Bug 1253897

Summary: bzr-2.1.1-2.el6 cannot access with http with python-lib 2.6.6-64
Product: Red Hat Enterprise Linux 6 Reporter: Yasuhito FUTATSUKI <rh-bug-report-yf>
Component: bzrAssignee: Petr Stodulka <pstodulk>
Status: CLOSED WONTFIX QA Contact: qe-baseos-daemons
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.7CC: adam, goeran, ovasik, psklenar, rh-bug-report-yf
Target Milestone: rcKeywords: EasyFix, FastFix, Patch
Target Release: ---   
Hardware: All   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-12-06 12:19:02 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1356044    

Description Yasuhito FUTATSUKI 2015-08-15 07:11:48 UTC 
Description of problem:


Version-Release number of selected component (if applicable):
bzr-2.1.1-2.el6 (with python-libs-2.6.6-64.el6)

How reproducible:
bzr info lp:mailman/2.1
, etc.

Steps to Reproduce:
1. run bzr to access remote repos with http or https, for example,
    bzr info lp:mailman/2.1

Actual results:
Crash with exception. Last few lines of trace:
  File "/usr/lib64/python2.6/site-packages/bzrlib/transport/http/_urllib2_wrappe
rs.py", line 164, in begin
    httplib.HTTPResponse.begin(self)
  File "/usr/lib64/python2.6/httplib.py", line 404, in begin
    version, status, reason = self._read_status()
  File "/usr/lib64/python2.6/httplib.py", line 360, in _read_status
    line = self.fp.readline(_MAXLINE + 1)
TypeError: readline() takes exactly 1 argument (2 given)

Expected results:
Information about repository is reported.

Repository branch (format: unnamed)
Location:
  shared repository: bzr+ssh://bazaar.launchpad.net/%2Bbranch/mailman/2.1/
  repository branch: bzr+ssh://bazaar.launchpad.net/%2Bbranch/mailman/2.1/
                                                                               
Related branches:
  parent branch: http://bazaar.launchpad.net/~vcs-imports/mailman/2.1/

Additional info:
This is caused by CVE-2013-1752 fix on 2.6.6-62, CVE-2013-1752.patch.
It changes interface for HTTPResponse.fp.readline(). This is just same
as bug reported for bzr 2.2 with Python 2.7, 
   https://bugs.launchpad.net/bzr/+bug/693880

A fix patch will be found on https://code.launchpad.net/~jelmer/bzr/readline-size/+merge/44612/+preview-diff/78466/+files/preview.diff
Comment 2 Petr Stodulka 2015-08-17 06:37:41 UTC 
Hi Yasuhito,
thanks for report and investigation. Good job. Supposed patch works as well. It could be fasttrack probably.
Comment 3 Adam Goode 2015-12-09 02:19:59 UTC 
Is there an update to this? It breaks building https://github.com/google/cups-connector from source with "go get".
Comment 4 Petr Stodulka 2015-12-09 09:37:57 UTC 
Hi Adam. Unfortunately not. It seems that bzr will not be updated in rhel-6.8.
Comment 6 Jan Kurik 2017-12-06 12:19:02 UTC 
Red Hat Enterprise Linux 6 is in the Production 3 Phase. During the Production 3 Phase, Critical impact Security Advisories (RHSAs) and selected Urgent Priority Bug Fix Advisories (RHBAs) may be released as they become available.

The official life cycle policy can be reviewed here:

http://redhat.com/rhel/lifecycle

This issue does not meet the inclusion criteria for the Production 3 Phase and will be marked as CLOSED/WONTFIX. If this remains a critical requirement, please contact Red Hat Customer Support to request a re-evaluation of the issue, citing a clear business justification. Note that a strong business justification will be required for re-evaluation. Red Hat Customer Support can be contacted via the Red Hat Customer Portal at the following URL:

https://access.redhat.com/