Sorry about the bad tarball, I forgot to clean my git directory before generating it. Another point in favor of using the gh tarball, I can’t screw it up.
This is the first I have seen that CVE.
That PR is not included in 1.4.3 because it completely over-hauls how the Agg rendering works (and generated a whole bunch of other bugs along the way).
Mike: Is there a way to fix up the security issues reported on just the 1.4.x branch with out pulling that whole patch back?
Tom
···
On Sat, Feb 7, 2015 at 9:08 PM, Benjamin Root <ben.root@…553…> wrote:
I am getting some test failures here and on master in the collections module.
======================================================================
FAIL: main.test_regularpolycollection_rotate.testTraceback (most recent call last):
File “/home/ben/miniconda/lib/python2.7/site-packages/nose/case.py”, line 197, in runTest
self.test(*self.arg)
File “/home/ben/.local/lib/python2.7/site-packages/matplotlib-1.4.x-py2.7-linux-x86_64.egg/matplotlib/testing/decorators.py”, line 51, in failer
result = f(*args, **kwargs)
File “/home/ben/.local/lib/python2.7/site-packages/matplotlib-1.4.x-py2.7-linux-x86_64.egg/matplotlib/testing/decorators.py”, line 196, in do_test
‘(RMS %(rms).3f)’%err)
ImageComparisonFailure: images not close: /home/ben/Programs/matplotlib/result_images/test_collections/regularpolycollection_rotate.png vs. /home/ben/Programs/matplotlib/result_images/test_collections/regularpolycollection_rotate-expected.png (RMS 54.618)======================================================================
FAIL: main.test_regularpolycollection_scale.testTraceback (most recent call last):
File “/home/ben/miniconda/lib/python2.7/site-packages/nose/case.py”, line 197, in runTest
self.test(*self.arg)
File “/home/ben/.local/lib/python2.7/site-packages/matplotlib-1.4.x-py2.7-linux-x86_64.egg/matplotlib/testing/decorators.py”, line 51, in failer
result = f(*args, **kwargs)
File “/home/ben/.local/lib/python2.7/site-packages/matplotlib-1.4.x-py2.7-linux-x86_64.egg/matplotlib/testing/decorators.py”, line 196, in do_test
‘(RMS %(rms).3f)’%err)
ImageComparisonFailure: images not close: /home/ben/Programs/matplotlib/result_images/test_collections/regularpolycollection_scale.png vs. /home/ben/Programs/matplotlib/result_images/test_collections/regularpolycollection_scale-expected.png (RMS 120.828)
Ran 54 tests in 15.149s
FAILED (failures=2)
The squares in the first test are larger than they should be. I have some other errors, but they seem to other be floating point errors, or issues with fonts.
Ben Root
On Sat, Feb 7, 2015 at 4:46 PM, Thomas Caswell <tcaswell@…149…> wrote:
Sandro,
Well, creating the tarball on GH is a lot easier for us as it happens automatically! I don’t want to unilaterally change policy so I will create the files on SF.
If you want to tracking GH for debian instead of SF I don’t think that would be a bad idea, but I don’t know how much of a hassle that would be for you.
On Sat Feb 07 2015 at 4:14:36 PM Sandro Tosi <morph@…12…> wrote:
On Sat, Feb 7, 2015 at 9:05 PM, Thomas Caswell <tcaswell@…149…> wrote:
Sandro,
Can you use the tarball from github
(https://github.com/matplotlib/matplotlib/archive/v1.4.3rc1.tar.gz ?)
Sure I can, but since all the previous release (even RC) were done one
SF, we have our tools to monitor and download new releases pointing to
SF: do you plan to switch to GH for releasing tarballs too?
Cheers,
–
Sandro Tosi (aka morph, morpheus, matrixhasu)
My website: http://matrixhasu.altervista.org/
Me at Debian: http://wiki.debian.org/SandroTosi
Tom
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
Matplotlib-devel mailing list
Matplotlib-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/matplotlib-devel
