are default fonts of matplotlib, so any plot generated will look different than what is expected and advertised by matplotlib in their galleries because it will use a very different-looking fallback font. (see http://tests.obspy.org/29443/#8 for a diff of expected image and image without these fonts installed) Please add `ttf-bitstream-vera` to Depends of python-matplotlib-data. cheers, Tobias -- System Information: Debian Release: 8.2 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.1.0-0.bpo.2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.utf8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Bug#798010: ipython3: malicious dynamic python3 interpreter lookup via "/usr/bin/env python3" in main executable
Package: ipython3 Version: 2.3.0-2 Severity: serious Justification: Debian Python Policy 2.4.2: Interpreter Location Dear Maintainer, the main executable /usr/bin/ipython3 has shebang line 1 "#!/usr/bin/env python3" and thus uses the first python3 interpreter found in $PATH doing a dynamic lookup at execution time. If a local user-space Python environment is coming first in $PATH it will thus yield the Python3 IPython prompt from user space and not from the system python. This will result in very puzzling situation and clearly is in violation of the Debian Python Policy which demands the hardcoded system python binary in shebang. See Debian Python Policy 2.4.2 Interpreter location: https://www.debian.org/doc/packaging-manuals/python-policy/ch- python.html#s-interpreter_loc === quote start The preferred specification for the Python interpreter is /usr/bin/python or /usr/bin/pythonX.Y. This ensures that a Debian installation of python is used and all dependencies on additional python modules are met. Maintainers should not override the Debian Python interpreter using /usr/bin/env python or /usr/bin/env pythonX.Y. This is not advisable as it bypasses Debian's dependency checking and makes the package vulnerable to incomplete local installations of python. === quote end best regards, Tobias Megies -- System Information: Debian Release: 8.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages ipython3 depends on: ii python3-decorator 3.4.0-2 ii python3-pkg-resources 5.5.1-1 ii python3-simplegeneric 0.8.1-1 pn python3:any ipython3 recommends no packages. Versions of packages ipython3 suggests: pn ipython3-notebook pn ipython3-qtconsole pn python3-zmq -- no debconf information
Bug#785627: mayavi2: malicious dynamic python interpreter lookup via /usr/bin/env python in main executable
Package: mayavi2 Version: 4.3.1-3.1 Severity: serious Justification: Debian Python Policy 2.4.2: Interpreter Location Dear Maintainer, when running /usr/bin/mayavi2 it uses the first python interpreter found in $PATH by using #!/usr/bin/env python as shebang in line 1. If a local user-space Python environment is coming first in $PATH this is bound to fail, because module dependencies might not be there or might be there in the wrong versions. See Debian Python Policy 2.4.2 Interpreter location: https://www.debian.org/doc/packaging-manuals/python-policy/ch- python.html#s-interpreter_loc === quote start The preferred specification for the Python interpreter is /usr/bin/python or /usr/bin/pythonX.Y. This ensures that a Debian installation of python is used and all dependencies on additional python modules are met. Maintainers should not override the Debian Python interpreter using /usr/bin/env python or /usr/bin/env pythonX.Y. This is not advisable as it bypasses Debian's dependency checking and makes the package vulnerable to incomplete local installations of python. === quote end best regards, Tobias Megies -- System Information: Debian Release: 8.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages mayavi2 depends on: ii libc6 2.19-18 ii libjs-jquery 1.7.2+dfsg-3.2 ii python2.7.9-1 ii python-apptools 4.2.1-1 ii python-configobj 5.0.6-1 ii python-envisage 4.4.0-1 ii python-numpy [python-numpy-abi9] 1:1.8.2-2 ii python-pkg-resources 5.5.1-1 ii python-traits 4.4.0-1 ii python-traitsui 4.4.0-1.3 ii python-vtk5.8.0-17.5 ii python-wxgtk3.0 3.0.1.1+dfsg-2 mayavi2 recommends no packages. Versions of packages mayavi2 suggests: pn ipython none ii python-scipy 0.14.0-2 -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#729495: qgis: dynamic python interpreter lookup
Package: qgis Version: 1.7.4+1.7.5~20120320-1.1+b1 Severity: serious Justification: Policy 1.4.2 Dear Maintainer, when running /usr/bin/qgis it uses the first python interpreter found in $PATH. If a local user-space Python environment is coming first in $PATH this is bound to fail, because module dependencies might not be there ore might be there in the wrong versions. Traceback: $ /usr/bin/qgis Warning: loading of qgis translation failed [/usr/share/qgis/i18n//qgis_en_US] Warning: loading of qt translation failed [/usr/share/qt4/translations/qt_en_US] Traceback (most recent call last): File /home/megies/local/lib/python2.7/site.py, line 548, in module main() File /home/megies/local/lib/python2.7/site.py, line 530, in main known_paths = addusersitepackages(known_paths) File /home/megies/local/lib/python2.7/site.py, line 266, in addusersitepackages user_site = getusersitepackages() File /home/megies/local/lib/python2.7/site.py, line 241, in getusersitepackages user_base = getuserbase() # this will also set USER_BASE File /home/megies/local/lib/python2.7/site.py, line 231, in getuserbase USER_BASE = get_config_var('userbase') File /home/megies/local/lib/python2.7/sysconfig.py, line 516, in get_config_var return get_config_vars().get(name) File /home/megies/local/lib/python2.7/sysconfig.py, line 449, in get_config_vars import re File /home/megies/local/lib/python2.7/re.py, line 105, in module import sre_compile File /home/megies/local/lib/python2.7/sre_compile.py, line 14, in module import sre_parse File /home/megies/local/lib/python2.7/sre_parse.py, line 17, in module from sre_constants import * File /home/megies/local/lib/python2.7/sre_constants.py, line 18, in module from _sre import MAXREPEAT ImportError: cannot import name MAXREPEAT I did not immediately find the problem but I suspect either an executable Python file that has #!/usr/bin/env python as first line, or a shell script executing a Python script by just using python some_python_file.py instead of /usr/bin/python some_python_file.py. See Policy manual section 1.4.2. -- System Information: Debian Release: 7.2 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable'), (1, 'precise'), (1, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages qgis depends on: ii libc6 2.13-38 ii libgcc1 1:4.7.2-5 ii libgdal11.9.0-3.1 ii libgeos-c1 3.3.3-1.1 ii libgsl0ldbl 1.15+dfsg.2-2 ii libpq5 9.1.9-1 ii libproj04.7.0-2 ii libqgis1.7.51.7.4+1.7.5~20120320-1.1+b1 ii libqt4-network 4:4.8.2+dfsg-11 ii libqt4-sql 4:4.8.2+dfsg-11 ii libqt4-svg 4:4.8.2+dfsg-11 ii libqt4-xml 4:4.8.2+dfsg-11 ii libqtcore4 4:4.8.2+dfsg-11 ii libqtgui4 4:4.8.2+dfsg-11 ii libqtwebkit42.2.1-5 ii libqwt5-qt4 5.2.2-3 ii libstdc++6 4.7.2-5 ii qgis-common 1.7.4+1.7.5~20120320-1.1 ii qgis-providers 1.7.4+1.7.5~20120320-1.1+b1 Versions of packages qgis recommends: ii python-qgis1.7.4+1.7.5~20120320-1.1+b1 ii qgis-plugin-grass 1.7.4+1.7.5~20120320-1.1+b1 Versions of packages qgis suggests: pn gpsbabel none -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#725047: python-matplotlib: missing recommends/suggests in debian/control
Package: python-matplotlib Version: 1.1.1~rc2-1 Severity: serious Justification: Policy 5.6.10; 7.2 Dear Maintainer, several packages that are used inside the matplotlib code seem to be missing from Depends/Recommends/Suggests in debian/control. One example is the test suite. It can not be run because it needs python-nose which is not installed alongside python-matplotlib. I could make out the following relevant packages that should be somewhere in debian/control: - python-nose (needed run test suite - Recommends?) - ghostscript (mentioned online as needed for test suite, see link below - although most likely in the system already.. Recommends?) - inkscape (mentioned online as needed for test suite, but very large dependency - Suggests?) - python-imaging (used if available, see link below - Recommends?) Here is the link to the matplotlib page on dependencies to run tests: http://matplotlib.org/devel/testing.html#requirements Here is the link to show that python-imaging is used if available: https://github.com/matplotlib/matplotlib/blob/master/lib/matplotlib/backend_bases.py#L59-L63 best, Tobias -- System Information: Debian Release: 7.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable'), (1, 'precise'), (1, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages python-matplotlib depends on: ii libatk1.0-0 2.4.0-2 ii libc6 2.13-38 ii libcairo2 1.12.2-3 ii libfontconfig12.9.0-7.1 ii libfreetype6 2.4.9-1.1 ii libgcc1 1:4.7.2-5 ii libgdk-pixbuf2.0-02.26.1-1 ii libglib2.0-0 2.33.12+really2.32.4-5 ii libgtk2.0-0 2.24.10-2 ii libpango1.0-0 1.30.0-1 ii libpng12-01.2.49-1 ii libstdc++64.7.2-5 ii python2.7.3-4 ii python-cairo 1.8.8-1+b2 ii python-dateutil 1.5+dfsg-0.1 ii python-gobject3.2.2-2 ii python-matplotlib-data1.1.1~rc2-1 ii python-numpy [python-numpy-abi9] 1:1.6.2-1.2 ii python-pyparsing 1.5.6+dfsg1-2 ii python-support1.0.15 ii python-tz 2012c-1 ii tcl8.58.5.11-2 ii tk8.5 8.5.11-2 ii zlib1g1:1.2.7.dfsg-13 Versions of packages python-matplotlib recommends: ii python-glade2 2.24.0-3+b1 ii python-tk 2.7.3-1 Versions of packages python-matplotlib suggests: ii dvipng 1.14-1+b1 ii ipython0.13.1-2 ii librsvg2-common2.36.1-1 ii python-configobj 4.7.2+ds-4 pn python-excelerator none ii python-gtk22.24.0-3+b1 pn python-matplotlib-doc none ii python-qt4 4.9.3-4 ii python-scipy 0.10.1+dfsg2-1 ii python-traits 4.1.0-1 ii python-wxgtk2.82.8.12.1-12 ii texlive-extra-utils2012.20120611-2 ii texlive-latex-extra2012.20120611-2 -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#719065: fixed upstream; part of upcoming bugfix release 1.3.1 in upstream
This bug has been fixed upstream, see https://github.com/matplotlib/matplotlib/pull/2307. The fix will be part of the upcoming bugfix/minor release 1.3.1 of matplotlib. I assume unstable will be updated to 1.3.1 after it is released? After/if it is updated this bug can be closed. best, Tobias -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#719065: (no subject)
I think this is the same problem as in issue #2320 at the matplotlib github page: https://github.com/matplotlib/matplotlib/issues/2320 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org