[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] The reasoning for not fixing ipython looks reasonable. Removing from dla-needed.txt.

Mon Apr 9 19:18:50 BST 2018

Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker


Commits:
70b44f93 by Ola Lundqvist at 2018-04-09T20:18:33+02:00
The reasoning for not fixing ipython looks reasonable. Removing from dla-needed.txt.

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================

--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -38,15 +38,6 @@ gcc-4.7 (Roberto C. Sánchez)
 --
 imagemagick
 --
-ipython
-  NOTE: The Wheezy version lacks the security and sanitization feature hence
-  NOTE: the vulnerable code is not present. Ipython's notebook might be still
-  NOTE: affected though. Due to the absence of sanitization a fix is probably too
-  NOTE: intrusive. I suggest to fix the Jessie version instead, which contains basic
-  NOTE: sanitization and then recommend to Wheezy users to not use Ipython's notebook
-  NOTE: with untrusted content and upgrade to Jessie. Please double-check all
-  NOTE: this.
---
 jruby
 --
 krb5



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/70b44f93872c3734b0190a9afee12c2a4bd97394

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/70b44f93872c3734b0190a9afee12c2a4bd97394
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180409/53814885/attachment-0001.html>
