python-cmarkgfm - Debian Package Tracker

general

source: python-cmarkgfm (main)
version: 0.4.2-1
maintainer: Debian Python Modules Team (archive) (DMD)
uploaders: Nicolas Dandrimont [DMD]
arch: any
std-ver: 4.1.4
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 0.4.2-1
stable: 0.4.2-1
testing: 0.4.2-1
unstable: 0.4.2-1

versioned links

0.4.2-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

python3-cmarkgfm

action needed

A new upstream version is available: 0.6.0 high

A new upstream version 0.6.0 is available, you should consider packaging it.

Created: 2020-11-23 Last update: 2021-12-03 23:06

lintian reports 3 errors and 2 warnings high

Lintian reports 3 errors and 2 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2020-07-29 Last update: 2021-11-05 04:34

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2020-5238: The table extension in GitHub Flavored Markdown before version 0.29.0.gfm.1 takes O(n * n) time to parse certain inputs. An attacker could craft a markdown table which would take an unreasonably long time to process, causing a denial of service. This issue does not affect the upstream cmark project. The issue has been fixed in version 0.29.0.gfm.1.

Created: 2021-02-19 Last update: 2021-08-15 00:00

1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:

CVE-2020-5238: The table extension in GitHub Flavored Markdown before version 0.29.0.gfm.1 takes O(n * n) time to parse certain inputs. An attacker could craft a markdown table which would take an unreasonably long time to process, causing a denial of service. This issue does not affect the upstream cmark project. The issue has been fixed in version 0.29.0.gfm.1.

Created: 2021-08-15 Last update: 2021-08-15 00:00

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 0.4.2-2, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit b0bc109d3bbc9672ee29111cbff5720c3458840b
Author: Ondřej Nový <onovy@debian.org>
Date:   Thu Sep 24 08:47:07 2020 +0200

    d/control: Update Vcs-* fields with new Debian Python Team Salsa layout

commit e49f24383c51fad7be02d2779c50b8aa18b12927
Author: Ondřej Nový <onovy@debian.org>
Date:   Thu Sep 24 08:47:07 2020 +0200

    d/control: Update Maintainer field with new Debian Python Team contact address

commit b91c77c4a3f2c316892b991d30b8ff420812577a
Merge: bb29ffc 00e031e
Author: Jelmer Vernooĳ <jelmer@debian.org>
Date:   Mon Jan 13 22:02:20 2020 +0000

    Merge branch 'lintian-fixes' into 'debian/master'
    
    Fix some issues reported by lintian
    
    See merge request python-team/modules/python-cmarkgfm!1

commit 00e031eee322f2d0ec5427261ca01ba093083fc1
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Tue Jan 7 16:08:52 2020 +0000

    Update standards version to 4.1.5, no changes needed.
    
    Fixes: lintian: out-of-date-standards-version
    See-also: https://lintian.debian.org/tags/out-of-date-standards-version.html

commit 4b8179e3adf432322fc604b4a7f6c1c1e5d198e7
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Tue Jan 7 16:08:29 2020 +0000

    Set upstream metadata fields: Bug-Database, Bug-Submit, Repository, Repository-Browse.
    
    Fixes: lintian: upstream-metadata-file-is-missing
    See-also: https://lintian.debian.org/tags/upstream-metadata-file-is-missing.html

commit 766547084227668d13d9290ebb8de3a50bc3c3c7
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Tue Jan 7 16:08:04 2020 +0000

    Bump debhelper from old 11 to 12.
    
    Fixes: lintian: package-uses-old-debhelper-compat-version
    See-also: https://lintian.debian.org/tags/package-uses-old-debhelper-compat-version.html

commit bb29ffcf4a1b5d1e685813971744766ae1823fd9
Author: Ondřej Nový <onovy@debian.org>
Date:   Sun Aug 25 11:01:46 2019 +0200

    d/control: Fix wrong Vcs-*

commit 1b0f0c41e0bbcff1955be9085e221db1d0d7d120
Author: Ondřej Nový <onovy@debian.org>
Date:   Fri Jul 19 23:44:29 2019 +0200

    Use debhelper-compat instead of debian/compat

https://salsa.debian.org/api/v4/projects/python-team%2Fmodules%2Fpython-cmarkgfm API request failed: 404 Not Found at /srv/qa.debian.org/data/vcswatch/vcswatch line 392.

Created: 2019-07-20 Last update: 2021-11-29 19:06

1 low-priority security issue in buster low

There is 1 open security issue in buster.

1 issue left for the package maintainer to handle:

CVE-2020-5238: (needs triaging) The table extension in GitHub Flavored Markdown before version 0.29.0.gfm.1 takes O(n * n) time to parse certain inputs. An attacker could craft a markdown table which would take an unreasonably long time to process, causing a denial of service. This issue does not affect the upstream cmark project. The issue has been fixed in version 0.29.0.gfm.1.

You can find information about how to handle this issue in the security team's documentation.

Created: 2021-02-19 Last update: 2021-08-15 00:00

1 low-priority security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue left for the package maintainer to handle:

CVE-2020-5238: (needs triaging) The table extension in GitHub Flavored Markdown before version 0.29.0.gfm.1 takes O(n * n) time to parse certain inputs. An attacker could craft a markdown table which would take an unreasonably long time to process, causing a denial of service. This issue does not affect the upstream cmark project. The issue has been fixed in version 0.29.0.gfm.1.

You can find information about how to handle this issue in the security team's documentation.

Created: 2021-08-14 Last update: 2021-08-15 00:00

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.0 instead of 4.1.4).

Created: 2018-08-20 Last update: 2021-08-18 14:02

news

[rss feed]

[2018-05-04] python-cmarkgfm 0.4.2-1 MIGRATED to testing (Debian testing watch)
[2018-05-01] Accepted python-cmarkgfm 0.4.2-1 (source amd64) into unstable, unstable (Nicolas Dandrimont)

bugs [bug history graph]

all: 1
RC: 0
I&N: 1
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (3, 2)
buildd: logs, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.4.2-1build5