[Git][security-tracker-team/security-tracker][master] 3 commits: virtualenv hasn't embedded pip since debian/20.0.20+ds-1
Stefano Rivera (@stefanor)
stefanor at debian.org
Sun Jan 16 15:05:41 GMT 2022
Stefano Rivera pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ddd70855 by Stefano Rivera at 2022-01-16T10:44:05-04:00
virtualenv hasn't embedded pip since debian/20.0.20+ds-1
- - - - -
64edb42f by Stefano Rivera at 2022-01-16T11:03:38-04:00
python-pip now embeds its dependencies
- - - - -
834d6974 by Stefano Rivera at 2022-01-16T11:05:34-04:00
pypy embeds some libraries
- - - - -
1 changed file:
- data/embedded-code-copies
Changes:
=====================================
data/embedded-code-copies
=====================================
@@ -1513,6 +1513,8 @@ pyparsing
- matplotlib 1.3.0-1 (embed; bug #531024; bug #555369)
- zhpy 1.7.3.1-1 (embed; bug #555370)
- polybori <unknown> (embed)
+ - python-pip <unfixable> (embed)
+ NOTE: https://lists.debian.org/debian-python/2021/09/msg00031.html
- python-whoosh <unknown> (embed)
- twill <unknown> (embed)
- zope-textindexng3 <unknown> (embed)
@@ -1648,11 +1650,17 @@ python2.7
NOTE: core functionality based on Python difflib code with changed output format
- zodbpickle <unfixable> (fork)
NOTE: embeds outdated stdlib modules: pickle, cpickle
+ - pypy <unfixable> (fork)
+ NOTE: embeds stdlib
python3.6
- zodbpickle <unfixable> (fork)
NOTE: embeds outdated stdlib modules: pickle, cpickle
+python3.7
+ - pypy3 <unfixable> (fork)
+ NOTE: embeds stdlib
+
argparse
- twill <unfixed> (embed; bug #555347)
- ipython <unfixed> (embed; bug #555348)
@@ -2911,9 +2919,6 @@ automysqlbackup
- autopostgresqlbackup <unfixed>
NOTE: fork
-python-pip
- - python-virtualenv <unfixed>
-
scrypt
- python-scrypt <unfixed> (embed; wontfix; package in NEW)
NOTE: upstream scrypt does not provide a shared library/API
@@ -3558,6 +3563,18 @@ python-py
- pypy <unfixed> (embed)
- pypy3 <unfixed> (embed)
+pytest
+ - pypy <unfixed> (modified-embed)
+ - pypy3 <unfixed> (modified-embed)
+
+python-cffi
+ - pypy <unfixed> (embed)
+ - pypy3 <unfixed> (embed)
+
+python-cryptography:
+ - pypy <unfixed> (embed)
+ - pypy3 <unfixed> (embed)
+
chezscheme
- racket <unfixable> (fork)
@@ -3566,3 +3583,87 @@ ccextractor
xorg-server
- xwayland <unfixable> (fork)
+
+python-cachecontrol
+ - python-pip <unfixable> (embed)
+ NOTE: https://lists.debian.org/debian-python/2021/09/msg00031.html
+
+python-certifi
+ - python-pip <unfixable> (embed)
+ NOTE: https://lists.debian.org/debian-python/2021/09/msg00031.html
+
+chardet
+ - python-pip <unfixable> (embed)
+ NOTE: https://lists.debian.org/debian-python/2021/09/msg00031.html
+
+python-colorama
+ - python-pip <unfixable> (embed)
+ NOTE: https://lists.debian.org/debian-python/2021/09/msg00031.html
+
+distlib
+ - python-pip <unfixable> (embed)
+ NOTE: https://lists.debian.org/debian-python/2021/09/msg00031.html
+
+python-distro
+ - python-pip <unfixable> (embed)
+ NOTE: https://lists.debian.org/debian-python/2021/09/msg00031.html
+
+html5lib
+ - python-pip <unfixable> (embed)
+ NOTE: https://lists.debian.org/debian-python/2021/09/msg00031.html
+
+python-idna
+ - python-pip <unfixable> (embed)
+ NOTE: https://lists.debian.org/debian-python/2021/09/msg00031.html
+
+python-msgpack
+ - python-pip <unfixable> (embed)
+ NOTE: https://lists.debian.org/debian-python/2021/09/msg00031.html
+
+python-packaging
+ - python-pip <unfixable> (embed)
+ NOTE: https://lists.debian.org/debian-python/2021/09/msg00031.html
+
+pep517
+ - python-pip <unfixable> (embed)
+ NOTE: https://lists.debian.org/debian-python/2021/09/msg00031.html
+
+setuptools
+ - python-pip <unfixable> (embed)
+ NOTE: https://lists.debian.org/debian-python/2021/09/msg00031.html
+
+platformdirs
+ - python-pip <unfixable> (embed)
+ NOTE: https://lists.debian.org/debian-python/2021/09/msg00031.html
+
+python-progress
+ - python-pip <unfixable> (embed)
+ NOTE: https://lists.debian.org/debian-python/2021/09/msg00031.html
+
+requests
+ - python-pip <unfixable> (embed)
+ NOTE: https://lists.debian.org/debian-python/2021/09/msg00031.html
+
+python-resolvelib
+ - python-pip <unfixable> (embed)
+ NOTE: https://lists.debian.org/debian-python/2021/09/msg00031.html
+
+six
+ - python-pip <unfixable> (embed)
+ NOTE: https://lists.debian.org/debian-python/2021/09/msg00031.html
+
+python-tenacity
+ - python-pip <unfixable> (embed)
+ NOTE: https://lists.debian.org/debian-python/2021/09/msg00031.html
+
+python-tomli
+ - python-pip <unfixable> (embed)
+ NOTE: https://lists.debian.org/debian-python/2021/09/msg00031.html
+
+python-urllib3
+ - python-pip <unfixable> (embed)
+ NOTE: https://lists.debian.org/debian-python/2021/09/msg00031.html
+
+python-webencodings
+ - python-pip <unfixable> (embed)
+ NOTE: https://lists.debian.org/debian-python/2021/09/msg00031.html
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1de5db1ca6aa0eb86bf32ad5e5c2a39e1d438f44...834d697426872b1b1d189173f67657aa559e3ae9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1de5db1ca6aa0eb86bf32ad5e5c2a39e1d438f44...834d697426872b1b1d189173f67657aa559e3ae9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220116/b07fcebe/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list