touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #110667
[Bug 1348954] Re: update Python3 for trusty
This upload includes a change to add a new configuration file for
setting the site policy for whether to enforce signature signing.
I objected privately to the addition of this configuration file when
Matthias proposed it. This adds complexity to the system both on
upgrade and in 14.04 itself; the patch was proposed upstream and
rejected; and the configuration file will cause the behavior of programs
to be inconsistent across installations of Ubuntu. Furthermore, the
claim in the changelog that this config file will be removed on upgrade
to 15.04 is *false*; there is no code in the 15.04 version of python3.4
which implements this, and there is no python3.4 package in the SRU
queue for vivid.
Users who upgraded to 3.4.3 previously in trusty-updates are currently
stuck on an upgrade island as a result of the previous SRU having been
backed out due to regressions. We need to resolve this problem quickly.
The SRU that has been uploaded is not appropriate as a quick fix, it has
longer-term consequences that need to be thought through carefully.
I am going to upload a new SRU that reverts the addition of this config
file. The code patch can stay in place, it should implement the correct
behavior with or without the config file actually being present (and I
don't have an alternative implementation of this policy change to hand
that we could quickly release). But if we're going to release this SRU
with that code path, we should not be advising users to use a global
config file to configure the site policy until this has been discussed
more broadly.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to python3-defaults in
Ubuntu.
https://bugs.launchpad.net/bugs/1348954
Title:
update Python3 for trusty
Status in python3-defaults package in Ubuntu:
New
Status in python3-stdlib-extensions source package in Trusty:
Fix Released
Status in python3.4 source package in Trusty:
Fix Committed
Bug description:
update Python3 for trusty.
Rationale: the LTS was released with 3.4.0, the first 3.4 release
which certainly had some issues. The idea is to update the python3.4
packages to the version found in 15.04 (vivid), which currently
doesn't have any outstanding issues. A test rebuild of the trusty
main component was done without showing any regressions during the
package builds.
http://people.ubuntuwire.org/~wgrant/rebuild-ftbfs-test/test-rebuild-20150317-trusty.html
http://people.ubuntuwire.org/~wgrant/rebuild-ftbfs-test/test-rebuild-20150501-updates-trusty.html
To validate this SRU, I'm proposing to use the results from the test
rebuild, plus evaluating the testsuite results of the python3.4
package itself.
To test the python3 behaviour for certificate verification, use
urllib.request.urlopen. requests does it's own certificate
verification.
import urllib.request
sites = [
'https://expired.badssl.com/',
'https://wrong.host.badssl.com/',
'https://self-signed.badssl.com/'
]
for site in sites:
try:
urllib.request.urlopen(site)
print("OK", site)
except:
print("FAIL", site)
Edit /etc/python3.4/cert-verification.conf to test both behaviours
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python3-defaults/+bug/1348954/+subscriptions
Follow ups
References