Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted tqdm 4.66.4-1 (source) into unstable
Date: Sat, 04 May 2024 16:22:34 +0000
Signed by: Daniel Baumann <daniel@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 04 May 2024 18:02:53 +0200
Source: tqdm
Architecture: source
Version: 4.66.4-1
Distribution: sid
Urgency: medium
Maintainer: Daniel Baumann <daniel.baumann@progress-linux.org>
Changed-By: Daniel Baumann <daniel.baumann@progress-linux.org>
Closes: 1070372
Changes:
 tqdm (4.66.4-1) sid; urgency=medium
 .
   * Uploading to sid.
   * Merging upstream version 4.66.4:
     - any optional non-boolean CLI arguments are passed through python's eval,
       allowing arbitrary code execution [CVE-2024-34062] (Closes: #1070372).
Checksums-Sha1:
 641c3b99cd0f9b3e28d2c022576abd43d70a6b8b 2171 tqdm_4.66.4-1.dsc
 3aac7611afcdbc5baff1d52bcb9920c801c247df 104308 tqdm_4.66.4.orig.tar.xz
 f1e826f30df04428607af6f9c72df2e7a585a27f 4324 tqdm_4.66.4-1.debian.tar.xz
 47b5c3e2164ccf83a4e63b5b2f2f02d8df3c174b 8599 tqdm_4.66.4-1_amd64.buildinfo
Checksums-Sha256:
 ce107da175505a5724562b8f91985997e9aa168126ecc8b78a863a065339cb76 2171 tqdm_4.66.4-1.dsc
 b5378fb888240bcafa5227f3ea726147c5703c16ab8ac61fc99e73dc3d14b7d3 104308 tqdm_4.66.4.orig.tar.xz
 762c6ecc1ee59baf7b5f5c87bd5578c687cedd24f88a407d0944519ca94094b3 4324 tqdm_4.66.4-1.debian.tar.xz
 f0ac1c8c8a93f03813b03b2b27844732a287e5aa4fcb24baa26632aabd502849 8599 tqdm_4.66.4-1_amd64.buildinfo
Files:
 5af3bbda9405343246225718517c1a27 2171 python optional tqdm_4.66.4-1.dsc
 eeae6b75c493affc41bc131516a7eb7b 104308 python optional tqdm_4.66.4.orig.tar.xz
 bf50523af5393f4ab4b1aea50e81e72b 4324 python optional tqdm_4.66.4-1.debian.tar.xz
 3cb19210b37b944b800e53ab6ba6725e 8599 python optional tqdm_4.66.4-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEgTbtJcfWfpLHSkKSVc8b+YaruccFAmY2XQAACgkQVc8b+Yar
ucfu+A/+LNDqgLVoMdZdlncaDIKGv33Xp10T8ZDGYiXvzMR56gyFmdnAOxot6cD2
HC0Cm7czJoGLWQCJojNDlaM3M3OXoRUvJcKIqMDWML7yNBbPU6Y+9DVsptsF3HXP
dRTAnUyBVGC8Z0VRyVuI5vCP0qpkrzXikGt+2et/bolUDbvdSuM56mectRTVfY85
E0/w628er3i8uKBNY03Fbu/HdJ4vWydqk6Q3mYqtHTqHfVNcNIostvJNb3BlQpve
O/2gZHcPSjmi97R7CrFNQHc9QeW8mXXt/N6xqLFjyh4QPTurbSM5ya1GX3WkubJT
LVj7ZE9ogDw8QspxohD8pMJMwMWEV71rLNsJdMnZE5+3Oz8/WD1VwCkqP+gKBk4D
i5DxOQsD4fjtwBczv1pOWS9jfaLAVHQbnBaFB3MpcqhBgF9p2Z47qxelohQpZ+rS
KmBe630bIZxAQ6uKo8LmG5pC6dr5Acf1lSXESUx0XBYnsxE29Y16J0qmLKyr3SoN
gNmv3deM64b69VpQpE1zVDfSdqByPmWWaaI4r7qsLWk/J0vA+OOLefp2uXrW5znK
BrFBTO9ZrUuqeeHSvETY6oMcE9brzEUykj8cXRUKI4DTVY80a+aRFIQ5W067nUus
KPVtPDgRubSZYGj4TyuYTjiXywj59O4rnB0HDzPeB+Z8ckYbQl8=
=IZCb
-----END PGP SIGNATURE-----

News for package tqdm