Debian Package Tracker
Register | Log in
Subscribe

python-zeep

Modern SOAP client library (Python 3)

Choose email to subscribe with

general
  • source: python-zeep (main)
  • version: 4.3.2-3
  • maintainer: Debian Tryton Maintainers (DMD)
  • uploaders: Mathias Behrle [DMD]
  • arch: all
  • std-ver: 4.7.0
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 4.0.0-1
  • oldstable: 4.2.1-1
  • stable: 4.3.1-2
  • testing: 4.3.2-3
  • unstable: 4.3.2-3
versioned links
  • 4.0.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 4.2.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 4.3.1-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 4.3.2-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • python3-zeep
action needed
Marked for autoremoval on 14 August due to httpx: #1140980 high
Version 4.3.2-3 of python-zeep is marked for autoremoval from testing on Fri 14 Aug 2026. It depends (transitively) on httpx, affected by #1140980. You should try to prevent the removal by fixing these RC bugs.
Created: 2026-07-04 Last update: 2026-07-16 22:32
A new upstream version is available: 4.3.3 high
A new upstream version 4.3.3 is available, you should consider packaging it.
Created: 2026-06-24 Last update: 2026-07-16 18:00
1 security issue in trixie high

There is 1 open security issue in trixie.

1 important issue:
  • CVE-2026-58501: Zeep is a Python SOAP client. From 4.0.0 before 4.3.3, Settings.forbid_external is defined but not enforced when parsing WSDL or XSD documents, allowing transitive xsd:import, xsd:include, wsdl:import, and lxml entity or DTD references to fetch attacker-chosen HTTP or HTTPS URLs. This issue is fixed in version 4.3.3.
Created: 2026-07-10 Last update: 2026-07-10 14:30
1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:
  • CVE-2026-58501: Zeep is a Python SOAP client. From 4.0.0 before 4.3.3, Settings.forbid_external is defined but not enforced when parsing WSDL or XSD documents, allowing transitive xsd:import, xsd:include, wsdl:import, and lxml entity or DTD references to fetch attacker-chosen HTTP or HTTPS URLs. This issue is fixed in version 4.3.3.
Created: 2026-07-10 Last update: 2026-07-10 14:30
1 security issue in forky high

There is 1 open security issue in forky.

1 important issue:
  • CVE-2026-58501: Zeep is a Python SOAP client. From 4.0.0 before 4.3.3, Settings.forbid_external is defined but not enforced when parsing WSDL or XSD documents, allowing transitive xsd:import, xsd:include, wsdl:import, and lxml entity or DTD references to fetch attacker-chosen HTTP or HTTPS URLs. This issue is fixed in version 4.3.3.
Created: 2026-07-10 Last update: 2026-07-10 14:30
1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:
  • CVE-2026-58501: Zeep is a Python SOAP client. From 4.0.0 before 4.3.3, Settings.forbid_external is defined but not enforced when parsing WSDL or XSD documents, allowing transitive xsd:import, xsd:include, wsdl:import, and lxml entity or DTD references to fetch attacker-chosen HTTP or HTTPS URLs. This issue is fixed in version 4.3.3.
Created: 2026-07-10 Last update: 2026-07-10 14:30
1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:
  • CVE-2026-58501: Zeep is a Python SOAP client. From 4.0.0 before 4.3.3, Settings.forbid_external is defined but not enforced when parsing WSDL or XSD documents, allowing transitive xsd:import, xsd:include, wsdl:import, and lxml entity or DTD references to fetch attacker-chosen HTTP or HTTPS URLs. This issue is fixed in version 4.3.3.
Created: 2026-07-10 Last update: 2026-07-10 14:30
debian/patches: 1 patch to forward upstream low

Among the 2 debian patches available in version 4.3.2-3 of the package, we noticed the following issues:

  • 1 patch where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.
Created: 2023-02-26 Last update: 2026-06-24 13:30
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.4 instead of 4.7.0).
Created: 2025-02-21 Last update: 2026-06-24 10:30
news
[rss feed]
  • [2026-06-29] python-zeep 4.3.2-3 MIGRATED to testing (Debian testing watch)
  • [2026-06-24] Accepted python-zeep 4.3.2-3 (source) into unstable (Mathias Behrle)
  • [2026-05-24] python-zeep 4.3.2-2 MIGRATED to testing (Debian testing watch)
  • [2026-05-05] Accepted python-zeep 4.3.2-2 (source) into unstable (Mathias Behrle)
  • [2025-11-18] python-zeep 4.3.2-1 MIGRATED to testing (Debian testing watch)
  • [2025-11-12] Accepted python-zeep 4.3.2-1 (source) into unstable (Mathias Behrle)
  • [2025-08-13] python-zeep 4.3.1-3 MIGRATED to testing (Debian testing watch)
  • [2025-06-16] Accepted python-zeep 4.3.1-3 (source) into unstable (Mathias Behrle)
  • [2025-01-26] python-zeep 4.3.1-2 MIGRATED to testing (Debian testing watch)
  • [2025-01-17] Accepted python-zeep 4.3.1-2 (source) into unstable (Mathias Behrle)
  • [2024-11-11] python-zeep 4.3.1-1 MIGRATED to testing (Debian testing watch)
  • [2024-11-06] Accepted python-zeep 4.3.1-1 (source) into unstable (Mathias Behrle)
  • [2024-05-07] python-zeep 4.2.1-3 MIGRATED to testing (Debian testing watch)
  • [2024-05-02] Accepted python-zeep 4.2.1-3 (source) into unstable (Mathias Behrle)
  • [2023-09-05] python-zeep 4.2.1-2 MIGRATED to testing (Debian testing watch)
  • [2023-08-29] Accepted python-zeep 4.2.1-2 (source) into unstable (Mathias Behrle)
  • [2023-01-24] python-zeep 4.2.1-1 MIGRATED to testing (Debian testing watch)
  • [2023-01-18] Accepted python-zeep 4.2.1-1 (source) into unstable (Mathias Behrle)
  • [2022-09-14] python-zeep 4.1.0-2 MIGRATED to testing (Debian testing watch)
  • [2022-09-09] Accepted python-zeep 4.1.0-2 (source) into unstable (Mathias Behrle)
  • [2021-10-25] python-zeep 4.1.0-1 MIGRATED to testing (Debian testing watch)
  • [2021-10-20] Accepted python-zeep 4.1.0-1 (source) into unstable (Mathias Behrle)
  • [2020-12-26] python-zeep 4.0.0-1 MIGRATED to testing (Debian testing watch)
  • [2020-12-20] Accepted python-zeep 4.0.0-1 (source) into unstable (Mathias Behrle)
  • [2019-08-28] python-zeep 3.4.0-1 MIGRATED to testing (Debian testing watch)
  • [2019-08-26] Accepted python-zeep 3.4.0-1 (source) into unstable (Mathias Behrle)
  • [2019-01-12] python-zeep 3.2.0-1 MIGRATED to testing (Debian testing watch)
  • [2019-01-09] Accepted python-zeep 3.2.0-1 (source all) into unstable (Mathias Behrle)
  • [2018-11-29] python-zeep 3.1.0-1 MIGRATED to testing (Debian testing watch)
  • [2018-11-27] Accepted python-zeep 3.1.0-1 (source all) into unstable (Mathias Behrle)
  • 1
  • 2
bugs [bug history graph]
  • all: 1
  • RC: 0
  • I&N: 1
  • M&W: 0
  • F&P: 0
  • patch: 0
links
  • homepage
  • lintian
  • buildd: logs, reproducibility
  • popcon
  • browse source code
  • other distros
  • security tracker
  • debian patches
  • debci
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 4.3.2-3

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing