Source: sleekxmpp
Severity: grave
Tags: security
Please see http://seclists.org/oss-sec/2017/q1/373
Cheers,
Moritz
___
Python-modules-team mailing list
Python-modules-team@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/l
Source: kivy
Severity: normal
Hi,
kivy is using gstreamer 1.0, but still has alternate build-deps/deps
on gstreamer 0.10:
libgstreamer0.10-dev
python-gst0.10
Please remove these, gstreamer 0.10 is scheduled for removal from
the archive.
Cheers,
Moritz
__
Source: ipython
Severity: grave
Tags: security
Please see http://www.openwall.com/lists/oss-security/2015/09/02/3
Cheers,
Moritz
___
Python-modules-team mailing list
Python-modules-team@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi
Package: pyyaml
Severity: grave
Tags: security
Hi,
CVE-2014-9130 from libyaml also affects pyyaml. I'm attaching a short
reproducer.
Cheers,
Moritz
import yaml
import codecs
with codecs.open('CVE-2014-9130.yaml', 'r') as stream:
foo = yaml.load(stream)
for key, value in foo.items():
Package: python-cjson
Severity: important
Tags: patch
Hi,
please enable hardened build flags. I've tested that bumping the compat level
to 9
is all that needs to be done.
Cheers,
Moritz
___
Python-modules-team mailing list
Python-modules-team@
Package: pywbem
Severity: grave
Tags: security
Justification: user security hole
Please see:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6418
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6444
Cheers,
Moritz
___
Python-modules-t
Package: scitools
Severity: normal
User: pkg-multimedia-maintain...@lists.alioth.debian.org
Usertags: ffmpeg-removal
scitools has a Suggests: on ffmpeg. ffmpeg is no longer built from libav.
avconv from the libav-tools package might provide a compatible interface.
Cheers,
Moritz
___
Package: tweepy
Severity: important
Tags: security
Justification: user security hole
Please see Section 9 of this paper:
http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf
Cheers,
Moritz
___
Python-modules-team mailing list
Python-modules-team@lis
On Mon, Apr 30, 2012 at 02:17:11PM +0200, Moritz Muehlenhoff wrote:
> Package: python-elixir
> Severity: important
> Tags: security
>
> Please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2146 for
> details
> and references to further information.
What's th
Package: beaker
Severity: grave
Tags: security
Justification: user security hole
Please see
https://groups.google.com/forum/?fromgroups#!topic/pylons-devel/zOx8OhIDru4[1-25]
Remember we're in freeze, so please fix this in sid through the isolated fix
instead of
updating to 1.6.4.
Cheers,
Package: python-tornado
Severity: grave
Tags: security
Please see http://www.tornadoweb.org/documentation/releases/v2.2.1.html
Cheers,
Moritz
___
Python-modules-team mailing list
Python-modules-team@lists.alioth.debian.org
http://lists.alioth
Package: python-elixir
Severity: important
Tags: security
Please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2146 for details
and references to further information.
Cheers,
Moritz
___
Python-modules-team mailing list
Python-modul
Package: pyside-mobility
Version: 0.2.3+git4~8118106-1
Severity: serious
Your package fails to build from source:
# Do the legacy install for the rest
dh_install -a --list-missing
dh override_dh_install --with python2 --buildsystem=cmake --parallel
make[1]: Leaving directory `/home/jmm/pyside-mob
Package: python-django-piston
Severity: grave
Tags: security
Please see
https://www.djangoproject.com/weblog/2011/nov/01/piston-and-tastypie-security-releases/
Cheers,
Moritz
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architec
Dear Python Modules Team
are any of your 205 (that's an impressive amount, although still
nearly 500 packages behind the Perl guys ;-) Python modules affected
by the openssl breakage?
For pyopenssl I would propose the following text (please review
and extend, it's been some time since I've used py
15 matches
Mail list logo
