Bug#954451: src:tox: Please remove python2 autopkgtests that use virtualenv

Package: src:tox Version: 3.13.2-1 Severity: serious Tags: ftbfs Justification: fails to build from source (but built successfully in the past) Note: Using FTBFS to cover autopkgtest failure as it is a rough equivalent (package can't migrate to testing). The python-virtualenv package can no longe

Bug#937166: Python2 is not really depended on

On Sat, 22 Feb 2020 10:54:23 +0100 Kay Hayen wrote: > Hello, > > this is not explained in the FAQ, but the way I have done it is like this > (in build-depends, removed irrelevant parts): > >python (>= 2.6.6-2) | base-files (>= 11), >python-all-dbg (>= 2.6.6-2) | b

Bug#954236: Proposed Buster Fix (pyhon3-bleach: New secuirty issue: mutation XSS (again))

On Thursday, March 19, 2020 6:24:22 PM EDT Salvatore Bonaccorso wrote: > Hi Scott, > > On Thu, Mar 19, 2020 at 12:20:25AM -0400, Scott Kitterman wrote: > > Upstream's 3.1.2 release had just the security fix in it. I propose > > updating buster with it (I put 3.1.3 i

Bug#942910: automake-1.15: Python2 removal in sid/bullseye

On Tue, 17 Mar 2020 17:34:06 -0400 Scott Kitterman wrote: ... > As I mentioned in the automake-1.16 bug, these are the last two packages that > use python-virutalenv, so I'd really like to see them updated to unblock other > work. > > Thanks. > > Scott K It'

Bug#942928: automake-1.16: Python2 removal in sid/bullseye

On Tue, 17 Mar 2020 17:24:25 -0400 Scott Kitterman wrote: ...> Automake-1.15 and automake-1.16 are the last two packages using python- > virtualenv in Debian Testing. We would like to move forward with the removal > soon as it blocks other work. As a result, I'm going to bu

Bug#938249: python-virtualenv: Python2 removal in sid/bullseye

I know this is marked py2keep, but I don't think we can. Our virtualenv is 5 years old and really needs updated. The brings in a requirement for pip in the base virtualenv which then needs a wheel for ipaddr (which is already out of testing) and python-pip, which has already been dropped. I t

Bug#937643: Reverting python2-rm

I'm about to upload this with python2 restored. Python-automat, which is a dependency of python-twisted-core (which is not close to being removed) depends on this and currently can't migrate to Testing because of the lack of this package. This is entangled with the python3.8 as default transit

Bug#953942: RM: jack -- RoQA; python2-only; no new upstream code since 2005; better alternatives exist; blocking py2removal effort

On Thursday, March 19, 2020 7:14:12 AM EDT you wrote: > Package: ftp.debian.org > Followup-For: Bug #953942 > > Wow. Gone in 4 days. > While I can understand that ftpmasters are triggerhappy due to the py2 > removal, that seems excessive. > > As for the "no upstream activity", that tends to happe

Bug#954256: [Python-modules-team] Bug#954256: python-pip-whl: Editable installs broken: can't find __main__ module

Thanks. The virtualenv package needs updating following the recent pip update. I'm working on it. Scott K

Bug#954236: Proposed Buster Fix (pyhon3-bleach: New secuirty issue: mutation XSS (again))

** + +None + Version 3.1.1 (February 13th, 2020) --- diff -Nru python-bleach-3.1.1/debian/changelog python-bleach-3.1.2/debian/changelog --- python-bleach-3.1.1/debian/changelog 2020-02-27 05:53:52.0 -0500 +++ python-bleach-3.1.2/debian/changelog 2020-03-

Bug#954236: python3-bleach: New secuirty issue: mutation XSS (again)

Package: python3-bleach Version: 3.1.1-0+deb10u1 Severity: serious Tags: security upstream >From the upstream CHANGES for 3.1.2, which I just noticed: **Security fixes** * ``bleach.clean`` behavior parsing embedded MathML and SVG content with RCDATA tags did not match browser behavior and coul

Bug#954222: src:appdirs: Fails autopkgtest with non-default python3 installed

ntainer upload. + * Fix autopkgtest to reliably run with multiple python3 versions installed + + -- Scott Kitterman Wed, 18 Mar 2020 15:30:59 -0400 + appdirs (1.4.3-2) unstable; urgency=medium * Move repository to salsa.debian.org diff -Nru appdirs-1.4.3/debian/tests/control appdirs-1.4.3/de

Bug#954215: pybuild: Should do better than a traceback if cmake is not found

Package: dh-python Version: 4.20200315 Severity: normal I was building a package locally and noticed this in the build log: D: pybuild __init__:36: cannot initialize 'cmake' plugin Traceback (most recent call last): File "/usr/share/dh-python/dhpython/build/__init__.py", line 32, in module

Bug#954205: Acknowledgement (src:python-lockfile: Autopkgtest failures with non-default python3 installed)

@@ +python-lockfile (1:0.12.2-2.2) unstable; urgency=medium + + * Non-maintainer upload. + * Fix autopkgtest to work reliably with multiple supported python3 versions +(Closes: #954205) + + -- Scott Kitterman Wed, 18 Mar 2020 09:13:51 -0400 + python-lockfile (1:0.12.2-2.1) unstable; urgency=medium

Bug#954205: src:python-lockfile: Autopkgtest failures with non-default python3 installed

Package: src:python-lockfile Version: 1:0.12.2-2.1 Severity: serious Tags: ftbfs Justification: fails to build from source (but built successfully in the past) Using FTBFS since autopkgtest failures are blocking and it's the closes tag we have. The python-lockfile autopkgtest runs against all 'in

Bug#942910: automake-1.15: Python2 removal in sid/bullseye

angelog 2020-03-17 17:28:47.0 -0400 @@ -1,3 +1,10 @@ +automake-1.15 (1:1.15.1-5.1) UNRELEASED; urgency=medium + + * Non-maintainer upload. + * Switch to python3 (Closes: #942910) + + -- Scott Kitterman Tue, 17 Mar 2020 17:28:47 -0400 + automake-1.15 (1:1.15.1-5) unstable; urgency=me

Bug#942928: automake-1.16: Python2 removal in sid/bullseye

On Wed, 23 Oct 2019 02:33:19 + mo...@debian.org wrote: > Source: automake-1.16 > Version: 1:1.16.1-4 > Severity: normal > Tags: sid bullseye > User: debian-pyt...@lists.debian.org > Usertags: py2removal > > Python2 becomes end-of-live upstream, and Debian aims to remove > Python2 from the dist

Bug#954157: ftp.debian.org,autopkgtest: conflicting advice on tests that require internet access

On Tuesday, March 17, 2020 10:57:39 AM EDT Simon McVittie wrote: > Package: ftp.debian.org,autopkgtest > Severity: normal > > According to a recent addition to > > : > > Tests, including autopkgtests, are part of our build process. Packages > > in Ma

Bug#912379: Please update the pip package

On Fri, 10 Jan 2020 00:02:12 -0800 Nye Liu wrote: > this bug is now more than a year old. > > Please update python3-pip and python-pip packages to >19.1 The same problem still exists with 20.2 in unstable. It appears that the fundamental problem is that pip uses a modified pkg_resources copy (

Bug#954154: src:salt: Requires a package outside of Main

Package: src:salt Version: 3000+dfsg1-3 Severity: serious Justification: Policy 2.2.1 This package uses python pip to download and install packages from outside the Debian archive to run autopkgtests. Main is required to be self-contained, including for tests. See the FTP Master's reject FAQ [1]

Bug#954153: src:python-virtualenv: Please drop python-virtualenv tests

Package: src:python-virtualenv Version: 15.1.0+ds-3 Severity: serious Tags: ftbfs Justification: fails to build from source (but built successfully in the past) This is really an autopkgtest failure bug, but I think ftbfs is the closest tag we have. Please drop the autopkgtests for python-virtual

Bug#954151: src:logbook: Requires a package outside of Main

Package: src:logbook Version: 1.5.3-2 Severity: serious Justification: Policy 2.2.1 This package uses python pip to download and install packages from outside the Debian archive to run autopkgtests. Main is required to be self-contained, including for tests. See the FTP Master's reject FAQ [1] i

Bug#954150: src:ffc: Requires a package outside of Main

Package: src:ffc Version: 2019.1.0.post0-2 Severity: serious Justification: Policy 2.2.1 This package uses python pip to download and install packages from outside the Debian archive to run autopkgtests. Main is required to be self-contained, including for tests. See the FTP Master's reject FAQ

Bug#954148: src:doit: Requires a package outside of Main

Package: src:doit Version: 0.31.1-3.2 Severity: serious Justification: Policy 2.2.1 This package uses python pip to download and install packages from outside the Debian archive to run autopkgtests. Main is required to be self-contained, including for tests. See the FTP Master's reject FAQ [1] i

Bug#954147: src:dateparser: Requires a package outside of Main

Package: src:dateparser Version: 0.7.2-1 Severity: serious Justification: Policy 2.2.1 This package uses python pip to download and install packages from outside the Debian archive to run autopkgtests. Main is required to be self-contained, including for tests. See the FTP Master's reject FAQ [1

Bug#954006: release.debian.org: Please allow postfix to migrate despite autopkgtest failures, they are unrelated

On Monday, March 16, 2020 5:03:52 PM EDT Paul Gevers wrote: > Hi Scott, > > On 16-03-2020 21:51, Scott Kitterman wrote: > > Thanks for the clarification. I guess I need a better understanding of > > when manual intervention is required. Is there something I can read that &

Bug#954073: buster-pu: package postfix/3.4.9-0+10debu1

On Monday, March 16, 2020 3:01:18 PM EDT Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Mon, 2020-03-16 at 08:00 -0400, Scott Kitterman wrote: > > On Monday, March 16, 2020 7:25:09 AM EDT Emilio Pozuelo Monfort > > > > wrote: > > > Hi Scott,

Bug#954006: release.debian.org: Please allow postfix to migrate despite autopkgtest failures, they are unrelated

On Monday, March 16, 2020 4:36:47 PM EDT Paul Gevers wrote: > Hi Scott, > > On 16-03-2020 00:24, Scott Kitterman wrote: > > Thanks whoever marked resource-agents as not a regression. I don't see > > any other blockers, so I suppose this can be closed now. > I don

Bug#954073: buster-pu: package postfix/3.4.9-0+10debu1

On Monday, March 16, 2020 7:25:09 AM EDT Emilio Pozuelo Monfort wrote: > Hi Scott, > > On 16/03/2020 12:00, Scott Kitterman wrote: > > Package: release.debian.org > > Severity: normal > > Tags: buster > > User: release.debian@packages.debian.org > > Us

Bug#953989: NMU debdiff (borgbackup reports installed python3-msgpack is incompatible)

+ + * Non-maintainer upload. + * Temporarily use internal msgpack to fix FTBFS and fix borgbackup to work +again (Closes: #953989) + + -- Scott Kitterman Mon, 16 Mar 2020 06:25:57 -0400 + borgbackup (1.1.11-2) unstable; urgency=medium [ Andrej Shadura ] diff -Nru borgbackup-1.1.11/debian/patc

Bug#954073: buster-pu: package postfix/3.4.9-0+10debu1

one of the Milters failed. + Reported by WeiYu Wu. + + -- Scott Kitterman Mon, 16 Mar 2020 06:37:22 -0400 + postfix (3.4.9-0+10debu1) buster; urgency=medium [Scott Kitterman] diff -Nru postfix-3.4.9/HISTORY postfix-3.4.10/HISTORY --- postfix-3.4.9/HISTORY 2020-02-02 12:51

Bug#953989: borgbackup reports installed python3-msgpack is incompatible

On Sun, 15 Mar 2020 12:16:54 + Gordon Ball wrote: > Package: borgbackup > Version: 1.1.11-2 > Severity: grave > Justification: renders package unusable > > After updating python3-msgpack from 0.5.6-3 -> 0.6.2-1, attempting to > run any borg command fails with the following message, making bor

Bug#954006: release.debian.org: Please allow postfix to migrate despite autopkgtest failures, they are unrelated

Thanks whoever marked resource-agents as not a regression. I don't see any other blockers, so I suppose this can be closed now. Scott K

Bug#954006: release.debian.org: Please allow postfix to migrate despite autopkgtest failures, they are unrelated

On March 15, 2020 7:05:20 PM UTC, Paul Gevers wrote: >Hi Scott, > >On 15-03-2020 18:17, Scott Kitterman wrote: >> Currently postfix 2.4.10-1 is showing two autopkgtest failures in >> related packages. Neither of them are postfix related. > >Which two, I only see on

Bug#954006: release.debian.org: Please allow postfix to migrate despite autopkgtest failures, they are unrelated

Package: release.debian.org Severity: normal Currently postfix 2.4.10-1 is showing two autopkgtest failures in related packages. Neither of them are postfix related. Postfix's tests and all others passed and the two day wait for packages with passing autopkgtests is up, so I would appreciate it

Bug#953992: ITP: python-flit -- simple way to put Python packages and modules on PyPI

Package: wnpp Severity: wishlist Owner: Scott Kitterman * Package name: flit Version : 2.2.0 Upstream Author : Thomas Kluyver * URL : https://github.com/takluyver/flit * License : BSD 3-clause license Programming Lang: Python Description : simple way

Bug#947069: pip does not handle manylinux2010 tag (PEP571)

On Fri, 20 Dec 2019 13:27:54 +0100 Gabriel Corona wrote: > Package: python3-pip > Version: 18.1-5 > Severity: normal > > Dear Maintainer, > > The pip package as installed by python3-pip refuses to install > manylinux2010 wheels (see PEP 571). This needs a newer pip version to properly support.

Bug#953284: RM: dosemu -- ROM; abandoned upstream

On March 14, 2020 9:37:01 PM UTC, Guillem Jover wrote: >Hi! > >On Sat, 2020-03-14 at 14:07:34 -0700, Kees Cook wrote: >> On Sat, Mar 14, 2020 at 06:56:30PM +, Scott Kitterman wrote: >> > On March 14, 2020 12:14:48 PM UTC, Guillem Jover > wrote: >> > &

Bug#953284: RM: dosemu -- ROM; abandoned upstream

On March 14, 2020 12:14:48 PM UTC, Guillem Jover wrote: >Hi! > >On Fri, 2020-03-06 at 20:43:05 -0800, Kees Cook wrote: >> Package: ftp.debian.org >> Severity: normal > >This seems to have continued by upstream, at least, in spirit at >, which seems rather active.

Bug#938027: [Python-modules-team] Bug#938027: Bug#938027: python-pip: Python2 removal in sid/bullseye

On Friday, March 13, 2020 6:36:59 PM EDT Sandro Tosi wrote: > On Fri, Mar 13, 2020 at 3:51 PM Scott Kitterman wrote: > > I don't know of a reason not to go ahead, but if you do, please be careful > > of what's already in git. Update to the new version is staged the

Bug#938027: [Python-modules-team] Bug#938027: python-pip: Python2 removal in sid/bullseye

I don't know of a reason not to go ahead, but if you do, please be careful of what's already in git. Update to the new version is staged there. It is blocked on updates for some of the packages it builds wheels from. Scott K On March 13, 2020 7:32:35 PM UTC, Sandro Tosi wrote: >On Fri, 30 Au

Bug#953523: ITP: filetype.py -- Small module to infer binary file types via signature

It's ok. Python policy only addresses binary package name. Scott K

Bug#953523: ITP: filetype.py -- Small module to infer binary file types via signature

Based on the module name and Python policy, the binary package name should be python3-filetype. That appears to be available. I'd suggest using that as the source package name too to make your life easier. Scott K

Bug#937277: NMU on the way

maintainer upload. + * No change source upload to allow fixes for #937277 to make it to Testing + + -- Scott Kitterman Mon, 09 Mar 2020 19:39:30 -0400 + pg-activity (1.5.0-1) unstable; urgency=medium * New upstream release signature.asc Description: This is a digitally signed message part.

Bug#953377: src:zorp: Depends/Build-Depends on cruft package python-dnspython

Package: src:zorp Version: 7.0.1~alpha2-3 Severity: serious Justification: Policy 2.2.1 This package Depends/Build-Depends on python-dnspython which is an NBS cruft package. Please update your package to use python3-dnspython, which is still provided (if the package will be ported to python3). S

Bug#953376: src:mailman: Depends/Build-Depends on cruft package python-dnspython

Package: src:mailman Version: 1:2.1.29-1 Severity: serious Justification: Policy 2.2.1 This package Depends/Build-Depends on python-dnspython which is an NBS cruft package. Please update your package to use python3-dnspython, which is still provided (if the package will be ported to python3). Sc

Bug#953374: src:knockpy: Depends/Build-Depends on cruft package python-dnspython

Package: src:knockpy Version: 4.1.0-1 Severity: serious Justification: Policy 2.2.1 This package Depends/Build-Depends on python-dnspython which is an NBS cruft package. Please update your package to use python3-dnspython, which is still provided (if the package will be ported to python3). Scott

Bug#953375: src:linkchecker: Depends on cruft package python-dnspython

Package: src:linkchecker Version: 9.4.0-2 Severity: serious Justification: Policy 2.2.1 This package Depends on python-dnspython which is an NBS cruft package. Please update your package to use python3-dnspython, which is still provided (if the package will be ported to python3). Scott K

Bug#953372: src:hash-slinger: Depends on cruft package python-dnspython

Package: src:hash-slinger Version: 2.7-1 Severity: serious Justification: Policy 2.2.1 This package Depends on python-dnspython which is an NBS cruft package. Please update your package to use python3-dnspython, which is still provided (if the package will be ported to python3). Scott K

Bug#953371: src:easyzone: Depends/Build-Depends on cruft package python-dnspython

Package: src:easyzone Version: 1.2.2-1 Severity: serious Justification: Policy 2.2.1 This package Depends/Build-Depends on python-dnspython which is an NBS cruft package. Please update your package to use python3-dnspython, which is still provided (if the package will be ported to python3). Scot

Bug#953013: [Python-modules-team] Bug#953013: pyyaml: CVE-2020-1747: arbitrary command execution through python/object/new when FullLoader is used

On Tuesday, March 3, 2020 11:41:26 AM EST Salvatore Bonaccorso wrote: > Hi Scott, > > On Tue, Mar 03, 2020 at 09:19:06AM -0500, Scott Kitterman wrote: > > On Tuesday, March 3, 2020 2:29:51 AM EST Salvatore Bonaccorso wrote: > > > Source: pyyaml > > > Version

Bug#953139: [Python-modules-team] Bug#953139: BUG #953139 Info on other distros

On March 6, 2020 3:05:17 PM UTC, Ron Lovell wrote: >I checked a couple of other distros I run. In Arch Linux >distutils/util.py >is provided by the base "python" pkg. In openSUSE Tumbleweed it is >provided >by python3-base. So among my installations, Debian Buster and Sid are >the >odd ducks in

Bug#953013: [Python-modules-team] Bug#953013: pyyaml: CVE-2020-1747: arbitrary command execution through python/object/new when FullLoader is used

On Tuesday, March 3, 2020 11:41:26 AM EST Salvatore Bonaccorso wrote: > Hi Scott, > > On Tue, Mar 03, 2020 at 09:19:06AM -0500, Scott Kitterman wrote: > > On Tuesday, March 3, 2020 2:29:51 AM EST Salvatore Bonaccorso wrote: > > > Source: pyyaml > > > Version

Bug#937229: pacparser: Python2 removal in sid/bullseye

20-03-02 00:22:40.0 -0500 @@ -1,3 +1,10 @@ +pacparser (1.3.6-1.2) unstable; urgency=medium + + * Non-maintainer upload. + * Drup python-pacparser - obsolete, no rdepends (Closes: #937229) + + -- Scott Kitterman Mon, 02 Mar 2020 00:22:40 -0500 + pacparser (1.3.6-1.1) unstable; urgency=m

Bug#952997: debian-edu-config: pacparser being removed, please drop from debian-edu-config

On March 2, 2020 9:28:29 PM UTC, Dominik George wrote: >Hi, > >> Please let me know your preference. At some point we'll probably >need >> to go ahead with the rm of pacparser to keep the python2-rm process >> moving. > >Why should it be necessary to remove the whole package, instead of just >

Bug#952997: debian-edu-config: pacparser being removed, please drop from debian-edu-config

On Monday, March 2, 2020 3:15:34 PM EST Mike Gabriel wrote: > Hi Scott, > > On Mo 02 Mär 2020 20:20:01 CET, Scott Kitterman wrote: > > Package: debian-edu-config > > Version: 2.11.14 > > Severity: important > > > > Dear Maintainer, > > > >

Bug#952952: RM: src:ipykernel-py2 -- RoM for Python 2 removal

On Monday, March 2, 2020 9:14:52 AM EST Sandro Tosi wrote: > > The src:ipykernel-py2 package provides python-ipykernel, which is to be > > removed for the Python 2 removal transition. > > Cc-ing Gordon explicitly: the last time we spoke, Gordon wanted to > keep the python2 stack of ipython/ikernel

Bug#952997: debian-edu-config: pacparser being removed, please drop from debian-edu-config

Package: debian-edu-config Version: 2.11.14 Severity: important Dear Maintainer, The pacparser source package is unmaintained and RC buggy. As a result, I have asked to have it removed from Debian (Bug #952963). debian-edu-config depends on libpacparser1. It is the only rdepend. If libpacparse

Bug#952963: RM: pacparser -- RoQA; RC Buggy, Unmaintained, Packaging obsolete

Package: ftp.debian.org Severity: normal This package hasn't been touched since I NMUed it several years ago. In theory it could be updated to drop python2 support, but then the packaging needs a major overhaul (compat = 5 and it shows), which no one appears to be up to doing, so it's better to r

Bug#952962: RM: python-setupdocs -- ROM; Unmaintained, RC Buggy, Obsolete libs (python2)

Package: ftp.debian.org Severity: normal No python3 support, no uploads since I did a team upload almost a decade ago, and no rdepends. This should go. Scott K

Bug#952251: sympy: FTBFS: make[2]: python: Command not found

log 2020-02-07 12:57:44.0 -0500 +++ sympy-1.5.1/debian/changelog 2020-03-01 15:45:01.0 -0500 @@ -1,3 +1,11 @@ +sympy (1.5.1-2.1) unstable; urgency=medium + + * Non-maintainer upload. + * Add d/p/python3-not-python.patch from Ubuntu to fix FTBFS with python3 + (Closes: #952251)

Bug#952782: python-dnspython: Python 2 binary should not be released with bullseye

Package: python-dnspython Version: 1.16.0-1 Severity: serious As the primary maintianer of dnspython, I don't think it is suitable to leave with a python2 binary for the bullseye release. Scott K

Bug#936659: gr-hpsdr: Python2 removal in sid/bullseye

On Fri, 30 Aug 2019 07:19:41 + Matthias Klose wrote: > Package: src:gr-hpsdr > Version: 1.2-1 > Severity: normal > Tags: sid bullseye > User: debian-pyt...@lists.debian.org > Usertags: py2removal > > Python2 becomes end-of-live upstream, and Debian aims to remove > Python2 from the distributi

Bug#951907: Suggested Stable Fix

On Thursday, February 27, 2020 8:11:32 AM EST Salvatore Bonaccorso wrote: > Hi Scott, > > On Thu, Feb 27, 2020 at 01:41:44PM +0100, Salvatore Bonaccorso wrote: > > Hi, > > > > On Thu, Feb 27, 2020 at 01:18:55PM +0100, Salvatore Bonaccorso wrote: > > > I think though we mgiht need to revisit the a

Bug#937256: Should pbh5tools be removed?

It's rdepends are now removed. It appears unmaintained upstream. It is python2 only. I think that adds up to a reasonable case to remove it now? Scott K signature.asc Description: This is a digitally signed message part.

Bug#933751: mini-buildd (build-)depends on cruft package.

> Hi Peter, > > On Fri, 2019-08-02 at 22:11 +0100, Peter Michael Green wrote: > > Package: mini-buildd > > Version: 1.0.41 > > Severity: serious > > > > python-mini-buildd depends on and the mini-buildd source package > > build-depends on the python-django-registration binary package which > > is

Bug#951907: Suggested Stable Fix

On February 27, 2020 12:18:53 PM UTC, Salvatore Bonaccorso wrote: >Hi Scott, > >On Thu, Feb 27, 2020 at 06:24:09AM -0500, Scott Kitterman wrote: >> On Thursday, February 27, 2020 2:44:48 AM EST Salvatore Bonaccorso >wrote: >> > Hi Scott, >> > >>

Bug#951907: Suggested Stable Fix

On Thursday, February 27, 2020 2:44:48 AM EST Salvatore Bonaccorso wrote: > Hi Scott, > > On Sat, Feb 22, 2020 at 07:20:34PM -0500, Scott Kitterman wrote: > > Debdiff for proposed stable security update attached. > > > > The first hunk of the patch has the actual fix.

Bug#938500: smalr: Python2 removal in sid/bullseye

No upstream activity in two years. It seems very unlikely a python3 port will appear. This should probably be removed. Scott K signature.asc Description: This is a digitally signed message part.

Bug#937253: pbbarcode: Python2 removal in sid/bullseye

This is dead upstream (the GitHub repository listed as the homepage for the package is marked "This repository has been archived by the owner. It is now read-only." I think that's a strong sign there won't be a python3 port and the package should be removed. Scott K signature.asc Description:

Bug#951564: stretch-pu: package postfix/3.1.14-0+10debu1

On Tuesday, February 25, 2020 4:18:26 PM EST Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Tue, 2020-02-18 at 00:56 -0500, Scott Kitterman wrote: > > This is the next in the series of postfix 3.1 updates. It includes > > the postfix 3.1 relevant fixes fro

Bug#951563: buster-pu: package postfix/3.4.8-0+10debu1

On Tuesday, February 25, 2020 4:19:42 PM EST Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Tue, 2020-02-18 at 00:50 -0500, Scott Kitterman wrote: > > This is the latest in the series of postfix 3.4 maintenance updates > > for buster. The version is in bullse

Bug#939641: dnsrecon: Python2 removal in sid/bullseye

On Sat, 7 Sep 2019 10:16:36 +0200 Andreas Henriksson wrote: > Package: dnsrecon > Version: 0.8.14-1 > Severity: normal > Tags: sid bullseye > User: debian-pyt...@lists.debian.org > Usertags: py2removal > > Python2 becomes end-of-live upstream, and Debian aims to remove > Python2 from the distribu

Bug#950056: Oops changed severity on wrong bug

Foxed/ signature.asc Description: This is a digitally signed message part.

Bug#950056: python-bleach FTBFS: test failures with Python 3.7.6 and 3.8.1

On Tue, 28 Jan 2020 20:20:51 +0200 Adrian Bunk wrote: > Source: python-bleach > Version: 3.1.0-2 > Severity: serious > Tags: ftbfs > Forwarded: https://github.com/mozilla/bleach/issues/503 > > https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/python-bleach.html Upstream has made

Bug#949029: Processed: reassign 949029 to python3.8

On Tue, 18 Feb 2020 16:24:50 -0500 Scott Kitterman wrote: > Revert is being done upstream for python 3.8.2: > > https://bugs.python.org/msg361815 > > Since it appears this is going to be solved in python3.8, I'm going to > reassign again. Please don't rea

Bug#952500: RM: python-dns -- ROM; Obsolete, python2 only, python3 port is in py3dns package

Package: ftp.debian.org Severity: normal This needs to go away. It's already out of Testing. The remaining rdepends seem unmaintained and should probably be considered for removal too. Scott K

Bug#949312: txsocksx: should this package be removed?

There doesn't seem to be any interest in actually working on this package, so I'm going to go ahead with the removal. If the rdepends are going to make it back into Testing, it should be after switching to python3, so this package won't be needed. Scott K

Bug#951907: Suggested Stable Fix

angelog python-bleach-3.1.1/debian/changelog --- python-bleach-3.1.0/debian/changelog 2019-01-15 00:46:11.0 -0500 +++ python-bleach-3.1.1/debian/changelog 2020-02-22 19:08:53.0 -0500 @@ -1,3 +1,9 @@ +python-bleach (3.1.1-0+deb10u1) buster-security; urgency=medium + + * New upstream

Bug#951907: Acknowledgement (src:python-bleach: Security issue: mutation XSS vulnerability)

I checked and I can find no evidence that the version in oldstable is affected. Scott K signature.asc Description: This is a digitally signed message part.

Bug#951907: src:python-bleach: Security issue: mutation XSS vulnerability

Package: src:python-bleach Version: 3.1.0-1 Severity: serious Tags: security upstream >From the upstream change log: **Security fixes** * ``bleach.clean`` behavior parsing ``noscript`` tags did not match browser behavior. Calls to ``bleach.clean`` allowing ``noscript`` and one or more of

Bug#951057: [Pkg-clamav-devel] Bug#951057: clamav-freshclam: allow overriding of CA store

On February 21, 2020 11:09:52 PM UTC, Sebastian Andrzej Siewior wrote: >On 2020-02-17 21:15:57 [+], Scott Kitterman wrote: >> Thanks. It looks like clamav-freshclam will also need Depends >> ca-certificates added. I'd prefer Recommends if we can get away with >&

Bug#950056: Breaking change in python 3.7/3.8 to be reverted

On Tue, 28 Jan 2020 20:20:51 +0200 Adrian Bunk wrote: > Source: python-bleach > Version: 3.1.0-2 > Severity: serious > Tags: ftbfs > Forwarded: https://github.com/mozilla/bleach/issues/503 > > https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/python-bleach.html > > ... We'll see

Bug#949029: Processed: reassign 949029 to python3.8

Revert is being done upstream for python 3.8.2: https://bugs.python.org/msg361815 Since it appears this is going to be solved in python3.8, I'm going to reassign again. Please don't reassign back, there's no point. There's another open bug against ptyhon-bleach for this. Scott K signature.a

Bug#951564: stretch-pu: package postfix/3.1.14-0+10debu1

system and have given it basic testing. Given upstream's history with maintenance updates, I have confidence this is very low risk. Details follow: [Scott Kitterman] * Check GPG signature when downloading new versions via uscan [Wietse Venema] * 3.1.15 - Bugfix (introduced: Po

Bug#951563: buster-pu: package postfix/3.4.8-0+10debu1

tested by end users to work in both configurations. Neither fix has any regression risk for users of Debian's default init system. Details follow: postfix (3.4.9-0+10debu1) buster; urgency=medium [Scott Kitterman] * Correct Debian's smtp (8) man page name in d/p/debian-man-nam

Bug#949312: txsocksx: should this package be removed?

On Monday, February 17, 2020 5:58:14 PM EST Adrian Bunk wrote: > On Mon, Feb 17, 2020 at 12:05:59PM -0500, Scott Kitterman wrote: > > Here's a thought: > > > > Given the concern Adrian has expressed relative to tahoe-lafs, how about > > if > > someone uploads

Bug#951057: [Pkg-clamav-devel] Bug#951057: clamav-freshclam: allow overriding of CA store

Thanks. It looks like clamav-freshclam will also need Depends ca-certificates added. I'd prefer Recommends if we can get away with it. What do you think?

Bug#949312: txsocksx: should this package be removed?

Here's a thought: Given the concern Adrian has expressed relative to tahoe-lafs, how about if someone uploads the relevant packages to experimental: python-txsocksx -> foolscap -> tahoe-lafs Then the Unstable rm can go forward, but in the event python2 stays in the bullseye release, it's easy

Bug#944922: postfix: Init script in 3.4.7-2 does not start all instances

On Tue, 11 Feb 2020 20:34:33 +0100 jaros...@thinline.cz wrote: ... > Hello, > > thanks for putting your time into this. > > If it helps, I made a quick and dirty fix to the new approach > > running() { > > INSTANCE="$1" > if [ "X$INSTANCE" = X ]; then > > POSTMULTI="" >

Bug#944922: postfix: Init script in 3.4.7-2 does not start all instances

On Tuesday, February 11, 2020 12:35:16 PM EST jaros...@thinline.cz wrote: > > On Sun, 12 Jan 2020 21:18:15 -0500 Scott Kitterman > > > > > > wrote: > >> On Sun, 17 Nov 2019 12:04:46 -0600 Andy Dorman > >> > >> > >> wrote: > >&g

Bug#950944: clamav: Vulnerability in the Data-Loss-Prevention (DLP) module

Package: clamav Version: 0.102.1+dfsg-0+deb10u2 Severity: important Tags: upstream CVE-2020-3123 A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service c

Bug#950290: Acknowledgement (bley: Port to use publicsuffix2, missing depends)

tches/publicsuffix2_port.patch 1969-12-31 19:00:00.0 -0500 +++ bley-2.0.0/debian/patches/publicsuffix2_port.patch 2020-01-30 19:57:12.0 -0500 @@ -0,0 +1,47 @@ +Description: Use publicsuffix2 +Author: Scott Kitterman +Bug-Debian: https://bugs.debian.org/950290 +Origin: vendor +Forwarde

Bug#950290: bley: Port to use publicsuffix2, missing depends

Package: bley Severity: serious Justification: Policy 3.5 The python-publicsuffix package was deprecated by upstream and has been replaced in Debian by python-publicsuffix2. If bley is ported to Python 3 so it can stay in Debian, it also needs to be ported to publicsuffix2. Scott K Versions of

Bug#949993: RM: python-publicsuffix -- RoQA; Deprecated by upstream, replaced by python-publicsuffix2

Package: ftp.debian.org Severity: normal Upstream has stated that python-publicsuffix should no longer be used. In Debian, the binary it generates (python3-publicsuffix) has no more rdepends. The replacement package, python-publicsuffix2 has migrated to Testing, so this can go now. Scott K

Bug#949029: python-bleach is failing the autopkg tests with Python 3.8

This is due to a breaking change that was inappropriately included in python3.8 3.8.1. See: https://bugs.python.org/issue27657 https://github.com/mozilla/bleach/issues/503 Rather than "Fixed" in python-bleach, the breaking change in python3.8 should be reverted. Python3 can break python-bleac

Bug#949832: src:python-publicsuffix: Should not be released with Bullseye

Package: src:python-publicsuffix Severity: serious Upstream has said this module should not be used anymore. Here's an excerpt from the current package description: Deprecated Please don’t use this module. It is provided for historical reasons only. New code should instead use one of the other

Bug#949796: ITP: python-publicsuffix2 -- Python3 module to get a domain suffix using the Public Suffix List

Package: wnpp Severity: wishlist Owner: Scott Kitterman * Package name: python-publicsuffix2 Version : 2.20191221 Upstream Author : nexB Inc. * URL : https://pypi.python.org/pypi/publicsuffix2 * License : Expat Programming Lang: Python, Description

Bug#949784: ITP: pep517 -- Specifies a standard API for systems which build Python packages

Package: wnpp Severity: wishlist Owner: Scott Kitterman * Package name: pep517 Version : 0.7.0 Upstream Author : Thomas Kluyver * URL : https://pypi.org/project/pep517/ * License : Expat Programming Lang: Python Description : Specifies a standard API

Bug#948555: python-soappy: should this package be removed?

On Fri, 10 Jan 2020 00:14:59 -0500 Sandro Tosi wrote: > Package: python-soappy > Version: 0.12.22-1 > Severity: serious > > Hello, > i believe we should remove python-soappy from Debian: > > * python2-only code base > * leaf package > * even upstream suggests to use `suds` instead of this projec

<    1   2   3   4   5   6   7   8   9   10   >