vcswatch reports that
there is an error with this package's VCS, or the debian/changelog file inside
it. Please check the error shown below and try to fix it. You might have
to update the VCS URL in the debian/control file to point to the correct
repository.
fatal: unable to access 'https://salsa.debian.org/python-team/packages/celery.git/': Failed to connect to salsa.debian.org port 443: No route to host
Depends on packages which need a new maintainer
normal
The packages that celery depends on which need a new maintainer are:
Lintian reports
4 warnings
about this package. You should make the package lintian clean getting rid of them.
debian/patches: 12 patches to forward upstream
low
Among the 14 debian patches
available in version 5.2.6-5 of the package,
we noticed the following issues:
12 patches
where the metadata indicates that the patch has not yet been forwarded
upstream. You should either forward the patch upstream or update the
metadata to document its real status.
1 issue left for the package maintainer to handle:
CVE-2021-23727:
(needs triaging)
This affects the package celery before 5.2.2. It by default trusts the messages and metadata stored in backends (result stores). When reading task metadata from the backend, the data is deserialized. Given that an attacker can gain access to, or somehow manipulate the metadata within a celery backend, they could trigger a stored command injection vulnerability and potentially gain further access to the system.
![[bug history graph]](https://qa.debian.org/data/bts/graphs/c/celery.png){kind=link}