[Python-apps-team] Bug#868049: pelican: privacy breach in "notmyidea" theme
Johannes Schauer
josch at debian.org
Tue Jul 11 14:20:25 UTC 2017
Source: pelican
Version: 3.7.1-1
Severity: serious
Justification: Policy 2.2.1
The "notmyidea" theme shipped by the pelican package references several
files outside the archive. Specifically:
- pelican/themes/notmyidea/static/css/main.css imports
https://fonts.googleapis.com/css?family=Yanone+Kaffeesatz&subset=latin
- pelican/themes/notmyidea/templates/base.html includes the script
https://html5shiv.googlecode.com/svn/trunk/html5.js
When using packages from Debian main, the expectation is, that the
software does not breach a user's privacy in its default settings. Thus,
above problems must be fixed if this package should stay in "main".
Thanks!
cheers, josch
More information about the Python-apps-team
mailing list