cairosvg - Debian Package Tracker

general

source: cairosvg (main)
version: 2.5.2-1
maintainer: Debian Python Team (DMD)
uploaders: Michael Fladischer [DMD]
arch: all
std-ver: 4.6.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.0.20-1
oldstable: 1.0.20-1
old-bpo: 2.4.2-1~bpo10+1
stable: 2.5.0-1.1
testing: 2.5.2-1
unstable: 2.5.2-1

versioned links

1.0.20-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.4.2-1~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.5.0-1.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.5.2-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

cairosvg
python3-cairosvg

action needed

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2023-27586: CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to version 2.7.0, Cairo can send requests to external hosts when processing SVG files. A malicious actor could send a specially crafted SVG file that allows them to perform a server-side request forgery or denial of service. Version 2.7.0 disables CairoSVG's ability to access other files online by default.

Created: 2023-03-21 Last update: 2023-03-30 06:01

Problems while searching for a new upstream version high

uscan had problems while searching for a new upstream version:

In debian/watch no matching files for watch line
  https://github.com/Kozea/CairoSVG/releases /Kozea/CairoSVG/archive/refs/tags/([\d\.]+)\.tar\.gz

Created: 2022-09-23 Last update: 2023-03-30 02:30

lintian reports 1 warning normal

Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2023-03-25 Last update: 2023-03-25 09:31

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 2.5.2-2, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 491ee45eab3a09a6a8dc55b705a83dc0a1da732b
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Fri Oct 14 15:00:59 2022 +0000

    Update standards version to 4.6.1, no changes needed.
    
    Changes-By: lintian-brush
    Fixes: lintian: out-of-date-standards-version
    See-also: https://lintian.debian.org/tags/out-of-date-standards-version.html

Created: 2022-10-15 Last update: 2023-03-25 04:36

debian/patches: 2 patches to forward upstream low

Among the 2 debian patches available in version 2.5.2-1.1 of the package, we noticed the following issues:

2 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2023-03-25 07:43

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.2 instead of 4.6.0).

Created: 2022-05-11 Last update: 2022-12-17 19:18

news

[rss feed]

[2023-03-30] cairosvg 2.5.2-1.1 MIGRATED to testing (Debian testing watch)
[2023-03-24] Accepted cairosvg 2.5.2-1.1 (source) into unstable (Salvatore Bonaccorso)
[2021-09-07] cairosvg 2.5.2-1 MIGRATED to testing (Debian testing watch)
[2021-08-30] Accepted cairosvg 2.5.2-1 (source) into unstable (Michael Fladischer)
[2021-01-23] cairosvg 2.5.0-1.1 MIGRATED to testing (Debian testing watch)
[2021-01-18] Accepted cairosvg 2.5.0-1.1 (source) into unstable (Salvatore Bonaccorso)
[2020-12-11] cairosvg 2.5.0-1 MIGRATED to testing (Debian testing watch)
[2020-11-30] Accepted cairosvg 2.5.0-1 (source) into unstable (Michael Fladischer)
[2020-07-13] Accepted cairosvg 2.4.2-1~bpo10+1 (source all) into buster-backports, buster-backports (Debian FTP Masters) (signed by: Mattia Rizzolo)
[2019-10-20] cairosvg 2.4.2-1 MIGRATED to testing (Debian testing watch)
[2019-10-14] Accepted cairosvg 2.4.2-1 (source) into unstable (Michael Fladischer)
[2019-08-16] cairosvg 2.4.0-2 MIGRATED to testing (Debian testing watch)
[2019-08-10] Accepted cairosvg 2.4.0-2 (source) into unstable (Andrey Rahmatullin)
[2019-07-17] Accepted cairosvg 2.4.0-1 (source all) into unstable (Michael Fladischer)
[2019-02-23] Accepted cairosvg 2.3.0-1~exp1 (source all) into experimental (Michael Fladischer)
[2019-01-05] Accepted cairosvg 2.2.1-1~exp2 (source all) into experimental, experimental (Michael Fladischer)
[2019-01-05] Accepted cairosvg 2.2.1-1~exp1 (source all) into experimental, experimental (Michael Fladischer)
[2016-04-11] cairosvg 1.0.20-1 MIGRATED to testing (Debian testing watch)
[2016-03-31] Accepted cairosvg 1.0.20-1 (source all) into unstable (Michael Fladischer)
[2015-11-15] cairosvg 1.0.19-1 MIGRATED to testing (Britney)
[2015-11-04] Accepted cairosvg 1.0.19-1 (source all) into unstable (Michael Fladischer)
[2015-10-17] cairosvg 1.0.17-1 MIGRATED to testing (Britney)
[2015-10-11] Accepted cairosvg 1.0.17-1 (source all) into unstable (Michael Fladischer)
[2015-08-21] cairosvg 1.0.16-1 MIGRATED to testing (Britney)
[2015-08-15] Accepted cairosvg 1.0.16-1 (source all) into unstable (Michael Fladischer)
[2015-07-10] cairosvg 1.0.15-1 MIGRATED to testing (Britney)
[2015-06-30] Accepted cairosvg 1.0.15-1 (source all) into unstable (Michael Fladischer)
[2015-06-26] cairosvg 1.0.14-1 MIGRATED to testing (Britney)
[2015-06-18] Accepted cairosvg 1.0.14-1 (source all) into unstable (Michael Fladischer)
[2015-05-24] cairosvg 1.0.13-1 MIGRATED to testing (Britney)

bugs [bug history graph]

all: 0

links

homepage
lintian (0, 1)
buildd: logs, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.5.2-1.1