[Bug 1574058] Re: php-seclib: Call to undefined method Crypt_Base::Crypt_Base()
Robie Basak
1574058 at bugs.launchpad.net
Mon Jun 27 12:11:41 UTC 2016
Careful. If the landing of one SRU breaks another package, it isn't
sufficient just to SRU both. A Breaks: needs to be added so that users
don't accidentally pick up one SRU without the other. See bug 1511735
for an example of how this can go wrong.
If I understand this correctly, what you want to do is:
SRU php-horde-mapi
SRU this phpseclib with a Breaks: php-horde-map (<< version-just-SRUd)
Then ask the SRU team to land both together. Though with the Breaks, apt
will generally do the right thing if both don't land together, although
it still could confuse users ("why won't phpseclib update?").
I assumed that php-horde-mapi would actually be broken at runtime
though, as opposed to a test positive only. If it's not broken at
runtime, then I guess the consequence isn't so severe. I tend to fall on
the side of fixing the dep8 test in an SRU anyway though, as otherwise
the test becomes useless in detecting SRU regressions.
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1574058
Title:
php-seclib: Call to undefined method Crypt_Base::Crypt_Base()
Status in phpseclib package in Ubuntu:
Fix Released
Status in phpseclib source package in Xenial:
Confirmed
Status in phpseclib package in Debian:
Fix Released
Bug description:
[Impact]
DokuWiki fails with a 500 internal server error when logging in. This
is caused by a regression in phpseclib introduced in 1.0.1-3 and
subsequently fixed in 1.0.1-4.
/var/log/apache2/error.log contains entries like the following:
[Mon Apr 25 16:09:08.998092 2016] [:error] [pid 10897] [client 127.0.0.1:40832] PHP Fatal error: Uncaught Error: Call to undefined method Crypt_Base::Crypt_Base() in /usr/share/php/Crypt/Rijndael.php:269
Stack trace:
#0 /usr/share/dokuwiki/inc/auth.php(503): Crypt_Rijndael->__construct()
#1 /usr/share/dokuwiki/inc/auth.php(267): auth_decrypt(...)
#2 /usr/share/dokuwiki/inc/auth.php(184): auth_login(...)
#3 /usr/share/dokuwiki/inc/events.php(108): auth_login_wrapper(Array)
#4 /usr/share/dokuwiki/inc/events.php(231): Doku_Event->trigger('auth_login_wrap...', true)
#5 /usr/share/dokuwiki/inc/auth.php(117): trigger_event('AUTH_LOGIN_CHEC...', Array, 'auth_login_wrap...')
#6 /usr/share/dokuwiki/inc/init.php(221): auth_setup()
#7 /usr/share/dokuwiki/doku.php(29): require_once('/usr/share/doku...')
#8 {main}
thrown in /usr/share/php/Crypt/Rijndael.php on line 269
[Test Case]
1. Install the following packages:
* dokuwiki (0.0.20140929.d-1ubuntu1)
* apache2 (2.4.18-2ubuntu3)
* libapache2-mod-php7.0 (7.0.4-7ubuntu2)
2. Visit http://localhost/dokuwiki
3. Log in
[Regression Potential]
The attached minimal diff reverts the patch added in 1.0.1-3, making
it identical to 1.0.1-2. This version is known to work according to
the upstream Debian bug report.
Client code that subclasses a php-seclib class and calls
parent::__construct() should still work with the patch reverted
because PHP will fall back to the old-style constructor name if
__construct() is not found.
The reverted patch was originally added to silence some deprecation
warnings:
PHP Deprecated: Methods with the same name as their class will
not be constructors in a future version of PHP
These warnings will return with the patch reverted.
Other than warnings, regressions are likely to appear as problems in
the packages that depend on php-seclib:
* Packages that directly depend on php-seclib:
- civicrm-common
- collabtive
- dokuwiki
- php-horde-mapi
- php-numbers-words
* Packages that directly recommend php-seclib:
- php-horde-imp
* Packages that indirectly depend on php-seclib:
- drupal7-mod-civicrm (depends on civicrm-common)
- wordpress-civicrm (depends on civicrm-common)
- php-horde-activesync (depends on php-horde-mapi)
* Packages that indirectly recommend php-seclib:
- numerous Horde packages
- php-text-captcha (via php-numbers-words)
[Other Info]
== Regression details ==
Discovered in version: 1.0.1-3
Last known good version: 1.0.1-2
Original description:
Facing the same issue as bug #819420 in Debian.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819420
Appears fixed in Debian's version 1.0.1-4, can we get the fix in
Ubuntu Xenial as well?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/phpseclib/+bug/1574058/+subscriptions
More information about the Ubuntu-sponsors
mailing list