Public bug reported:
Please sync jupyter-notebook 7.0.0-2 (universe) from Debian unstable
(main)
Explanation of the Ubuntu delta and why it can be dropped:
* SECURITY UPDATE: DoS due to improper regex santizing
- debian/missing-sources/sanitize-html/index.js: HTML comment replacement
regex logic hardened.
- CVE-2022-25887
The only delta here is a CVE patch in a bundled version of `sanitize-html`,
which was removed upstream, so the delta can be dropped.
Changelog entries since current stonking version 6.4.13-5ubuntu0.1:
jupyter-notebook (7.0.0-2) unstable; urgency=medium
* Upload to unstable.
* d/control: add b-d on node-duplicate-package-checker-webpack-plugin
* Closes: #1114158, #1088417, #1030787
-- Gordon Ball <[email protected]> Wed, 25 Mar 2026 21:18:18 +0100
jupyter-notebook (7.0.0-1) experimental; urgency=medium
* New upstream version 7.0.0
* d/patches: rebase, drop most patches which are no longer applicable
* d/control: standards-version 4.7.3, drop rules-requires-root, drop priority
* drop d/run-tests, d/get-tests-exclusions
* drop d/missing-sources and corresponding copyright stanzas
* d/watch: upgrade to version 5
* d/control, d/rules: rewrite for notebook 7
* d/nodejs: drop most config for notebook 6, update extlinks
* d/nodejs: add many @jupyterlab/*-extension extlinks for webpack
* d/patches: patch out webpack-bundle-analyzer
* d/control: add build-deps node-find-root,
node-vscode-ws-jsonrpc, jupyter-core
* d/patches: port fix-build.patch from jupyterlab
* d/rules: clean bad pkgjs links after build, or building for multiple
python version fails
* d/rules: fix installation of labextension
* d/control: add runtime dependency on jupyterlab
* d/tests: tests are now in a separate top-level dir
* d/manpages: only binary jupyter-notebook is now provided by this package,
drop others
* d/README.source: update for notebook v7 packaging
* d/patches: fix resource loading with empty joinpath
* d/lintian-overrides: drop unused
-- Gordon Ball <[email protected]> Thu, 08 Jan 2026 21:53:36 +0100
** Affects: jupyter-notebook (Ubuntu)
Importance: Wishlist
Status: New
** Changed in: jupyter-notebook (Ubuntu)
Importance: Undecided => Wishlist
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2154604
Title:
Sync jupyter-notebook 7.0.0-2 (universe) from Debian unstable (main)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/jupyter-notebook/+bug/2154604/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
