As one of the maintainers of pyca/cryptography, I'm strongly in favor
of upgrading. Older releases do not receive support (including
security fixes) from the maintainers. And in the past few releases
we've added many new features, support for more strong cryptographic
algorithms, and significantly
Package: python3
Starting with the recent upgrade to Python3.10 on sid it appears that
virtualenvs created with virtualenv from PyPI (pip install virtualenv)
do not have bin/ directories inside the virtualenv, instead they have
local/ directories which contain bin/.
This causes tools such as tox
Package: imagemagick
Severity: security
This release fixes many many security issues. They have not been issued
CVEs as far as I know. You can get a sense of them by reviewing the commit
history: https://github.com/ImageMagick/ImageMagick/commits/ImageMagick-6
Commits which are links to the OSS-Fu
Package: libde265-0
Severity: normal
Currently libde265-0 provides dynamic libraries, however I have a use case
where it'd be great if static libraries were also provided.
Thanks!
This is also enabled in Ubuntu 16.04, being disabled in Debian can result
in some confusing debugging sessions
--
"I disapprove of what you say, but I will defend to the death your right to
say it." -- Evelyn Beatrice Hall (summarizing Voltaire)
"The people's good is the highest law." -- Cicero
G
Confirmed that with the package from `git`, this is resolved! Awesome.
On Mon, Mar 20, 2017 at 1:47 PM, Michael Shuler
wrote:
> Clone the repo and `dpkg-buildpackage`.
>
> --
> Kind regards,
> Michael
>
--
"I disapprove of what you say, but I will defend to the death your right to
say it." -
Is there a good way for me to get the unrelated-package installed, so i can
verify with my script? Thanks!
On Mon, Mar 20, 2017 at 1:41 PM, Michael Shuler
wrote:
> Control: tags -1 - moreinfo + pending
>
> Thanks for the details. Those appear to be a few of the removals in the
> 2.11 bundle, whi
On Mon, Mar 20, 2017 at 1:13 PM, Michael Shuler
wrote:
> Control: tags -1 + moreinfo
>
> On 03/17/2017 04:38 PM, Alex Gaynor wrote:
> > Package: ca-certificates
> > Severity: normal
>
> What version of ca-certificates?
>
20161130 (latest from Debian Testing)
&
Package: ca-certificates
Severity: normal
Dear Maintainer,
The ca-certificates package includes legacy root certificates which have
1024-bit RSA keys. These are considered weak by modern standards, and have
been removed from the upstream Mozilla trust store.
For a while these were needed to work
Package: debootstrap
Severity: normal
thanks
If debootstrap is invoked like so: `sudo debootstrap jessie jessie
--include=openssh-server` it errors out with `/usr/sbin/debootstrap: 314:
set: Illegal option --`. The correct invocation is to move teh `--include`
before `jessi`, but it'd be nice if a
Package: python-pip
Severity: normal
Thanks
Right now python-pip is packaged at 1.5.6, it'd be great if this was
upgraded to the latest release, 8.0.0. Thanks!
--
"I disapprove of what you say, but I will defend to the death your right to
say it." -- Evelyn Beatrice Hall (summarizing Voltaire)
Source: python-openssl
Severity: normal
Dear Maintainer,
The latest release of pyOpenSSL, 0.14, fixes several bugs, adds support for
PyPy, and enables use of stronger TLS in Twisted, it'd be great to get this
available in Debian!
-- System Information:
Debian Release: jessie/sid
APT prefers
At this point a release has been issued and is available from PyPI as 0.7.1
Alex
--
"I disapprove of what you say, but I will defend to the death your right to
say it." -- Evelyn Beatrice Hall (summarizing Voltaire)
"The people's good is the highest law." -- Cicero
GPG Key fingerprint: 125F 5C67
A patch for this issue has been landed:
https://github.com/alex/rply/commit/fc9bbcd25b0b4f09bbd6339f710ad24c129d5d7cand
I am issuing an 0.7.1 release with this patch as we speak.
Alex
--
"I disapprove of what you say, but I will defend to the death your right to
say it." -- Evelyn Beatrice Hall
14 matches
Mail list logo
