[Bug 1574058] Re: php-seclib: Call to undefined method Crypt_Base::Crypt_Base()

Richard Hansen 1574058 at bugs.launchpad.net
Thu Jun 23 21:36:57 UTC 2016


** Description changed:

  [Impact]
  
  DokuWiki fails with a 500 internal server error when logging in.  This
  is caused by a regression in phpseclib introduced in 1.0.1-3 and
  subsequently fixed in 1.0.1-4.
  
  /var/log/apache2/error.log contains entries like the following:
  
  [Mon Apr 25 16:09:08.998092 2016] [:error] [pid 10897] [client 127.0.0.1:40832] PHP Fatal error:  Uncaught Error: Call to undefined method Crypt_Base::Crypt_Base() in /usr/share/php/Crypt/Rijndael.php:269
  Stack trace:
  #0 /usr/share/dokuwiki/inc/auth.php(503): Crypt_Rijndael->__construct()
  #1 /usr/share/dokuwiki/inc/auth.php(267): auth_decrypt(...)
  #2 /usr/share/dokuwiki/inc/auth.php(184): auth_login(...)
  #3 /usr/share/dokuwiki/inc/events.php(108): auth_login_wrapper(Array)
  #4 /usr/share/dokuwiki/inc/events.php(231): Doku_Event->trigger('auth_login_wrap...', true)
  #5 /usr/share/dokuwiki/inc/auth.php(117): trigger_event('AUTH_LOGIN_CHEC...', Array, 'auth_login_wrap...')
  #6 /usr/share/dokuwiki/inc/init.php(221): auth_setup()
  #7 /usr/share/dokuwiki/doku.php(29): require_once('/usr/share/doku...')
  #8 {main}
    thrown in /usr/share/php/Crypt/Rijndael.php on line 269
  
  [Test Case]
  
    1. Install the following packages:
       * dokuwiki (0.0.20140929.d-1ubuntu1)
       * apache2 (2.4.18-2ubuntu3)
       * libapache2-mod-php7.0 (7.0.4-7ubuntu2)
    2. Visit http://localhost/dokuwiki
    3. Log in
  
  [Regression Potential]
  
  Upgrading to 1.0.1-4 reverts the changes made in 1.0.1-3, making it
  identical to 1.0.1-2.  This version is known to work according to the
  upstream Debian bug report.
  
- Regressions are likely to appear as problems in the packages that depend
- on php-seclib:
+ Client code that subclasses a php-seclib class and calls
+ parent::__construct() should still work with the patch reverted because
+ PHP will fall back to the old-style constructor name if __construct() is
+ not found.
  
-   * Packages that directly depend on php-seclib:
-     - civicrm-common
-     - collabtive
-     - dokuwiki
-     - php-horde-mapi
-     - php-numbers-words
+ The reverted patch was originally added to silence some deprecation
+ warnings:
  
-   * Packages that directly recommend php-seclib:
-     - php-horde-imp
+     PHP Deprecated:  Methods with the same name as their class will not
+ be constructors in a future version of PHP
  
-   * Packages that indirectly depend on php-seclib:
-     - drupal7-mod-civicrm (depends on civicrm-common)
-     - wordpress-civicrm (depends on civicrm-common)
-     - php-horde-activesync (depends on php-horde-mapi)
+ These warnings will return with the patch reverted.
  
-   * Packages that indirectly recommend php-seclib:
-     - numerous Horde packages
-     - php-text-captcha (via php-numbers-words)
+ Other than warnings, regressions are likely to appear as problems in the
+ packages that depend on php-seclib:
+ 
+   * Packages that directly depend on php-seclib:
+     - civicrm-common
+     - collabtive
+     - dokuwiki
+     - php-horde-mapi
+     - php-numbers-words
+ 
+   * Packages that directly recommend php-seclib:
+     - php-horde-imp
+ 
+   * Packages that indirectly depend on php-seclib:
+     - drupal7-mod-civicrm (depends on civicrm-common)
+     - wordpress-civicrm (depends on civicrm-common)
+     - php-horde-activesync (depends on php-horde-mapi)
+ 
+   * Packages that indirectly recommend php-seclib:
+     - numerous Horde packages
+     - php-text-captcha (via php-numbers-words)
  
  [Other Info]
  
  == Regression details ==
  Discovered in version: 1.0.1-3
  Last known good version: 1.0.1-2
  
  Original description:
  
  Facing the same issue as bug #819420 in Debian.
  
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819420
  
  Appears fixed in Debian's version 1.0.1-4, can we get the fix in Ubuntu
  Xenial as well?

** Description changed:

  [Impact]
  
  DokuWiki fails with a 500 internal server error when logging in.  This
  is caused by a regression in phpseclib introduced in 1.0.1-3 and
  subsequently fixed in 1.0.1-4.
  
  /var/log/apache2/error.log contains entries like the following:
  
  [Mon Apr 25 16:09:08.998092 2016] [:error] [pid 10897] [client 127.0.0.1:40832] PHP Fatal error:  Uncaught Error: Call to undefined method Crypt_Base::Crypt_Base() in /usr/share/php/Crypt/Rijndael.php:269
  Stack trace:
  #0 /usr/share/dokuwiki/inc/auth.php(503): Crypt_Rijndael->__construct()
  #1 /usr/share/dokuwiki/inc/auth.php(267): auth_decrypt(...)
  #2 /usr/share/dokuwiki/inc/auth.php(184): auth_login(...)
  #3 /usr/share/dokuwiki/inc/events.php(108): auth_login_wrapper(Array)
  #4 /usr/share/dokuwiki/inc/events.php(231): Doku_Event->trigger('auth_login_wrap...', true)
  #5 /usr/share/dokuwiki/inc/auth.php(117): trigger_event('AUTH_LOGIN_CHEC...', Array, 'auth_login_wrap...')
  #6 /usr/share/dokuwiki/inc/init.php(221): auth_setup()
  #7 /usr/share/dokuwiki/doku.php(29): require_once('/usr/share/doku...')
  #8 {main}
    thrown in /usr/share/php/Crypt/Rijndael.php on line 269
  
  [Test Case]
  
    1. Install the following packages:
       * dokuwiki (0.0.20140929.d-1ubuntu1)
       * apache2 (2.4.18-2ubuntu3)
       * libapache2-mod-php7.0 (7.0.4-7ubuntu2)
    2. Visit http://localhost/dokuwiki
    3. Log in
  
  [Regression Potential]
  
- Upgrading to 1.0.1-4 reverts the changes made in 1.0.1-3, making it
+ The attached minimal diff reverts the changes made in 1.0.1-3, making it
  identical to 1.0.1-2.  This version is known to work according to the
  upstream Debian bug report.
  
  Client code that subclasses a php-seclib class and calls
  parent::__construct() should still work with the patch reverted because
  PHP will fall back to the old-style constructor name if __construct() is
  not found.
  
  The reverted patch was originally added to silence some deprecation
  warnings:
  
      PHP Deprecated:  Methods with the same name as their class will not
  be constructors in a future version of PHP
  
  These warnings will return with the patch reverted.
  
  Other than warnings, regressions are likely to appear as problems in the
  packages that depend on php-seclib:
  
    * Packages that directly depend on php-seclib:
      - civicrm-common
      - collabtive
      - dokuwiki
      - php-horde-mapi
      - php-numbers-words
  
    * Packages that directly recommend php-seclib:
      - php-horde-imp
  
    * Packages that indirectly depend on php-seclib:
      - drupal7-mod-civicrm (depends on civicrm-common)
      - wordpress-civicrm (depends on civicrm-common)
      - php-horde-activesync (depends on php-horde-mapi)
  
    * Packages that indirectly recommend php-seclib:
      - numerous Horde packages
      - php-text-captcha (via php-numbers-words)
  
  [Other Info]
  
  == Regression details ==
  Discovered in version: 1.0.1-3
  Last known good version: 1.0.1-2
  
  Original description:
  
  Facing the same issue as bug #819420 in Debian.
  
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819420
  
  Appears fixed in Debian's version 1.0.1-4, can we get the fix in Ubuntu
  Xenial as well?

** Description changed:

  [Impact]
  
  DokuWiki fails with a 500 internal server error when logging in.  This
  is caused by a regression in phpseclib introduced in 1.0.1-3 and
  subsequently fixed in 1.0.1-4.
  
  /var/log/apache2/error.log contains entries like the following:
  
  [Mon Apr 25 16:09:08.998092 2016] [:error] [pid 10897] [client 127.0.0.1:40832] PHP Fatal error:  Uncaught Error: Call to undefined method Crypt_Base::Crypt_Base() in /usr/share/php/Crypt/Rijndael.php:269
  Stack trace:
  #0 /usr/share/dokuwiki/inc/auth.php(503): Crypt_Rijndael->__construct()
  #1 /usr/share/dokuwiki/inc/auth.php(267): auth_decrypt(...)
  #2 /usr/share/dokuwiki/inc/auth.php(184): auth_login(...)
  #3 /usr/share/dokuwiki/inc/events.php(108): auth_login_wrapper(Array)
  #4 /usr/share/dokuwiki/inc/events.php(231): Doku_Event->trigger('auth_login_wrap...', true)
  #5 /usr/share/dokuwiki/inc/auth.php(117): trigger_event('AUTH_LOGIN_CHEC...', Array, 'auth_login_wrap...')
  #6 /usr/share/dokuwiki/inc/init.php(221): auth_setup()
  #7 /usr/share/dokuwiki/doku.php(29): require_once('/usr/share/doku...')
  #8 {main}
    thrown in /usr/share/php/Crypt/Rijndael.php on line 269
  
  [Test Case]
  
    1. Install the following packages:
       * dokuwiki (0.0.20140929.d-1ubuntu1)
       * apache2 (2.4.18-2ubuntu3)
       * libapache2-mod-php7.0 (7.0.4-7ubuntu2)
    2. Visit http://localhost/dokuwiki
    3. Log in
  
  [Regression Potential]
  
- The attached minimal diff reverts the changes made in 1.0.1-3, making it
+ The attached minimal diff reverts the patch added in 1.0.1-3, making it
  identical to 1.0.1-2.  This version is known to work according to the
  upstream Debian bug report.
  
  Client code that subclasses a php-seclib class and calls
  parent::__construct() should still work with the patch reverted because
  PHP will fall back to the old-style constructor name if __construct() is
  not found.
  
  The reverted patch was originally added to silence some deprecation
  warnings:
  
      PHP Deprecated:  Methods with the same name as their class will not
  be constructors in a future version of PHP
  
  These warnings will return with the patch reverted.
  
  Other than warnings, regressions are likely to appear as problems in the
  packages that depend on php-seclib:
  
    * Packages that directly depend on php-seclib:
      - civicrm-common
      - collabtive
      - dokuwiki
      - php-horde-mapi
      - php-numbers-words
  
    * Packages that directly recommend php-seclib:
      - php-horde-imp
  
    * Packages that indirectly depend on php-seclib:
      - drupal7-mod-civicrm (depends on civicrm-common)
      - wordpress-civicrm (depends on civicrm-common)
      - php-horde-activesync (depends on php-horde-mapi)
  
    * Packages that indirectly recommend php-seclib:
      - numerous Horde packages
      - php-text-captcha (via php-numbers-words)
  
  [Other Info]
  
  == Regression details ==
  Discovered in version: 1.0.1-3
  Last known good version: 1.0.1-2
  
  Original description:
  
  Facing the same issue as bug #819420 in Debian.
  
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819420
  
  Appears fixed in Debian's version 1.0.1-4, can we get the fix in Ubuntu
  Xenial as well?

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1574058

Title:
  php-seclib: Call to undefined method Crypt_Base::Crypt_Base()

Status in phpseclib package in Ubuntu:
  Fix Released
Status in phpseclib source package in Xenial:
  Confirmed
Status in phpseclib package in Debian:
  Fix Released

Bug description:
  [Impact]

  DokuWiki fails with a 500 internal server error when logging in.  This
  is caused by a regression in phpseclib introduced in 1.0.1-3 and
  subsequently fixed in 1.0.1-4.

  /var/log/apache2/error.log contains entries like the following:

  [Mon Apr 25 16:09:08.998092 2016] [:error] [pid 10897] [client 127.0.0.1:40832] PHP Fatal error:  Uncaught Error: Call to undefined method Crypt_Base::Crypt_Base() in /usr/share/php/Crypt/Rijndael.php:269
  Stack trace:
  #0 /usr/share/dokuwiki/inc/auth.php(503): Crypt_Rijndael->__construct()
  #1 /usr/share/dokuwiki/inc/auth.php(267): auth_decrypt(...)
  #2 /usr/share/dokuwiki/inc/auth.php(184): auth_login(...)
  #3 /usr/share/dokuwiki/inc/events.php(108): auth_login_wrapper(Array)
  #4 /usr/share/dokuwiki/inc/events.php(231): Doku_Event->trigger('auth_login_wrap...', true)
  #5 /usr/share/dokuwiki/inc/auth.php(117): trigger_event('AUTH_LOGIN_CHEC...', Array, 'auth_login_wrap...')
  #6 /usr/share/dokuwiki/inc/init.php(221): auth_setup()
  #7 /usr/share/dokuwiki/doku.php(29): require_once('/usr/share/doku...')
  #8 {main}
    thrown in /usr/share/php/Crypt/Rijndael.php on line 269

  [Test Case]

    1. Install the following packages:
       * dokuwiki (0.0.20140929.d-1ubuntu1)
       * apache2 (2.4.18-2ubuntu3)
       * libapache2-mod-php7.0 (7.0.4-7ubuntu2)
    2. Visit http://localhost/dokuwiki
    3. Log in

  [Regression Potential]

  The attached minimal diff reverts the patch added in 1.0.1-3, making
  it identical to 1.0.1-2.  This version is known to work according to
  the upstream Debian bug report.

  Client code that subclasses a php-seclib class and calls
  parent::__construct() should still work with the patch reverted
  because PHP will fall back to the old-style constructor name if
  __construct() is not found.

  The reverted patch was originally added to silence some deprecation
  warnings:

      PHP Deprecated:  Methods with the same name as their class will
  not be constructors in a future version of PHP

  These warnings will return with the patch reverted.

  Other than warnings, regressions are likely to appear as problems in
  the packages that depend on php-seclib:

    * Packages that directly depend on php-seclib:
      - civicrm-common
      - collabtive
      - dokuwiki
      - php-horde-mapi
      - php-numbers-words

    * Packages that directly recommend php-seclib:
      - php-horde-imp

    * Packages that indirectly depend on php-seclib:
      - drupal7-mod-civicrm (depends on civicrm-common)
      - wordpress-civicrm (depends on civicrm-common)
      - php-horde-activesync (depends on php-horde-mapi)

    * Packages that indirectly recommend php-seclib:
      - numerous Horde packages
      - php-text-captcha (via php-numbers-words)

  [Other Info]

  == Regression details ==
  Discovered in version: 1.0.1-3
  Last known good version: 1.0.1-2

  Original description:

  Facing the same issue as bug #819420 in Debian.

  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819420

  Appears fixed in Debian's version 1.0.1-4, can we get the fix in
  Ubuntu Xenial as well?

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/phpseclib/+bug/1574058/+subscriptions



More information about the Ubuntu-sponsors mailing list