Hi Scott,
On Thu, Dec 11, 2014 at 07:09:11AM -0500, Scott Kitterman wrote:
> On December 11, 2014 6:37:51 AM EST, Moritz Muehlenhoff
> wrote:
> >Package: pyyaml
> >Severity: grave
> >Tags: security
> >
> >Hi,
> >CVE-2014-9130 from libyaml also affects pyyaml. I'm attaching a short
> >reproducer.
Processing commands for cont...@bugs.debian.org:
> severity 772730 serious
Bug #772730 [python-pip] python-pip: pyvenv created virtual environments are
missing their .whl files
Severity set to 'serious' from 'important'
> reassign 772730 python3.4
Bug #772730 [python-pip] python-pip: pyvenv creat
Package: src:python-ghost
Version: 0.1b6+git20141209-1
Severity: serious
Justification: fails to build from source
Dear Maintainer,
Please build-depend on python-django and python3-django to fix the tests that
are currently erroring out on a build in a clean chroot. Here is the relevant
tail of
Processing commands for cont...@bugs.debian.org:
> tags 767554 + pending
Bug #767554 [python-persistent,python-zodb] python-persistent and python-zodb:
error when trying to install together
Added tag(s) pending.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
767
Processing commands for cont...@bugs.debian.org:
> tags 767554 + patch
Bug #767554 [python-persistent,python-zodb] python-persistent and python-zodb:
error when trying to install together
Added tag(s) patch.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
767554:
Hi,
Julien Cristau writes:
> I don't think that's ok. Can't you remove the conflicting files from
> python-zodb, and make it depend on python-persistent?
Thanks for the suggestion. I talked with upstream authors and this
should be fine. However, python-persistent in the archive (4.
Processing commands for cont...@bugs.debian.org:
> #
> # bts-link upstream status pull for source package python-cffi
> # see http://lists.debian.org/debian-devel-announce/2006/05/msg1.html
> #
> user bts-link-upstr...@lists.alioth.debian.org
Setting user to bts-link-upstr...@lists.alioth.debi
#
# bts-link upstream status pull for source package python-cffi
# see http://lists.debian.org/debian-devel-announce/2006/05/msg1.html
#
user bts-link-upstr...@lists.alioth.debian.org
# remote status report for #733517 (http://bugs.debian.org/733517)
# Bug title: FTBFS on Sparc
# * http://bi
FYI: The status of the python-pip source package
in Debian's testing distribution has changed.
Previous version: 1.5.6-3
Current version: 1.5.6-4
--
This email is automatically generated once a day. As the installation of
new packages into testing happens multiple times a day you will rece
I think this is actually a bug with the python3.4 package.
* It only appears in Debian Sid, Jessie is fine.
* Inspecting /usr/lib/python3.4/ensurepip/__init__.py it appears to me that
ensurepip has lost the lines where it copies the wheels into the venv file.
Without the copy line those depende
> I've uploaded to mentors:
> http://mentors.debian.net/package/pyusb
>
> I'm really hoping someone will take a look
looks nice; I'm using right now
> and upload it.
I can't do that.
> My name had to be added to the changelog for me to be able to upload it to
> mentors. This leads to some nm
On December 11, 2014 6:37:51 AM EST, Moritz Muehlenhoff wrote:
>Package: pyyaml
>Severity: grave
>Tags: security
>
>Hi,
>CVE-2014-9130 from libyaml also affects pyyaml. I'm attaching a short
>reproducer.
I'm away from any computer I could test this on today.
Is this still a problem with a fixed
Package: pyyaml
Severity: grave
Tags: security
Hi,
CVE-2014-9130 from libyaml also affects pyyaml. I'm attaching a short
reproducer.
Cheers,
Moritz
import yaml
import codecs
with codecs.open('CVE-2014-9130.yaml', 'r') as stream:
foo = yaml.load(stream)
for key, value in foo.items():
13 matches
Mail list logo
