Is this actually even needed? The only place I see that cherrypy3 is used is in run_tests.sh and fix-coverage-binary-name.patch happens to comment it out. It looks like it is only needed by the openstack_dashboard tests, but they are disabled. This is referenced in tools/test-requires: # Testing Requirements CherryPy ...
In fact, using the attached debdiff, it builds fine. cherrypy3 is not pulled in as a dependency either, and installing openstack-dashboard with the attached debdiff seems to work fine. So I looked at this only very briefly and was started to see that in cherrypy/_cpmodpy.py a utility function is defined for popen that uses subprocess.Popen, but specifies shell='True', which is dangerous and requires all input into the function by sanitized. The function itself doesn't do the sanitizing, so this could get scary fast. I didn't look super far into this, but since we don't actually need it I'd just assume drop it. (Note that while Edubuntu is supporting this, that is community support which is different than a support commitment from Canonical). NAK. Please use the attached debdiff. ** Patch added: "horizon_2012.1-0ubuntu6.debdiff" https://bugs.launchpad.net/ubuntu/+source/cherrypy3/+bug/986254/+attachment/3102131/+files/horizon_2012.1-0ubuntu6.debdiff ** Changed in: cherrypy3 (Ubuntu) Status: New => Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/986254 Title: [MIR] python-cherrypy3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cherrypy3/+bug/986254/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
