[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#970569: buster-pu: package pyzmq/17.1.2-2+deb10u1

Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian.org@packages.debian.org
Usertags: pu
X-Debbugs-Cc: carnil@debian.org,bluca@debian.org,gcs@debian.org

Hi SRM,

[ Reason ]
After the zeromq3 update to address CVE-2020-15166 Laszlo noticed that
the TestAsyncioAuthentication::test_blacklist was hanging. Luca
investigated the issue further an noticed that pyzmq was actually
relying in the test on the broken behaviour of zeromq3 which got
fixed.

[ Impact ]
When there would be need of an update of pyzmq in buster the test
suite would fail with the updated zeromq3 package.

[ Tests ]
Did run the full package build and so in particular the test suite
with the fixed zeromq3 and the patched pyzmq.

[ Risks ]
The updates involves only fixing the broken test, so I would consider
the risk minimal.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

[ Changes ]
Test is fixed and not relying anymore on the broken behaviour of
zeromq3.

Regards,
Salvatore

diff -Nru pyzmq-17.1.2/debian/changelog pyzmq-17.1.2/debian/changelog
--- pyzmq-17.1.2/debian/changelog	2019-01-19 22:26:02.000000000 +0100
+++ pyzmq-17.1.2/debian/changelog	2020-09-18 21:43:25.000000000 +0200
@@ -1,3 +1,10 @@
+pyzmq (17.1.2-2+deb10u1) buster; urgency=medium
+
+  * Non-maintainer upload.
+  * asyncio: wait for POLLOUT on sender in can_connect (Closes: #970567)
+
+ -- Salvatore Bonaccorso <carnil@debian.org>  Fri, 18 Sep 2020 21:43:25 +0200
+
 pyzmq (17.1.2-2) unstable; urgency=medium
 
   [ Luca Boccassi ]
diff -Nru pyzmq-17.1.2/debian/patches/asyncio-wait-for-POLLOUT-on-sender-in-can_connect.patch pyzmq-17.1.2/debian/patches/asyncio-wait-for-POLLOUT-on-sender-in-can_connect.patch
--- pyzmq-17.1.2/debian/patches/asyncio-wait-for-POLLOUT-on-sender-in-can_connect.patch	1970-01-01 01:00:00.000000000 +0100
+++ pyzmq-17.1.2/debian/patches/asyncio-wait-for-POLLOUT-on-sender-in-can_connect.patch	2020-09-18 21:43:25.000000000 +0200
@@ -0,0 +1,24 @@
+From: Min RK <benjaminrk@gmail.com>
+Date: Wed, 9 Sep 2020 10:16:36 +0200
+Subject: asyncio: wait for POLLOUT on sender in can_connect
+Origin: https://github.com/zeromq/pyzmq/commit/afd72820946f544790c6f70d90ba50eb29f1c6e1
+Bug: https://github.com/zeromq/pyzmq/issues/1418
+Bug-Debian: https://bugs.debian.org/970567
+
+matches login in thread, because POLLOUT will only be set if connection is allowed
+---
+ zmq/tests/asyncio/_test_asyncio.py | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- a/zmq/tests/asyncio/_test_asyncio.py
++++ b/zmq/tests/asyncio/_test_asyncio.py
+@@ -384,7 +384,8 @@ class TestAsyncioAuthentication(TestThre
+             port = server.bind_to_random_port(iface)
+             client.connect("%s:%i" % (iface, port))
+             msg = [b"Hello World"]
+-            yield from server.send_multipart(msg)
++            if (yield from server.poll(1000, zmq.POLLOUT)):
++                yield from server.send_multipart(msg)
+             if (yield from client.poll(1000)):
+                 rcvd_msg = yield from client.recv_multipart()
+                 self.assertEqual(rcvd_msg, msg)
diff -Nru pyzmq-17.1.2/debian/patches/series pyzmq-17.1.2/debian/patches/series
--- pyzmq-17.1.2/debian/patches/series	2019-01-19 21:47:22.000000000 +0100
+++ pyzmq-17.1.2/debian/patches/series	2020-09-18 21:43:25.000000000 +0200
@@ -2,3 +2,4 @@
 cffi-fix.patch
 skip_large_send
 fix_monitor_test.patch
+asyncio-wait-for-POLLOUT-on-sender-in-can_connect.patch
Reply to: