Re: about python-oauth2: CVE-2013-4347

2013-10-09 Thread Philippe Makowski
Le 9 oct. 2013 01:42, Paul Wise p...@debian.org a écrit : On Wed, Oct 9, 2013 at 5:46 AM, Philippe Makowski wrote: do you think that for fixing that, using return ''.join(random.choice('abcdefghijklmnopqrstuvwxyz123456789') for i in xrange(length)) ... would be an acceptable fix ?

Re: about python-oauth2: CVE-2013-4347

2013-10-09 Thread Jakub Wilk
[Disclaimer: I don't know anything about OAuth, or python-oauth2.] * Paul Wise p...@debian.org, 2013-10-09, 07:41: On Wed, Oct 9, 2013 at 5:46 AM, Philippe Makowski wrote: do you think that for fixing that, using return ''.join(random.choice('abcdefghijklmnopqrstuvwxyz123456789') for i in

Bug#725862: RFS: django-haystack/2.1.0-1 [ITP] -- database and form RGB color fields for Django

2013-10-09 Thread Michael Fladischer
Package: sponsorship-requests Severity: wishlist -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear mentors, I am looking for a sponsor for my package django-haystack * Package name: django-haystack Version : 2.1.0-1 Upstream Author : Daniel Lindsley dan...@toastdriven.com

Re: Python-babel 1.3 available from Sid

2013-10-09 Thread Thomas Goirand
On 10/08/2013 07:28 PM, Sebastian Ramacher wrote: He wrote that on Wed, 28th of Aug 2013. That's a long time ago, and as I couldn't wait for more, as some or my packages for OpenStack (build-)depends on Babel 1.3. For a package that had to go through NEW anyway that's really no excuse.