Debian Package Tracker

general

source: pyxdg (main)
version: 0.26-3
maintainer: Debian Python Modules Team (archive) (DMD)
uploaders: Andrew Starr-Bochicchio [DMD]
arch: all
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.25-4
o-o-sec: 0.25-4+deb8u1
oldstable: 0.25-4
stable: 0.25-5
testing: 0.26-3
unstable: 0.26-3

versioned links

0.25-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.25-4+deb8u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.25-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.26-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

python3-xdg (1 bugs: 0, 1, 0, 0)

action needed

Debci reports failed tests high

unstable: fail (log)
The tests ran in 0:00:59
Last run: 2020-09-16 07:48:57 UTC
Previous status: fail

testing: fail (log)
The tests ran in 0:02:25
Last run: 2020-09-27 08:19:42 UTC
Previous status: fail

Created: 2020-07-07 Last update: 2020-10-01 01:07

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2019-12761: A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in xdg/Menu.py before an eval call.

Please fix it.

Created: 2019-06-06 Last update: 2020-08-07 06:08

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2019-12761: A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in xdg/Menu.py before an eval call.

Please fix it.

Created: 2019-07-07 Last update: 2020-08-07 06:08

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2020-07-18 Last update: 2020-09-30 23:38

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 0.26-4, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 0a9bf8c059e5d7b2a039ffcd5b5c5fe9d3f8976f
Author: Ondřej Nový <onovy@debian.org>
Date:   Thu Sep 24 08:50:52 2020 +0200

    d/control: Update Vcs-* fields with new Debian Python Team Salsa layout

commit 65e949003a2bca82175096cd616dd40a89a7192e
Author: Ondřej Nový <onovy@debian.org>
Date:   Thu Sep 24 08:50:52 2020 +0200

    d/control: Update Maintainer field with new Debian Python Team contact address

commit 9ac801914424646ac8368f315a7ccac6930cd5df
Author: Håvard Flaget Aasen <haavard_aasen@yahoo.no>
Date:   Fri Sep 4 14:13:50 2020 +0200

    Set upstream metadata fields: Bug-Database, Bug-Submit, Repository, Repository-Browse.

commit cef2d4b03b32758abca098efa8738ccbe83a3c3a
Merge: 3a14d0f cf7f1c6
Author: Jelmer Vernooĳ <jelmer@debian.org>
Date:   Mon May 25 12:51:24 2020 +0000

    Merge branch 'lintian-fixes' into 'debian/master'
    
    Use secure URI in Homepage field
    
    See merge request python-team/modules/pyxdg!1

commit cf7f1c67ba017fbd4a2740ce0356dec85ebe02e5
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Sun May 24 23:09:35 2020 +0000

    Use secure URI in Homepage field.
    
    Fixes: lintian: homepage-field-uses-insecure-uri
    See-also: https://lintian.debian.org/tags/homepage-field-uses-insecure-uri.html

https://salsa.debian.org/api/v4/projects/python-team%2Fmodules%2Fpyxdg API request failed: 404 Not Found at /srv/qa.debian.org/data/vcswatch/vcswatch line 379.

Created: 2020-05-25 Last update: 2020-09-24 13:08

1 ignored security issue in stretch low

There is 1 open security issue in stretch.

1 issue skipped by the security teams:

CVE-2019-12761: A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in xdg/Menu.py before an eval call.

Please fix it.

Created: 2019-06-06 Last update: 2020-08-07 06:08

1 ignored security issue in buster low

There is 1 open security issue in buster.

1 issue skipped by the security teams:

CVE-2019-12761: A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in xdg/Menu.py before an eval call.

Please fix it.

Created: 2019-06-06 Last update: 2020-08-07 06:08

news

[rss feed]

[2020-04-26] pyxdg 0.26-3 MIGRATED to testing (Debian testing watch)
[2020-04-23] Accepted pyxdg 0.26-3 (source) into unstable (Emmanuel Arias) (signed by: Andrew Starr-Bochicchio)
[2020-03-27] Accepted pyxdg 0.26-2 (source) into unstable (Andrew Starr-Bochicchio)
[2019-12-05] pyxdg 0.26-1 MIGRATED to testing (Debian testing watch)
[2019-12-03] Accepted pyxdg 0.26-1 (source) into unstable (Drew Parsons)
[2019-06-16] Accepted pyxdg 0.25-4+deb8u1 (source all) into oldstable (Chris Lamb)
[2019-02-27] pyxdg 0.25-5 MIGRATED to testing (Debian testing watch)
[2019-02-17] Accepted pyxdg 0.25-5 (source) into unstable (Simon McVittie)
[2014-01-30] pyxdg 0.25-4 MIGRATED to testing (Debian testing watch)
[2014-01-27] Accepted pyxdg 0.25-4 (source all) (Andrew Starr-Bochicchio)
[2013-07-10] pyxdg 0.25-3 MIGRATED to testing (Debian testing watch)
[2013-06-29] Accepted pyxdg 0.25-3 (source all) (Andrew Starr-Bochicchio)
[2013-03-08] Accepted pyxdg 0.25-2 (source all) (Dmitry Shachnev) (signed by: Stefano Rivera)
[2013-01-09] Accepted pyxdg 0.25-1 (source all) (Thomas Kluyver) (signed by: Dimitri John Ledkov)
[2013-01-07] pyxdg 0.19-5 MIGRATED to testing (Debian testing watch)
[2012-12-22] Accepted pyxdg 0.19-5 (source all) (Josselin Mouette)
[2012-11-11] Accepted pyxdg 0.24-1 (source all) (Thomas Kluyver) (signed by: Dimitri John Ledkov)
[2012-03-20] pyxdg 0.19-4 MIGRATED to testing (Debian testing watch)
[2012-03-09] Accepted pyxdg 0.19-4 (source all) (Ryan Kavanagh)
[2011-05-20] pyxdg 0.19-3 MIGRATED to testing (Debian testing watch)
[2011-05-08] Accepted pyxdg 0.19-3 (source all) (Jakub Wilk)
[2010-07-04] pyxdg 0.19-2 MIGRATED to testing (Debian testing watch)
[2010-06-23] Accepted pyxdg 0.19-2 (source all) (Piotr Lewandowski) (signed by: Jakub Wilk)
[2010-02-15] pyxdg 0.19-1 MIGRATED to testing (Debian testing watch)
[2010-02-04] Accepted pyxdg 0.19-1 (source all) (Piotr Lewandowski) (signed by: Jakub Wilk)
[2010-01-06] pyxdg 0.18-1 MIGRATED to testing (Debian testing watch)
[2009-12-26] Accepted pyxdg 0.18-1 (source all) (Piotr Lewandowski)
[2009-10-05] pyxdg 0.17-0.1 MIGRATED to testing (Debian testing watch)
[2009-09-24] Accepted pyxdg 0.17-0.1 (source all) (Piotr Lewandowski)
[2006-07-13] pyxdg 0.15-1.1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 4 5
RC: 1 2
I&N: 3
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.26-3ubuntu1
1 bug
patches for 0.26-3ubuntu1