https://bugzilla.novell.com/show_bug.cgi?id=656779 https://bugzilla.novell.com/show_bug.cgi?id=656779#c0 Summary: Python: a crasher bug in pyexpat - upstream patch needs backporting Classification: openSUSE Product: openSUSE 11.4 Version: Factory Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: ke@novell.com ReportedBy: ke@novell.com QAContact: qa@suse.de CC: carnold@novell.com, jsmeix@novell.com, coolo@novell.com, mge@novell.com, thomas.schraitle@novell.com, jdluhos@novell.com, jmatejek@novell.com Depends on: 654050 Found By: Documentation Blocker: --- +++ This bug was initially created as a clone of Bug #654050 +++ The pyexpat module installed with SLES11 is vulnerable to a crash described at http://bugs.python.org/issue9054 A patch is attached to the issue report, we just need to attach it. The crash is reproducible by running test_pyexpat.py, which produces: $ python test_pyexpat.py test_ordered_attributes (__main__.SetAttributeTest) ... ok test_returns_unicode (__main__.SetAttributeTest) ... ok test_specified_attributes (__main__.SetAttributeTest) ... ok test_parse_file (__main__.ParseTest) ... ok test_unicode (__main__.ParseTest) ... ok test_utf8 (__main__.ParseTest) ... ok test_illegal (__main__.NamespaceSeparatorTest) ... ok test_legal (__main__.NamespaceSeparatorTest) ... ok test_zero_length (__main__.NamespaceSeparatorTest) ... ok test (__main__.InterningTest) ... ok test1 (__main__.BufferTextTest) ... ok test2 (__main__.BufferTextTest) ... ok test3 (__main__.BufferTextTest) ... ok test4 (__main__.BufferTextTest) ... ok test5 (__main__.BufferTextTest) ... ok test6 (__main__.BufferTextTest) ... ok test7 (__main__.BufferTextTest) ... ok test_buffering_enabled (__main__.BufferTextTest) ... ok test_default_to_disabled (__main__.BufferTextTest) ... ok test (__main__.HandlerExceptionTest) ... ok test (__main__.PositionTest) ... ok test_parse_only_xml_data (__main__.sf1296433Test) ... Segmentation fault =========================================================================== Jan Matejek: ------------ interestingly, the crash doesn't come from python itself, but from package pyxml That package happens to be seriously outdated (last upstream release in 2004, unmaintained since 2009). This can probably be fixed by removing the package, all the functionality from pyxml should now be in the python-xml package. (btw, python runs its regression tests during build and those apparently passed) Reassigning to pyxml maintainer, or feel free to close the bug if removing pyxml is good enough solution. Karl Eichwalder 2010-11-26 08:18:18 UTC On my system (11.3), these packages depend on pyxml: pyxml is needed by (installed) python-lxml-2.2.6-3.1.x86_64 pyxml is needed by (installed) inkscape-extensions-extra-0.47-6.1.x86_64 pyxml is needed by (installed) hplip-3.10.2-1.13.x86_64 pyxml is needed by (installed) gtk2-devel-2.20.1-2.13.x86_64 pyxml is needed by (installed) xen-tools-4.0.0_21091_06-0.1.1.x86_64 Would it work, if these package would require python-xml? ======================================================================== Jan Matejek 2010-11-29 14:42:31 UTC python-lxml should not require pyxml at all - i am testing this assumption now xen-tools seem to be able to use python-lxml instead of pyxml via this patch: http://xen.1045712.n5.nabble.com/xen-unstable-Replace-pyxml-xmlproc-based-XM... ========================================================================== Johannes Meixner 2010-11-30 09:40:36 UTC I have no knowledge about Python stuff. What HPLIP does to check for Python XML libraries is: ----------------------------------------------------------------- def check_python_xml(self): try: import xml.parsers.expat except ImportError: return False else: return True ----------------------------------------------------------------- It seems anything which provides "xml.parsers.expat" is sufficient for HPLIP. I had added an explicite RPM requirement for pyxml according to this hplip.changes entry: ------------------------------------------------------------------ Wed Apr 2 14:40:57 CEST 2008 - jsmeix@suse.de .. - Require pyxml to have the xml.parsers.expat Python module, see https://answers.launchpad.net/hplip/+question/25696 ------------------------------------------------------------------ Is meanwhile python-xml alone sufficient for "import xml.parsers.expat"? If yes, since which openSUSE version is python-xml alone sufficient for "import xml.parsers.expat"? (I provide HPLIP for openSUSE 11.1 and SLE11/SLE11-SP1 in the openSUSE build service.) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.