DistUpgradeViewKDE broken since last security update

Bug #933225 reported by Harald Sitter
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
update-manager (Ubuntu)
Fix Released
Critical
Marc Deslauriers
Hardy
Fix Released
Undecided
Marc Deslauriers
Lucid
Fix Released
Undecided
Marc Deslauriers
Maverick
Fix Released
Undecided
Marc Deslauriers
Natty
Fix Released
Undecided
Marc Deslauriers
Oneiric
Fix Released
Critical
Marc Deslauriers
Precise
Fix Released
Critical
Marc Deslauriers

Bug Description

copyXauth = tempfile.mkstemp("", "adept")
        if 'XAUTHORITY' in os.environ and os.environ['XAUTHORITY'] != copyXauth:
            shutil.copy(os.environ['XAUTHORITY'], copyXauth)
            os.environ["XAUTHORITY"] = copyXauth

<apachelogger> can't load DistUpgradeViewKDE (coercing to Unicode: need string or buffer, tuple found)
<apachelogger> bug 881541
<ubottu> Launchpad bug 881541 in update-manager (Ubuntu) "DistUpgrade/DistUpgradeViewKDE.py uses mktemp -- which is insecure" [Medium,Fix released] https://launchpad.net/bugs/881541
<apachelogger> http://docs.python.org/library/tempfile.html
<apachelogger> mkstemp() returns a tuple containing an OS-level handle to an open file (as would be returned by os.open()) and the absolute pathname of that file, in that order.
<apachelogger> shutil.copy(os.environ['XAUTHORITY'], copyXauth)
<apachelogger> I am the touple in your string <3

     print os.environ['XAUTHORITY'] => /tmp/kde-me/xauth-1000-_0
     print copyXauth => (13, '/tmp/adeptTXo9jf')

Also: http://docs.python.org/library/shutil.html
shutil.copy(src, dst)
Copy the file src to the file or directory dst. If dst is a directory, a file with the same basename as src is created (or overwritten) in the directory specified. Permission bits are copied. src and dst are path names given as strings.

Changed in update-manager (Ubuntu):
status: New → Triaged
importance: Undecided → Critical
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in update-manager (Ubuntu Oneiric):
status: New → Triaged
importance: Undecided → Critical
assignee: nobody → Marc Deslauriers (mdeslaur)
milestone: none → oneiric-updates
Changed in update-manager (Ubuntu):
milestone: none → ubuntu-12.04-beta-1
Changed in update-manager (Ubuntu Hardy):
status: New → Confirmed
Changed in update-manager (Ubuntu Lucid):
status: New → Confirmed
Changed in update-manager (Ubuntu Maverick):
status: New → Confirmed
Changed in update-manager (Ubuntu Natty):
status: New → Confirmed
Changed in update-manager (Ubuntu Hardy):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in update-manager (Ubuntu Lucid):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in update-manager (Ubuntu Maverick):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in update-manager (Ubuntu Natty):
assignee: nobody → Marc Deslauriers (mdeslaur)
summary: - inability to QA utterly broke DistUpgradeViewKDE
+ DistUpgradeViewKDE broken since lastupdate
summary: - DistUpgradeViewKDE broken since lastupdate
+ DistUpgradeViewKDE broken since last security update
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package update-manager - 1:0.152.25.8

---------------
update-manager (1:0.152.25.8) oneiric-security; urgency=low

  * REGRESSION FIX:
    - DistUpgrade/DistUpgradeViewKDE.py: fix regression caused by improper
      return value handling. (LP: #933225)
  * This package does _not_ contain the changes from (1:0.152.25.6) and
    (1:0.152.25.7) in oneiric-proposed.
 -- Marc Deslauriers <email address hidden> Wed, 15 Feb 2012 22:33:18 -0500

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package update-manager - 1:0.150.5.2

---------------
update-manager (1:0.150.5.2) natty-security; urgency=low

  * REGRESSION FIX:
    - DistUpgrade/DistUpgradeViewKDE.py: fix regression caused by improper
      return value handling. (LP: #933225)
 -- Marc Deslauriers <email address hidden> Wed, 15 Feb 2012 22:43:43 -0500

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package update-manager - 1:0.142.23.2

---------------
update-manager (1:0.142.23.2) maverick-security; urgency=low

  * REGRESSION FIX:
    - DistUpgrade/DistUpgradeViewKDE.py: fix regression caused by improper
      return value handling. (LP: #933225)
 -- Marc Deslauriers <email address hidden> Wed, 15 Feb 2012 22:45:27 -0500

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package update-manager - 1:0.134.11.2

---------------
update-manager (1:0.134.11.2) lucid-security; urgency=low

  * REGRESSION FIX:
    - DistUpgrade/DistUpgradeViewKDE.py: fix regression caused by improper
      return value handling. (LP: #933225)
 -- Marc Deslauriers <email address hidden> Wed, 15 Feb 2012 22:47:06 -0500

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package update-manager - 1:0.87.33

---------------
update-manager (1:0.87.33) hardy-security; urgency=low

  * REGRESSION FIX:
    - DistUpgrade/DistUpgradeViewKDE.py: fix regression caused by improper
      return value handling. (LP: #933225)
 -- Marc Deslauriers <email address hidden> Thu, 16 Feb 2012 08:30:21 -0500

Changed in update-manager (Ubuntu Hardy):
status: Confirmed → Fix Released
Changed in update-manager (Ubuntu Lucid):
status: Confirmed → Fix Released
Changed in update-manager (Ubuntu Maverick):
status: Confirmed → Fix Released
Changed in update-manager (Ubuntu Natty):
status: Confirmed → Fix Released
Changed in update-manager (Ubuntu Oneiric):
status: Triaged → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package update-manager - 1:0.156.5

---------------
update-manager (1:0.156.5) precise; urgency=low

  [ Brian Murray ]
  * do-release-upgrade: capitalize U in ubuntu
  * debian/source_update-manager.py: add screenlog.0 from
    /var/log/dist-upgrade to apport bug reports

  [ Marc Deslauriers ]
  * DistUpgrade/DistUpgradeViewKDE.py: fix regression caused by improper
    return value handling. (LP: #933225)
 -- Michael Vogt <email address hidden> Thu, 16 Feb 2012 17:30:58 +0100

Changed in update-manager (Ubuntu Precise):
status: Triaged → Fix Released
Revision history for this message
Harald Sitter (apachelogger) wrote :

Thank you for getting this resolved so quick.

description: updated
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Related blueprints

Remote bug watches

Bug watches keep track of this bug in other bug trackers.