[SRU] evtx_filter_records.py crashed with ModuleNotFoundError in Noble
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
python-evtx (Debian) |
New
|
Unknown
|
|||
python-evtx (Ubuntu) |
Confirmed
|
Medium
|
Unassigned |
Bug Description
[ Impact ]
evtx_filter_
$ evtx_filter_
Traceback (most recent call last):
File "/usr/bin/
from lxml import etree
ModuleNotFoundE
The error is because its missing one of the runtime dependencies.
[ Test Plan ]
1. install python3-evtx
2. execute evtx_filter_
If the package is not fixed it will result in the above error.
With the fixed package it will print the help message:
$ evtx_filter_
usage: evtx_filter_
Print only entries from an EVTX file with a given EID.
positional arguments:
evtx Path to the Windows EVTX file
eid The EID of records to print
options:
-h, --help show this help message and exit
[ Where problems could occur ]
There is no change in code and it only fixes a runtime dependency and so imho, there is very little chance of any regression.
[ Other Info ]
The test folder of the source package contains some .evtx file which we should be able to test but I am trying to figure out "EID" that needs to be mentioned as an argument
[ Original Bug Description ]
evtx_filter_
$ evtx_filter_
Traceback (most recent call last):
File "/usr/bin/
from lxml import etree
ModuleNotFoundE
ProblemType: Crash
DistroRelease: Ubuntu 24.04
Package: python3-evtx 0.7.4-1
ProcVersionSign
Uname: Linux 6.8.0-22-generic x86_64
ApportVersion: 2.28.0-0ubuntu1
Architecture: amd64
CasperMD5CheckR
CurrentDesktop: ubuntu:GNOME
Date: Mon Apr 15 20:30:18 2024
Dependencies:
python3-
python3-pyparsing 3.1.1-1
python3-six 1.16.0-4
python3-zipp 1.0.0-6
ExecutablePath: /usr/bin/
InstallationDate: Installed on 2024-04-10 (5 days ago)
InstallationMedia: Ubuntu 24.04 LTS "Noble Numbat" - Beta amd64 (20240410)
InterpreterPath: /usr/bin/python3.12
JournalErrors: Apr 15 20:30:27 hostname gnome-shell[1186]: meta_window_
PackageArchitec
ProcCmdline: /usr/bin/python3 /usr/bin/
Python3Details: /usr/bin/
PythonArgs: ['/usr/
PythonDetails: N/A
SourcePackage: python-evtx
Title: evtx_filter_
Traceback:
Traceback (most recent call last):
File "/usr/bin/
from lxml import etree
ModuleNotFound
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: adm cdrom dip lpadmin plugdev sudo users
information type: | Private → Public |
Changed in python-evtx (Debian): | |
status: | Unknown → New |
tags: | removed: need-duplicate-check |
Changed in python-evtx (Ubuntu): | |
importance: | Undecided → Medium |
issue also seen on Mantic, Jammy and Focal apart from Noble.