group.of.nepali.translators team mailing list archive

Thread
Date
[Bug 1574058] Re: php-seclib: Call to undefined method Crypt_Base::Crypt_Base()

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1574058@xxxxxxxxxxxxxxxxxx>
Date: Mon, 11 Jul 2016 09:25:10 -0000
Reply-to: Bug 1574058 <1574058@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
This bug was fixed in the package phpseclib - 1.0.1-3ubuntu0.1

---------------
phpseclib (1.0.1-3ubuntu0.1) xenial; urgency=medium

  * Delete the patch "Fix "Methods with the same name as their class
    will not be constructors in a future version of PHP" that was
    added in 1.0.1-3.  All of the changes in that patch are
    backwards-incompatible and break some applications that depend on
    this package (such as dokuwiki).  (LP: #1574058)

 -- Richard Hansen <rhansen@xxxxxxxxxxx>  Thu, 23 Jun 2016 16:46:59
-0400

** Changed in: phpseclib (Ubuntu Xenial)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1574058

Title:
  php-seclib: Call to undefined method Crypt_Base::Crypt_Base()

Status in phpseclib package in Ubuntu:
  Fix Released
Status in phpseclib source package in Xenial:
  Fix Released
Status in phpseclib package in Debian:
  Fix Released

Bug description:
  [Impact]

  DokuWiki fails with a 500 internal server error when logging in.  This
  is caused by a regression in phpseclib introduced in 1.0.1-3 and
  subsequently fixed in 1.0.1-4.

  /var/log/apache2/error.log contains entries like the following:

  [Mon Apr 25 16:09:08.998092 2016] [:error] [pid 10897] [client 127.0.0.1:40832] PHP Fatal error:  Uncaught Error: Call to undefined method Crypt_Base::Crypt_Base() in /usr/share/php/Crypt/Rijndael.php:269
  Stack trace:
  #0 /usr/share/dokuwiki/inc/auth.php(503): Crypt_Rijndael->__construct()
  #1 /usr/share/dokuwiki/inc/auth.php(267): auth_decrypt(...)
  #2 /usr/share/dokuwiki/inc/auth.php(184): auth_login(...)
  #3 /usr/share/dokuwiki/inc/events.php(108): auth_login_wrapper(Array)
  #4 /usr/share/dokuwiki/inc/events.php(231): Doku_Event->trigger('auth_login_wrap...', true)
  #5 /usr/share/dokuwiki/inc/auth.php(117): trigger_event('AUTH_LOGIN_CHEC...', Array, 'auth_login_wrap...')
  #6 /usr/share/dokuwiki/inc/init.php(221): auth_setup()
  #7 /usr/share/dokuwiki/doku.php(29): require_once('/usr/share/doku...')
  #8 {main}
    thrown in /usr/share/php/Crypt/Rijndael.php on line 269

  [Test Case]

    1. Install the following packages:
       * dokuwiki (0.0.20140929.d-1ubuntu1)
       * apache2 (2.4.18-2ubuntu3)
       * libapache2-mod-php7.0 (7.0.4-7ubuntu2)
    2. Visit http://localhost/dokuwiki
    3. Log in

  [Regression Potential]

  The attached minimal diff reverts the patch added in 1.0.1-3, making
  it identical to 1.0.1-2.  This version is known to work according to
  the upstream Debian bug report.

  Client code that subclasses a php-seclib class and calls
  parent::__construct() should still work with the patch reverted
  because PHP will fall back to the old-style constructor name if
  __construct() is not found.

  The reverted patch was originally added to silence some deprecation
  warnings:

      PHP Deprecated:  Methods with the same name as their class will
  not be constructors in a future version of PHP

  These warnings will return with the patch reverted.

  Other than warnings, regressions are likely to appear as problems in
  the packages that depend on php-seclib:

    * Packages that directly depend on php-seclib:
      - civicrm-common
      - collabtive
      - dokuwiki
      - php-horde-mapi
      - php-numbers-words

    * Packages that directly recommend php-seclib:
      - php-horde-imp

    * Packages that indirectly depend on php-seclib:
      - drupal7-mod-civicrm (depends on civicrm-common)
      - wordpress-civicrm (depends on civicrm-common)
      - php-horde-activesync (depends on php-horde-mapi)

    * Packages that indirectly recommend php-seclib:
      - numerous Horde packages
      - php-text-captcha (via php-numbers-words)

  [Other Info]

  == Regression details ==
  Discovered in version: 1.0.1-3
  Last known good version: 1.0.1-2

  Original description:

  Facing the same issue as bug #819420 in Debian.

  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819420

  Appears fixed in Debian's version 1.0.1-4, can we get the fix in
  Ubuntu Xenial as well?

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/phpseclib/+bug/1574058/+subscriptions