Promoted. It's in component-mismatches now and in fact causes
uninstallability.
** Changed in: feedparser (Ubuntu)
Status: Fix Committed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
@Chuck Short, which part of nova wants feedparser?
@Kurt McKee, the dh_python2 patch is just a packaging change to use the
recommended python packaging scripts. Patch is here:
http://launchpadlibrarian.net/83398974/feedparser_5.0.1-1_5.0.1-1ubuntu1.diff.gz
--
You received this bug notification
package currently doesn't show up in component mismatches?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/879520
Title:
[MIR] python-feedparser
To manage notifications about this bug go to:
Jamie, I wanted to clear up a couple of things.
feedparser doesn't use utidylib for HTML sanitization, it currently uses
sgmllib (part of the Python standard library) for that purpose. Further,
utidylib isn't used by default, it's only used when
`feedparser.TIDY_MARKUP == True`. I should note
Thanks Jamie! I didn't notice the test suite when I reviewed it. :-/
I've uploaded a version that runs the suite. So I'll mark this as Fix
Committed, waiting for archive promotion.
** Changed in: feedparser (Ubuntu)
Status: Incomplete = Fix Committed
** Changed in: feedparser (Ubuntu)
Thanks Michael! I noticed that the build log had 8 fewer tests than when
I tested it due to python-chardet not being installed. It then occurred
to me that feedparser only uses python-xml2 and python-utidylib if they
are present on the system, so we should add all three to the Build-
Depends so
** Changed in: feedparser (Ubuntu)
Status: Confirmed = In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/879520
Title:
[MIR] python-feedparser
To manage notifications about this bug
Security review:
It has had 4 CVEs:
- CVE-2009-5065: XSS - one line patch, tests added
- CVE-2011-1156: crash via malformed DOCTYPE - contained fix, test added
- CVE-2011-1157: XSS - contained fix, test added
- CVE-2011-1158: XSS - 3 line patch, test added
The package, like Michael said,
** Changed in: feedparser (Ubuntu)
Status: New = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/879520
Title:
[MIR] python-feedparser
To manage notifications about this bug go to:
** Changed in: feedparser (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) = Jamie Strandboge
(jdstrand)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/879520
Title:
[MIR]
Looks fine, packaging wise. Could use an Ubuntu bug subscriber.
Passing to ubuntu-security for a check, since (A) it's had a CVE in the
last year (http://secunia.com/advisories/search/?search=feedparser) and
(B) it's job is to parse arbitrary data from the Internet.
FYI, I passed your
11 matches
Mail list logo