Hi,
I made a fix for sqlalchemy available for testing (CVE-2019-7164/7548):
https://people.debian.org/~beuc/lts/sqlalchemy/
Upstream author Mike Bayer warns that this might break applications,
hence if you are depend on sqlalchemy you are encouraged to test:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Tue, 12 Mar 2019 09:42:39 +0100
Source: waagent
Binary: waagent
Architecture: source all
Version: 2.2.18-3~deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Bastian Blank
Changed-By: Bastian Blank
Description:
Hi Brian,
> "Use easy_install provided scripts instead of our our custom scripts."
>
> Any better?
Somewhat, although I believe truly helpful changelog entries typically
have both the "what" and "why" component, of which yours is currently
missing the latter.
Best wishes,
--
,''`.
Brian May writes:
> Oh wait, this is a debian native package. Means I will probably have to
> patch the files directly, not rely on debian/patches. So was only
> working before because I was testing with patches applied.
>
> Curiously I am getting a test failure when testing without my patches.
Chris Lamb writes:
>> > Hmm, I'm still seeing "reversed" bits in the chunk that don't make
>> > immediate sense to me. Perhaps we just need a more-detailed changelog
>> > entry (rather than an explanation reply on this list) however. (For
>> > example "debian/scripts/rdfs2dot"...?)
>>
>> What