python-cryptography - Debian Package Tracker

general

source: python-cryptography (main)
version: 38.0.4-4
maintainer: Tristan Seligmann (DMD) (LowNMU)
uploaders: Debian Python Team [DMD] – Sandro Tosi [DMD]
arch: all any
std-ver: 4.6.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.6.1-3+deb10u2
o-o-sec: 2.6.1-3+deb10u4
oldstable: 3.3.2-1
stable: 38.0.4-3
stable-sec: 38.0.4-3~deb12u1
testing: 38.0.4-4
unstable: 38.0.4-4

versioned links

2.6.1-3+deb10u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.6.1-3+deb10u4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.3.2-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
38.0.4-3~deb12u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
38.0.4-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
38.0.4-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

python-cryptography-doc
python3-cryptography (1 bugs: 0, 1, 0, 0)

action needed

A new upstream version is available: 41.0.4 high

A new upstream version 41.0.4 is available, you should consider packaging it.

Created: 2023-01-04 Last update: 2023-10-08 02:41

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 39.0.1-1, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 4994e28f2c05400a3dc002bd0261e5202e7fb781
Author: Bastian Germann <bage@debian.org>
Date:   Tue Sep 19 20:52:34 2023 +0200

    Make the team the Maintainer (Closes: #1041175)

commit 7be7958b7328178e412c15b7c7471e20be3d3e1b
Merge: fb740ca 56d07ba
Author: Sandro Tosi <morph@debian.org>
Date:   Tue Feb 28 00:42:34 2023 -0500

    Merge branch 'debian/unstable'

commit fb740ca8239e954106af733a019fa2eeb739c7b8
Author: Sandro Tosi <morph@debian.org>
Date:   Sun Feb 12 23:47:16 2023 -0500

    New upstream release; Closes: #1031049 fixes CVE-2023-23931

commit 9abd4b6ee8c7a36cd79230009c9ae6d8fa7a193a
Merge: ca35827 abe9070
Author: Sandro Tosi <morph@debian.org>
Date:   Sun Feb 12 23:46:22 2023 -0500

    Update upstream source from tag 'upstream/39.0.1'
    
    Update to upstream version '39.0.1'
    with Debian dir afcfb32d129d627660ddd4cc4f68cd01f8f0792e

commit abe907009e3865adab6e88cbfafed9d20380bb61
Author: Sandro Tosi <morph@debian.org>
Date:   Sun Feb 12 23:46:21 2023 -0500

    New upstream version 39.0.1

commit ca35827035985696bf60e3cc512eb1bcbf86f9c4
Author: Sandro Tosi <morph@debian.org>
Date:   Sun Feb 12 23:45:58 2023 -0500

    remove pgpsigurlmangle, .asc file no longer on PyPI

commit c4533f1980c249c5344866dfd020528208881841
Merge: 257267e 4b2cc17
Author: Sandro Tosi <morph@debian.org>
Date:   Thu Dec 15 01:22:42 2022 +0000

    Merge branch 'upstream' into 'upstream'
    
    New upstream version 38.0.4
    
    See merge request python-team/packages/python-cryptography!11

Created: 2023-02-13 Last update: 2023-10-03 06:09

Multiarch hinter reports 1 issue(s) low

There are issues with the multiarch metadata for this package.

python-cryptography-doc could be marked Multi-Arch: foreign

Created: 2022-11-11 Last update: 2023-10-08 02:43

debian/patches: 10 patches to forward upstream low

Among the 10 debian patches available in version 38.0.4-4 of the package, we noticed the following issues:

10 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2023-08-17 09:41

1 low-priority security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue left for the package maintainer to handle:

CVE-2023-23931: (needs triaging) cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions `Cipher.update_into` would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as `bytes`) to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This now correctly raises an exception. This issue has been present since `update_into` was originally introduced in cryptography 1.8.

You can find information about how to handle this issue in the security team's documentation.

Created: 2023-02-08 Last update: 2023-08-17 09:26

Build log checks report 2 warnings low

Build log checks report 2 warnings

Created: 2022-12-16 Last update: 2022-12-16 15:57

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.2 instead of 4.6.1).

Created: 2022-12-17 Last update: 2023-08-17 09:43

news

[rss feed]

[2023-08-14] python-cryptography 38.0.4-4 MIGRATED to testing (Debian testing watch)
[2023-08-08] Accepted python-cryptography 38.0.4-4 (source) into unstable (Nicolas Dandrimont)
[2023-03-10] Accepted python-cryptography 38.0.4-3~deb12u1 (source) into testing-security (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2023-03-10] python-cryptography 38.0.4-3 MIGRATED to testing (Debian testing watch)
[2023-02-28] Accepted python-cryptography 38.0.4-3 (source) into unstable (Sandro Tosi)
[2023-02-22] Accepted python-cryptography 2.6.1-3+deb10u4 (source amd64 all) into oldstable (Chris Lamb)
[2023-02-21] Accepted python-cryptography 2.6.1-3+deb10u3 (source amd64 all) into oldstable (Chris Lamb)
[2023-01-16] python-cryptography 38.0.4-2 MIGRATED to testing (Debian testing watch)
[2023-01-08] Accepted python-cryptography 38.0.4-2 (source) into unstable (Stefano Rivera)
[2022-12-15] Accepted python-cryptography 38.0.4-1 (source) into unstable (Sandro Tosi)
[2022-06-19] python-cryptography 3.4.8-2 MIGRATED to testing (Debian testing watch)
[2022-05-18] Accepted python-cryptography 3.4.8-2 (source) into unstable (Stefano Rivera)
[2021-12-04] python-cryptography 3.4.8-1 MIGRATED to testing (Debian testing watch)
[2021-12-02] Accepted python-cryptography 3.4.8-1 (source) into unstable (Tristan Seligmann)
[2021-02-21] python-cryptography 3.3.2-1 MIGRATED to testing (Debian testing watch)
[2021-02-11] Accepted python-cryptography 3.3.2-1 (source) into unstable (Tristan Seligmann)
[2021-01-28] python-cryptography 3.3.1-1 MIGRATED to testing (Debian testing watch)
[2021-01-26] Accepted python-cryptography 3.3.1-1 (source) into unstable (Tristan Seligmann)
[2020-11-04] python-cryptography 3.2.1-1 MIGRATED to testing (Debian testing watch)
[2020-11-01] Accepted python-cryptography 3.2.1-1 (source) into unstable (Tristan Seligmann)
[2020-10-01] python-cryptography 3.1-1 MIGRATED to testing (Debian testing watch)
[2020-08-29] Accepted python-cryptography 3.1-1 (source) into unstable (Tristan Seligmann)
[2020-08-11] python-cryptography 3.0-1 MIGRATED to testing (Debian testing watch)
[2020-07-21] Accepted python-cryptography 3.0-1 (source) into unstable (Tristan Seligmann)
[2020-07-18] Accepted python-cryptography 2.9.2-1 (source) into unstable (Tristan Seligmann)
[2020-04-12] python-cryptography 2.8-4 MIGRATED to testing (Debian testing watch)
[2020-04-04] Accepted python-cryptography 2.8-4 (source) into unstable (Sandro Tosi)
[2020-02-13] python-cryptography 2.8-3 MIGRATED to testing (Debian testing watch)
[2020-02-02] Accepted python-cryptography 2.8-3 (source) into unstable (Sandro Tosi)
[2020-01-31] Accepted python-cryptography 2.8-2 (source) into unstable (Tristan Seligmann)

bugs [bug history graph]

all: 3
RC: 0
I&N: 1
M&W: 1
F&P: 1
patch: 0

links

homepage
lintian
buildd: logs, checks, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 38.0.4-4
2 bugs