Debian Package Tracker

general

source: ipython (main)
version: 5.5.0-1
maintainer: Debian Python Modules Team (archive) [DMD]
uploaders: Gordon Ball [DMD] – Julien Puydt [DMD]
arch: all
std-ver: 4.1.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.13.1-2+deb7u1
o-o-bpo: 1.2.1-2~bpo70+1
oldstable: 2.3.0-2
old-bpo: 5.1.0-2~bpo8+1
stable: 5.1.0-3
testing: 5.5.0-1
unstable: 5.5.0-1

versioned links

0.13.1-2+deb7u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.2.1-2~bpo70+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.3.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.1.0-2~bpo8+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.1.0-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.5.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

ipython
ipython3
python-ipython
python-ipython-doc
python3-ipython

action needed

A new upstream version is available: 5.6.0 high

A new upstream version 5.6.0 is available, you should consider packaging it.

Created: 2018-04-04 Last update: 2018-04-21 20:03

4 security issues in jessie high

There are 4 open security issues in jessie.

1 important issue:

CVE-2018-8768: In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. Specifically, invalid HTML is 'fixed' by jQuery after sanitization, making it dangerous.

3 issues skipped by the security teams:

CVE-2015-4707: Cross-site scripting (XSS) vulnerability in IPython before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving JSON error messages and the /api/notebooks path.
CVE-2015-6938: Cross-site scripting (XSS) vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site request forgery (CSRF) vulnerability, but this may be inaccurate.
CVE-2015-5607: Cross-site request forgery in the REST API in IPython 2 and 3.

Please fix them.

Created: 2015-07-12 Last update: 2018-04-12 02:12

Depends on packages which need a new maintainer normal

The packages that ipython depends on which need a new maintainer are:

dh-exec (#851746)
- Build-Depends: dh-exec

Created: 2017-12-02 Last update: 2018-04-21 20:09

2 bugs tagged patch in the BTS normal

The BTS contains patches fixing 2 bugs, consider including or untagging them.

Created: 2017-11-21 Last update: 2018-04-21 19:40

lintian reports 2 warnings normal

Lintian reports 2 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2018-04-14 Last update: 2018-04-14 07:49

A new version is available in the VCS, consider uploading it. normal

vcswatch reports that this package has a new version ready in the VCS. You should consider uploading into the archive.

Created: 2018-02-14 Last update: 2018-04-06 02:31

3 ignored security issues in wheezy low

There are 3 open security issues in wheezy.

3 issues skipped by the security teams:

CVE-2018-8768: In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. Specifically, invalid HTML is 'fixed' by jQuery after sanitization, making it dangerous.
CVE-2015-6938: Cross-site scripting (XSS) vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site request forgery (CSRF) vulnerability, but this may be inaccurate.
CVE-2015-5607: Cross-site request forgery in the REST API in IPython 2 and 3.

Please fix them.

Created: 2017-12-30 Last update: 2018-04-12 02:12

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.1.4 instead of 4.1.0).

Created: 2017-10-26 Last update: 2018-04-16 20:45

news

[rss feed]

[2017-10-31] ipython 5.5.0-1 MIGRATED to testing (Debian testing watch)
[2017-10-25] Accepted ipython 5.5.0-1 (source all) into unstable (Gordon Ball) (signed by: Diane Trout)
[2017-03-06] Accepted ipython 5.1.0-2~bpo8+1 (source all) into jessie-backports->backports-policy, jessie-backports (Andreas Tille)
[2016-12-08] ipython 5.1.0-3 MIGRATED to testing (Debian testing watch)
[2016-12-03] Accepted ipython 5.1.0-3 (source all) into unstable (Scott Howard)
[2016-11-07] ipython 5.1.0-2 MIGRATED to testing (Debian testing watch)
[2016-10-31] Accepted ipython 5.1.0-2 (source all) into unstable (Ximin Luo)
[2016-08-19] Accepted ipython 5.1.0-1 (source) into experimental (Julien Puydt) (signed by: Mattia Rizzolo)
[2016-07-21] Accepted ipython 5.0.0-1 (source) into experimental (Julien Puydt) (signed by: Gianfranco Costamagna)
[2016-04-11] Accepted ipython 4.1.2-1 (source all) into experimental, experimental (Julien Cristau)
[2016-01-13] ipython 2.4.1-1 MIGRATED to testing (Debian testing watch)
[2016-01-07] Accepted ipython 2.4.1-1 (source all) into unstable (Julian Taylor)
[2014-11-15] ipython 2.3.0-2 MIGRATED to testing (Britney)
[2014-11-09] Accepted ipython 2.3.0-2 (source all) into unstable (Piotr Ożarowski) (signed by: Piotr Ozarowski)
[2014-10-08] ipython 2.3.0-1 MIGRATED to testing (Britney)
[2014-10-02] Accepted ipython 2.3.0-1 (source all) into unstable (Julian Taylor)
[2014-08-23] ipython 2.2.0-1 MIGRATED to testing (Britney)
[2014-08-17] Accepted ipython 2.2.0-1 (source all) into unstable (Julian Taylor)
[2014-07-23] Accepted ipython 0.13.1-2+deb7u1 (source all) (Julian Taylor)
[2014-07-21] ipython 2.1.0-2 MIGRATED to testing (Britney)
[2014-07-15] Accepted ipython 2.1.0-2 (source all) (Julian Taylor)
[2014-06-05] ipython 2.1.0-1 MIGRATED to testing (Debian testing watch)
[2014-05-25] Accepted ipython 2.1.0-1 (source all) (Julian Taylor)
[2014-03-03] ipython 1.2.1-2 MIGRATED to testing (Debian testing watch)
[2014-02-25] Accepted ipython 1.2.1-2 (source all) (Julian Taylor)
[2014-02-25] Accepted ipython 1.2.1-1 (source all) (Julian Taylor)
[2014-02-16] ipython 1.2.0~rc1-1 MIGRATED to testing (Debian testing watch)
[2014-02-05] Accepted ipython 1.2.0~rc1-1 (source all) (Julian Taylor)
[2014-01-22] ipython 1.1.0-1 MIGRATED to testing (Debian testing watch)
[2014-01-11] Accepted ipython 1.1.0-1 (source all) (Julian Taylor)

bugs [bug history graph]

all: 21
RC: 0
I&N: 16
M&W: 4
F&P: 1

links

homepage
lintian (0, 2)
buildd: logs, clang, reproducibility
popcon
debci
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 5.5.0-1
8 bugs