Hi, I made a fix for sqlalchemy available for testing (CVE-2019-7164/7548): https://people.debian.org/~beuc/lts/sqlalchemy/
Upstream author Mike Bayer warns that this might break applications, hence if you are depend on sqlalchemy you are encouraged to test: https://gerrit.sqlalchemy.org/#/c/sqlalchemy/sqlalchemy/+/1165/ I'll update it if upstream makes more fine-tuning. I plan to push it next week unless users/testers report breakage. Cheers! Sylvain
