Red Hat Bugzilla – Bug 1253897
bzr-2.1.1-2.el6 cannot access with http with python-lib 2.6.6-64
Last modified: 2017-12-06 07:19:02 EST
Description of problem:
Version-Release number of selected component (if applicable):
bzr-2.1.1-2.el6 (with python-libs-2.6.6-64.el6)
bzr info lp:mailman/2.1
Steps to Reproduce:
1. run bzr to access remote repos with http or https, for example,
bzr info lp:mailman/2.1
Crash with exception. Last few lines of trace:
rs.py", line 164, in begin
File "/usr/lib64/python2.6/httplib.py", line 404, in begin
version, status, reason = self._read_status()
File "/usr/lib64/python2.6/httplib.py", line 360, in _read_status
line = self.fp.readline(_MAXLINE + 1)
TypeError: readline() takes exactly 1 argument (2 given)
Information about repository is reported.
Repository branch (format: unnamed)
shared repository: bzr+ssh://bazaar.launchpad.net/%2Bbranch/mailman/2.1/
repository branch: bzr+ssh://bazaar.launchpad.net/%2Bbranch/mailman/2.1/
parent branch: http://bazaar.launchpad.net/~vcs-imports/mailman/2.1/
This is caused by CVE-2013-1752 fix on 2.6.6-62, CVE-2013-1752.patch.
It changes interface for HTTPResponse.fp.readline(). This is just same
as bug reported for bzr 2.2 with Python 2.7,
A fix patch will be found on https://code.launchpad.net/~jelmer/bzr/readline-size/+merge/44612/+preview-diff/78466/+files/preview.diff
thanks for report and investigation. Good job. Supposed patch works as well. It could be fasttrack probably.
Is there an update to this? It breaks building https://github.com/google/cups-connector from source with "go get".
Hi Adam. Unfortunately not. It seems that bzr will not be updated in rhel-6.8.
Red Hat Enterprise Linux 6 is in the Production 3 Phase. During the Production 3 Phase, Critical impact Security Advisories (RHSAs) and selected Urgent Priority Bug Fix Advisories (RHBAs) may be released as they become available.
The official life cycle policy can be reviewed here:
This issue does not meet the inclusion criteria for the Production 3 Phase and will be marked as CLOSED/WONTFIX. If this remains a critical requirement, please contact Red Hat Customer Support to request a re-evaluation of the issue, citing a clear business justification. Note that a strong business justification will be required for re-evaluation. Red Hat Customer Support can be contacted via the Red Hat Customer Portal at the following URL: