python-pip - Debian Package Tracker

general

source: python-pip (main)
version: 20.3.4-1
maintainer: Debian Python Team (DMD)
uploaders: Carl Chenet [DMD] – Scott Kitterman [DMD]
arch: all
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 9.0.1-2+deb9u1
old-sec: 9.0.1-2+deb9u2
stable: 18.1-5
testing: 20.3.4-1
unstable: 20.3.4-1

versioned links

9.0.1-2+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
9.0.1-2+deb9u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
18.1-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
20.3.4-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

python-pip-whl
python3-pip (1 bugs: 0, 1, 0, 0)

action needed

A new upstream version is available: 21.0.1 high

A new upstream version 21.0.1 is available, you should consider packaging it.

Created: 2020-06-29 Last update: 2021-04-15 18:37

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 20.3.4-2, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit cae8526e0b2ef5751d910879a3e8fde2e3aa00e0
Author: Stefano Rivera <stefanor@debian.org>
Date:   Wed Apr 7 10:42:37 2021 -0700

    set -e to catch real errors in the allow-stderr autopkgtests.

commit aa3ace83e4e3d3934aabf2a8e87842a3611552a0
Author: Stefano Rivera <stefanor@debian.org>
Date:   Wed Apr 7 10:41:17 2021 -0700

    Mark autopkgtests that use PyPI as allow-stderr. Retried http requests, common in Ubuntu CI, will result in logging to stderr.

commit 40b5257b55bc138641fd3584fabecd2952a8d355
Author: Stefano Rivera <stefanor@debian.org>
Date:   Wed Apr 7 10:39:13 2021 -0700

    Mark autopkgtests that use PyPI as needs-internet.

commit 7af464548f0f7e2cf50aeb044fc2f33eb4109892
Author: Stefano Rivera <stefanor@debian.org>
Date:   Sun Mar 14 14:09:10 2021 -0700

    Add myself to uploaders.

Created: 2021-04-07 Last update: 2021-04-13 07:12

1 low-priority security issue in buster low

There is 1 open security issue in buster.

1 issue left for the package maintainer to handle:

CVE-2019-20916: (needs triaging) The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwriting the /root/.ssh/authorized_keys file. This occurs in _download_http_url in _internal/download.py.

You can find information about how to handle this issue in the security team's documentation.

Created: 2021-02-19 Last update: 2021-03-21 19:04

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.5.0).

Created: 2020-11-17 Last update: 2021-03-02 08:06

news

[rss feed]

[2021-03-12] python-pip 20.3.4-1 MIGRATED to testing (Debian testing watch)
[2021-03-02] Accepted python-pip 20.3.4-1 (source) into unstable (Stefano Rivera)
[2020-09-12] Accepted python-pip 9.0.1-2+deb9u2 (source all) into oldstable (Chris Lamb)
[2020-05-29] python-pip 20.1.1-2 MIGRATED to testing (Debian testing watch)
[2020-05-27] Accepted python-pip 20.1.1-2 (source) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2020-05-23] python-pip 20.1.1-1 MIGRATED to testing (Debian testing watch)
[2020-05-21] Accepted python-pip 20.1.1-1 (source) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2020-05-11] python-pip 20.1-2 MIGRATED to testing (Debian testing watch)
[2020-05-09] Accepted python-pip 20.1-2 (source) into unstable (Stefano Rivera)
[2020-05-08] python-pip 20.1-1 MIGRATED to testing (Debian testing watch)
[2020-05-03] Accepted python-pip 20.1-1 (source) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2020-05-01] python-pip 20.0.2-5 MIGRATED to testing (Debian testing watch)
[2020-04-20] Accepted python-pip 20.0.2-5 (source) into unstable (Stefano Rivera)
[2020-04-08] python-pip 20.0.2-4 MIGRATED to testing (Debian testing watch)
[2020-04-03] Accepted python-pip 20.0.2-4 (source) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2020-04-03] python-pip 20.0.2-3 MIGRATED to testing (Debian testing watch)
[2020-03-31] Accepted python-pip 20.0.2-3 (source) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2020-03-26] python-pip 20.0.2-2 MIGRATED to testing (Debian testing watch)
[2020-03-17] Accepted python-pip 20.0.2-2 (source) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2020-03-15] Accepted python-pip 20.0.2-1 (source) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2019-04-14] Accepted python-pip 9.0.1-2+deb9u1 (source all) into proposed-updates->stable-new, proposed-updates (Thomas Goirand)
[2019-04-03] python-pip 18.1-5 MIGRATED to testing (Debian testing watch)
[2019-03-30] Accepted python-pip 18.1-5 (source all) into unstable (Thomas Goirand)
[2019-01-06] python-pip 18.1-4 MIGRATED to testing (Debian testing watch)
[2019-01-03] Accepted python-pip 18.1-4 (source) into unstable (Andrej Shadura)
[2018-12-25] python-pip 18.1-3 MIGRATED to testing (Debian testing watch)
[2018-12-19] Accepted python-pip 18.1-3 (source) into unstable (Andrej Shadura)
[2018-12-03] Accepted python-pip 18.1-2 (source) into unstable (Andrej Shadura)
[2018-11-27] Accepted python-pip 18.1-1 (source) into experimental (Andrej Shadura)
[2018-05-04] python-pip 9.0.1-2.3 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 2
RC: 0
I&N: 2
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 20.3.4-1ubuntu2
18 bugs
patches for 20.3.4-1ubuntu2