[Bug 1574058] Re: php-seclib: Call to undefined method Crypt_Base::Crypt_Base()
Nish Aravamudan
nish.aravamudan at canonical.com
Thu Jun 23 22:11:21 UTC 2016
Rather than doing a patch, would it be possible to SRU a sync of 1.0.1-4
(which is identical to the change suggested here) to 16.04?
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1574058
Title:
php-seclib: Call to undefined method Crypt_Base::Crypt_Base()
Status in phpseclib package in Ubuntu:
Fix Released
Status in phpseclib source package in Xenial:
Confirmed
Status in phpseclib package in Debian:
Fix Released
Bug description:
[Impact]
DokuWiki fails with a 500 internal server error when logging in. This
is caused by a regression in phpseclib introduced in 1.0.1-3 and
subsequently fixed in 1.0.1-4.
/var/log/apache2/error.log contains entries like the following:
[Mon Apr 25 16:09:08.998092 2016] [:error] [pid 10897] [client 127.0.0.1:40832] PHP Fatal error: Uncaught Error: Call to undefined method Crypt_Base::Crypt_Base() in /usr/share/php/Crypt/Rijndael.php:269
Stack trace:
#0 /usr/share/dokuwiki/inc/auth.php(503): Crypt_Rijndael->__construct()
#1 /usr/share/dokuwiki/inc/auth.php(267): auth_decrypt(...)
#2 /usr/share/dokuwiki/inc/auth.php(184): auth_login(...)
#3 /usr/share/dokuwiki/inc/events.php(108): auth_login_wrapper(Array)
#4 /usr/share/dokuwiki/inc/events.php(231): Doku_Event->trigger('auth_login_wrap...', true)
#5 /usr/share/dokuwiki/inc/auth.php(117): trigger_event('AUTH_LOGIN_CHEC...', Array, 'auth_login_wrap...')
#6 /usr/share/dokuwiki/inc/init.php(221): auth_setup()
#7 /usr/share/dokuwiki/doku.php(29): require_once('/usr/share/doku...')
#8 {main}
thrown in /usr/share/php/Crypt/Rijndael.php on line 269
[Test Case]
1. Install the following packages:
* dokuwiki (0.0.20140929.d-1ubuntu1)
* apache2 (2.4.18-2ubuntu3)
* libapache2-mod-php7.0 (7.0.4-7ubuntu2)
2. Visit http://localhost/dokuwiki
3. Log in
[Regression Potential]
The attached minimal diff reverts the patch added in 1.0.1-3, making
it identical to 1.0.1-2. This version is known to work according to
the upstream Debian bug report.
Client code that subclasses a php-seclib class and calls
parent::__construct() should still work with the patch reverted
because PHP will fall back to the old-style constructor name if
__construct() is not found.
The reverted patch was originally added to silence some deprecation
warnings:
PHP Deprecated: Methods with the same name as their class will
not be constructors in a future version of PHP
These warnings will return with the patch reverted.
Other than warnings, regressions are likely to appear as problems in
the packages that depend on php-seclib:
* Packages that directly depend on php-seclib:
- civicrm-common
- collabtive
- dokuwiki
- php-horde-mapi
- php-numbers-words
* Packages that directly recommend php-seclib:
- php-horde-imp
* Packages that indirectly depend on php-seclib:
- drupal7-mod-civicrm (depends on civicrm-common)
- wordpress-civicrm (depends on civicrm-common)
- php-horde-activesync (depends on php-horde-mapi)
* Packages that indirectly recommend php-seclib:
- numerous Horde packages
- php-text-captcha (via php-numbers-words)
[Other Info]
== Regression details ==
Discovered in version: 1.0.1-3
Last known good version: 1.0.1-2
Original description:
Facing the same issue as bug #819420 in Debian.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819420
Appears fixed in Debian's version 1.0.1-4, can we get the fix in
Ubuntu Xenial as well?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/phpseclib/+bug/1574058/+subscriptions
More information about the Ubuntu-sponsors
mailing list