Register | Log in

python-pip

Choose email to subscribe with

general

source: python-pip (main)
version: 22.1+dfsg-1
maintainer: Debian Python Team (DMD)
uploaders: Carl Chenet [DMD] – Scott Kitterman [DMD] – Stefano Rivera [DMD]
arch: all
std-ver: 4.6.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 9.0.1-2+deb9u1
o-o-sec: 9.0.1-2+deb9u2
oldstable: 18.1-5
stable: 20.3.4-4
testing: 22.1+dfsg-1
unstable: 22.1+dfsg-1

versioned links

9.0.1-2+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
9.0.1-2+deb9u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
18.1-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
20.3.4-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
22.1+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

python3-pip
python3-pip-whl

action needed

2 low-priority security issues in buster low

There are 2 open security issues in buster.

2 issues left for the package maintainer to handle:

CVE-2021-3572: (needs triaging) A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository. The highest threat from this vulnerability is to data integrity. This is fixed in python-pip version 21.1.
CVE-2019-20916: (needs triaging) The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwriting the /root/.ssh/authorized_keys file. This occurs in _download_http_url in _internal/download.py.

You can find information about how to handle these issues in the security team's documentation.

Created: 2021-02-19 Last update: 2022-05-19 05:36

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.1 instead of 4.6.0).

Created: 2022-05-11 Last update: 2022-05-17 05:43

news

[2022-05-19] python-pip 22.1+dfsg-1 MIGRATED to testing (Debian testing watch)
[2022-05-16] Accepted python-pip 22.1+dfsg-1 (source) into unstable (Stefano Rivera)
[2022-03-16] Accepted python-pip 20.3.4-4+deb11u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Stefano Rivera)
[2022-02-05] python-pip 22.0.2+dfsg-1 MIGRATED to testing (Debian testing watch)
[2022-02-02] Accepted python-pip 22.0.2+dfsg-1 (source) into unstable (Stefano Rivera)
[2022-01-23] python-pip 21.3.1+dfsg-3 MIGRATED to testing (Debian testing watch)
[2022-01-12] Accepted python-pip 21.3.1+dfsg-3 (source) into unstable (Stefano Rivera)
[2022-01-12] Accepted python-pip 21.3.1+dfsg-2 (all source) into unstable, unstable (Debian FTP Masters) (signed by: Stefano Rivera)
[2022-01-07] Accepted python-pip 21.3.1+dfsg-1 (source) into unstable (Stefano Rivera)
[2021-07-09] python-pip 20.3.4-4 MIGRATED to testing (Debian testing watch)
[2021-07-01] Accepted python-pip 20.3.4-4 (source) into unstable (Stefano Rivera)
[2021-06-28] Accepted python-pip 20.3.4-3 (source) into unstable (Stefano Rivera)
[2021-05-18] python-pip 20.3.4-2 MIGRATED to testing (Debian testing watch)
[2021-05-12] Accepted python-pip 20.3.4-2 (source) into unstable (Stefano Rivera)
[2021-03-12] python-pip 20.3.4-1 MIGRATED to testing (Debian testing watch)
[2021-03-02] Accepted python-pip 20.3.4-1 (source) into unstable (Stefano Rivera)
[2020-09-12] Accepted python-pip 9.0.1-2+deb9u2 (source all) into oldstable (Chris Lamb)
[2020-05-29] python-pip 20.1.1-2 MIGRATED to testing (Debian testing watch)
[2020-05-27] Accepted python-pip 20.1.1-2 (source) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2020-05-23] python-pip 20.1.1-1 MIGRATED to testing (Debian testing watch)
[2020-05-21] Accepted python-pip 20.1.1-1 (source) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2020-05-11] python-pip 20.1-2 MIGRATED to testing (Debian testing watch)
[2020-05-09] Accepted python-pip 20.1-2 (source) into unstable (Stefano Rivera)
[2020-05-08] python-pip 20.1-1 MIGRATED to testing (Debian testing watch)
[2020-05-03] Accepted python-pip 20.1-1 (source) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2020-05-01] python-pip 20.0.2-5 MIGRATED to testing (Debian testing watch)
[2020-04-20] Accepted python-pip 20.0.2-5 (source) into unstable (Stefano Rivera)
[2020-04-08] python-pip 20.0.2-4 MIGRATED to testing (Debian testing watch)
[2020-04-03] Accepted python-pip 20.0.2-4 (source) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2020-04-03] python-pip 20.0.2-3 MIGRATED to testing (Debian testing watch)

1
2

bugs [bug history graph]

all: 0

links

homepage
lintian
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 22.0.2+dfsg-1
16 bugs

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing