Bug#684246: feedparser code embedded in planet-venus and possibly may be out of date and vulnerable

Hi. I've worked these last days on updating planet-venus to both update it to latest upstream, and to get rid of the embedded copy of python-feedparser (instead depending on the Debian package). I've uploaded the resulting package to experimental [0]. This should address the security issue, but

Bug#684246: planet-venus needs love - Was: Re: Bug#684246: feedparser code embedded in planet-venus and possibly may be out of date and vulnerable

Hi. AFAICT from [0] it seems that the package planet-venus might be maintained by the Python Applications Packaging Team (couldn't track back the messaged referenced in [0], btw), even though I have doubts. Hence copying quite many people. Sorry about the spam in advance (and please CC: me,

Bug#684246: planet-venus needs love - Was: Re: Bug#684246: feedparser code embedded in planet-venus and possibly may be out of date and vulnerable

Hi. AFAICT from [0] it seems that the package planet-venus might be maintained by the Python Applications Packaging Team (couldn't track back the messaged referenced in [0], btw), even though I have doubts. Hence copying quite many people. Sorry about the spam in advance (and please CC: me,

Bug#684246: feedparser code embedded in planet-venus and possibly may be out of date and vulnerable

Package: planet-venus Severity: important Tags: security I have been working on a tool called Clonewise to automatically identify embedded code copies in Debian packages and determine if they are out of date and vulnerable. Ideally, embedding code and libraries should be avoided and a system wide