Package: wnpp
Severity: normal
I'm orphaning all of my packages in Debian because I have decided to
retire.
The description reads:
transparent IP (Layer 3) proxy ARP bridging tool
This is useful for creation of transparent firewalls and bridging
networks with different MAC protocols. Also, unl
Package: wnpp
Severity: normal
I'm orphaning all of my packages in Debian because I have decided to
retire.
The description reads:
Dirdiff can handle up to 5 trees. It displays a main window with a
list of the files which are different between the trees, with colored
squares to indicate the
Package: wnpp
Severity: normal
I'm orphaning all of my packages in Debian because I have decided to
retire.
MRTGutils is relative low-maintenance package, probably a good choice for a
first-package.
The description reads:
MRTGutils is a collection of simple utilities to generate output useful
Package: wnpp
Severity: normal
I'm orphaning all of my packages in Debian because I have decided to
retire.
ieee-data is relative low-maintaince and has a high popcon count.
The description reads:
Provide the Organizationally Unique Identifier (OUI) and Individual Address
Block (IAB) listings
Package: wnpp
Severity: normal
I'm orphaning all of my packages in Debian because I have decided to
retire.
Davfs2 is a relative popular package that has a very responsive upstream team.
The description reads:
Web Distributed Authoring and Versioning (WebDAV), an extension to the
HTTP-protoco
On 5/24/20 5:56 AM, Stefan Pietsch wrote:
> I suppose the bug won't be fixed in Debian 8.
NMU are welcomed. RL is keeping me extremely busy right now...
/l
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: rm
The code in this package now is part of qiskit-terra[1]. Upstream
decided to merge it[2]. Therefore, it can be removed from all Debian dists.
Thanks, luciano
[1] https://tracker.debian.org/pkg/
Package: ppp
Version: 2.4.5-5.1+deb7u2
Severity: important
Tags: upstream patch
JJK just released a new version of the ppp-EAP-TLS patch, v1.102, that
this package is using.
See https://www.nikhef.nl/~janjust/ppp/download.html for details.
Patches for 2.4.5, 2.4.6 and 2.4.7 are available.
Thank
On 09/09/18 07:31, Tomasz Buchert wrote:
> would it be possible to create an official release/download on
> bitbucket so that I can pull it? Otherwise I will have to import a
> semi-random git hash.
That is upstream's call. What do you think spirit? :)
Otherwise, the PR was merged in the default
Source: python-guess-language
Version: 0.5.2-4
Severity: normal
Tags: patch upstream
In an attempt to put w3af back into sid, we need support for Python 2 in
guess-language. I opened a PR into upstream with it. Please, take a look
https://bitbucket.org/spirit/guess_language/pull-requests/3/python-
I just uploaded the fix to unstable.
In the past, TLS AIA were a problem for some downloaders (IIUC, they
should be solved at this point tho): https://bugs.debian.org/783096
I will wait a bit before updating old/stable to catch similar issues.
Thanks for your report
/luciano
On 06/12/18 16:55, Guus Sliepen wrote:
> If it's a Python 3 library, the package name should have the python3- prefix,
> and you
> might want to consider naming it (python3-)qiskit instead of
> (python3-)ibmquantumexperience.
I just realize that python2 is supported too. This is not qiskit, but
Package: wnpp
Severity: wishlist
Owner: Luciano Bello
* Package name: ibmquantumexperience
Version : 1.9.2
Upstream Author : QISKit
* URL : https://github.com/QISKit/qiskit-api-py
* License : Apache 2.0
Programming Lang: Python
Description : A Python
Hi Spányik,
This bug had been tagged with "moreinfo" for a year already. Do you
still have the issue? Otherwise, I will close it in some weeks.
Thanks! /luciano
Package: libpodofo
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
the following vulnerabilities were published for libpodofo.
CVE-2018-8000[0]:
| In PoDoFo 0.9.5, there exists a heap-based buffer overflow
| vulnerability in PoDoFo::PdfTokenizer::GetNextToken() in
| Pdf
On 2018-02-08 09:01, James Cowgill wrote:
> I think the attached patch will fix this (which I have also just
> uploaded to unstable).
Uploaded. Thanks!
/luciano
signature.asc
Description: OpenPGP digital signature
On 2018-02-03 09:13, James Cowgill wrote:
> Unlike the backport for 0.27 which was fairly straightforward, the
> backport for 0.23 required significant changes and I ended up rewriting
> half of it. This means I am less confident about catching all the cases
> to fix this bug. It would be good if a
Package: ncurses
X-Debbugs-CC: t...@security.debian.org
secure-testing-t...@lists.alioth.debian.org
Severity: grave
Tags: security
Hi,
the following vulnerability was published for ncurses.
CVE-2017-16879[0]:
| Stack-based buffer overflow in the _nc_write_entry function in
| tinfo/write_entry.c
Package: wnpp
Severity: wishlist
* Package name: qiskit
Version : 0.3.9
Upstream Author : QISKit Development Team
* URL : http://qiskit.org
* License : Apache Software License
Description : Quantum information software kit
The Quantum Information Softwar
Ok, this bug needs some clarifications:
Neal, the original poster [1], refers to a different problem than Julien[2].
The Julien problem looks rooted in the kernel and was reported in a different
bug [3].
Anibal, probably the best path of action is to recheck with Neal if his
problem is still t
Package: connman
X-Debbugs-CC: t...@security.debian.org secure-testing-
t...@lists.alioth.debian.org
Severity: grave
Version: 1.33-3
Tags: security patch
Hi,
the following vulnerability was published for connman.
CVE-2017-12865[0]:
stack overflow in dns proxy feature
If you fix the vulnerabili
Package: ffmpeg
X-Debbugs-CC: t...@security.debian.org secure-testing-
t...@lists.alioth.debian.org
Severity: grave
Tags: security
Hi,
the following vulnerability was published for libav (which is embed in
ffmpeg).
CVE-2017-7206[0]:
| The ff_h2645_extract_rbsp function in libavcodec in libav 9.
Package: apt
Severity: wishlist
Hello,
The security team releases a DSA when a package is vulnerable, with the
recommendation "[...] upgrade your XX packages". The thing is, XX is a source
package. The users should be able to upgrade the binaries from XX that are
installed in their system
Source: tor
Version: 0.2.9.11-1~deb9u1
Severity: important
Tags: security patch
Hi Peter,
I got this report[1]
aa-exec is not in /usr/sbin anymore, at least not in every arch [2].
Cheers, luciano
[1] https://twitter.com/pissquark/status/888142796414226432
[2]
https://packages.debian.org/
I will upload it today/tomorrow.
/l
Hi Ondřej,
Do you still need a sponsor for this?
Cheers, luciano
00 -0500
+++ ieee-data-20150531.1~deb8u2/debian/changelog 2016-11-27 14:21:34.0 -0500
@@ -1,3 +1,9 @@
+ieee-data (20150531.1~deb8u2) stable; urgency=high
+
+ * Crontab update disable. Closes: #826104
+
+ -- Luciano Bello Sun, 27 Nov 2016 14:21:34 -0500
+
ieee-data (20150531.1~deb8u1) stabl
On Friday, 14 October 2016 08:47:13 EST Scott Kitterman wrote:
> There is also rst2pdf (it's a reverse build-depends). Please remove the
> moreinfo tag once it's fixed.
Done. See #840801
Thanks! /luciano
On Saturday, 26 November 2016 16:53:56 EST Elena ``of Valhalla'' wrote:
> If you can sponsor me the upload is already ready in git (including
> s/UNRELEASED/unstable/ in changelog, done this afternoon).
uploading! Thanks Elena!
/l
On Sunday, 30 October 2016 00:02:18 EST Elena ``of Valhalla'' wrote:
> Ok, from the delay in the answer I'm assuming that it's ok to delay
> a few other days (I won't have time for it this long weekend) and then
> I'll submit the package to my usual sponsor.
Any news here? Do you prefer a NMU? I c
On Friday, 25 November 2016 17:42:13 EST Bastien Roucaries wrote:
> Can i add a newer patch fixing the last cve ?
Do you think you can upload it for tomorrow? Let me unroll everything on this
end (I already asked for a DSA id, but I think I can put it back). Let me know
if you can upload to ment
Hi,
I will sponsor imagemagick/8:6.8.9.9-5+deb8u6 and release the DSA.
Thanks for you effort of keeping imagemagick secure!
/luciano
Source: maradns
Severity: grave
Version: 2.0.13-1.2
Tags: security upstream
Hi,
The following vulnerability was published for MaraDNS:
http://seclists.org/oss-sec/2016/q4/411
No CVE is was assigned yet, but the request was made in that thread.
If you fix the vulnerability please also make sure
On Sunday, 30 October 2016 00:02:18 EDT Elena ``of Valhalla'' wrote:
> Ok, from the delay in the answer I'm assuming that it's ok to delay
> a few other days (I won't have time for it this long weekend) and then
> I'll submit the package to my usual sponsor.
Great! Thanks a lot!
/luciano
Hi Elena,
pypdf2 worked fine with other users of pypdf and should be fully
compatible. See:
bookletimposer: #763974
kraft: #763980
pdfposter: #763977
pdfshuffle: #763973
pisa: #763981
w3af: #763975
I really really would like to remove pypdf asap. I think is worthy to
upload a new version
Package: rst2pdf
Severity: normal
Please, consider depend on python-pypdf2 instead of python-pypdf.
Upstream says: " I've stopped maintaining pyPdf, and a company named Phaseit
has forked the project and continued development and maintenance with my
blessing as pyPdf2 ( http://knowah.github.com
Package: ftp.debian.org
Severity: normal
Hi there,
python-pypdf was replaced by python-pypdf2. The reverse dependencies had
been patched for that porpoise already:
bookletimposer: #763974
kraft: #763980
pdfposter: #763977
pdfshuffle: #763973
pisa: #763981
w3af: #763975
Thanks! /luciano
Source: unadf
Version: 0.7.11a-3
Severity: important
Tags: security patch
Hi,
Tuomas Räsänen discovered the following vulnerabilities for unadf.
CVE-2016-1243[0]: stack buffer overflow caused by blindly trusting on pathname
lengths of archived files.
CVE-2016-1244[1]: execution of unsanitized i
Package: wnpp
Severity: wishlist
* Package name: python-watson-developer-cloud
Version : 0.18.0
Upstream Author : Jeffrey Stylos
* URL : https://pypi.python.org/pypi/watson-developer-cloud
* License : Apache 2.0
Programming Lang: Python
Description : Cl
Package: wnpp
Severity: wishlist
* Package name: python-watson-developer-cloud
Version : 0.18.0
Upstream Author : Jeffrey Stylos
* URL : https://pypi.python.org/pypi/watson-developer-cloud
* License : Apache 2.0
Programming Lang: Python
Description : Cl
nmu-ed, with 15 days delay.
/l
nmu-ed, with 15 days delay.
/l
Package: wnpp
Severity: wishlist
* Package name: touchandgo
Version : 0.12
Upstream Author : Felipe Lerena and Nicolás Demarci
* URL : https://github.com/touchandgo-devs/touchandgo
* License : GPL
Programming Lang: Python
Description : Touchandgo is a
On Friday 24 June 2016 16.41.57 Raphael Hertzog wrote:
> I thought the same when I saw this report... and the reason is likely that
> the tracker has almost no REST API at all right now and that it thus looked
> harder to implement there.
Indeed. That's the reason :)
/l
here is the patch. I would really love to remove python-pypdf. Shall I NMU?
/ldiff -Naur kraft-0.59.orig/debian/control kraft-0.59/debian/control
--- kraft-0.59.orig/debian/control 2016-06-09 13:52:42.929484554 +0200
+++ kraft-0.59/debian/control 2016-06-09 13:58:20.962913229 +0200
@@ -21,7 +21,7
Package: wnpp
Severity: wishlist
* Package name : texttop
Version : 0.0
Upstream Author : Thomas Buckley-Houston
* URL : https://github.com/tombh/texttop
* License : GPLv3
Description :
Texttop is simply a way to have the power of a remote server running a
desktop, but interfaced through the s
In the security team we would like to give information about which packages
you should update when we release a DSA (currently, we give to the user the
source package name). It would be easier for us if we have a way to get the
binaries for packages in (old)stable. Sources.d.n is the way to go,
Package: wnpp
Severity: wishlist
* Package name : texttop
Version : 0.0
Upstream Author : Thomas Buckley-Houston
* URL : https://github.com/tombh/texttop
* License : GPLv3
Description :
Texttop is simply a way to have the power of a remote server running a
desktop, but interfaced through the s
here is the patch. I would really love to remove python-pypdf. Shall I NMU?
/l--- a/lib/pdfimposer.py
+++ b/lib/pdfimposer.py
@@ -53,9 +53,7 @@ import sys
import os
import types
-import pyPdf
-import pyPdf.generic
-import pyPdf.pdf
+import PyPDF2 as pyPdf
# XXX: Fix these translatable strin
On Thursday 02 June 2016 11.34.52 Geert Lorang wrote:
> So it looks like standards.ieee.org is being DoS'd every 1st of the month,
not
> unlikely if all Debian systems connect on the same day at the same time to
> standards.ieee.org ?
Thanks for the heads-up on this. Probably I will disable the
On Wednesday 01 June 2016 01.26.17 Emilio Pozuelo Monfort wrote:
> I haven't had the time to look at jessie but the change should be similar.
I just released DSA 3591-1 to fix jessie.
> @maintainers: Would you like to upload this fix yourself or want me to do
it?
> Just for wheezy/jessie or also
On Saturday 19 December 2015 19.39.26 Adam D. Barratt wrote:
> That's not quite what you meant. :-) The reversed diff looks
okay, other
> than the version should be 20150531.1~deb8u1, please. With
that change,
> feel free to upload.
done! thanks for your help and patience.
/l
Package: medusa
Severity: normal
Note to myself. Update the website homepage to
http://foofus.net/?page_id=51
/luciano
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: pu
Tags: jessie
Severity: normal
Following the recommendation from https://bugs.debian.org/783096
/luciano
-- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (990, 'unstable'),
On Saturday 30 May 2015 23.17.42 Luciano Bello wrote:
>The two possible options are:
> - include the certificate (--ca-certificate=) in the package.
> - disable SSL for that file.
Oh, just noticed that affects all files (obviously). Remove the last option
and replace it by &quo
Hi,
The two possible options are:
- include the certificate (--ca-certificate=) in the package.
- disable SSL for that file.
What do you think is the best?
/luciano
signature.asc
Description: This is a digitally signed message part.
On Tuesday 24 February 2015 23.24.25 Ola Lundqvist wrote:
> There could be really rare cases when some unprivileged user create a
> configuration file and then someone else use that configuration file to
> start the vnc server, but in that case the configuration file have to be
> pointed out explic
On Sunday 15 February 2015 19.57.22 Ralf Treinen wrote:
> I have to admit that my C is a bit rusty, so I cannot verify myself that
> the C pointer gymnastics in the patch is correct. Please do (Luciano,
> or someone else from the security team) send me a *signed* email to confirm
> that the patch
On Sat, 27 Sep 2014 14:07:18 +0200 =?UTF-8?B?SmVyZW15IExhaW7DqQ==?=
wrote:
> I think the transition to pypdf2 was handled rather poorly.
This issue manage to make the way up in my ToDo list this week, after way too
much time. I'm sorry for the long delay.
Since I'm a bit out-of-sync here, I wi
Package: efl
Severity: important
Tags: security patch
The security team received a report from the CERT Coordination Center that the
Henry Spencer regular expressions (regex) library contains a heap overflow
vulnerability. It looks like this package includes the affected code at that's
the reas
Package: alpine
Severity: important
Tags: security patch
The security team received a report from the CERT Coordination Center that the
Henry Spencer regular expressions (regex) library contains a heap overflow
vulnerability. It looks like this package includes the affected code at that's
the r
Package: nvi
Severity: important
Tags: security patch
The security team received a report from the CERT Coordination Center that the
Henry Spencer regular expressions (regex) library contains a heap overflow
vulnerability. It looks like this package includes the affected code at that's
the reas
Package: sma
Severity: important
Tags: security patch
The security team received a report from the CERT Coordination Center that the
Henry Spencer regular expressions (regex) library contains a heap overflow
vulnerability. It looks like this package includes the affected code at that's
the reas
Package: yap
Severity: important
Tags: security patch
The security team received a report from the CERT Coordination Center that the
Henry Spencer regular expressions (regex) library contains a heap overflow
vulnerability. It looks like this package includes the affected code at that's
the reas
Package: vigor
Severity: important
Tags: security patch
The security team received a report from the CERT Coordination Center that the
Henry Spencer regular expressions (regex) library contains a heap overflow
vulnerability. It looks like this package includes the affected code at that's
the re
Package: newlib
Severity: important
Tags: security patch
The security team received a report from the CERT Coordination Center that the
Henry Spencer regular expressions (regex) library contains a heap overflow
vulnerability. It looks like this package includes the affected code at that's
the r
Package: clamav
Severity: important
Tags: security patch
The security team received a report from the CERT Coordination Center that the
Henry Spencer regular expressions (regex) library contains a heap overflow
vulnerability. It looks like this package includes the affected code at that's
the r
Package: ptlib
Severity: important
Tags: security patch
The security team received a report from the CERT Coordination Center that the
Henry Spencer regular expressions (regex) library contains a heap overflow
vulnerability. It looks like this package includes the affected code at that's
the re
Package: vnc4
Severity: important
Tags: security patch
The security team received a report from the CERT Coordination Center that the
Henry Spencer regular expressions (regex) library contains a heap overflow
vulnerability. It looks like this package includes the affected code at that's
the rea
Package: radare2
Severity: important
Tags: security patch
The security team received a report from the CERT Coordination Center that the
Henry Spencer regular expressions (regex) library contains a heap overflow
vulnerability. It looks like this package includes the affected code at that's
the
Package: knews
Severity: important
Tags: security patch
The security team received a report from the CERT Coordination Center that the
Henry Spencer regular expressions (regex) library contains a heap overflow
vulnerability. It looks like this package includes the affected code at that's
the re
Package: z88dk
Severity: important
Tags: security patch
The security team received a report from the CERT Coordination Center that the
Henry Spencer regular expressions (regex) library contains a heap overflow
vulnerability. It looks like this package includes the affected code at that's
the re
Package: openrpt
Severity: important
Tags: security patch
The security team received a report from the CERT Coordination Center that the
Henry Spencer regular expressions (regex) library contains a heap overflow
vulnerability. It looks like this package includes the affected code at that's
the
Package: cups
Severity: important
Tags: security patch
The security team received a report from the CERT Coordination Center that the
Henry Spencer regular expressions (regex) library contains a heap overflow
vulnerability. It looks like this package includes the affected code at that's
the rea
Package: haskell-regex-posix
Severity: important
Tags: security patch
The security team received a report from the CERT Coordination Center that the
Henry Spencer regular expressions (regex) library contains a heap overflow
vulnerability. It looks like this package includes the affected code at
Package: librcsb-core-wrapper
Severity: important
Tags: security patch
The security team received a report from the CERT Coordination Center that the
Henry Spencer regular expressions (regex) library contains a heap overflow
vulnerability. It looks like this package includes the affected code at
Package: llvm-toolchain-snapshot
Severity: important
Tags: security patch
The security team received a report from the CERT Coordination Center that the
Henry Spencer regular expressions (regex) library contains a heap overflow
vulnerability. It looks like this package includes the affected code
Package: llvm-toolchain-3.6
Severity: important
Tags: security patch
The security team received a report from the CERT Coordination Center that the
Henry Spencer regular expressions (regex) library contains a heap overflow
vulnerability. It looks like this package includes the affected code at t
Package: llvm-toolchain-3.4
Severity: important
Tags: security patch
The security team received a report from the CERT Coordination Center that the
Henry Spencer regular expressions (regex) library contains a heap overflow
vulnerability. It looks like this package includes the affected code at t
Package: olsrd
Severity: important
Tags: security patch
The security team received a report from the CERT Coordination Center that the
Henry Spencer regular expressions (regex) library contains a heap overflow
vulnerability. It looks like this package includes the affected code at that's
the re
Package: llvm-toolchain-3.5
Severity: important
Tags: security patch
The security team received a report from the CERT Coordination Center that the
Henry Spencer regular expressions (regex) library contains a heap overflow
vulnerability. It looks like this package includes the affected code at t
Package: php5
Severity: important
Tags: security
The security team received a report from the CERT Coordination Center that the
Henry Spencer regular expressions (regex) library contains a heap overflow
vulnerability. It looks like this package includes the affected code at that's
the reason of
Hi guys,
https://sourceware.org/bugzilla/show_bug.cgi?id=17512 is still growing,
and porting all the patches to 2.24.90.20141023-1 is getting less and less
trivial. If you short the distance with the upstream version, that will put a
lot of work of the security-team off :)
Thanks for your w
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
Dear release team,
I just dak-installed liblivemedia_2012.05.17-1+wheezy1 to release a DSA
announcing fix for was recently updated in wheezy-security and wheezy-p-u to
fix CVE-2013-6933. T
Package: vsftpd
Version: 3.0.2-17
Severity: important
Tags: security upstream
Hi there,
The following vulnerability was published
http://seclists.org/oss-sec/2015/q1/389
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your c
For the record, here is the link to the documentation about this situation:
http://security-team.debian.org/security_tracker.html#packages-in-experimental-only
Cheers, luciano
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contac
Hi,
These two scripts might help as a workaround.
This one uses sources.debian.net
./unknown-packages.py | grep WAT
and this one packages.qa.debian.org
./unknown-packages-pts.py | grep WAT
I think the tracker does not depend on any external elements now. Does it
make sense to include some
On Sunday 02 November 2014 19.35.34 Salvatore Bonaccorso wrote:
> Note that Luciano Bello is planning to release a DSA for
> wheezy-security too.
DSA released:
https://lists.debian.org/debian-security-announce/2014/msg00251.html
Cheers, luciano
signature.asc
Description: This is a dig
Package: gst-plugins-bad1.0
Severity: important
After some discussion in the pkg-gstreamer-maintainers mailing list, I think it
is a better to handle this issue as a bug :)
For reference:
- https://bugs.debian.org/759288
-
http://lists.alioth.debian.org/pipermail/pkg-gstreamer-maintainers/201
Package: gst-plugins-bad0.10
Severity: important
After some discussion in the pkg-gstreamer-maintainers mailing list, I think it
is a better to handle this issue as a bug :)
For reference:
- https://bugs.debian.org/759288
-
http://lists.alioth.debian.org/pipermail/pkg-gstreamer-maintainers/20
Package: python-pisa
Severity: normal
Please, consider to depend on python-pypdf2 instead of python-pypdf.
Upstream says: " I've stopped maintaining pyPdf, and a company named Phaseit
has
forked the project and continued development and maintenance with my blessing
as
pyPdf2 ( http://knowah.g
Package: kraft
Severity: normal
Please, consider to depend on python-pypdf2 instead of python-pypdf.
Upstream says: " I've stopped maintaining pyPdf, and a company named Phaseit
has
forked the project and continued development and maintenance with my blessing
as
pyPdf2 ( http://knowah.github.
Package: calibre
Severity: normal
Please, consider to depend on python-pypdf2 instead of python-pypdf.
Upstream says: " I've stopped maintaining pyPdf, and a company named Phaseit
has
forked the project and continued development and maintenance with my blessing
as
pyPdf2 ( http://knowah.githu
Package: pdfposter
Severity: normal
Please, consider to depend on python-pypdf2 instead of python-pypdf.
Upstream says: " I've stopped maintaining pyPdf, and a company named Phaseit
has
forked the project and continued development and maintenance with my blessing
as
pyPdf2 ( http://knowah.git
Package: pdfshuffler
Severity: normal
Please, consider to depend on python-pypdf2 instead of python-pypdf.
Upstream says: " I've stopped maintaining pyPdf, and a company named Phaseit
has
forked the project and continued development and maintenance with my blessing
as
pyPdf2 ( http://knowah.g
Package: w3af-console
Severity: normal
Please, consider to depend on python-pypdf2 instead of python-pypdf.
Upstream says: " I've stopped maintaining pyPdf, and a company named Phaseit
has
forked the project and continued development and maintenance with my blessing
as
pyPdf2 ( http://knowah.
Package: bookletimposer
Severity: normal
Please, consider to depend on python-pypdf2 instead of python-pypdf.
Upstream says: " I've stopped maintaining pyPdf, and a company named Phaseit
has
forked the project and continued development and maintenance with my blessing
as
pyPdf2 ( http://knowa
Package: pdfshuffler
Severity: normal
Please, consider depend on python-pypdf2 instead of python-pypdf.
Upstream says: " I've stopped maintaining pyPdf, and a company named Phaseit
has
forked the project and continued development and maintenance with my blessing
as
pyPdf2 ( http://knowah.gith
Package: python-keystonemiddleware
Severity: important
Tags: security upstream patch fixed-upstream
Hi there,
the following vulnerabilities were published for python-keystonemiddleware:
CVE-2014-7144: TLS cert verification option not honoured in paste configs
If you fix the vulnerabilities p
Package: python-keystoneclient
Severity: important
Tags: security upstream patch fixed-upstream
Hi there,
the following vulnerabilities were published for python-keystoneclient:
CVE-2014-7144: TLS cert verification option not honored in paste configs
If you fix the vulnerabilities please als
1 - 100 of 362 matches
Mail list logo
